How to configure security groups creation in OID through LDAP sync

Similar Messages

• Intaract with oid and bring the all groups resides in oid through ldap

  Hi,
  i would like to intaract with oid and bring the all groups which were resides in
  oracle intrnet directory through ldap. can u please give me the procedure
  that i can follow or else suggest me a documentation regarding this .
  regards,
  srinivas

  try this (behaviour not garranteed):
  For local groups (groups within the Portal's group install base) you can program a loop on the table PORTAL.WWSEC_GROUP$ then read the column NAME.
  For non local groups, use the (unsupported) API wwsec_oid (function get_group_name_from_dn(wwsec_group$.dn) ) instead of reading the NAME column.
  If the result is incomplete (synchro issues with OID for instance due to DIP) you'll have to use ldap request with DBMS_LDAP package.(or java alternative, of course)
  Patrick.

• How to set security group as primary site collection admin and secondary site collection admin using powershell in sharepoint online site - office 365?

  How to set security group as primary site collection admin and secondary site collection admin using powershell in sharepoint online site - office 365?

  Hi,
  According to your description, my understanding is that you want to set security group as admin of primary and secondary site collection using PowerShell command in office 365.
  I suggest you can use the command below to set the group to site owner, then it will have the site collection admin permission.
  Set-SPOSite -Identity https://contoso.sharepoint.com/sites/site1 -Owner [email protected] -NoWait
  Here are some detailed articles for your reference:
  https://technet.microsoft.com/en-us/library/fp161394(v=office.15)
  http://blogs.realdolmen.com/experts/2013/08/16/managing-sharepoint-online-with-powershell/
  Thanks
  Best Regards
  Jerry Guo
  TechNet Community Support

• How to configure Security services in OSB 11g..

  We are integration OSB with BANK application, we will be using SSL certificate for the same.
  Please help how to configure security policy in OSB.
  I checked below link policy defination
  http://tim.blackamber.org.uk/?p=825
  but in OSB proxy service we are not able see Policy button.
  Please help.
  Thanks,
  Mihir

  Please post your query in SOA Suite forum -
  SOA Suite
  Regards,
  Anuj

• How to configure security realm for Active Directory ?

  Hi,
  Can any body suggest how to configure security realm in weblogic 8.1
  I have simple login page where in user can enter his credentials, and i have MS-Active Directory where we maintain all users.
  users who loged into web application has to be authenticated from Active Directory.
  please suggest what are the steps that we need to follow
  thanks in advance

  Hi Sankar,
  You can login to the weblogic server admin console and create a new realm.
  Once you have created the realm you can add the authentication provider.You add the Active Authentication Provider.But you must have the the configuration inforamation of MS AD.You can read my blog http://dev2dev.bea.com/blog/bishnu_kumar/
  where the integration is with iPlanet LDAP.Steps will be similar.
  You must have a login portlet in your portal application and that should have been in accordance with j2ee security standards.For example you may use basic authentication or userlogin control or p13n API
  Regards
  Bishnu

• How to configure security policies like account locking, account expiry in portal application?

  Hi All,
  Can anybody pls tell me how to configure security policies like account locking,
  account expiry in portal application? By default, it has a 30 minutes lock period
  after 5 retries. But if I want to set other values or want to unlock account of
  a user, then what to do ?
  TIA,
  Sudarson

  I have read the SSO admin guide, and performed the steps for enabling SSL on the SSO, and followed the steps to configure mod_osso with virtual host on port 4443 as mentioned in the admin guide.
  The case now is that when I call my form (which is developed by forms developer suite 10g and deployed on the forms server which is SSO enabled) , it calls the SSO module on port 7777 using http (the default behaviour).
  on a URL that looks like this :
  http://myhostname:7777/pls/orasso/orasso.wwsso_app_admin.ls_login?Site2pstoreToken=.......
  and gives the error :
  ( Forbidden
  You don't have permisission to access /sso/auth on this server at port 7777)
  when I manually change the URL to :
  https://myhostname:4443/pls/orasso/orasso.wwsso_app_admin.ls_login?Site2pstoreToken=.......
  the SSO works correctly.
  The question is :
  How can I change this default behaviour and make it call SSO on port 4443 using https instead ?
  Any ideas ?
  Thanks in advance

• How to configure sub-groups in the UME (Group Path) using AD/LDAP

  I trying to find examples and/or documentation on how to bring all the sub groups within a OU.  I could also use a definition of what a 'sub-group' is.  We are trying to configure a datasource as Microsoft AD read-only & database.  I have been able to bring the users in.  I'm try to access groups that are marked by 'Security Group - Global'.  Any details on the following would be appreciated:
  1) what types of groups can are supported (Security Group Global vs Local)
  2) does the system support nested OU structures
  3) how to filter group listing (examples!)
  4) case sensitive?
  For example:
  OU=Org1,OU=Org2,DC=abc,DC=company,DC=com
  OU=Org1,OU=Org2,DC=abc,DC=company,DC=com;(&(objectClass=group));distinguishedname
  trying to return ADGrp1, ADGrp2,ADGrp3 from within Org1
  Thanks!
  Message was edited by: Bill Barthel
  Message was edited by Bill Barthel to make this question active again!

  The language specification for this is on ship to site location language
  So what we do is we defined a language column in rdf to derive the language. So based on the input parameters
  I have to print like
  <?for-each:G_C_DEL_CUSTOMER_ID?><?if:XX_CF_LANG='US'?>
  Logo company name and address( This should be repeate for every page)
  <?start:body?>
  then ship to address
  no of pak pack type item qty
  <?for-each:G_INVENTORY_ITEM_ID?>
  <?for-each:G_DELIVERY_DETAIL_ID2?><?NO_OF_PACKAGES?> <?CF_CONTAINER_ITEM?> <?CF_ITEM_CROSS_REF?> <?PICKED_QUANTITY?> <?end for-each?>
  Total Quantity ( here I want to total the quantity, where I need to refer the group values that is ended
  <?end for-each?>
  grand total :<?XX_CF_TOT_QTY?>
  <?end body?> -- I dont know why if I use start body tag, the grand total table is getting repeated
  <?end if?>
  Please help me to resolve this issue

• In UCM, How to setup Security Group based conversion of PS files?

  Hello, everyone.
  Some of my PS Format files need converted to PDF format, some do not. So, I created group 1 and group 2 in the security group. And installed gs8.54 and PDFc components.
  The present result (situation) is all the PS format files are converted into PDF, but I would like that the ps format files in group 1 can be converted by selecting Distiller, the ps format files in group 2 can not be converted by selecting PassThru.
  Who can tell me how to create content server filters and configure the conversion based on security groups?
  Thank you very much!
  By the way, my mother tongue is not English. So please use simple English as possible as you can. Thanks!

  Hi
  The best possible way to get this requirement done is to use SelectivelyRefineandIndex component. With this component you can create conditions and put it in the resource file for the component such that we can have only contents that are checked in to Sec Grp 1 be sent to refinery and those not belonging to this will not be sent.
  The same way one can also create conditions to FullText index contents or not based on any condition that is put in the resource file for this component.
  I believe you should be able to get the requirement sufficed with this component .
  More details are at :
  http://www.oracle.com/technology/products/content-management/ucm/samples/selectivelyrefineandindex-20080515-5.zip
  Just go through the readme with the component and you will be able to get going with this component.
  Hope this helps
  Thanks
  Srinath

• Security Group Creation in Specific OU and Create Network Share For the Security Group

  Hi,
  We would really want to create a PowerShell script that creates a specific Security Group within a selected Organisation Unit.
  Brief Scenario;
  We have created several Organisation Units. Each Organisation Unit contains another Organisation Unit called users. 
  +OU=Netherlands
  ++OU=Company A
  +++OU=users
  ++OU=Company B
  +++OU=users
  And so forth.
  If we run the PowerShell script it should create a list of all the Companies in container Netherlands. After the list is created it creates an output like 1. Company A; 2. Company B. (Forearch ..)
  The script asks for user input where to create the Security Group. If user selects option 2, a security group Called "Company B" is being created. All the users located in the Organisation Unit users within Company B are joined to that group. (Sets
  option 2 as a value like Security Group = "$Company B", create Security Group "Universal, Global (option), and get all users from container users and join them)
  Then without user interaction a share is being created. Granting Domain Administrators full access and the Security Group which has just been created.
  Is somebody able to help me with this kind of script?
  Thank you in advance,
  With kind regards,
  Danny Locorotondo

  Already gathered some information. Have this as a result. Now I need to figure out how to put the results into a list, so the user can select the group. As far as now I am stuck.
  Import-Module ActiveDirectory
  Function SelectCollectionRelease 
      [CmdletBinding()]
      Param
          [Parameter(Mandatory=$true,
                     Position=0,
                     HelpMessage='Enter the Release of the Collection. By example: Alfa,Beta or Charlie')]
          $CollectionRelease
      IF(!$CollectionRelease)
          write-host "`n You did not select a proper Collection Release" -foregroundcolor "red"
  SelectCollectionRelease 
      Elseif($CollectionRelease)
      [string] $OUPath = "OU=$CollectionRelease,OU=VDI,OU=carsystems,DC=carsysdev,DC=local"
  if (!([adsi]::Exists("LDAP://$OUPath"))) 
  write-host "`n Collection Release does not exists" -foregroundcolor "red"
  SelectCollectionRelease 
  else
  write-host "`n Collection Release exists." -foregroundcolor "green"
  write-host "`n Selected $OUPath ..." -foregroundcolor "yellow"
  Get-ADGroup -SearchBase "OU=$CollectionRelease,OU=VDI,OU=carsystems,DC=carsysdev,DC=local" -filter {GroupCategory -eq "Security"} | Format-List -Property Name
      Else
          //$SecurityGroup = Get-ADGroup -SearchBase "OU=$CollectionRelease,OU=VDI,OU=carsystems,DC=carsysdev,DC=local" -filter {GroupCategory -eq "Security"} -and (ObjectClass -eq "user")
  SelectCollectionRelease 

• HELP : how to change security group of a document in UCM

  Hello all,
  I'm working with UCM a few weeks ago, but I cannot find a solution for this problem :
  I have defined two security groups and two roles,
  SECURITY GROUP ROLE
  A ---------> ROLE_A (RW)
  B ---------->ROLE_B (RW)
  Then I have two Local pages and access is controlled by security group :
  LOCAL PAGE SECURITY GROUP
  FOLDER_A -----> A
  FOLDER_B -----> B
  Then i have users A1,A2,...An for role A, and B1,B2 ...Bn for role B, but they are NOT administrators.
  The problem comes when an error is detected in a document by a B user, and I need that user to be able to set the security group of the document to 'A', so that users in role A can fix the problem, for example. The thing is that it seems that if you are not an administrator you cannot edit the security group of a document and in my case regular users have to be able to do that.
  I would like a way to have different groups of users (or roles), collaborating toguether and sending documents from one another, but with limited responsabilities. But once the document is under a security group, the users belonging to roles with no access to that sec. group should not be able to view or edit the document.
  They will be able to act on the document if the security group is changed to something they can access.
  Any help on this will be greatly appreciated.
  Thanks and regards,
  Plan.

  Hey Plan,
  thats the way UCM works. that is only one part of the problem, your user will also need RW permission on the other security group to add a content in there. So only changing the security group is not the solution to your problem.
  You may look at the collaboration/workflow functionality offered by UCM.
  cheers,
  swapnil

• Filter AD Security Group and add member through visual webpart

  Hi All,
  I want to know how to Filter AD Security Group and add members to it from SharePoint 2013 Visual webpart, where i have multiple domains as well.
  Regards
  Rathanavel
  Rathanavel

  SP doesn't interrogate AD groups (DL's or SG's)... you'll need to query AD directly (ADSI).
  Scott Brickey
  MCTS, MCPD, MCITP
  www.sbrickey.com
  Strategic Data Systems - for all your SharePoint needs

• How to configure Wake On LAN to work through the Internet?

  I'm using an iOS app to wake my desktop computer. It works perfectly fine when I'm within my WiFi range. However, when I'm out of my Linksys E3000 access point, it no longer works over the Internet. So, if anyone can point me to documentation that have step by step instruction on how to configure this through the Linksys E3000 access point, I'll be grateful.

  Hi ohgosh,
  I believe your computer is already configured and has all the requirements for Wake on Lan since it works locally. To do it remotely you need to open the regular port numbers used for WOL like UDP ports 9 and 32767. Your desktop IP address must be set to static because that's what you need to enter on the port forwarding page of your router. You may use this link below for instructions on how to do port forwarding on your router.
  http://kb.linksys.com/Linksys/ukp.aspx?vw=1&docid=d9b27a0c1bb9496d8c22d0d55f875ddf_17241.xml&pid=80&...
  Another option is to set up DynDNS on your router. With this, you need to subscribe to DynDNS.com. I found some online links that could help you enable WOL remotely:
  http://kb.linksys.com/Linksys/ukp.aspx?vw=1&docid=3ff9013e9f4f4a0b9d9805b0697407b7_4578.xml&pid=80&r...
  http://lifehacker.com/5786791/rule-your-computer-from-afar-by-setting-up-wake+on+lan
  http://www.dslreports.com/faq/9389
  http://www.teamviewer.com/en/res/pdf/TeamViewer-Manual-Wake-on-LAN-en.pdf
  Hope this helps!

• How to configure security so users can delete their own file(s)?

  I have configured our file server so that all users can write/modify in any other user's folder. However, it seems that they cannot delete their own file(s) in another user's folder. Do I have to give all users the "Modify" but not Full permission
  so that every user can delete their own file or folder even if it's in another user's folder? I still do not want user A to delete/modify any files/folders that user B originally created.
  Any help is much appreciated.

  Hi,
  Based on my research, if a user can rename a file/folder, then he/she can save it using the original name, there is no way to prevent this via permission assignment.
  You may need to use scripts to achieve this.
  Best Regards,
  Amy Wang

• AAA:How to separate the group authentication on Switches through Radius/Tac

  Hi,
  Currently my ACS is being integrated with AD and all the users can access my IOS devices (configured AAA). I only need one group in my AD to access my IOS devices and another group to use VPN access or any other authentications.
  Can anyone tell me how to restrick all other groups in AD to access my network devices except one group in AD which I only want to allow access to my network devices.

  I wanted to do the same thing with the Active Directory where I only wanted on group called "network admin" to have access to my switches. I have 3 ACSs appliances and 100 switches. This is my setup.
  On the ACS Create a "Network Device Group" under NETWORK CONFIGURATION. I called this group "TACACS+ Switches".Once the group is created add all your AAA clients which are your switches.
  (you can accomplish that by first going under INTERFACE CONFIGURATION-click on "Network Device Groups" this will enable the ACS to allow you to create "Network Device Groups" also check the "Group-Level Access Restrictions")
  Then click on GROUP SETUP. edit the 0:default group and disabled that group.Then select a agroup available from the group list and rename the group "Network Admin" and map that group against the AD group named "Network Admin".
  Once that group is correctly mapped.Go back to GROUP SETUP and edit the "Network Admin" group.Within the group you will see an option called "Netwrok Access Restriction (NAR)"
  Click the option DEFINE IP-BASED ACCESS RESTRICTIONS. From The AAA Client drop down menu select the "NDG:TACS+ SWITCHES" for the port enter "*" (asterick) for the address you can specified the the network in whic the switches are residing in my case I used "10.*.*.*" the wild cards will allow any network on the 10. network. then click "enter"
  This is a high level overview on how I did my setup. Remember to properly define your AAA statement under your Cisco IOS switches.
  I hope this help!!

• How to configure Integration B2B to request and process AS2 Sync MDN

  Hi,
  Is it possible to configure B2B to request and process sync MDN in Custom Document Over Internet scenario?
  I have set up the TP Delivery Channel's Acknowledgement mode to Sync but It does not work for outgoing documents. Our trading partner sends back MDN over the same https connection but it only results in an error. The business message status of is Wait Ack for few minutes and then changes to Error:
  Business Message Details
  Collaboration          
  Revision          
  Business Action          PROCESS
  Revision          1
  Process Protocol          
  Exchange Protocol          AS2 - 1.1
  B2B Message Id          1036
  Protocol Message Id          <1036@as2test>
  Protocol Collaboration Id          
  Receive Time Stamp          April 21, 2009 2:37:43 PM
  Send Time Stamp          April 21, 2009 2:37:43 PM
  Acknowledge Mode          Sync
  Reply Mode          Async
  Agreement          TP_TEST_AGR
  Message Date Time          April 21, 2009 2:37:43 PM
  Error Code          AIP-50079
  Message Type          
  State          Error
  Remaining Retry          0
  Acknowledge Type          Document Exchange
  Direction          Outbound
  Time To Acknowledge          
  Sending Trading Partner          HOST_TEST
  Wire Message          View
  Correlated Message          
  Payload          Payload
  Transport error: [IPT_HttpSendError] HTTP encounters send error :.
  Premature EOF encountered
  Also our trading partner reports that he gets the message six times during the time between Wait Ack and Error status and each time send Ack. Nothing is visible in b2b.log in that time.
  When we switch to Async Ack, B2B also sends message six times and each time receives Async MDN. This time however, each MDN is received and processed correctly. Our request has status Complete, until the 6th Ack is received, then it changes to the same error as above.
  Have any of you experienced above error? Is it at all possible to process AS2 MDN's correctly especially in Sync mode?
  Thank you in advance.

  Just consider your BPM is receiver, and sender:
  Src --> BPM  (BPM is Receiver)
  ==========
  Sender Agreement (If it is IDOC or HTTP, then you do not have to create)
  Commnunication Channel
  Receiver Determination
  Interface Determination    
  BPM --> Target (BPM is sender)
  ============
  Receiver Determination
  Interface Determination    
  Communication Channel
  Receiver Agreement
  If your BPM interact with other systems, you will have more Receiver Determination and Interface determination, possible Receiver agreement
  Hope this clear your doubts
  Liang