How to configure Enterprise User Security ?
Hi All,
I am following the oracle document for setting up Enterprise User Security to setup Enterprise user security between OID 11g and database 11g . but right now if i click on the "Enterprise User Security" link in the Security under the Server tab , I am getting a HTTP 500 internal error , please kindly provide your inputs .
Regards,
Senthil.
Hi,
You don't so much configure enterprise voice for federation, you just configure enterprise voice. Then when you configure you're environment for federation, the voice features will take care of themselves. The two are separation components / features.
But you'll need to be a little more specific; Are the two user forests using the same Lync environment through a forest trust(s) (resource or central forest topologies)? If they are, then you don't need to do anything with federation for these
two forests to leverage enterprise voice between their users - it will just work. However if each user forest is using a separate Lync environment, then you will need to configure federation between the two and make use of Lync Edge servers.
You can enable enterprise voice for users without an SBC or gateway, this component is used merely to connect your Lync platform to the PSTN. You may also use a direct SIP trunk to your mediation server as you have eluded to, although I never recommend this
in production for security reasons (which I feel others will back me on), it is still a supported option.
Let me know if I've interpreted this completely wrong.
Kind regards
Ben
Note: If you find a post informative, please mark it so using the arrow to the left. If it answers a question you've asked, please mark the thread as answered to aid others when they're looking for solutions to similar problems or queries.
Lync | Skype | Blog: Gecko-Studio
Similar Messages
-
Enterprise User Security, How do I store the DB password somewhere else?
Hi Guys,
I'm running Oracle 11gR2 and OID 11gR1.
Right now I have enterprise user security working, however I would like to decouple Apps / Directory password from the DB password in OID.
I understand that I can stick the password in orclpasswordverifier.
I have tried to add a new Password Verifier in OID, set up the appropriate appID in the password verifier, added the orclpasswordverifier.<appid> = password into my user but the set up refuses to go to orclpasswordverifier.<appid> it still uses the value of userpassword and orclpassword. I have also read the manual like 5 times.
I've even tried to move the Password Verifier around, to root DBSecurity context, to my domain's context, swapped around the appid value, but no matter what it doesn't seem to work.
Any advise please?I could able to find out the solution for the first item by looking at the forums and some documentation.
We can specify the some part of the URL in the cgicmd.dat file as a key value pairs, which is located in <Oracle-Home>/reports/conf
testreports: userid=scott/tiger@ORCL destype=CACHE server=ust %*
Here the key is -- testreports
Now new URL to access the report like
http://localhost:7778/reports/rwservlet?cmdkey=testreports&report=sample_report.rdf&desformat=pdf&p_from_date=02-MAY-2006&p_to_date=03-SEP-2006
You can see that Key is passed as cmdkey=testreports
Please do remember that you have to append %* at the end of the key, this will allow part of the Key specified in the config file and part will be supplied in the URL
Madhu -
Get error while Integrating with Oracle's Enterprise User Security
Hi,
I am trying to create an Oracle Enterprise User integrating with OVD and MS Active Directory.
I am following all the steps in Integrating with Oracle's Enterprise User Security.
In the documentation section: "Configuring Oracle Virtual Directory for the Integration"
I have applied the steps successfully until:
Update and load the entries into the Local Store Adapters by performing the following steps:
I have successfully extended the Oracle Virtual Directory schema with the loadOVD.ldif
However I am getting errors in the next step: Update realmRoot.ldif to use your namespaces
The next step states the following:
Update realmRoot.ldif to use your namespaces, including the dn, dc, o, orclsubscriberfullname,
and memberurl attributes in the file. If you have a DN mapping between Active Directory and
Oracle Virtual Directory, use the DN that you see from Oracle Virtual Directory.
The realmRoot.ldif file is located in ORACLE_VIRTUAL_DIRECTORY_HOME/eus,
where ORACLE_VIRTUAL_DIRECTORY_HOME represents the location where Oracle Virtual Directory is installed.
The realmRoot.ldif file contains core entries in the directory namespace that Enterprise User Security queries. The realmRoot.ldif file also contains the dynamic group that contains the registered Enterprise User Security databases to allow secured access to sensitive Enterprise User Security related attributes, like the user's Enterprise User Security hashed password attribute.
Load your domain root information in the realmRoot.ldif file into Oracle Virtual Directory using the following command:
ldapmodify -h Oracle_Virtual_Directory_Host –p OVD_Port -D cn=admin -w Admin_Password -v -a –f realmRoot.ldif
When I run the ldapmodify command I get the following error:
add dc:
testldap
add objectclass:
top
domain
domainDNS
adding new entry DC=testldap,DC=local
ldap_add: Operations error
ldap_add: additional info: LDAP Error 1 : null
The actual realmRoot.ldif looks like this:
# Please uncomment the following one line if you are importing this
# LDIF file via OVD Manager or OVD Server's ldapmodify tool.
#version: 1
#dn: dc=com
#dc: com
#objectclass: domain
dn: DC=testldap,DC=local
changetype: add
dc: testldap
#o: subarashii
objectclass: top
objectclass: domain
objectclass: domainDNS
#objectclass: orclSubscriber
#orclsubscriberfullname: subarashii
#orclVersion: 90400
# If your domain structure has more layers than dc=subarashii,dc=com,
# for example, it's dc=us,dc=subarashii,dc=com, you will need to load
# the following ldif entry/entries too.
# Uncomment out the following, if required.
#dn: dc=us,dc=subarashii,dc=com
#orclversion: 90400
#orclsubscriberfullname: us
#objectclass: domain
#objectclass: top
#objectclass: orclSubscriber
#dc: us
# Adding EUSDBGroup entry
# Modify the memberurl attribute and replace it with your own domain name
#dn: cn=EUSDBGROUP,dc=subarashii,dc=com
#cn: EUSDBGROUP
#memberurl:ldap:///dc=subarashii,dc=com??sub?(&(objectclass=orclService)(objectclass=orclDBServer))
#objectclass:groupofuniquenames
#objectclass:groupofurls
#objectclass:topDid you ever get your questions answered about the realmRoot.ldif file? Did you manage to configure a successful integration of OVD with EUS? I am battling with trying to get Oracle Virtual Directory integrated with Enterprise User Security, but every step I take in Chapter 7 of the OVD manual fails in some way, and the instructions are often vague. I am not sure how to modify the realmRoot.ldif file. Is there any improved documentation on this? I have logged a Service Request, but not getting any help. Any resources or documentation you know of that provides better guidance would be much appreciated. I am way behind my schedule now and this is a very frustrating exercise.
Thanks. -
Completion Insight not working correctly when using Enterprise User Security (EUS) logon
This is a pre existing issue we've experienced with SQL Developer, though I've only just worked out what is causing the issue it is present in previous versions of the tool, up to the current 4.0.EA2.
We experience issues with the Completion Insight functionality of SQL Developer.
When we log into a database using Enterprise User Security i,e authenticating against OID, the schema of the database account is prefixed to any reference to public synonyms, ie all user_%, all_%, dba_% and v$% views.
When I change the authentication of the database account back to normal database authentication the schema prefix correctly isn't shown. It simply suggests the synonym name of the views.
An example of this is as follows when attempting to query the DBA_TABLES view:
The database account is ORADBA and has DBA privs.
The EUS user that is mapped to the ORADBA schema is dbutler.
The ORADBA user is configured to authenticate externally (against OID).
I login with my dbutler directory credentials:
If I start typing:
select * from dba_tabl
The object name is suggested as ORADBA.dba_tables
If I change the authentication of the ORADBA account back to database authentication, the prefix is no longer present.
i.e If I start typing:
select * from dba_tabl
The object name is suggested as dba_tablesIf you're not using DB 10.2 this is the "expected" behavior for the DB. See also metalink note 351170.1 "Enterprise Users Can Connect to a Database when the OID Account is Disabled"
regards,
--Olaf -
Enterprise User Security and Password Policies
Hi!
I'm testing Enterprise User Security. Till now everything has gone ok, I can connect to my db using oid users.
Now I'm configuring OID password policies for my realm but it seems that these are not applied when I connect through db. For example, I can try to logon with a wrong password as many time as I want, although in policies a limit of three is set.
Is this correct?!If you're not using DB 10.2 this is the "expected" behavior for the DB. See also metalink note 351170.1 "Enterprise Users Can Connect to a Database when the OID Account is Disabled"
regards,
--Olaf -
How to configure Enterprise Manager in Active Data Guard?
Hi,
I have installed oracle 11g r2 rac with asm in two nodes. OS is hp-Unix.
I have installed oracle11g Active Data Guard using Single alone Database.
Both RAc and Active Data Guard works fine.
I have not configure Data Guard Broker.
Question: How to configure Enterprise Manager in Active Data Guard?
Thanks
Solaimanhttp://www.gokhanatil.com/2012/04/manage-your-existing-data-guards-with.html
-
How to configure Enterprise Manager both node (2 node) RAC?
Hi,
I have installed oracle 11g r2 rac with asm in two nodes. OS is hp-Unix.
I have installed oracle11g Active Data Guard using Single alone Database.
Both RAc and Active Data Guard works fine.
I have not configure Data Guard Broker.
I have configure Enterprise Manager during RAC database installation.
When I start Enterprise Manager from node1 its address to node1
but when I start Enterprise Manager from node2 it also addressed to node1.
When both node is up and running, I can connect from Enterprise Manager.
When node2 is down but node1 is up then also I can connect from Enterprise Manager
but when node1 is down and node2 is up I can't connect from Enterprise Manager.
Question: How to configure Enterprise Manager so that I can connect through it whenever any single node is running?
Thanks
Solaimanhttp://www.gokhanatil.com/2012/04/manage-your-existing-data-guards-with.html
-
How to configure Symantec Mail Security for SMTP & Messaging Server 6.3
Hi!
I want to install a Symantec Mail Security for SMTP 5.0.1(host1) with Messaging Server 6.3 (in production - host2), but when I try to access to POP protocol to send a message from Internet, the system display a message with a relay problem.
- Could you help me with this issue?,
- Do you know some documentation that speaks of this?. I can't find any documentation that explain how to configure and integrate SMS and Messaging Server. Thanks in advance.
Regards, CRctemp1 wrote:
I want to install a Symantec Mail Security for SMTP 5.0.1(host1) with Messaging Server 6.3 (in production - host2), but when I try to access to POP protocol to send a message from Internet, the system display a message with a relay problem.I take it that you have configured the symantec software like this?
internet -> symantec mail security system -> sun messaging server -> recipientA better approach is the following
internet -> sun messaging server -> recipient
|
V
symantec mail security system(refer here: http://blogs.sun.com/factotum/entry/messaging_server_correctly_deploying_the)
- Do you know some documentation that speaks of this?. I can't find any documentation that explain how to configure and integrate SMS and Messaging Server. Thanks in advance.There is no documentation specifically for symantec software but we do document how to send emails via the symantec mail security server using the aliasdetourhost channel keyword:
http://docs.sun.com/app/docs/doc/819-4428/6n6j42615?a=view#bgaqy
Regards,
Shane. -
How to configure Mail Users aliases
Hello,
i have installed OS X Lion Server and after after a short while i was very dissapointed.
One of my goals was to get a easy GUI to adminstrate my mail Server.
So, after installing Server App i configure and activate a Mail Server.
Then i wanted to add aliases to my User and tried to start The Workgroup Manager.
Within i searched for a the mail tab in order to configure the User Aliases.
But there was no Mail tab there, so i have to create the aliases through the command line (edit /etc/postfix/aliases, newaliases).
I cannot believe that there is no gui for configuring mail users. Is this really so or is it in another place or have i forgotten to check or to do something else.
How do you setting up and configure mail and mail users in OS X Lion?
I am looking forward to you answers and expiriences,
Greetings,
Peter@menzbua
You can configure mail aliases, the same way you did in Mac OS 10.6 Server... Make sure you have Installed Server Tools for 10.7. Run Workgroup Manager. Under the User, Select Short names on the 2nd or 3 line add [email protected] etc .etc -
How to configur the user to get notified when IDOC goes in to error?
Hello Experts,
Please tell me how to notify the users when IDOC goes in to error...
please tell me where we can configure this thing,,
Thanks
VenkateshVenkatesh,
The best technique for this would be configuring Workflow. Whenever an Idoc goes into an error it will go to the specified user. You have to set it up and can have more than 1 user and also depending on what Idoc failed you can have different users.
Example ORDERS05 failed, let it go to the inbox of the Order team , SHPORD failed , put it in the mailbox of the WM team lead etc.
Read up the workflow documentation of SAP which is really good.
You can do other things, like have a simple email etc. but all will need program changes.
Usually I have seen some teams have the most simple mechanism.
Have a peron check the Idoc that failed and then notify the teams.
Of course 1 person can be only responsible for lets say a few Idoc types.
I have worked in such a environment where I used to look at the Order to cash Idocs ( Orders/Invoices/bank payments etc.)
Also you train the users to look at Idocs and recognise and fix errors, so they are not totally dependent on you.
But Workflow is the best solution according to me.
Regards -
How to configure end user for CallManager 5.1
Hello everyboy
I am trying to configure the end user to have access to callmanager, because I want the people can configure the speed dial, I know that release 4.2 you just configure the user/password and the peple can log in to http://<ip_address>/ccmuser and that was all.
But in this relese 5.X the server replies denied access.
Could someone help me with this issue PLEASE
REGARDS
WALTER FLORESHi Pklos
Thank very much for helping me it worked User Roles>Standard CCM User then add users.
Than very much.
Walter Flores -
Shared Schemas Enterprise User Security.
Hello,
I currently have externally authenticated users setup. With each user having his own schema.
My enviromnent does not need users to have seperate schemas. There will be a Prod, Train and Test environments. My question is what is the best way to implement database access. Should I stick with my current environment and grant privledges to allow users to access the same schema. Should I create a global schema and create Enterprise users and map those users to that schema. Should I create the different environments as global schemas in one database or create three separate databases. Any Suggestions. The documentation does not give real world solutions.
Thanks in advance!!!If you're not using DB 10.2 this is the "expected" behavior for the DB. See also metalink note 351170.1 "Enterprise Users Can Connect to a Database when the OID Account is Disabled"
regards,
--Olaf -
How to configure enterprise email server on Yosemite os x
Hi everyone? My server works on Yosemite OS X 10.10. I want to configure enterprise email server. And is someone configured enterprise email server on Yosemite OS X 10.10? What applications need to configure enterprise email server? If someone solved this issue, please tell me.
BR, JamesEugene Mirgorodskiy wrote:
Now the system log is removed one week after the creation but I need to store it permanently.
It's not really "removed". The system log is "rotated" out, at least partly to avoid having it grow too large. The older log information is in a series of files named like "system.log.0.bz2, system.log.1.bz2, etc. A file of type ".bz2" is a particular type of compressed file. Eventually the oldest of those files will be deleted. If you want to keep those forever, I'd copy off the oldest of those files on a regular basis to some other location. -
Hello everybody i use Oracle Database EE 11.2.0.4 with DG.
In those cases i need to get Enterprise Manager Database Control running against DB with no RAC and no DG i perform the following steps:
I Logon SQLPLUS as user SYS or SYSTEM, and drop the sysman account and management objects:
DECLARE
CURSOR c1 IS
SELECT owner, synonym_name name
FROM dba_synonyms
WHERE table_owner = 'SYSMAN';
BEGIN
FOR r1 IN c1 LOOP
IF r1.owner = 'PUBLIC' THEN
EXECUTE IMMEDIATE 'DROP PUBLIC SYNONYM '||r1.name;
ELSE
EXECUTE IMMEDIATE 'DROP SYNONYM '||r1.owner||'.'||r1.name;
END IF;
END LOOP;
END;
DROP USER mgmt_view CASCADE;
DROP ROLE mgmt_user;
DROP USER sysman CASCADE;
After that i run
emca -config dbcontrol db -repos recreate
But what should i do in cases i have 2 servers working (primary and standby) under DG rules?Hi ,
It is not possible to monitor/administer a Logical or Physical Standby database, i.e Data Guard, using Enterprise Manager Database Control. This is primarily due to the fact that Database Control is designed to monitor 1 database and a Data Guard environment, by definition, includes more than 1 database.
If you attempt to run emca against a standby Database, you will get an error like (i.e. ORA-01219: database not open).
Database Control, can, of course, be used to monitor the current Primary database (with no ability to administer or monitor Data Guard related functionality). In such a case, when failover occurs Database Control must be reconfigured to run on the new Primary database using the commands detailed in Note 278100.1 How To Drop, Create And Recreate DB Control In A 10g Database, section C. Recreate/ReConfig DB Control, Option 2. Recreate the DB Control Configuration Files and Repository.
Enterprise Manager Grid Control or Cloud Control provides the functionality for viewing, monitoring, and administering primary and standby databases in a Data Guard configuration.
Reference: Is it Possible to Configure Database Control for a Logical or Physical Standby Database? (Doc ID 315116.1)
You can use EM 12c cloud control to monitor and manager Standby DB effectively
Ref to below link for details
Set Up and Manage Oracle Data Guard using Oracle Enterprise Manager Cloud Control 12c
Regards,
Rahul -
How to configur external user to bi publisher
hi all obiee gurus
how to assign we are maintaining all the users in external table
problem is ,i could not able to login into bi publisher with other user except Administrator
can any one help me out from this issue
Thanks
Sreedharhi kishore
what ever you mentioned, everything is there in bi-publisher security configuration
select Security Model as: Oracle BI Server
Connection String:jdbc:oraclebi://xxxx.xxxxx.xxxx.com:9703/
then user name and password for Administrator
Database Driver Class : oracle.bi.jdbc.AnaJdbcDriver
even though i could not able to login with users which are in table
any configuration i have to do apart from this
Error
The server can not be used due to a configuration error, please contact the administrator. If you are the administrator, please consult BI Publisher user guide for proper configuration.
Error Detail
this error i am getting wen i was logining with users
Thanks
Sreedhar
Edited by: 791907 on Oct 11, 2010 6:17 AM
Maybe you are looking for
-
WVC54GCA dropping wireless connection
why does my WVC54GCA keep dropping and reconnecting to my wireless network? Saturday, August 29, 2009 Network Camera (Linksys) joined the network 10:41 PM Network Camera (Linksys) left the network 10:37 PM Network Camera (Linksys) joined the network
-
I'm a CC member, how can I troubleshoot reinstalling my CC & apps on my second computer?
I am a CC member trying to install CC on my second computer, but the CC menu stays blank. I had tried migrating my Adobe CC & apps over to my new laptop, but was prompted to re-download when I tried to open the apps. I was able to re-download CC, and
-
Latest update of Dreamweaver CC - crash all the time - bye bye Dreamveaver
This is not a bug report, this is a resignation letter. I have been using Dreamwaver for almost a decade. And now I'm FED UP with the instability and the unreliability of this software. I have downloaded the latest update and: 1) CPU Hog, Dreamweaver
-
It's all in the title.
-
Local-hostname-already-in-use message regularly appearing
I have seen some earlier posts here about this problem but no one seems to have resolved it. Often when I wake my iMac (Intel, 10.5.4) from overnight sleep there is a message greeting me "This computer's local hostname 'XX.local' is already in use on