How to enable security with users from an LDAP server

Similar Messages

• How to create SynBO with  BAPIs from R/3 server?

  Hi,
  Can I get any documents or links regarding Syncbo creation with BAPIs from another R/3 server. I think I have to create RFC destination for this. The steps for creating RFC destination in Netweaver 2004s is also helpful for me.
  Also I need the required configurations also.
  Regards
  Shemim

  Hi Shemin,
  Refer the following link for Mobile Development Kit
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/21eba3a7-0601-0010-b982-92f1fca3258a
  This will provide you with rules of creating BAPI wrappers and sample BAPI wrappers.
  For creating RFC destination, contact your BASIS team member. You may not rights to do it by yourself. They will also tell the exact prodecure. It start with transaction SM59.
  Regards,
  Rahul

• How to retrieve null-valued attributes from a LDAP server?

  (I posted this in the ES board but then thought this is more of a programmer's question, sorry for the duplication).
  I am using JNDI api to do search operations on a Java Directory Server( part of SunOne).
  However, I found all the attributes that do not have values are automatically filtered out from the search result.
  NamingEnumeration answer = ctx.search(ctxName, filterExpr, cons);
                 while(answer.hasMore()){
                      SearchResult sr = (SearchResult)answer.next();
                      Attributes attrs = sr.getAttributes();
                      for(NamingEnumeration ne = attrs.getIDs();ne.hasMore();){
                           System.out.println("ids:"+ne.next());
                      System.out.println("-------------------------------------------------------");
                     for (NamingEnumeration ae = sr.getAttributes().getAll(); ae.hasMore();) {
                         Attribute attr = (Attribute)ae.next();
                         System.out.println("attrName:"+attr.getID());
                         //System.out.println("attribute: " + attr.getID());
                         NamingEnumeration e = attr.getAll();
                         while(e.hasMore()){
                               System.out.println("  attrVal:"+e.next());
                     }Is there anything I did wrong here?
  Here are a couple of things I noticed,
  1. in a Softerra LDAP browser, those no-valued attributes are not present either. But in JXplorer, I can see the full list that includes the attributes that do not have a value.
  2. I had Schema disabled in the server console.
  Thank you in advance.

  There are only two ways to read data from Directory Server:
  1. a. just fetch the entry
  b. display the content
  2. a. fetch the entry
  b. parse the entry and figure what object classes it is of
  c. lookup each object class definition in the schema and retrieve the attribute list
  d. combine the attributes of the entry with all the "possible" attributes of its object classe(s)
  e. display the content
  Here's for an easy example we can relate to:
  I have the following entry in my DS
    cn=the_duuuuuude,dc=forum,dc=sun,dc=com
    objectClass: person
    cn: the_duuuuuude
    sn: arnaudIf you use method 1, you will get just what is stored in the db. That is:
    cn=the_duuuuuude,dc=forum,dc=sun,dc=com
    objectClass: person
    cn: the_duuuuuude
    sn: arnaudif you use method 2, you will get:
    cn=the_duuuuuude,dc=forum,dc=sun,dc=com
    objectClass: person
    cn: the_duuuuuude
    sn: arnaud
    description:
    seeAlso:
    telephoneNumber:
    userPassword:because when you looked up the 'person' object class you got this:
  objectClasses: ( 2.5.6.6 NAME 'person' DESC 'Standard LDAP objectclass' SUP top MUST ( sn $ cn ) MAY ( description $ seeAlso $ telephoneNumber $ userPassword ) X-ORIGIN 'RFC 2256' )Now the important thing to note is that physically in the database, the attributes description, seeAlso, telephoneNumber and userPassword are NOT stored. It's not that they have a 'null' value. They're just not there. It doesn't stop you from looking up the schema.
  Optimally, in your client, you would fetch the whole server schema and cache it so you have to do the extra round trip for every entry you process.
  The difference you observe with various LDAP browsers might simply be that one uses method 1 and the other method 2.
  Hope this helps wrap your mind around this.
  -=arnaud=-

• How to secure the users from deleting the work items

  Hi all,
  I have a question like this.........whether we could secure the users from deleting the work items by someone in the Project and also assigning a specific user to allow them to delete the idoc. 
  Please help me on this as this is critical.........
  Thanks in advance
  Chakri

  One of t he possible way is, ask the basis team to create users as Service Users and you can determine whether the login user is whether a service or dialog user  by using the a bapi BAPI_USER_GET_DETAIL under the exporting parameter logondata with field USRTYP where if the logged in user is Service user then this field will be populated as S if the user is a dialog user then it will be populated as A.
  Now in more efficient way of fixing this is get the list of users for whom you donot want to give the authorization of deleting workitems and assign the appropriate role for all the listed users...
  for roles and authorizations i hope the basis team is the right team to consult....

• How do i delete a user from my macbook pro?

  How do I delete a user from my macbook pro?

  If you've admin privileges and there are no files in the user account that you want to keep, just go to System Preferences>Users & Groups and unlock it with your admin password. Select the user that you want to delete and click on the minus button. You'll get a warning before you completely delete the user but once it's gone, it's gone.
  Clinton

• How can we prevent a user from entering a value in Parameter Field?

  how can we prevent a user from entering a value in Parameter Field and Select-options Field?

  make it invisible, make it inactive, make it display only.
  if the field is not there or not to be seen the user WILL have problems inputting data.
  BUT once the field is there you can NOT prevent that the user fills it with data.
  all you can do is on PAI check if the data the user inputted was good or bad, and clear his inputs, but you can NOT prevent him inputting something.

• How can i know iphone users from contacts, how can i know iphone users from contacts

  how can i know iphone users from contacts, how can i know iphone users from contacts

  You could open that contact in messages, and your iPhone should say "iMessage" instead of "Message" in the text field. However, this depends wether the contact has iMessage enabled, but it could also mean the contact is using an iPad or iPod touch.
  Make sure that their mobile number is in iMessage, and if the text field says "iMessage", then they are using an iPhone (if they've enabled it).

• How to find solution for avoiding WARNING J2EE SECUR-00100 ********** user-manager (see application/server descriptors) will no longer be supported in the next release of this product

  HI All,
  We are using Oc4j version 10g 10.1.3 , and while starting conatiner  getting below warning , let me know if anyone have solution for this,.
  14/01/10 01:01:29 ********** user-manager (see application/server descriptors) will no longer be supported in the next release of this product!
  Please take the appropriate actions to migrate to an alternative strategy! **********
  2014-01-10 01:01:29.833 WARNING J2EE SECUR-00100 ********** user-manager (see application/server descriptors) will no longer be supported in the next release
  of this product!

  I just checked my BIOS and my current setting is set at IDE although it also mentions that the default should be AHCI. Currently I have a dual boot of Windows 7 (need it for Tax software) and Arch
  So I guess, when I get the new HDD, I will first set it to AHCI and then install the OSes on it. See if NCQ helps any, and if not I will turn it back and re-install (if I have to). I am planning to have Windows only in virtualbox in the new drive.
  Anyhoo, while I was in the BIOS I found two things which I had questions about :
  1) Under Onboard Devices --> Integrated NIC , my setting is currently set at "On w/PXE" and it says the default should be just "On". Would it be ok to change it back to On since its a single machine and its not booting an OS on any server. I just don't want to have to re-install anything now since I will be doing that in the new HDD.
  2) How would I know whether my BIOS would support a 64 bit OS in Virtualbox? I checked some setting under Virtualization, but they weren't very clear.
  I will edit this post and let you know exactly what settings were present under the Virtualization sub-section.

• How can i speak with someone from apple live chat??

  How can i speak with someone from apple live chat??I want to ask something

  Yes, that is the key to it.   In North America live chat is available, though I would question the value of it.   It usually takes ten times longer to 'chat' than to talk or even send an eMail.  Why don't you ask your question here; by far the most realistic means of attracting a reasonably accurate answer.

• How to drag and drop user from one node to other node.

  Dear All,
  How to drag and drop user from one node to other node.I tried but no success.
  What are precautions to be taken.
  Cay anybody kindly explain it.
  Thank you.

  Hello, if you had this message you had created BP....
  Now you don't have to user USERS_GEN this transaction is used only in first action, when you create the user in R/3 and then you pass this user to EBP in the organizational structure.
  Now you have to:
  1) Go to PPOMA_BBP
  2) Double click on organizational unit that you want to put this user (purchasing organization or purchasing group box for example)
  3) Select assign button in the top of the functions in the transaction
  4) Click on incorporates -- position
  5) Put userID that you want to add in this organizational unit
  6) Click Save
  Thanks
  Rosa

• So I've changed my hard drive for an ssd and now I've been told to enable trim now I've got the apple cover will they show me how to enable it with out some program of the internet ?

  so I've changed my hard drive for an ssd and now I've been told to enable trim  ?  now I've got the apple cover will they show me how to enable it with out some program of the internet ?

  Use an app called chameleon ssd optimizer.
  I enabled trim with it after almost a year of having installed a Samsung 840 pro SSD and my read/write speeds almost quadrupled.
  I would definite;y advise using it even though Samsung SSD's come with there own garbage disposal.
  Hope that helps.

• I'm using "window.open()" to show one Calendar in a popup window. I can see that the popup is re-sizable. How can I prevent the user from re-sizing the popup?

  I'm using "window.open()" to show one Calendar in a popup window. I can see that the popup is re-sizable. How can I prevent the user from re-sizing the popup? I have tried "resizable=yes|no|1|0" and that seems to be not working.

  You can't prevent users from resizing a pop-up.
  *https://developer.mozilla.org/en-US/docs/Web/API/window.open

• How can I get properties from my ldap server?

  urgent,I don't know
  how to use the getproperties to get the properties
  from ldap server,anyone help?

  Hi Kevin,
  You could write a portlet that uses the <um:getProfile> and
  <um:getProperty> tag (
  http://edocs.bea.com/wlp/docs40/p13ndev/jsptags.htm#1058056 )
  Or you can do an easier test that requires no coding: If you use the EBCC
  to create metadata about your ldap property set, then you can use the JSP
  portal admin tool to see your LDAP properties for a user. I think if you go
  through the UUP example on dev2dev.bea.com it has instructions for doing
  this with a UUP. Basically, create a property set (a.k.a. "user profile")
  named "ldap" in the EBCC and create properties that match the ones you want
  to retrieve ("telephoneNumber", etc...CASE SENSITIVE). Then access the JSP
  portal admin tool. If you are not using the LDAPRealm as your alternate
  security realm then create a user that you know exists in LDAP and then hit
  the link for the user and search the "ldap" property set and you will see
  their property values. If you are using the LDAPRealm for authentication,
  then this is not a ManageableRealm so you cannot create users (they are
  managed in your LDAP server). So, if you are using the LDAP realm, just
  create the "ldap" property set in the EBCC and go to the user mgmt tools in
  the JSP admin tools and you will see your user. Then search the "ldap"
  property set for your user and you will see the property values.
  Ture Hoefner
  BEA Systems, Inc.
  www.bea.com
  "Kevin" <[email protected]> wrote in message
  news:[email protected]...
  >
  Hello,
  We're trying to retrieve an arbitrary profile and it's attributes from
  a Novell NDS ldap server. I've configured the ldapprofile.jar as
  described in the portal doc:
  http://edocs.bea.com/wlp/docs40/p13ndev/users.htm#1131824
  but the article doesn't go on to describe how to use the configuration
  to actually access the properties.
  I'm unsure as to how to use the com.bea.p13n.usermgmt.profile.ldap
  package to retrieve the information I need.
  Is there some step by step instructions to achieve this as well as
  some sample code to run in a jsp to test this functionality?
  Thanks for any help.
  Kevin
  Ture Hoefner <[email protected]> wrote:
  Hi Eric,
  The LdapPropertyManager handles that for you. All you have to do is
  deploy it. (I'm talking about Portal 4.0). See the docs at "Accessing
  Properties from an LDAP Server" (
  http://edocs.bea.com/wlp/docs40/p13ndev/users.htm#1131824 )
  You will need to deploy the LDAPPropertyManager EJB, located in
  ldapprofile.jar. It is shipped with the product in
  <wlportal4.0-install-dir>/lib/p13n/ejb/ldapprofile.jar.
  Eric Nie wrote:
  urgent,I don't know
  how to use the getproperties to get the properties
  from ldap server,anyone help?--
  Ture Hoefner
  BEA Systems, Inc.
  2590 Pearl St.
  Suite 110
  Boulder, CO 80302
  www.bea.com

• How can I retrive current user information in Content Server's presetation template?

  We need to determine current user is the item's created user or not, so we want to know how to do this?
  we can use <pcs:if expr="'Luke' == createdBy">....,but the 'Luke' is static string,
  so, how can I retirve current user name in Content Server's presetation tempalte?

  I don't know that this is possible in a direct fashion. (and, btw - thank you for asking this question. I realized we'll eventually need exactly the same thing so looking at this helps me as well :).
  I'm quoting dev support from another posting on making community comparisons dynamic:
  "This won't work because the pcs: tags are evaluated on the Content Server during the publish operation, resulting in a static HTML file that still contains the raw pt: tags. This same HTML file will be displayed in all of your communities. The pt: tags are evaluated on the portal server right before it returns content to the user, this allows the single HTML file to show a different name in each community. "
  So the gist of things is that content server acts dynamic to you and I through the editing UI, but is really publishing static content. The values at run-time are not directly available to the PCS operators because...well...the PCS stuff is already done. It produced the static HTML showing up in the portlet.
  There appear to be two immediate options:
  Use the transformer tags to publish the user's name at run-time. Have the PCS and Transformer tags write their values into javascript strings and then compare this client-side. My response: "meh" Not for the purist, but I'm so far down the non-purist path at this point it just doesn't matter any more to me. Simple and to the point, but has known risks. Probably the easiest way to go.Publish your page as ASPX or JSP and then use the EDK server-side to manage the comparisons. Definitely more server-centric, but does require you do a quick bit of content server configuration. Just set the publishing target for the portlet to a directory on a web server and then set the publishing file extension to .ASPX or .JSP. I've done this with ASP and it works nicely. :)Not entirely the answer you or I were looking for, but I think it makes sense.
  The PT transformer tags you'll want if you go with option (1) are:
  Get the user's full name
  <pt:userinfo xmlns:pt="http://www.plumtree.com/xmlschemas/ptui/" name="FullName" />
  Get a custom user setting "myUserSetting"
  <pt:userSetting name="myUserSetting" xmlns:pt="http://www.plumtree.com/xmlschemas/ptui/" />
  Plumtree - am I off base on this one?
  Thanks,
  Eric

• How to export data with column headers in sql server 2008 with bcp command?

  Hi all,
  I want know "how to export data with column headers in sql server 2008 with bcp command", I know how to import data with import and export wizard. when i
  am trying to import data with bcp command data has been copied but column names are not came.
  I am using the below query:-
  EXEC master..xp_cmdshell
  'BCP "SELECT  * FROM   [tempdb].[dbo].[VBAS_ErrorLog] " QUERYOUT "D:\Temp\SQLServer.log" -c -t , -T -S SERVER-A'
  Thanks,
  SAAD.

  Hi All,
  I have done as per your suggestion but here i have face the below problem, in print statment it give correct query, in EXEC ( EXEC master..xp_cmdshell @BCPCMD) it was displayed error message like below
  DECLARE @BCPCMD
  nvarchar(4000)
  DECLARE @BCPCMD1
  nvarchar(4000)
  DECLARE @BCPCMD2
  nvarchar(4000)
  DECLARE @SQLEXPRESS
  varchar(50)
  DECLARE @filepath
  nvarchar(150),@SQLServer
  varchar(50)
  SET @filepath
  = N'"D:\Temp\LDH_SQLErrorlog_'+CAST(YEAR(GETDATE())
  as varchar(4))
  +RIGHT('00'+CAST(MONTH(GETDATE())
  as varchar(2)),2)
  +RIGHT('00'+CAST(DAY(GETDATE())
  as varchar(2)),2)+'.log" '
  Set @SQLServer
  =(SELECT
  @@SERVERNAME)
  SELECT @BCPCMD1
  = '''BCP "SELECT 
  * FROM   [tempdb].[dbo].[wErrorLog] " QUERYOUT '
  SELECT @BCPCMD2
  = '-c -t , -T -S '
  + @SQLServer + 
  SET @BCPCMD
  = @BCPCMD1+ @filepath 
  + @BCPCMD2
  Print @BCPCMD
  -- Print out below
  'BCP "SELECT 
  * FROM   [tempdb].[dbo].[wErrorLog] " QUERYOUT "D:\Temp\LDH_SQLErrorlog_20130313.log" -c -t , -T -S servername'
  EXEC
  master..xp_cmdshell
  @BCPCMD
    ''BCP' is not recognized as an internal or external command,
  operable program or batch file.
  NULL
  if i copy the print ourt put like below and excecute the CMD it was working fine, could you please suggest me what is the problem in above query.
  EXEC
  master..xp_cmdshell
  'BCP "SELECT  * FROM  
  [tempdb].[dbo].[wErrorLog] " QUERYOUT "D:\Temp\LDH_SQLErrorlog_20130313.log" -c -t , -T -S servername '
  Thanks, SAAD.