How to configure security realm for Active Directory ?

Similar Messages

• How to configure multiple domains in Active directory

  HI,
  How can I configure multiple domains on Active Directory. When I installed AD it asked for a domain name, there I gave ravigupta.com as domain name. But now I find no way of creating another domain.
  I am a java developer and my task is to write a programme which returns all the domains available in LDAP server.
  To start with ,I tried to create few domains in LDAP server ( AD ) but stuck up ,as i found there could exist only one domain.
  Please tell me how to configure multiple domains in LDAP server ( Active Directory).
  I skiped DNS configuration while AD installation.
  -ravi

  I'm sorry, but you should be asking on a different forum. This has nothing to do with Java.

• Configure security realm for external Access Manager in App server 8.1

  Hi All,
  I would like to protect my j2ee application using access manager running on an external host.
  I would like to configure the security realm in Sun app Server 8.1 for the external Access Manager
  external host & port of AM is:
  http://svrd234d.dnn.com.au:58765
  Please verify if these are the correct settings for the agentRealm configuration on Sun App server 8.1.
  classname="com.sun.amagent.as.realm.AgentRealm"
  property name="jaas-context" value="agentRealm"
  property name="base-dn" value="ou=People,dc=dnn,dc=com,dc=au"
  property name="hostURL " value="http://svrd234d.dnn.com.au:58765"

  Did you download AS8.1 agent under http://www.sun.com/download/products.xml?id=4266924d?
  If you can unjar am_as81_agent_2_1.jar after installing the J2EE agent, you will find AgentRealm.class under com.sun.amagent.as.realm.
  Please also note that page 161 of J2EE agent guide shows how to disable AgentRealm to better fit your agent policy mode. Check it out http://docs-pdf.sun.com/816-6884-10/816-6884-10.pdf
  Jerry

• How to create an OracleContext in Active Directory ?

  Hi all,
  I just installed Oracle Application Server 10g (9.0.4) on a Windows running Active Directory. I would like to demonstrate AD capability to manage Enterprise User Security (as OID is capable of).
  When I run Net Configuration Assistant to setup Directory Usage for Active Directory, it can read AD because it gives a message telling that OracleContext has to be created. So, it ask me for a "User DN" and a password.
  I have tried all possibilities I could thing of to get connected but none of them work.
  The most obvious DN I tried was: cn=Administrator,cn=Users,dc=lab,dc=test (for my lab.test domain).
  I get "Authentication error", "Unkown error" but could get through it.
  Does anybody gone through this yet ?
  Thanks a lot for help out

  Answer provided by Oracle Support:
  " You cannot use AD directly for authentication. You need one OID/ OVD in the middle. AD cannot be used directly for Enterprise User Security. "

• Verification of prerequisites for Active Directory preparation failed

  We currently have Windows Server 2003 SBS, SP2, Domain Controller. Would like to add Windows Server 2012, Standard, 64-bit as a backup domain controller.
  "Verification of prerequisites for Active Directory preparation failed. Unable to perform Exchange schema conflict check for domain sxxxx.local.
  Exception: The RPC server is unavailable.
  Adprep could not retrieve data from the server name.xxxxx.local through Windows Managment Instrumentation (WMI).
  [User Action]
  Check the log file ADPrep.log in the C:\Windows\debug\adprep\logs\20130417103902-test directory for possible cause of failure."
  What the log says is really:
  "Adprep encountered a Win32 error. Error code: 0x6ba Error messa The RPC server is unavailable."
  Can anyone has similar experience shred some lights to troubleshoot this? Have reviewed
  other links that have similar probems but that doesn't help. 
  Many Thanks!

  Of course I CANNOT remove Symnatec as Meinolf suggests. That would be out of my mind!! I tried to stop all their services though which doesn't help. I know this has nothing to do with Symantec. Here comes another test, the final one:
  Test 8
  This article is really good as it concludes very thoroughly about the problems about "800706BA - RPC Server Is Unavailable" and other WMI query issues:
  http://goo dot gl/l2iha
  I started looking at he ISA 2004 on our SBS 2003.
  Tried to disable the RPF Filter:
  a. Open Microsoft Internet Security and Acceleration Server 2004
  b. Go to Configuration > Add-in and location RPC Filter on the right side, right-click on it and select Properties, uncheck 'Enable this filter'
  c. Hit Apply....
  d. Now I go back to Windows 7 and test the WMI query.
  The result: it WORKS! 
  e. Next, I tried that on the Windows Server 2012 like so:
  c:>wmic /node:sbs2003servername computersystem list brief /format:list
  It also works!
  f. Next also on Windows Server 2012, I continued on what was left over.  I did the "Rerun prerequisites check " and no surprise - "All prerequisite checks passed successfully. Click 'Install' to begin installation"!
  Well that concludes the problem of installing Windows Server 2012 (standard) as a backup domain controller to a Windows SBS 2003 domain controller and the  troubleshooting process that finally led to a solution that solves my problem. Thanks for all
  the discussions over the web. Every bit counts!
  Well if this helps you in some way, give me some points to buy beer! I am going to have a drink with Bill, Cheers! 

• How to configure Security services in OSB 11g..

  We are integration OSB with BANK application, we will be using SSL certificate for the same.
  Please help how to configure security policy in OSB.
  I checked below link policy defination
  http://tim.blackamber.org.uk/?p=825
  but in OSB proxy service we are not able see Policy button.
  Please help.
  Thanks,
  Mihir

  Please post your query in SOA Suite forum -
  SOA Suite
  Regards,
  Anuj

• Query on DNS setup for Active Directory for a new data center

  I have third party DNS appliances providing DNS Service for Active Directory (Windows 2008 R2) and there are also secondary DNS servers, which are MS DNS server with a secondary zone configured, for redundancy. I have to setup a new data center
  and move servers/services to this data center. In this scenario, can I install a new Microsoft DNS server with a secondary zone and use this as the primary DNS Server for all the member servers at this new location ? I am aware that this new DNS server will
  not be able to make any updates to the secondary zone and for that purpose, is there anyway to redirect such requests to the DNS appliances in my current data center across the WAN ? I am trying to avoid purchasing a new DNS appliance for the new data center
  and want to know what are the alternatives I have.
   

  im not entirely sure by your setup, as normally you would use AD integrated zones for DNS in an AD environment - although there are other options as you have already setup.
  the fact the zone is a secondary zone in DNS server terms doesn't mean you can't point your clients to it as their primary dns server. They will quite happily resolve names using a secondary server.
  so as long as your dns devices are correctly setup to support the additional secondary zone I see no reason why you couldn't do this.
  Regards,
  Denis Cooper
  MCITP EA - MCT
  Help keep the forums tidy, if this has helped please mark it as an answer
  My Blog
  LinkedIn:

• How to configure security policies like account locking, account expiry in portal application?

  Hi All,
  Can anybody pls tell me how to configure security policies like account locking,
  account expiry in portal application? By default, it has a 30 minutes lock period
  after 5 retries. But if I want to set other values or want to unlock account of
  a user, then what to do ?
  TIA,
  Sudarson

  I have read the SSO admin guide, and performed the steps for enabling SSL on the SSO, and followed the steps to configure mod_osso with virtual host on port 4443 as mentioned in the admin guide.
  The case now is that when I call my form (which is developed by forms developer suite 10g and deployed on the forms server which is SSO enabled) , it calls the SSO module on port 7777 using http (the default behaviour).
  on a URL that looks like this :
  http://myhostname:7777/pls/orasso/orasso.wwsso_app_admin.ls_login?Site2pstoreToken=.......
  and gives the error :
  ( Forbidden
  You don't have permisission to access /sso/auth on this server at port 7777)
  when I manually change the URL to :
  https://myhostname:4443/pls/orasso/orasso.wwsso_app_admin.ls_login?Site2pstoreToken=.......
  the SSO works correctly.
  The question is :
  How can I change this default behaviour and make it call SSO on port 4443 using https instead ?
  Any ideas ?
  Thanks in advance

• Setting disk quota on Mac server for Active Directory users

  I'm having trouble setting disk quotas for Active Directory users with home folders on our Mac server.
  I've enabled disk quotas on the disk I'm putting home folders on, and I can set disk quotas for local users on the server just fine. But it doesn't seem to work for Active Directory users. I've tried setting disk quotas via Workgroup Manager and via the command line using edquota. But when I use the repquota command there is no quota entry for the AD user. I've run quotacheck and that didn't help either.
  I also understand there's a setquota command but there's no man page on how that works.
  Has anyone got disk quota for AD users working.
  Better still has someone got a shell or perl script for setting quotas they could post.
  Thanks
  - Cameron

  sorry.. I am soooooo stupid... I have to activate "File Sharing" as well.. for the user everything was already pre-activated, not for the AD users, I just saw the Time Machine checkbox grayed out ...

• How to configure release procedure for rate contracts release

  Dear all,
  How to configure release procedure for rate  contract following are the requirements
  they are two release codes c1 & c2 <=100000,>=100000
                  if  c1 is not there c2 has to be approved
       Change in the value of the rate contract contract
       Change in the validity of the rate contract
       Addition of deletion of line items
  While using a non u2013 released rate contract in the PO an error message should shoot out.
  Also the logic should be changed while using the rate contract in the PO.
  The usage of the rate contract should be till the validity of the rate contract. i.e. the measurement should be end date of the rate contract and the PO creation date and not the delivery date of the PO. &
  It should be possible to refer existing valid rate contracts in purchase orders.
  Regards,
  bhaskar

  Hi,
  In SAP rate contract is known as value contract denoted with wk. The release procedure for rate contract is same as that of other contracts and scheduling agreements. The tables  for contracts will vary with SA (Scheduling agreement) .You may try and maintain condition records based on the customer combination and maintian the validity date of condition records as per your requirement.For contract and PO will have the same header/item table as EKKO/EKPO, and the release
  class in standard is the same FRG_EKKO, you can use the same for contract.
  To distinguish if it's a contract or PO, EKKO-BSART can be used.
  For contract EKKO-BSART will be MK or WK, while PO will have NB/UB etc..
  You can restrict the document type to set up the release strategy for only contract.
  Of cause, you can also create your own release class Z* for contract copying standard
  one FRG_EKKO via CL01/Class type 032, and then assign the class Z* to customizing:
  OLME:
  -> contract
  ->Release Procedure for Contracts
  ->Define Release Procedure for Contracts
  ->Release Groups
  If you have already created the PO release class.
  Assign a new chracteristic of Document Category -BSTYP
  Please check below link for detailed release procedure. I hope this wil help you out .Thanking you.
  http://wiki.sdn.sap.com/wiki/display/ERPSCM/RELEASE+PROCEDURE#RELEASEPROCEDURE-TABLESUSEDFORRELEASEPROCEDURES

• How to save HR data in Active Directory using ABAP i.e thru LDAP Connector

  Hi All,
         Can any one please help me out how
         to save HR data in Active directory
         using LDAP Connector ?             
         Please help ASAP as it is very urgent .
  Thanks
  Jitendra

  There are 100 of such scripts are there online.
  here are few tips and codes. you will get more.  
  https://gallery.technet.microsoft.com/scriptcenter/Feeding-data-to-Active-0227d15c
  http://blogs.technet.com/b/heyscriptingguy/archive/2012/10/31/use-powershell-to-modify-existing-user-accounts-in-active-directory.aspx
  http://powershell.org/wp/forums/topic/ad-import-csv-update-attributes-script/
  Please mark this as answer if it helps

• How to save hr data in Active directory  using abap

  Hi all
  can any one please help me out how to save hr data in Active directory using LDAP connector
  please help as this is very urgent requirement
  thanks in advance
  Thanks
  Chanti

  What form do you have the user's name in ?
  ANTIPODES\alberteString searchFilter = "(&(objectClass=user)(samAccountName=alberte))";[email protected] searchFilter = "(&(objectClass=user)(userPrincipalName=[email protected]))";Albert EinsteinString searchFilter = (&(objectClass=user)(givenName=Albert)(sn=Einstein))";or using Ambiguous Name Resolution (anr)String searchFilter = "(&(objectClass=user)(anr=Albert Einstein))";or it's even clever enough to useString searchFilter = "(&(objectClass=user)(anr=Einstein Albert))";

• How to configure Broadcast messaging for IC Webclient profile

  Dear all,
  How to configure Broadcast messaging for IC Webclient profile. what are the prerequisites for it?
  We are not using EP interface for IC Webclient, then where can I find broadcast messaging URL in SAP CRM system.
  I have checked for the relevant BSP application, but could not find.
  Please help me to configure the scenario successfully, your help will be highly appreciated.
  Best regards,
  Raghu ram

  Hi raghu
  In CRM Broad cast messaging application is CRM _BM,
  Go to easy access u2013 go to favourites u2013 select add other objects - select BSP Applications- then select CRM_BM Application.
  Select that BSP application and test it u2026
  `
  Regards,
  Narsimha

• How to have Secure Connection for File Adapter.Pls help

  Hi All,
  For File to File Scenario
  How to have Secure Connection for File Adapter.
  Pls send links/blogs explaining this scenario.
  Regards

  hi rich
  go through these links
  FTPs connection failed - error ".. certificate rejected by ChainVerifier"
  Re: What is SFTP, FTI channels
  http://help.sap.com/saphelp_erp2005/helpdata/en/e3/94007075cae04f930cc4c034e411e1/frameset.htm
  http://help.sap.com/saphelp_erp2005/helpdata/en/bc/bb79d6061007419a081e58cbeaaf28/frameset.htm
  FTPS implementation question.
  http://help.sap.com/saphelp_nw04s/helpdata/en/43/0e16bfd7b021aee10000000a1553f6/frameset.htm
  Server certificate rejected by ChainVerifier:FTPS server(Points Guaranteed)
  /people/krishna.moorthyp/blog/2007/07/31/sftp-vs-ftps-in-sap-pi
  File adapter
  thanks
  Kunaal

• MOBILE ACCOUNTS ARE BROKEN!!!  At least for Active directory.

  Thanks ben6073 for posting your link to the solution. It worked for me as well.
  I did a clean install of SL, joined the machine to the AD domain using Directory Utility. Restarted and when the other user option finally came up in the login screen it would just shake after entering my credentials. As if I was using the wrong password. I then logged in with the local admin account and using the Directory Utility disabled the mobile account option. I then restarted and was able to log in using my credentials.
  MOBILE ACCOUNTS ARE BROKEN!!! At least for Active directory.
  Thanks ben6073 for the link to a fix. And thank you Rich for the post on google.
  http://groups.google.com/group/macenterprise/browse_thread/thread/2c2502b08bb84c 7a?pli=1
  G

  Greg Plassmeyer1 wrote:
  Thanks ben6073 for posting your link to the solution. It worked for me as well.
  MOBILE ACCOUNTS ARE BROKEN!!! At least for Active directory.
  I had this problem this morning. It went away after I rebooted and ran applejack in "auto pilot" mode. The machine is a macbook pro running Snow Leopard. The account is a mobile account tied to a windows active directory server. Applejack is available from http://applejack.sourceforge.net/. The auto pilot mode cleans out the system caches is /Library and /System/Library - perhaps this is what provides the fix? Just a guess.