How to authenticate user in Active Directory for an Oracle report

Hey there,
We have users of 1 report all over the country.
Currently, when using the report, the user chooses a location as a parameter, then runs the report.
The problem is we don't want the user to be able to see data from other locations, only their own.
So how can I do this as all users are set up in Active Directory, but the only thing that distinguishes them apart is under the Properties of the user, under the General tab, the Office field says where they are located.
Thanks in advance!

Similar Messages

How to create user in Active directory

Hello,
I'm trying to create a user in active directory via the following example:
String userName = "cn=Jef Klak,ou=Ps Users,ou=Users,ou=Managed,dc=xxx,dc=local";
     Attributes attrs = new BasicAttributes(false);
     Attribute oc = new BasicAttribute("objectClass");
     oc.add("top");
     oc.add("person");
     oc.add("organizationalPerson");
     oc.add("user");
     attrs.put(oc);
          attrs.put("cn","Jef Klak");
          attrs.put("giveName","Jef");
          attrs.put("sn","Klak");
          attrs.put("displayName","Klak, Jef");
          attrs.put("description","IR");
          attrs.put("userPrincipalName","[email protected]");
          attrs.put("mail","[email protected]");
          attrs.put("company", "XXX");
          attrs.put("sAMAccountName","jk666");
attrs.put("userAccountControl",Integer.toString(UF_NORMAL_ACCOUNT + UF_DONT_EXPIRE_PASSWD+ UF_ACCOUNTDISABLE));
          Context result = fctx.createSubcontext(userName, attrs);
As a result I'm getting the following error:
javax.naming.directory.NoSuchAttributeException: [LDAP: error code 16 - 00000057: LdapErr: DSID-0C090B38, comment: Error in attribute conversion operation, data 0, vece
remaining name 'cn=Jef Klak,ou=Ps Users,ou=Users,ou=Managed,dc=xxx,dc=local'
Anybody any tips or advice on this one? Or maybe a working examples how to add users in AD?
Listing entries in the AD is no problem, so it's only adding them.
Many thanks,
Filip

          attrs.put("giveName","Jef");
javax.naming.directory.NoSuchAttributeExceptionSpelling error.

How to update users to Active Directory using Hyena Active Task List?

Kevin,
thanks for your input. I was able to firgured it out. It need the full path. with the CN=John Doe
Working like a charm!! thx!!

http://www.systemtools.com/HyenaHelp/active_editor.htm"Each Active Directory object is identifiable by its directory path, called the ADsPath. A special symbol, %ADSPATH%, can be inserted in the field order list that can be associated with the directory path in the import file. The ADsPath doesNOThave to be one of the attributes for the directory objects in the Editor if the ADsPath is used as the Key Field in the import file.Using an ADsPath as a match field can be difficult, as it is a long and complex string, and if special characters are used in some directory fields, Active Directory will automatically insert additional special characters into the ADsPath. One method of getting the ADsPath into a file for directory objects is to use Hyena's Edit Copy dialog. A special symbol, %ADSPATH%, can be added to any Active Directory copied...

HOW TO CREATE A NEW J2EE APP FOR DEPLOYING ORACLE REPORTS USING JDEVELOPER?

Hi,
I'm new to JDeveloper and Java, JSP etc. I'm trying to deploy a sample parameter form for JSP report. My question is: When I create a J2EE application using JDeveloper, how to make sure "The WEB-INF directory must contain the JSP tag library for Oracle Reports, called reports_tld.jar"? How to do it via JDeveloper?
In my JSP page, I use <%@ taglib uri="/WEB-INF/lib/reports_tld.jar" prefix="rw" %>.

Does anyone know the answer to this question?
I get the following error in Jdeveloper when running my test jsp report:
Error(8): Unable to load taghandler class: /WEB-INF/lib/reports_tld.jar
Thanks.
Hi,
I'm new to JDeveloper and Java, JSP etc. I'm trying
to deploy a sample parameter form for JSP report. My
question is: When I create a J2EE application using
JDeveloper, how to make sure "The WEB-INF directory
must contain the JSP tag library for Oracle Reports,
called reports_tld.jar"? How to do it via JDeveloper?
In my JSP page, I use <%@ taglib
uri="/WEB-INF/lib/reports_tld.jar" prefix="rw" %>.

How to import your MS Active Directory users in an Oracle table

Hello,
I first tried to get a Heterogenous Connection to my MS Active Directory to get information on my Active Directory users.
This doesn't work so I used an alternative solution:
How to import your MS Active Directory users in an Oracle table
- a Visual Basic script for export from Active Directory
- a table in my database
- a SQL*Loader Control-file
- a command-file to start the SQL*Loader
Now I can schedule the vsb-script and the command-file to get my information in an Oracle table. This works fine for me.
Just to share my scripts:
I made a Visual Basic script to make an export from my Active Directory to a CSV-file.
'Export_ActiveDir_users.vbs                              26-10-2006
'Script to export info from MS Active Directory to a CSV-file
'     Accountname, employeeid, Name, Function, Department etc.
'       Richard de Boer - Wetterskip Fryslan, the Nethterlands
'     samaccountname          Logon Name / Account
'     employeeid          Employee ID
'     name               name
'     displayname          Display Name / Full Name
'     sn               Last Name
'     description          Description / Function
'     department          Department / Organisation
'     physicaldeliveryofficename Office Location     Wetterskip Fryslan
'     streetaddress          Street Address          Harlingerstraatweg 113
'     l               City / Location          Leeuwarden
'     mail               E-mail adress
'     wwwhomepage          Web Page Address
'     distinguishedName     Full unique name with cn, ou's, dc's
'Global variables
    Dim oContainer
    Dim OutPutFile
    Dim FileSystem
'Initialize global variables
    Set FileSystem = WScript.CreateObject("Scripting.FileSystemObject")
    Set OutPutFile = FileSystem.CreateTextFile("ActiveDir_users.csv", True)
    Set oContainer=GetObject("LDAP://OU=WFgebruikers,DC=Wetterskip,DC=Fryslan,DC=Local")
'Enumerate Container
    EnumerateUsers oContainer
'Clean up
    OutPutFile.Close
    Set FileSystem = Nothing
    Set oContainer = Nothing
    WScript.Echo "Finished"
    WScript.Quit(0)
Sub EnumerateUsers(oCont)
    Dim oUser
    For Each oUser In oCont
        Select Case LCase(oUser.Class)
               Case "user"
                    If Not IsEmpty(oUser.distinguishedName) Then
                        OutPutFile.WriteLine _
               oUser.samaccountname      & ";" & _
               oUser.employeeid     & ";" & _
               oUser.Get ("name")      & ";" & _
               oUser.displayname      & ";" & _
               oUser.sn           & ";" & _
               oUser.description      & ";" & _
               oUser.department      & ";" & _
               oUser.physicaldeliveryofficename & ";" & _
               oUser.streetaddress      & ";" & _
               oUser.l           & ";" & _
               oUser.mail           & ";" & _
               oUser.wwwhomepage      & ";" & _
               oUser.distinguishedName     & ";"
                    End If
               Case "organizationalunit", "container"
                    EnumerateUsers oUser
        End Select
    Next
End SubThis give's output like this:
rdeboer;2988;Richard de Boer;Richard de Boer;de Boer;Database Administrator;Informatie- en Communicatie Technologie;;Harlingerstraatweg 113;Leeuwarden;[email protected];;CN=Richard de Boer,OU=Informatie- en Communicatie Technologie,OU=Afdelingen,OU=WFGebruikers,DC=wetterskip,DC=fryslan,DC=local;
tbronkhorst;201;Tjitske Bronkhorst;Tjitske Bronkhorst;Bronkhorst;Configuratiebeheerder;Informatie- en Communicatie Technologie;;Harlingerstraatweg 113;Leeuwarden;[email protected];;CN=Tjitske Bronkhorst,OU=Informatie- en Communicatie Technologie,OU=Afdelingen,OU=WFGebruikers,DC=wetterskip,DC=fryslan,DC=local;I made a table in my Oracle database:
CREATE TABLE     PG4WF.ACTD_USERS
     samaccountname          VARCHAR2(64)
,     employeeid          VARCHAR2(16)
,     name               VARCHAR2(64)
,     displayname          VARCHAR2(64)
,     sn               VARCHAR2(64)
,     description          VARCHAR2(100)
,     department          VARCHAR2(64)
,     physicaldeliveryofficename     VARCHAR2(64)
,     streetaddress          VARCHAR2(128)
,     l               VARCHAR2(64)
,     mail               VARCHAR2(100)
,     wwwhomepage          VARCHAR2(128)
,     distinguishedName     VARCHAR2(256)
)I made SQL*Loader Control-file:
LOAD DATA
INFILE           'ActiveDir_users.csv'
BADFILE      'ActiveDir_users.bad'
DISCARDFILE      'ActiveDir_users.dsc'
TRUNCATE
INTO TABLE PG4WF.ACTD_USERS
FIELDS TERMINATED BY ';'
(     samaccountname
,     employeeid
,     name
,     displayname
,     sn
,     description
,     department
,     physicaldeliveryofficename
,     streetaddress
,     l
,     mail
,     wwwhomepage
,     distinguishedName
)I made a cmd-file to start SQL*Loader
: Import the Active Directory users in Oracle by SQL*Loader
D:\Oracle\ora92\bin\sqlldr userid=pg4wf/<password>@<database> control=sqlldr_ActiveDir_users.ctl log=sqlldr_ActiveDir_users.logI used this for a good list of active directory fields:
http://www.kouti.com/tables/userattributes.htm
Greetings,
Richard de Boer

I have a table with about 50,000 records in my Oracle database and there is a date column which shows the date that each record get inserted to the table, for example 04-Aug-13.
Is there any way that I can find out what time each record has been inserted?
For example: 04-Aug-13 4:20:00 PM. (For my existing records not future ones)
First you need to clarify what you mean by 'the date that each record get inserted'. A row is not permanent and visible to other sessions until it has been COMMITTED and that commit may happen seconds, minutes, hours or even days AFTER a user actually creates the row and puts a date in your 'date column'.
Second - your date column, and ALL date columns, includes a time component. So just query your date column for the time.
The only way that time value will be incorrect is if you did something silly like TRUNC(myDate) when you inserted the value. That would use a time component of 00:00:00 and destroy the actual time.

User login report in Active Directory for specific date and time

I want to get User login report in Active Directory for specific date and time e.g user logged in at15-01-2015 from 8:00am to 4:00pm
Is any query, script or any tool available?
Waiting for reply please

You can identify the last logon date and time using my script here: https://gallery.technet.microsoft.com/scriptcenter/Get-Active-Directory-User-bbcdd771
If you would like to get back in time and see when the user did a logon / logoff then you need to have auditing enabled. Once done, you can records from Security log in the event viewer: https://social.technet.microsoft.com/Forums/windowsserver/en-US/98cbecb0-d23d-479d-aa65-07e3e214e2c7/manage-active-directory-users-logon-logoff-events
I have started a Wiki about how to track logon / logoff and it can help too: http://social.technet.microsoft.com/wiki/contents/articles/20422.record-logon-logoff-activities-on-domain-servers-and-workstations-using-group-policy.aspx
This posting is provided AS IS with no warranties or guarantees , and confers no rights.
Ahmed MALEK
My Website Link
My Linkedin Profile
My MVP Profile

Impact on roaming profile accounts if we Change User logon Name to Employee Number format in Active Directory for all User accounts

I want to understand if we change User logon Name to Employee Number format in Active Directory for all User accounts, then what would be the impact on existing profile. Whether we need to change it manualy or it will connect to same profiles in terminal
session.
As i observed it create new profile after logon name changed to employee number where existing users profile settings get fails to load and prompt for new settings (such as outlook reconfiguration, share drive mapping etc.).
Kindly let me know the proper process to overcome with this, how to connect same existing roaming profile with employee number format change.

Hi,
What if we change the user name of user account, will it have impact on roaming profiles.
Yes, it will affect roaming profiles. Please rename the roaming profile folder as the new user account name, in addition, change the profile path in ADUC.
Here is an related article below for you:
How to Rename a Windows 7 User Account and Related Profile Folder
http://social.technet.microsoft.com/wiki/contents/articles/19834.how-to-rename-a-windows-7-user-account-and-related-profile-folder.aspx
Best Regards,
Amy

Is there a way to authenticate an iPad to our WLAN using a digital certificate and then authorize the user in Active Directory?

We want to authenticate both a device (iPad) to our corporate WLAN, but after authenticating the device we would also like to authentiate the user in Active Directory if possible. Has anyone had any experience with this?

You need to make sure that the server sends the "GeoTrust DV SSL CA" intermediate certificate.
See:
* http://www.networking4all.com/en/support/tools/site+check/ (www.ucfs.net)
* https://knowledge.geotrust.com/support/knowledge-base/index?page=content&id=SO9557
* https://knowledge.geotrust.com/support/knowledge-base/index?page=content&id=AR1422

Webservice authenticate by microsoft active directory

Hi,
i am a newbie about web services...
i want to create a 'secure' web service that user have to provide user name
and password so as to call the web service..
i am using jdeveloper 10.1.3.1...
i secured the web service by wss (set through web service wizard..
i.e. right-click web service..then Security->Authenticate, tick the 'Expect username to
authenticate" and "password required")...
*****My question is how can authenticate the user through active directory?
*****Counld anybody please give me some information?
thank you...
Message was edited by:
lsp

Hi Tugdual,
thank you for your advice...
i follow the document "External LDAP Security Providers" and set up the
LDAP security provider...
in the OC4J web admin security page...i have press the 'test ldap authorization'
button to confirm the ldap connection is correctly set.
but when i want to call the web service, deployed in that OC4J container,
operation fail with an error message :
javax.xml.rpc.soap.SOAPFaultException: UnsupportedCallbackException: oracle.security.jazn.callback.IdentityCallback@19f410 not available to gather authentication information from the user
     at oracle.j2ee.ws.client.StreamingSender._raiseFault(StreamingSender.java:568)
     at oracle.j2ee.ws.client.StreamingSender._sendImpl(StreamingSender.java:396)
     at oracle.j2ee.ws.client.StreamingSender._send(StreamingSender.java:112)
     at test.proxy.ws1.runtime.MyWebService1SoapHttp_Stub.getUserNameYY(MyWebService1SoapHttp_Stub.java:134)
     at test.proxy.ws1.MyWebService1SoapHttpPortClient.getUserNameYY(MyWebService1SoapHttpPortClient.java:50)
     at test.proxy.ws1.MyWebService1SoapHttpPortClient.main(MyWebService1SoapHttpPortClient.java:33)
it seems the problem is related to the web service client proxy..
do you have any idea or solution??
thank you...
Message was edited by:
lsp

Adding a user in Active Directory

Hi fellows,
I am having a serious problem in creating a new user in active directory. i am using LDAP JNDI code. I can delete and update users attributes, but fail to create users.
ctx.createSubcontext("newuser,full domain", attributes);
when i specify a new user in "newuser" it gives exception invalidnameexception. I don't understand how to create a new entry within the directory structure of predefined tree. by the way, i can create users by active directory explorer but java application is giving exceptions.
Any help will be highly appreciated.

A DistinguishedName is of the form e.g. "cn=username, ou=Users,dc=hostname,dc=com". In other words it contains attribute names and values for each name component. Evidently your DN doesn't do that.

APEX_LDAP.AUTHENTICATE - using Microsoft Active Directory

Application Express 4.1.1.00.23
Internet Explorer - 8
Oracle Database 11g Enterprise Edition Release 11.2.0.3.0 - 64bit Production
Hi very new to Apex and trying to get the authenticaqtion to work against our active directory. I have setup an authentication scheme for my application chossing the schema type as LDAP Directory...my settings are as follows:
Host : ****
Port : 389
Use SSL: No SSL
Distinguished Name (DN) String : domain\%LDAP_USER%
Use Exact Distinguished Name (DN) : Yes
This works perfectly and authenticates the user against active directory. The problem is when I try do the following in the database as I really want to setup a custom authentication scheme, it just does not work.
Begin
IF apex_ldap.authenticate(
p_username => 'testusername',
p_password => 'testpassword',
p_search_base => 'domain\%LDAP_USER%',
p_host => '*****',
p_port => 389) THEN
dbms_output.put_line('True');
Else
dbms_output.put_line('False');
End If;
End;
No matter what I do this always returns false. I have created a function based on same code and created a custom authentication scheme that calls the function but I always get a false. Not sure why it works one way and not the other. Also would really appreciate if someone could help me get the code above to work or help correct it.
I have looked through the forum and tried many different search base strings but nothing seems to work.
Regards
Ash

Hi Ash,
Microsoft AD allows "domain\%LDAP_USER%" instead of a real distinguished name (DN), but this does not work with apex_ldap.authenticate. The authenticate function tries to create a DN from username and search base. It does not substitute the "%LDAP_USER%" pattern with the username. Based on the parameters I see in your example, it would try to authenticate with "cn=testusername,domain\%LDAP_USER%", which is clearly wrong, hence the authentication failure.
What you could do is use another package, although it's not in the official API docs, like this (untested):
Begin
    IF wwv_flow_custom_auth_ldap.authenticate(
           p_dn => 'domain\testusername',
           p_password => 'testpassword',
           p_ldap_host => '*****',
           p_ldap_port => 389)
    THEN
        dbms_output.put_line('True');
    Else
        dbms_output.put_line('False');
    End If;
End;Regards,
Christian

How to import Photos into Active Directory

Hi -
IT Director asked me to import employees pictures into Active Directory so that we can use them in Outlook, SharePoint, Lync etc.
Do you know how to import pictures into Active Directory?

Thumbnailphoto Attribute in active directory is responsible for adding photos to Active directory.
By Default Replication of this attribute will be disabled to Global catalog server. To make use of this facility we will have to enable replication of this attribute to Global Catalog. ( To accomplish this you will have to edit the schema using Active directory
schema snap in).
Refer Below link which explains about enabling the replication of Thumbnailphoto attribute to Global catalog.
http://www.msexchange.org/articles_tutorials/exchange-server-2010/management-administration/configuring-using-display-picture-exchange-server-2010.html
Requirements
Minimum requirement for your exchange enviornment to use this - Exchange 2010.
Exchange 2007 Don't support uploading photos AFAIK.
Domain controller should be running with atleast windows server 2008 or later. And
schema has to be windows server 2008
Additionally for your information,
How to remove the uploaded photos?
Either You can edit the Thumbnailphoto attribute using ADSIedit and remove the entry which is assocaited with Thumbnailphoto attribute.
Or,
Try this.
The Import-RecipientDataProperty and Export-RecipientDataProperty cmdlets allow you to import and export the photo blob to and from
thumbnailPhoto attribute, but there's no Remove-RecipientDataProperty cmdlet to remove it. You can use the
RemovePicture switch of Set-Mailbox cmdlet to remove a user's photo. For example:
Set-Mailbox "Bharat Suneja" -RemovePicture
Check out the below link which explains in and out of uploading photos,
http://blogs.technet.com/b/exchange/archive/2010/06/01/gal-photos-frequently-asked-questions.aspx
http://blogs.technet.com/b/ilvancri/archive/2009/11/17/upload-picture-in-outlook-2010-using-the-exchange-management-shell-exchange-2010.aspx
To know about uploading photo using powershell ask this question in powershell forum
http://social.technet.microsoft.com/Forums/en-US/winserverpowershell/threads
Regards,
_Prashant_
MCSA|MCITP SA|Microsoft Exchange 2003 Blog - http://prashant1987.wordpress.com Disclaimer: This posting is provided AS-IS with no warranties/guarantees and confers no rights.

Creating a windows user in Active Directory

I am trying to create a user in Active Directory that can log on as any other Windows user, but when I try to log into Windows, I get the following error message:
"The local policy of this system does not allow you to logon interactively".
Are there any attributes or objectclass settings that must be set for the user to allow interactive logons?
Thanks in advance!

This has nothing to do with JNDI, the object class or attributes.
I assume that you are trying to logon locally to the domain controller with the new user that you have just created.
By default, the domain controller's policy only allows specific users or members of a group to logon locally at the domain domain controller's console.
Either edit the domain controller'sgroup policy and add your newly created user to the list of users permitted to logon locally, or add the user to a group which has already been granted permission to logon locally.

Creating users in Active Directory through LDAP connector

Hello,
If we need to create users in Active directory using LDAP connector, what are the options for the following:
1) Update back into SAP from AD. LDAP connector updates only in one direction i.e from SAP to Active directory.
2) Can we add additional fields in LDAPMAP which are not standard e.g can we we write our own code to extract data from HR to map the value with an attritube within Active directory?
Regards,
Ahmad

Hello!
I noticed the email in my inbox and understand the reason for deleting it - checked the rules again - no problem with that.
Here is the posting again - sanitized this time.
You can create users in LDAP/AD from SAP without a problem. SAP provides function modules to create/maintain/delete users with LDAP attributes in the correct ou path.
You can also perform group membership assignment in LDAP from SAP if needed.
I have done this quite a few times at different companies that use SAP HCM.
A userid in SAP is created automatically during hiring action with default password e.g. birthday of employee and certain authorization roles based on configured information.
The userid is then created right away in LDAP in the correct ou path (controlled via custom configuration table) and LDAP group membership is assigned.
A job runs every 8 hours to perform delta updates in LDAP.
The userid in SAP and LDAP are locked automatically if the user is terminated using termination action in HR.

Add user to Active directory using SAP ABAP

Hi Experts,
I am currently working on a security refractor project where we are planning on automating the user creation process in business object and Oracle Hyperion using GRC-BW.
Our Hyperion user management is based on active directory/LDAP groups.
So say for example - we have a new user say ABC and in GRC he select the SAP-BW role 'HYP_FINANCE_USA' then I want to write a program in BW which will see who all users are assigned to 'HYP_FINANCE_USA' role and will go an update the active directory distribution list group named 'HYP_FINANCE_USA'.
Has anyone written a ABAP program or used standard function modules/BADI's etc to add/delete user from active directory/LDAP group ?

Would you post your code? I have yet to see any working jndi code to add a user to AD. Thanks.

How to authenticate user in Active Directory for an Oracle report

Similar Messages

Maybe you are looking for