How can I configure iPlanet LDAP5.1
Hi Eric,
I have read ur reply to same problem happened.
I have configured iPlanet LDAP5.1 Authenticator Provider for myrealm as u ask
to do so.myrealm I have set it to default realm.
Was that necessary ??.
principle-uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot
User Dn -ou=people,dc=tapash,dc=wipro,dc=com
user filter - (&(uid=%u)(objectclass=person)) as it was comming default.
Group Dn- ou=Groups,dc=tapash,dc=wipro,dc=com
group filter-(|(&(cn=%g)(objectclass=groupofUniqueNames))(&(cn=%g)(objectclass=groupOfURLs)))
as it was comming default.
I have created one group "Administrators" under ou=Groups,dc=tapash,dc=wipro,dc=com
and assigned one user Tapash on to that Group.
U can see this as by ldap browser.
uid=Tapash,ou=People, dc=tapash,dc=wipro,dc=com is assigned to that group "Administrators"
contains user Tapash.
Now I cannot start the "startPortal.bat"
by Tapash user or by earlier user Security
Can U pls tell me what I have to do.
Thanks and Regards
Briyan
I have up the Iplanet Directroy Server 5.1 with WLS 6.1SP4, Let me
give you sanp shot from my config.xml.
=========================
<CustomRealm
ConfigurationData="user.filter=(&(uid=%u)(objectclass=person));user.dn=o
u=People,
dc=support;membership.filter=(&(uniquemember=%M)(objectclass=groupofuniq
uenames));server.principal=uid=admin, ou=Administrators,
ou=TopologyManagement,
o=NetscapeRoot;group.filter=(&(cn=%g)(objectclass=groupofuniquenames));g
roup.dn=ou=Groups, dc=support;server.host=ARYA"
Name="defaultLDAPRealmForNetscapeDirectoryServer"
Notes="This is provided as an example. Before enabling this Realm,
you must edit the configuration parameters as appropriate for your
environment."
Password="{3DES}4HQYfBB+bVI="
RealmClassName="weblogic.security.ldaprealmv2.LDAPRealm"/>
<CachingRealm
BasicRealm="defaultLDAPRealmForNetscapeDirectoryServer"
Name="MyCaching Realm"/>
<Realm CachingRealm="MyCaching Realm"
FileRealm="wl_default_file_realm" Name="wl_default_realm"/>
============
-utpal
"Briyan" <[email protected]> wrote in message
news:[email protected]...
>
Hi Eric,
I have read ur reply to same problem happened.
I have configured iPlanet LDAP5.1 Authenticator Provider for myrealm as uask
to do so.myrealm I have set it to default realm.
Was that necessary ??.
principle-uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot
User Dn -ou=people,dc=tapash,dc=wipro,dc=com
user filter - (&(uid=%u)(objectclass=person)) as it was comming default.
Group Dn- ou=Groups,dc=tapash,dc=wipro,dc=com
groupfilter-(|(&(cn=%g)(objectclass=groupofUniqueNames))(&(cn=%g)(objectclass=gro
upOfURLs)))
as it was comming default.
I have created one group "Administrators" underou=Groups,dc=tapash,dc=wipro,dc=com
and assigned one user Tapash on to that Group.
U can see this as by ldap browser.
uid=Tapash,ou=People, dc=tapash,dc=wipro,dc=com is assigned to that group"Administrators"
contains user Tapash.
Now I cannot start the "startPortal.bat"
by Tapash user or by earlier user Security
Can U pls tell me what I have to do.
Thanks and Regards
Briyan
Similar Messages
-
How can I configure iPlanet LDAP5.1 wiht WLS7.0
I got a problems about access denied...
I think it may be occur from user/password(weblogic/weblogic) that I try to connect
to LDAP .. I doesn't work..
I would to know how can I add new user(weblogic) in LDAP and act as Administrator....Hi Eric,
Even after you have your iPlanet LDAP authenticator set up, you will not see users/groups
listed in the console. Console does not currently list users/groups for your external ldap
provider.
You could test by writing a simple web app that has security on some resource, so that only
a user that exists in your ldap realm has permission
Joe Jerry
Eric Ma wrote:
Jerry:
After you have set up the iPlanet LDAP authenticator, are you able to see all
users defined in LDAP? For some reason I am not able to do so, leading me to
doubt whether I have set up the thing properly. Thanks for any insight.
Eric Ma
Jerry <[email protected]> wrote:
Hi Ting
Steps to set up WLS 7.0 with external LDAP provider: (example is for
iplanet but this
will work for any other Ldap server too)
I. create a new domain /mydomain
II. start server
III. open WebLogic console in a browser
IV. in left frame, go to security->realms->myrealm->providers->AuthenticationProviders
and click
V. in right frame, click on “Configure a new iPlanet Authenticator”
VI. In the new screen, under General, make sure the Control Flag is set
to Required,
select a name for this authenticator, and click Create.
VII. Select iPlanet LDAP tab and fill in values for Host, Port, Principal
where these
values reflect the settings for your LDAP server. (Note: the default
principal for an
iPlanet LDAP server is uid=admin, ou=Administrators, ou=TopologyManagement,
o=NetscapeRoot). Click Apply.
VIII. Click on Credential: Change. At the new screen, enter the credential
associated
with the Principal that you entered in step VII in both boxes. This
will be the password
that is used to do a bind to your LDAP server with the principal. Click
Apply.
IX. Select Users tab and make sure these properties accurately reflect
the structure of
your LDAP server. Most of the time the only property that needs to be
changed is the
User Base DN property, from ou=people,o=example.com to ou=people,o=myCompany.com.
Click
Apply.
X. Select Groups tab and make sure these properties accurately reflect
the structure of
your LDAP server. Most of the time the only property that needs to be
changed is the
Groups Base DN property, from ou=people,o=example.com to ou=groups,o=myCompany.com.
Click Apply.
XI. Now, the boot identity of your server absolutely must be a user that
exists on your
LDAP server. You must also have an “Administrators” group on your LDAP
server, and the
boot identity must be a user that exists in this “Administrators” group,
or the server
will not start. So open your LDAP console (this will be a console that
is specific to
the LDAP server you are using) and use the management tools to create
the
“Administrators” group and a user that you place in the “Administrators”
group that is
the boot identity that you use to start WebLogic.
XII. Make these changes and restart the server.
XIII. You can verify that the LDAP setup is correct by doing a thread
dump. You should
see a thread like:
“LDAPConnThread localhost:389" daemon prio=5 tid=0x8d9b308 nid=0x8f8
runnable
[0x9e2f000..0x9e2fdbc]
at java.net.SocketInputStream.socketRead(Native Method)
at java.net.SocketInputStream.read(SocketInputStream.java:86)
at java.io.BufferedInputStream.fill(BufferedInputStream.java:186)
at java.io.BufferedInputStream.read(BufferedInputStream.java:204)
- locked <3281d98> (a java.io.BufferedInputStream)
at netscape.ldap.ber.stream.BERElement.getElement(BERElement.java:101)
at netscape.ldap.LDAPConnThread.run(LDAPConnThread.java:420)
where “localhost:389” is the server name and port of
your LDAP server.
This means that your Authenticator has been set up correctly.
XIV. Now you can delete your default authenticator. Open the WebLogic
console and go to
security->realms->myrealm->providers->AuthenticationProviders in the
left frame, and
click
XV. In the right frame, look for DefaultAuthenticator and click on the
trash can to the
far right. Say “Yes” when it asks if you are sure, then click Continue.
XVI. Restart the WebLogic server. If the server boots correctly, you’re
done.
Everything is working correctly.
Hope this helps
Joe Jerry
ting wrote:
I got a problems about access denied...
I think it may be occur from user/password(weblogic/weblogic) thatI try to connect
to LDAP .. I doesn't work..
I would to know how can I add new user(weblogic) in LDAP and act asAdministrator.... -
Actually, I can get it working using an http://.... reference while with relative reference ( i.e. just the dtd filename) it doesn't work; here is the stack trace:
org.xml.sax.SAXParseException: L'URI relativo "MLP_SLIA_200.DTD"; non puo essere risolto senza una base URI.
at
org.apache.crimson.parser.Parser2.fatal(Parser2.java:3185)
at org.apache.crimson.parser.Parser2.fatal(Parser2.java:3176)
at org.apache.crimson.parser.Parser2.resolveURI(Parser2.java:2758)
at org.apache.crimson.parser.Parser2.maybeExternalID(Parser2.java:2730)
at org.apache.crimson.parser.Parser2.maybeDoctypeDecl(Parser2.java:1129)
at org.apache.crimson.parser.Parser2.parseInternal(Parser2.java:489)
at org.apache.crimson.parser.Parser2.parse(Parser2.java:305)
at org.apache.crimson.parser.XMLReaderImpl.parse(XMLReaderImpl.java:442)
at org.apache.crimson.jaxp.DocumentBuilderImpl.parse(DocumentBuilderImpl.java:185)
at tilab.nimble.interfaceLIF.ParserDomXML.parseDocument(ParserDomXML.java:55)
at tilab.nimble.interfaceLIF.ReqLIFTrackingServlet.doPost(ReqLIFTrackingServlet.java:777)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.iplanet.server.http.servlet.NSServletRunner.invokeServletService(NSServletRunner.java:897)
at com.iplanet.server.http.servlet.WebApplication.service(WebApplication.java:1065)
at com.iplanet.server.http.servlet.NSServletRunner.ServiceWebApp(NSServletRunner.java:959)Actually, I can get it working using an http://.... reference while with relative reference ( i.e. just the dtd filename) it doesn't work; here is the stack trace:
org.xml.sax.SAXParseException: L'URI relativo "MLP_SLIA_200.DTD"; non puo essere risolto senza una base URI.
at
org.apache.crimson.parser.Parser2.fatal(Parser2.java:3185)
at org.apache.crimson.parser.Parser2.fatal(Parser2.java:3176)
at org.apache.crimson.parser.Parser2.resolveURI(Parser2.java:2758)
at org.apache.crimson.parser.Parser2.maybeExternalID(Parser2.java:2730)
at org.apache.crimson.parser.Parser2.maybeDoctypeDecl(Parser2.java:1129)
at org.apache.crimson.parser.Parser2.parseInternal(Parser2.java:489)
at org.apache.crimson.parser.Parser2.parse(Parser2.java:305)
at org.apache.crimson.parser.XMLReaderImpl.parse(XMLReaderImpl.java:442)
at org.apache.crimson.jaxp.DocumentBuilderImpl.parse(DocumentBuilderImpl.java:185)
at tilab.nimble.interfaceLIF.ParserDomXML.parseDocument(ParserDomXML.java:55)
at tilab.nimble.interfaceLIF.ReqLIFTrackingServlet.doPost(ReqLIFTrackingServlet.java:777)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.iplanet.server.http.servlet.NSServletRunner.invokeServletService(NSServletRunner.java:897)
at com.iplanet.server.http.servlet.WebApplication.service(WebApplication.java:1065)
at com.iplanet.server.http.servlet.NSServletRunner.ServiceWebApp(NSServletRunner.java:959) -
please help!! how can i configure my iphone 3gs because i've been updated a new version, i did it but it's hard to activate it again. this message i always recieved in my iphone
"We're sorry, we are unable to continue with your activation at this time."You phone was hacked. You can not get help with it here. Hacking / Jailbreaking voids any warraty and forfeits your right to support. Discussing jailbroken / hacked devices is forbidden by the terms of service here.
-
How can I configure iCloud so it doesn't restore deleted or moved emails on my Mac?
I moved to iCloud, and so far it looks like everything is where it's supposed to be. My question is about syncing. When I delete an email on my Mac, iCloud restores it. How can I configure iCloud so that changes I make on my Mac and my iPhone stay changed?
On the Mac in System Preferences > iCloud
Make sure Mail & Notes is selected.
ON the iPhone tap Settings > iCloud
Make sure Mail is switched on.
And try restarting your Mac and iPhone. -
How can I configure my new Mac Pro to output the timeline via HDMI
How can I configure my new Mac Pro to output the timeline in FCP 7 (yes, I have X, but I'm using 7 right now). I have two monitors running from TB2, but want to have the third for a client monitor.
If I use all three via TB2, it's literally three monitors, and I want to edit on my CineDisplay. I only want the client to see the timeline video on the third monitor. When I hook up HDMI I get no signal, in fact, I can't have the HDMI cable hooked up for TB2 to work with the third.
Thanks,
GEvans
DarthPro
3.7 QCIntelXeonE5
12 GB
AMD FirePro dual D300 2048MB
OSX 10.9.2If you use all ThunderBolt displays, or stick with DisplayPort and Mini DisplayPort (free conversion between the two with only a cheap cable) you can have up to six displays.
If you attach "legacy" displays with "any-old adapter", you can have up to two, and the built-in HDMI counts as one if you use it.
Any more requires ACTIVE Adapters.
The US$100 Apple ACTIVE Mini DisplayPort to Dual-Link DVI adapter works in every case, even displays over 1920 wide.
StarTech and Accell make US$35 ACTIVE adpters that work for displays up to 1920 wide. -
How can I configure printer with iPad to print only grey tones? This works fine from my laptop - not air printing from that one though. I can't find anywhere on the iPad how to do printer settings and this also seems not to be available as an option when doing a printout. In fact, no options seem to be available. Thanks in advance for reacting!
HermiThere is currently no option for this. You can give Apple feedback here:
http://www.apple.com/feedback/ipad.html -
According to William Stanek, in his Windows Server 2012 R2 Inside Out: Configuration, Storage & Essentials book, this is apparently possible: (pg. 615 - here it is on Google Books: https://books.google.ca/books?id=0IyfBAAAQBAJ&pg=PT819&lpg=PT819&dq=read+operation )
Integrity can be enabled when the system is not running on Storage Spaces. When
integrity is enabled and ReFS detects a checksum mismatch, ReFS logs an event and
fails the read operation by default. If you don’t want the read operation to fail, you
can configure ReFS to continue with the read operation. A related event will be logged
regardless.
So then how do I configure it to do that???
(And just to make it super-clear, I'm NOT using Storage Spaces, so there is no redundancy via mirroring/parity, and I'm not expecting any file repair - just detection of corruption. It's just a basic volume formatted with ReFS and
with integrity streams enabled, via format E: /fs:ReFS /i:enabled
For those who want more details, here's the situation:
I try to perform a read operation on a file with corrupted data (purposely done for testing using a low-level disk editor), I get a the following error message:
And an event ID 133 from ReFSv1 gets logged in the System log:
Clicking "Try Again" just brings up the same message, and clicking "Skip" skips the operation entirely.
This is indeed the correct default behaviour.
What I want instead is for the read operation to be allowed to complete, with corrupt data and all, and ONLY for the event to be logged. And according to William Stanek, this is supposed to be configurable somewhere - and after hours of searching, I haven't
been able to find anything.Hi Tommy,
>>How can I configure ReFS to NOT fail read operations when a checksum error is detected
We can use PowerShell command Set-FileIntegrity to configure this. The specific parameter for controlling this behavior is
-Enforce <Boolean>which indicates whether to enable blocking access to a file if integrity streams do not match the data.
Regarding this point, the following article can be referred to as reference.
Set-FileIntegrity
https://technet.microsoft.com/en-us/library/jj218351.aspx
Best regards,
Frank Shen
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected] -
How can I configure a VM to boot from USB key in Virtual PC of Windows 7?
Hi all,
I want to boot up with a USB key to install a new VM on Windows 7. I heared that Microsoft Virtual PC begins to support USB device on Windows 7. How can i configure it? I don't find any virtual USB device in VM settings on my Windows 7 box.
Thanks for any help.
Scorprio
TechNet Software Assurance Managed Newsgroup MCTS: Windows Vista | Exchange Server 2007 MCITP: Enterprise Support Technician | Server & Enterprise AdminHi all,
I want to boot up with a USB key to install a new VM on Windows 7. I heared that Microsoft Virtual PC begins to support USB device on Windows 7. How can i configure it? I don't find any virtual USB device in VM settings on my Windows 7 box.
Thanks for any help.
Scorprio
TechNet Software Assurance Managed Newsgroup MCTS: Windows Vista | Exchange Server 2007 MCITP: Enterprise Support Technician | Server & Enterprise Admin
Virtual PC does not support USB. Windows 7 XP Mode Virtual Machine supports the use of USB devices. Virtual PC and Windows 7 XP Mode VM are not the same thing! -
How can i configure advance payment to vendors through cash jounal
how can i configure advance payment to vendors through cash jounal pls its urgent for me kindly help me out
HI,
I think u need not configure anyting new for this, you can use the existing Business Tran. Type K and rename it as Vendor Advance for separate identity. You can do the normal FBCJ posting.
But doing this you will not have separate identity for the Advances paid.
Thanks
VK -
How can i configure STMS with out physical systems
Dear Experts ,
please solve my doubts
here i installed one system in AIX and named it as DEV system in that system i need to perform post-installaion Activities
and i started some activities also
presently my doubt is in STMS configuration
here i have only one system (DOMINE CONTROLLER) and we need to other systems while configuration but we dont have other systems like quality and production how can i configure that systems in my landscape
this is my first implementation Experience please suggest me with some valuable suggestions
my doubts:
while creating systems we need to take for virtual systems or Extended systems
which transport routes can i prefer for Dev to Qly systemand also Qly to Prd
please reply me
RegardsHi,
If you have decided the SID's of the QUA and PRD systems then you can configure TMS with the virtual systems. Here are the steps to do so.
Login to the domain controller
Execute tcode STMS
Goto the menu overvie --> systems (Shift+F6)
SAP SYStems --> Create --> Virtual system
Enter the SID and description and then save ur entries.
Now the new virtual system will be created. Do the above for the others systems in the landscape.
Again execute STMS and then click SHIFT+F7. You will goto the transport route window. Now you can configure TMS for the systems in the list as usual.
Hope this helps.
Regards,
Varadharajan M -
How can I configure NI PCI 6221 and DAQ SCB-68 for pressure sensors?
Hello
everybody,
I am using the measuring board (NI PCI 6221) and DAQ
SCB-68 for the data acquisition.
With the DAQ-Assistant I created AI for the voltage of
pressure sensors. In a big indicator panel from this DAQ-Assistant I see the
voltage for both sensors in the correct size. But if I set sensors in the
blockdiagramm to control the signals for sensor one I get a wrong voltage size
and for sensor 2 nothing.
How can I configure this data acquisition equipment to
get the correct signals?
Thanks a lot for your help.I do not know the type of sensor you are using. But pressure transducers may have a very low output voltage(in the mVolt range). They also need an excitation voltage. Here is an introduction. http://focus.ti.com.cn/cn/lit/an/sloa034/sloa034.pdfThen working with pressure sensors I always use 3 stages in the circuit.
1 Instrumentation Amplifier as a preamp
2 filterstage
3 Final amp and output buffer
(you may combine stage 2 and 3)
Besides which, my opinion is that Express VIs Carthage must be destroyed deleted
(Sorry no Labview "brag list" so far) -
how can i configure my wireless keyword so i can use the Function <F> keys to control volume etc...? I am using 10.5.8 OS
little wireless cameras would not have the ability to send back to the base, even thought the base can reach it.
Now if you take regular cameras and wire them into a Cisco switch that was attached to a wireless bridge that could shine back to the base...now you might have something, but your still going to have to do a survey/path analysis to determine if it is feasible.
Coverage isnt throughput. I see one base station with 3 or 4 sectoral antennas depending on direction, pointing two several distribution bridges to bridge the gaps that go out again to the cameras...something like that. And all of it should be higher in the air than your construction. -
How can I configure MA to display "speaking" OpCode and Task names
If you have a custom ETW Eventsource definition: PerfView reads and Displays from the etl files the OpCode and Task values not as integer but as defined in EventSource inner classe for Task and in the
System.Diagnostics.Tracing.EventOpCode. My question is, how can I configure the MA to display the values not as "magic numbers" or can MA get this feature?
Regards,
Alexander
Kind regards, AlexanderHi Paul,
please take a look to the attached picture. I've tried to make a comparison between automatically behavior of PerfView and Message Analyzer by displaying of the same performance log. The Message Analyzer got metadata, generated with wevtutil. The related
part of the manifest is here:
<tasks>
<task name="ReadingFromGdb" value="1"/>
<task name="LogReadPreInvoke" value="65532"/>
</tasks>
<opcodes>
</opcodes>
<keywords>
<keyword name="Perf" message="$(string.keyword_Perf)" mask="0x8"/>
<keyword name="Gdb" message="$(string.keyword_Gdb)" mask="0x10"/>
</keywords>
<events>
<event value="8" version="0" level="win:Verbose" message="$(string.event_LogGdbReadPreInvoke)" keywords="Perf Gdb" opcode="win:Start" task="ReadingFromGdb" template="LogGdbReadPreInvokeArgs"/>
</events>
<templates>
<template tid="LogGdbReadPreInvokeArgs">
<data name="fullName" inType="win:UnicodeString"/>
<data name="methodName" inType="win:UnicodeString"/>
</template>
I hope, it helps you to understand details of my questions.
Regards,
Alexander
Kind regards, Alexander -
How can we configure or control records go into single idoc thru BODS?
Hi,
Our case is -
IDOC format has three segment. Each segments has child nodes -
1. CONTROL SEGMENT - This is required only once per idoc.
child1
child2
2. SEGMENT1 - sinlge source record to be broken into two segments.
child1
child2
3. SEGMENT2 - sinlge source record to be broken into two segments.
child1
child2
we have a single source (lest say having 100 records).
In the current design which does generates IDOCS but as many as the no of records in source. Currently we use a row generation transform as dummy (with row count as 1) to pass to the IDOC parent nodes's from clause to escape the error - invalid input to the parent nodes.
Child nodes are either mapped to the source table or are null.
Question - How can we configure this in a way that we control how many records go into single idoc. Ex - lets say 50 per idoc so only 2 idoc should be created if 100 records are there.HI,
this sounds to me like Data Services. If so I would suggest to post this into the Data Service forum.
regards
Ingo HIlgefort
Maybe you are looking for
-
Dear All How to add New entry thru Tcode OMWD Actually i have one entry in OMWD like , Val Area Co Code Company NAme Chrts / Accts Val Grpg Code RIH1 RI01 CCCCCC RUBA 0001 Now here
-
Error Connecting Crystal Report Server XI to Database
I am trying to install Crystal Reports Server XI on a server running Windows Server 2008 R2 (64 bit). The software installs fine; however, when I try to login to the CMS (central management server), I get the following error: Falied to retrieve clus
-
"Please check the agent -NAME parameter" error
I get the following error when trying to execute a simple ODI package. Before the process even starts running, I get the following message in a popup. I have tested the physical connection to the ODI agent successfully in the topology manager. This a
-
Screen Painter error when click or moving objects
Hi all, from the last two or three releases of SAP B1, i get an error when i try to click with the mouse over a control in screen painter. The object over i click on, become very large (width = large int) and the same with the top property. Any sugge
-
Changing Row color of standard SQL report
Hi, I am trying to follow this post to change the color of a row in APEX SQL report. Change Colour of Row - Oracle APEX SQL Report It's a bit outdated, and trying to figure out how to get to this page: http://img7.imageshack.us/img7/4782/columntempla