How to script out to connect to Active Directory specific domain controller server?

How to script out a script that enable us to connect to the specific domain controller server, it is because I have 2 different servers version and both of them have been communicate with powershell, thus, I wanted to powershell to communicate with one
server version. How to script this out?

Please see the Posting Guidlines:
http://social.technet.microsoft.com/Forums/en-US/a0def745-4831-4de0-a040-63b63e7be7ae/posting-guidelines?forum=ITCG
and this article on how to ask questions in a technical forum:
http://sincealtair.blogspot.com/2010/04/how-to-ask-questions-in-technical-forum.html
[string](0..33|%{[char][int](46+("686552495351636652556262185355647068516270555358646562655775 0645570").substring(($_*2),2))})-replace " "

Similar Messages

How to find out if Role is active or not and also delimited or not ?

How to find out if Role is active or not and also delimited or not ?

Hi,
Basically this job is done by BASIS (Technical) Team.
They can check whether role is active or not by using tcode "PFCG" by giving role name.
Regards,
Rameshwar

Not able to connect to Active Directory through Topology manager of ODI

Hi,
We are trying to connect to Active Directory though ODI Topology manager.
The details given are :
+1. Using LDAP(JNDI) driver:+
username : CN=Administrator
JDBC Driver name : com.sun.jndi.ldap.LdapCtxFactory
JDBC URL : ldap://ten.mydomain.com:636/dc=oracle,dc=com
I am getting the error as shown below:
java.sql.SQLException: No suitable driver
 at java.sql.DriverManager.getDriver(Unknown Source)
 at com.sunopsis.sql.SnpsConnection.u(SnpsConnection.java)
 at com.sunopsis.sql.SnpsConnection.a(SnpsConnection.java)
 at com.sunopsis.sql.SnpsConnection.testConnection(SnpsConnection.java)
 at com.sunopsis.sql.SnpsConnection.testConnection(SnpsConnection.java)
*2. Sunopsis JDBC driver for LDAP:*
Username: cn=Administrator
JDBC Driver Name : com.sunopsis.ldap.jdbc.driver.SnpsLdapDriver
JDBC Driver URL :
jdbc:snps:ldap?ldap_url=ldap://ten.mydomain.com:636/&ldap_password=abcd1234&ldap_basedn=dc=oracle,dc=com
We also tried with URL : jdbc:snps:ldap?ldap_url=ldap://ten.mydomain.com:636/&ldap_basedn=dc=oracle,dc=com
We are getting an error as shown below:
Java.sql.SQLException: A NamingException occured saying: Request: 1 cancelled with this explanation: Request: 1 cancelled and this remaining name: null
 at com.sunopsis.ldap.jdbc.driver.i.e(i.java)
 at com.sunopsis.ldap.jdbc.driver.i.a(i.java)
 at com.sunopsis.ldap.jdbc.driver.SnpsLdapConnection.<init>(SnpsLdapConnection.java)
Did I misconfigure something? Do I need to install a seperate Driver for this?
Please help me out in this.
Thanks in advance for any help.

For LDAP default user Root is having all the priviledge to access all the Ldap data.
Go to physical architecture and insert a new dataserver
user - cn=root,dc=css,dc=hyperion,dc=com [ change this according to your requirememnt for you it will be *cn=Administrator ,dc=oracle,dc=com* ]
password - null
JDBC
jdbc driver : com.sunopsis.ldap.jdbc.driver.SnpsLdapDriver
jdbc url : jdbc:snps:ldap?ldap_url=ldap://<server name :port/&ldap_password=KLLEJMNLKFLBKLKODDGPGPDB&ldap_basedn=dc=css,dc=hyperion,dc=com
[ for you it will be *jdbc:snps:ldap?ldap_url=ldap://ten.mydomain.com:636/&ldap_password=<encoded password>ldap_basedn=dc=oracle,dc=com* ]
Here the Default Ldap password for ROOT is SECURITY and if its changed or you are using for some other user . Please use that .
you also need to encode the password using this command
java -cp C:\OraHome_1\oracledi\drivers\snpsldapo.jar com.sunopsis.ldap.jdbc.driver.SnpsLdapEncoder <enter password here>
Later test the connection and you should be able to connect successfully.
Thanks

How to enable LDAP paged results in Active Directory Auth. Provider

Hello!
I Trying to establish connect with Active Directory server via AD provider in security realms ( it needs for IRM).
I configured provider, restarted the server, but when i trying to view all users in weblogic, i see only 1000 records from AD.
I read that default count of records from AD which returns server is 1000, but we can return more than 1000 records without changing AD property by using paging.
Where can i find this option or how can i configure it in weblogic?
Thanks in advance.

The first example was almost correct !
The error message: "javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001C6, problem 2001 (NO_OBJECT), data 0, best match of: 'CN=Schema,CN=Configuration,DC=ric,DC=com'; " simply indicates a naming error.
If you follow the logic of your code, you are trying to create an attribute with the distinguished name:[code]CN=fooattr,CN=Schema,CN=Configuration,DC=ric,DC=com,CN=Schema,CN=Configuration,DC=ric,DC=comIf you are wondering why, it is because you are attempting to create the subcontext from the schema naming context.schema.createSubcontext("CN=fooattr," + dn,attr);You can correct this by changing your code toschema.createSubcontext("CN=fooattr",attr); or toctx.createSubcontext("CN=fooattr," + dn,attr);One other error, you are missing one of the mandatory attributes; namely oMSyntax.attrs.put("oMSyntax","2");You can find details on the Active Directory Schema at http://technet2.microsoft.com/WindowsServer/en/library/97cae647-d996-48ff-b478-c96193abeadb1033.mspx
A simple way of checking the mandatory attributes for any object class is to look at the values of the systemMustContain attribute of the objectClass definition. In the case of attributeSchema, the systemMustContain attribute includes: schemaIDGUID (automagically generated), oMSyntax, ldapDisplayName, isSingleValued, cn, attributeSyntax and attributeID
Another reference that is helpful is a table of Attribute Syntax definitions at http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/distrib/dsbe_ext_dghb.mspx
The only words of advice for extending the schema are:
1. Test, Test, Test, before deploying in production
2. Do not ever reuse attributeID's or make up your own! If you are extending the schema get your own OID from an appropriate standards authority, or they may be obtained from Microsoft. Refer to http://msdn2.microsoft.com/en-us/library/ms677621.aspx or http://msdn2.microsoft.com/en-us/library/ms677620.aspx

How to check Internet usage userwise in Active Directory ?

How to check Internet usage userwise in Active Directory ? Without third party software is it possible ?
Thanks & Regards, Amol . Amol Dhaygude

Hi,
Thanks for your comment.
The schema is the Active Directory component that defines all the objects and attributes that the directory service uses to store data.
Active Directory stores and retrieves information from a wide variety of applications and services. So that it can store and replicate data from a potentially infinite variety of sources, Active Directory standardizes how data is stored in the directory. By
standardizing how data is stored, the directory service can retrieve, update, and replicate data while ensuring that the integrity of the data is maintained.
The directory service uses objects as units of storage. All objects are defined in the schema. Each time that the directory handles data, the directory queries the schema for an appropriate object definition. Based on the object definition in the schema, the
directory creates the object and stores the data.
Object definitions control the types of data that the objects can store, as well as the syntax of the data. Using this information, the schema ensures that all objects conform to their standard definitions. As a result, Active Directory can store, retrieve,
and validate the data that it manages, regardless of the application that is the original source of the data. Only data that has an existing object definition in the schema can be stored in the directory. If a new type of data needs to be stored, a new object
definition for the data must first be created in the schema.
You can find more information from below article.
Active Directory Schema Technical Reference
http://technet.microsoft.com/en-us/library/cc759402(v=ws.10).aspx
What's New in Active Directory Domain Services (AD DS)
http://technet.microsoft.com/en-in/library/hh831477.aspx
Hope it helps!
Thanks.
Dharmesh Solanki

### How to make integration between UCCX and Active Directory##

Hello,
I want to know what is the right procedure to perform a right integration between the UCCX and the Active Directory?
Waiting Yours Reply,,,,
Thanks a lot......

What version?
Assuming a current version (5.0 and higher): there is NO direct integration between CCX and Active Directory. The CCX server must not be joined to a domain.
CCX uses UC Manager End Users for synchronized usernames and passwords. If UC Manager is synchronized with an LDAP source, such as Active Directory, then this will carry forward to CCX. CCX would pass authentication requests to CCX through AXL. UCM would perform the LDAP authentication and inform CCX of the success/failure.

Authentication Plug-ins for active directory Multiple Domains(oidspad2.sh)

hi ,
i have use note 294791.1 from metalink to try link to active directory i have 2 one is staff and another is student
i first ran oidspadi.sh to create plugin for staff it works then i edit the 2 script to oidspad2.pls and oidspad2.sh with the require changes inside the files then i ran it it work but now the problem is the first ad now cant work this is my changes below
FOR oidspad2.pls
Rem
Rem $Header: oidspada.pls 02-aug-2004.04:45:11 saroy Exp $
Rem
Rem oidspads.pls
Rem
Rem Copyright (c) 2002, 2004, Oracle. All rights reserved.
Rem
Rem NAME
Rem oidspada.pls - 9.0.4 OID Password Active Directory
Rem External Authentication Plug-in
Rem
Rem
Rem NOTES
Rem <other useful comments, qualifications, etc.>
Rem
Rem MODIFIED (MM/DD/YY)
Rem saroy 08/02/04 - Fix for bug 3807482
Rem qdinh 01/27/04 - bug 3374115
Rem dlin 01/08/04 - pingan perf
Rem dlin 08/22/03 - 3111770 bug fix
Rem dlin 08/27/03 - change the way to get name
Rem dlin 08/13/03 - bug 2962082 fix
Rem dlin 02/21/03 - plug-in install changes
Rem dlin 02/13/03 - dlin_bug-2625027
Rem dlin 02/05/03 - fix ssl & failover
Rem dlin 01/31/03 - dlin_adextauth1
Rem dlin 01/30/03 - Created
Rem
SET echo off;
SET serveroutput off;
SET feedback off;
SET verify off;
CREATE OR REPLACE PACKAGE OIDADPSW2 AS
PROCEDURE when_bind_replace (ldapplugincontext IN ODS.plugincontext,
result OUT INTEGER,
dn IN VARCHAR2,
passwd IN VARCHAR2,
rc OUT INTEGER,
errormsg OUT VARCHAR2
PROCEDURE when_compare_replace (ldapplugincontext IN ODS.plugincontext,
result OUT INTEGER,
dn IN VARCHAR2,
attrname IN VARCHAR2,
attrval IN VARCHAR2,
rc OUT INTEGER,
errormsg OUT VARCHAR2
AD_HANDLE DBMS_LDAP.session DEFAULT NULL;
END OIDADPSW2;
SHOW ERROR
CREATE OR REPLACE PACKAGE BODY OIDADPSW2 AS
SUBTYPE LDAP_SESSION IS RAW(32);
SUBTYPE LDAP_MESSAGE IS RAW(32);
SUBTYPE LDAP_BER_ELEMENT IS RAW(32);
SUBTYPE ATTRLIST IS DBMS_LDAP.STRING_COLLECTION;
SUBTYPE MOD_ARRAY IS RAW(32);
SUBTYPE BERLIST IS DBMS_LDAP.BERVAL_COLLECTION;
PROCEDURE when_bind_replace (ldapplugincontext IN ODS.plugincontext,
result OUT INTEGER,
dn IN VARCHAR2,
passwd IN VARCHAR2,
rc OUT INTEGER,
errormsg OUT VARCHAR2
IS
retval pls_integer;
lresult BOOLEAN;
my_session DBMS_LDAP.session;
my_session1 DBMS_LDAP.session;
tmp_session DBMS_LDAP.session;
adupname VARCHAR2(1024) DEFAULT NULL;
BEGIN
plg_debug( '=== Begin when_bind_replace()');
DBMS_LDAP.USE_EXCEPTION := FALSE;
result := 49;
adupname := LDAP_PLUGIN.get_adupname(ldapplugincontext);
IF (adupname IS NULL) THEN
result := 1;
plg_debug('Can not get ADUserPrincipalName');
rc := DBMS_LDAP.SUCCESS;
errormsg := 'Exception in when_bind_replace: Can not get ADUserPrincipalName';
plg_debug( '=== End when_bind_replace() ===');
RETURN;
END IF;
plg_debug( 'Go to AD for authentication');
-- externally authenticate user
IF ('&1' = 'n') THEN
 IF (OIDADPSW2.AD_HANDLE IS NULL) THEN
 my_session := DBMS_LDAP.init('&2', &3);
 OIDADPSW2.AD_HANDLE := my_session;
 ELSE
 my_session := OIDADPSW2.AD_HANDLE;
 END IF;
plg_debug( 'ldap_session: ' || RAWTOHEX(SUBSTR(my_session,1,8)));
retval := DBMS_LDAP.simple_bind_s(my_session, adupname, passwd);
plg_debug( 'simple_bind_res: ' || TO_CHAR(retval));
-- Retry logic should be invoked only
-- when retval = LDAP_UNWILLING_TO_PERFORM || LDAP_UNAVAILABLE
-- Should free the old session if retry logic kept failing
-- to cause the number of outstanding sessions exceeding the
-- limit session number
 IF (retval = 52 OR retval = 53 OR retval = 81) THEN
 retval := DBMS_LDAP.unbind_s(my_session);
 plg_debug( 'unbind_res returns ' || TO_CHAR(retval));
 my_session1 := DBMS_LDAP.init('&4', &5);
 plg_debug( 'ldap_session: ' || RAWTOHEX(SUBSTR(my_session1,1,8)));
 tmp_session := my_session1;
 retval := DBMS_LDAP.simple_bind_s(my_session1, adupname, passwd);
 plg_debug( 'simple_bind_res again: ' || TO_CHAR(retval));
 IF (retval != 52 AND retval != 53 AND retval != 81) THEN
 OIDADPSW2.AD_HANDLE := tmp_session;
 ELSE
 retval := DBMS_LDAP.unbind_s(tmp_session);
 plg_debug( 'unbind_res result ' || TO_CHAR(retval));
 END IF;
 END IF;
ELSE
-- SSL bind
 IF (OIDADPSW2.AD_HANDLE IS NULL) THEN
 my_session := DBMS_LDAP.init('&6', &7);
 plg_debug( 'ldap_session initialized: ' || RAWTOHEX(SUBSTR(my_session,1,8)));
 retval := DBMS_LDAP.open_ssl(my_session,
 'file:' || '&8', '&9', 2);
 IF (retval != 0) THEN
 plg_debug( 'open_ssl failed error: ' || TO_CHAR(retval));
 retval := DBMS_LDAP.unbind_s(my_session);
 plg_debug( 'unbind_res returns ' || TO_CHAR(retval));
 result := 82;
 RETURN;
 END IF;
 plg_debug( 'open_ssl: ' || TO_CHAR(retval));
 OIDADPSW2.AD_HANDLE := my_session;
 ELSE
 my_session := OIDADPSW2.AD_HANDLE;
 END IF;
retval := DBMS_LDAP.simple_bind_s(my_session, adupname, passwd);
plg_debug( 'simple_bind_res: ' || TO_CHAR(retval));
-- Retry logic should be invoked only
-- when retval = LDAP_UNWILLING_TO_PERFORM
-- or LDAP_UNAVAILABLE
 IF (retval = 52 OR retval = 53 OR retval = 81) THEN
 retval := DBMS_LDAP.unbind_s(my_session);
 plg_debug( 'unbind_res returns ' || TO_CHAR(retval));
 my_session1 := DBMS_LDAP.init('&10', &11);
 plg_debug( 'ldap_session: ' || RAWTOHEX(SUBSTR(my_session1,1,8)));
 tmp_session := my_session1;
 retval := DBMS_LDAP.open_ssl(my_session1,
 'file:' || '&12', '&13', 2);
 IF (retval != 0) THEN
 plg_debug( 'retry open_ssl failed error: ' || TO_CHAR(retval));
 retval := DBMS_LDAP.unbind_s(my_session1);
 plg_debug( 'retry unbind_res returns ' || TO_CHAR(retval));
 result := 82;
 RETURN;
 END IF;
 plg_debug( 'retry open_ssl: ' || TO_CHAR(retval));
 retval := DBMS_LDAP.simple_bind_s(my_session1, adupname, passwd);
 plg_debug( 'simple_bind_res: again ' || TO_CHAR(retval));
 IF (retval != 52 AND retval != 53 AND retval != 81) THEN
 OIDADPSW2.AD_HANDLE := tmp_session;
 ELSE
 retval := DBMS_LDAP.unbind_s(tmp_session);
 plg_debug( 'unbind_res Returns ' || TO_CHAR(retval));
 END IF;
 END IF;
END IF;
-- for failover to connect to the secondary server
IF ('&14' = 'y' AND retval != 0) THEN
IF ('&15' = 'n') THEN
 IF (OIDADPSW2.AD_HANDLE IS NULL) THEN
 my_session := DBMS_LDAP.init('&16', &17);
 OIDADPSW2.AD_HANDLE := my_session;
 ELSE
 my_session := OIDADPSW2.AD_HANDLE;
 END IF;
plg_debug( 'ldap_session initialized: ' || RAWTOHEX(SUBSTR(my_session,1,8)));
retval := DBMS_LDAP.simple_bind_s(my_session, adupname, passwd);
plg_debug( 'simple_bind_res: ' || TO_CHAR(retval));
 IF (retval = 52 OR retval = 53 OR retval = 81) THEN
 retval := DBMS_LDAP.unbind_s(my_session);
 plg_debug( 'unbind_res returns ' || TO_CHAR(retval));
 my_session1 := DBMS_LDAP.init('&18', &19);
 plg_debug( 'retry ldap_session: ' || RAWTOHEX(SUBSTR(my_session1,1,8)));
 tmp_session := my_session1;
 retval := DBMS_LDAP.simple_bind_s(my_session1, adupname, passwd);
 plg_debug( 'retry simple_bind_res again: ' || TO_CHAR(retval));
 IF (retval != 52 AND retval != 53 AND retval != 81) THEN
 OIDADPSW2.AD_HANDLE := tmp_session;
 ELSE
 retval := DBMS_LDAP.unbind_s(tmp_session);
 plg_debug( 'unbind_res Returns ' || TO_CHAR(retval));
 END IF;
 END IF;
ELSE
 IF (OIDADPSW2.AD_HANDLE IS NULL) THEN
 my_session := DBMS_LDAP.init('&20', &21);
 plg_debug( 'ldap_session: ' || RAWTOHEX(SUBSTR(my_session,1,8)));
 retval := DBMS_LDAP.open_ssl(my_session,
 'file:' || '&22', '&23', 2);
 IF (retval != 0) THEN
 plg_debug( 'open_ssl failed error: ' || TO_CHAR(retval));
 retval := DBMS_LDAP.unbind_s(my_session);
 plg_debug( 'unbind_res returns ' || TO_CHAR(retval));
 result := 82;
 RETURN;
 END IF;
 plg_debug( 'open_ssl: ' || TO_CHAR(retval));
 OIDADPSW2.AD_HANDLE := my_session;
 ELSE
 my_session := OIDADPSW2.AD_HANDLE;
 END IF;
retval := DBMS_LDAP.simple_bind_s(my_session, adupname, passwd);
plg_debug( 'simple_bind_res: ' || TO_CHAR(retval));
-- Retry logic should be invoked only
-- when retval = LDAP_UNWILLING_TO_PERFORM || LDAP_UNAVAILABLE
 IF (retval = 52 OR retval = 53 OR retval = 81) THEN
 retval := DBMS_LDAP.unbind_s(my_session);
 plg_debug( 'unbind_res returns ' || TO_CHAR(retval));
 my_session1 := DBMS_LDAP.init('&24', &25);
 plg_debug( 'retry ldap_session: ' || RAWTOHEX(SUBSTR(my_session1,1,8)));
 tmp_session := my_session1;
 retval := DBMS_LDAP.open_ssl(my_session1,
 'file:' || '&26', '&27', 2);
 IF (retval != 0) THEN
 plg_debug( 'retry open_ssl failed error: ' || TO_CHAR(retval));
 retval := DBMS_LDAP.unbind_s(my_session);
 plg_debug( 'retry unbind_res returns ' || TO_CHAR(retval));
 result := 82;
 RETURN;
 END IF;
 plg_debug( 'retry open_ssl: ' || TO_CHAR(retval));
 retval := DBMS_LDAP.simple_bind_s(my_session1, adupname, passwd);
 plg_debug( 'simple_bind_res: again ' || TO_CHAR(retval));
 IF (retval != 52 AND retval != 53 AND retval != 81) THEN
 OIDADPSW2.AD_HANDLE := tmp_session;
 ELSE
 retval := DBMS_LDAP.unbind_s(tmp_session);
 plg_debug( 'unbind_res result ' || TO_CHAR(retval));
 END IF;
 END IF;
 END IF;
END IF;
IF (retval = 0) THEN
result := 0;
plg_debug('AD auth return TRUE');
ELSE
 result := retval;
plg_debug('AD auth return FALSE or ERROR');
END IF;
-- retval := DBMS_LDAP.unbind_s(my_session);
-- plg_debug( 'unbind_res Returns ' || TO_CHAR(retval));
rc := DBMS_LDAP.SUCCESS;
errormsg := 'No error msg.';
plg_debug( '=== End when_bind_replace() ===');
EXCEPTION
WHEN OTHERS THEN
rc := DBMS_LDAP.OPERATIONS_ERROR;
 retval := DBMS_LDAP.unbind_s(OIDADPSW2.AD_HANDLE);
 OIDADPSW2.AD_HANDLE := NULL;
 plg_debug( ' exception unbind_res returns ' || TO_CHAR(retval));
errormsg := 'Exception: when_bind_replace plugin';
plg_debug( 'Exception in when_bind_replace(). Error code is ' ||
 TO_CHAR(sqlcode));
plg_debug( ' ' || Sqlerrm);
END;
PROCEDURE when_compare_replace (ldapplugincontext IN ODS.plugincontext,
result OUT INTEGER,
dn IN VARCHAR2,
attrname IN VARCHAR2,
attrval IN VARCHAR2,
rc OUT INTEGER,
errormsg OUT VARCHAR2
IS
retval pls_integer;
lresult BOOLEAN;
my_session DBMS_LDAP.session;
my_session1 DBMS_LDAP.session;
tmp_session DBMS_LDAP.session;
adupname VARCHAR2(1024) DEFAULT NULL;
BEGIN
plg_debug( '=== Begin when_compare_replace()');
result := DBMS_LDAP.COMPARE_FALSE;
DBMS_LDAP.USE_EXCEPTION := FALSE;
adupname := LDAP_PLUGIN.get_adupname(ldapplugincontext);
IF (adupname IS NULL) THEN
result := DBMS_LDAP.COMPARE_FALSE;
plg_debug('Can not get ADuserPrincipalName');
rc := DBMS_LDAP.SUCCESS;
errormsg := 'Exception in when_compare_replace: Can not get ADUserPrincipalName';
plg_debug( '=== End when_compare_replace() ===');
RETURN;
END IF;
-- externally authenticate user
IF ('&28' = 'n') THEN
 IF (OIDADPSW2.AD_HANDLE IS NULL) THEN
 my_session := DBMS_LDAP.init('&29', &30);
 OIDADPSW2.AD_HANDLE := my_session;
 ELSE
 my_session := OIDADPSW2.AD_HANDLE;
 END IF;
plg_debug( 'ldap_session: ' || RAWTOHEX(SUBSTR(my_session,1,8)));
retval := DBMS_LDAP.simple_bind_s(my_session, adupname, attrval);
plg_debug( 'simple_bind_res: ' || TO_CHAR(retval));
-- Retry logic should be invoked only
-- when retval = LDAP_UNWILLING_TO_PERFORM || LDAP_UNAVAILABLE
IF (retval = 52 OR retval = 53 OR retval = 81) THEN
 retval := DBMS_LDAP.unbind_s(my_session);
plg_debug( 'retry unbind_res returns ' || TO_CHAR(retval));
 my_session1 := DBMS_LDAP.init('&31', &32);
 plg_debug( 'ldap_session: ' || RAWTOHEX(SUBSTR(my_session1,1,8)));
 tmp_session := my_session1;
 retval := DBMS_LDAP.simple_bind_s(my_session1, adupname, attrval);
 plg_debug( 'simple_bind_res again: ' || TO_CHAR(retval));
 IF (retval != 52 AND retval != 53 AND retval != 81) THEN
 OIDADPSW2.AD_HANDLE := tmp_session;
ELSE
 retval := DBMS_LDAP.unbind_s(tmp_session);
 plg_debug( 'unbind_res result ' || TO_CHAR(retval));
 END IF;
 END IF;
ELSE
 IF (OIDADPSW2.AD_HANDLE IS NULL) THEN
 my_session := DBMS_LDAP.init('&33', &34);
 plg_debug( 'ldap_session: ' || RAWTOHEX(SUBSTR(my_session,1,8)));
 retval := DBMS_LDAP.open_ssl(my_session,
 'file:' || '&35', '&36', 2);
 IF (retval != 0) THEN
 plg_debug( 'open_ssl failed error: ' || TO_CHAR(retval));
 retval := DBMS_LDAP.unbind_s(my_session);
 plg_debug( 'unbind_res returns ' || TO_CHAR(retval));
 result := 82;
 RETURN;
 END IF;
 plg_debug( 'open_ssl: ' || TO_CHAR(retval));
 OIDADPSW2.AD_HANDLE := my_session;
 ELSE
 my_session := OIDADPSW2.AD_HANDLE;
 END IF;
retval := DBMS_LDAP.simple_bind_s(my_session, adupname, attrval);
plg_debug( 'simple_bind_res: ' || TO_CHAR(retval));
-- Retry logic should be invoked only
-- when retval = LDAP_UNWILLING_TO_PERFORM || LDAP_UNAVAILABLE
IF (retval = 52 OR retval = 53 OR retval = 81) THEN
 retval := DBMS_LDAP.unbind_s(my_session);
plg_debug( 'retry unbind_res returns ' || TO_CHAR(retval));
 my_session1 := DBMS_LDAP.init('&37', &38);
 plg_debug( 'ldap_session: ' || RAWTOHEX(SUBSTR(my_session1,1,8)));
 tmp_session := my_session1;
 retval := DBMS_LDAP.open_ssl(my_session1,
 'file:' || '&39', '&40', 2);
IF (retval != 0) THEN
 plg_debug( 'open_ssl failed error: ' || TO_CHAR(retval));
 retval := DBMS_LDAP.unbind_s(my_session);
 plg_debug( 'unbind_res returns ' || TO_CHAR(retval));
 result := 82;
 RETURN;
 END IF;
 plg_debug( 'open_ssl: ' || TO_CHAR(retval));
 retval := DBMS_LDAP.simple_bind_s(my_session1, adupname, attrval);
 plg_debug( 'simple_bind_res: again ' || TO_CHAR(retval));
 IF (retval != 52 AND retval != 53 AND retval != 81) THEN
 OIDADPSW2.AD_HANDLE := tmp_session;
ELSE
 retval := DBMS_LDAP.unbind_s(tmp_session);
 plg_debug( 'unbind_res result ' || TO_CHAR(retval));
 END IF;
 END IF;
END IF;
-- for failover to connect to the secondary AD
IF ('&41' = 'y' AND retval != 0) THEN
IF ('&42' = 'n') THEN
 IF (OIDADPSW2.AD_HANDLE IS NULL) THEN
 my_session := DBMS_LDAP.init('&43', &44);
 OIDADPSW2.AD_HANDLE := my_session;
 ELSE
 my_session := OIDADPSW2.AD_HANDLE;
 END IF;
plg_debug( 'ldap_session: ' || RAWTOHEX(SUBSTR(my_session,1,8)));
retval := DBMS_LDAP.simple_bind_s(my_session, adupname, attrval);
plg_debug( 'simple_bind_res: ' || TO_CHAR(retval));
-- Retry logic should be invoked only
-- when retval = LDAP_UNWILLING_TO_PERFORM || LDAP_UNAVAILABLE
 IF (retval = 52 OR retval = 53 OR retval = 81) THEN
 retval := DBMS_LDAP.unbind_s(my_session);
plg_debug( 'retry unbind_res returns ' || TO_CHAR(retval));
 my_session1 := DBMS_LDAP.init('&45', &46);
 plg_debug( 'ldap_session: ' || RAWTOHEX(SUBSTR(my_session1,1,8)));
 tmp_session := my_session1;
 retval := DBMS_LDAP.simple_bind_s(my_session1, adupname, attrval);
 plg_debug( 'simple_bind_res again: ' || TO_CHAR(retval));
 IF (retval != 52 AND retval != 53 AND retval != 81) THEN
 OIDADPSW2.AD_HANDLE := tmp_session;
ELSE
 retval := DBMS_LDAP.unbind_s(tmp_session);
 plg_debug( 'unbind_res result ' || TO_CHAR(retval));
 END IF;
 END IF;
 ELSE
 IF (OIDADPSW2.AD_HANDLE IS NULL) THEN
 my_session := DBMS_LDAP.init('&47', &48);
 plg_debug( 'ldap_session: ' || RAWTOHEX(SUBSTR(my_session,1,8)));
 retval := DBMS_LDAP.open_ssl(my_session,
 'file:' || '&49', '&50', 2);
 IF (retval != 0) THEN
 plg_debug( 'open_ssl failed error: ' || TO_CHAR(retval));
 retval := DBMS_LDAP.unbind_s(my_session);
 plg_debug( 'unbind_res returns ' || TO_CHAR(retval));
 result := 82;
 RETURN;
 END IF;
 plg_debug( 'open_ssl: ' || TO_CHAR(retval));
 OIDADPSW2.AD_HANDLE := my_session;
 ELSE
 my_session := OIDADPSW2.AD_HANDLE;
 END IF;
retval := DBMS_LDAP.simple_bind_s(my_session, adupname, attrval);
plg_debug( 'simple_bind_res: ' || TO_CHAR(retval));
-- Retry logic should be invoked only
-- when retval = LDAP_UNWILLING_TO_PERFORM || LDAP_UNAVAILABLE
 IF (retval = 52 OR retval = 53 OR retval = 81) THEN
 retval := DBMS_LDAP.unbind_s(my_session);
plg_debug( 'retry unbind_res returns ' || TO_CHAR(retval));
 my_session1 := DBMS_LDAP.init('&51', &52);
 plg_debug( 'ldap_session: ' || RAWTOHEX(SUBSTR(my_session1,1,8)));
 tmp_session := my_session1;
 retval := DBMS_LDAP.open_ssl(my_session1,
 'file:' || '&53', '&54', 2);
 IF (retval != 0) THEN
 plg_debug( 'open_ssl failed error: ' || TO_CHAR(retval));
 retval := DBMS_LDAP.unbind_s(my_session1);
 plg_debug( 'unbind_res returns ' || TO_CHAR(retval));
 result := 82;
 RETURN;
 END IF;
 plg_debug( 'open_ssl: ' || TO_CHAR(retval));
 retval := DBMS_LDAP.simple_bind_s(my_session1, adupname, attrval);
 plg_debug( 'simple_bind_res: again ' || TO_CHAR(retval));
 IF (retval != 52 AND retval != 53 AND retval != 81) THEN
 OIDADPSW2.AD_HANDLE := tmp_session;
 ELSE
 retval := DBMS_LDAP.unbind_s(tmp_session);
 plg_debug( 'unbind_res result ' || TO_CHAR(retval));
 END IF;
 END IF;
 END IF;
END IF;
IF (retval = 0) THEN
result := DBMS_LDAP.COMPARE_TRUE;
plg_debug('AD auth return TRUE');
ELSE
result := DBMS_LDAP.COMPARE_FALSE;
plg_debug('AD auth return FALSE or ERROR');
END IF;
-- retval := DBMS_LDAP.unbind_s(my_session);
-- plg_debug( 'unbind_res Returns ' || TO_CHAR(retval));
rc := DBMS_LDAP.SUCCESS;
errormsg := 'No error msg.';
plg_debug( '=== End when_compare_replace() ===');
EXCEPTION
WHEN OTHERS THEN
rc := DBMS_LDAP.OPERATIONS_ERROR;
errormsg := 'Exception: when_compare_replace plugin';
plg_debug( 'Exception in when_compare_replace(). Error code is ' ||
 TO_CHAR(sqlcode));
plg_debug( ' ' || Sqlerrm);
 retval := DBMS_LDAP.unbind_s(OIDADPSW2.AD_HANDLE);
 OIDADPSW2.AD_HANDLE := NULL;
END;
END OIDADPSW2;
SHOW ERRORS
EXIT;
-- usessl, adhost, adport, adhost, adsslport, walletloc, walletpwd
-- isfailover, isfailoverssl, sechost, secport, sechost, secsslport
-- secwalletloc, secwalletpwd
-- usessl, adhost, adport, adhost, adsslport, walletloc, walletpwd
-- isfailover, isfailoverssl, sechost, secport, sechost, secsslport
-- secwalletloc, secwalletpwd
FOR oidspadi.sh
#!/bin/sh
# $Header: oidspadi.sh 13-may-2005.13:48:51 saroy Exp $
# oidspadi.sh
# Copyright (c) 2002, 2005, Oracle. All rights reserved.
# NAME
# oidspadi.sh - AD external authentication plug-in install
# DESCRIPTION
# <short description of component this file declares/defines>
# NOTES
# <other useful comments, qualifications, etc.>
# MODIFIED (MM/DD/YY)
# saroy 05/13/05 - Fix for bug 4233817
# saroy 02/18/05 - Fix for bug 4054414
# saroy 11/02/04 - Fix for bug 3980370
# qdinh 01/19/04 - bug 3374115
# dlin 07/10/03 - turn off debug
# dlin 02/21/03 - plug-in install changes
# dlin 02/13/03 - dlin_bug-2625027
# dlin 07/22/02 - Creation
ADHOST="A"
ADPORT="1"
ADSSLPORT="1"
WALLETLOC="A"
WALLETPWD="A"
WALLETPWD2="A"
CONNECT="A"
ODSPWD="A"
ODSPWD2="A"
OIDHOST="A"
OIDPORT="1"
ORCLADMINPWD="A"
ORCLADMINPWD2="A"
PRGDN="A"
SCUSB="A"
EP="A"
ISSSL="n"
ISFAILOVER="n"
ISFAILOVERSSL="n"
SECADHOST="A"
SECADPORT="1"
SECADSSLPORT="1"
SECWALLETLOC="A"
SECWALLETPWD="A"
SECWALLETPWD2="A"
clear
echo "---------------------------------------------"
echo " OID Active Directory Plug-in Configuration"
echo "---------------------------------------------"
echo " "
echo "Please make sure Database and OID are up and running."
echo " "
LDAP_DIR=${ORACLE_HOME}/ldap
LDAP_LOG=${LDAP_DIR}/log
## ORACLE_HOME
if [ -z $ORACLE_HOME ] ; then
echo " ORACLE_HOME must be set for this installation script"
exit 0
fi
# gather required information
if [ ${ADHOST} = "A" ] ; then
printf "Please enter Active Directory host name: "
read ADHOST
fi
## active directory host name is required
if [ "${ADHOST}" = "" ]
then
echo "Active Directory host name is required";
exit 1;
fi
printf "Do you want to use SSL to connect to Active Directory? (y/n) "
read ISSSL
if [ "${ISSSL}" = "n" ]
then
if [ ${ADPORT} = "1" ] ; then
printf "Please enter Active Directory port number [389]: "
read ADPORT
if [ "${ADPORT}" = "" ]
then
ADPORT="389"
fi
fi
fi
if [ "${ISSSL}" = "y" ]
then
if [ ${ADSSLPORT} = "1" ] ; then
printf "Please enter Active Directory SSL port number [636]: "
read ADSSLPORT
if [ "${ADSSLPORT}" = "" ]
then
ADSSLPORT="636"
fi
fi
if [ ${WALLETLOC} = "A" ] ; then
echo " "
printf "Please enter Oracle wallet location: "
read WALLETLOC
fi
## wallet location is required
if [ "${WALLETLOC}" = "" ]
then
echo "Oracle wallet location is required";
exit 1;
fi
if [ ${WALLETPWD} = "A" ] ; then
printf "Please enter Oracle wallet password: "
stty -echo ; read WALLETPWD ; stty echo ; echo
fi
if [ "${WALLETPWD}" = "" ]
then
echo "Oracle wallet password is required";
exit 1;
fi
if [ ${WALLETPWD2} = "A" ] ; then
printf "Please enter confirmed Oracle wallet password: "
stty -echo ; read WALLETPWD2 ; stty echo ; echo
fi
if [ "${WALLETPWD}" != "${WALLETPWD2}" ]
then
echo "The input passwords are not matched";
exit 1;
fi
fi
if [ ${CONNECT} = "A" ] ; then
echo " "
printf "Please enter DB connect string: "
read CONNECT
fi
if [ ${ODSPWD} = "A" ] ; then
printf "Please enter ODS password: "
stty -echo ; read ODSPWD ; stty echo ; echo
fi
## password is required
if [ "${ODSPWD}" = "" ]
then
echo "ODS password is required";
exit 1;
fi
if [ ${ODSPWD2} = "A" ] ; then
printf "Please enter confirmed ODS password: "
stty -echo ; read ODSPWD2 ; stty echo ; echo
fi
if [ "${ODSPWD}" != "${ODSPWD2}" ]
then
echo "The input passwords are not matched";
exit 1;
fi
if [ "${CONNECT}" = "" ]
then
CMDNAME="$ORACLE_HOME/bin/sqlplus -s ods/${ODSPWD} "
else
CMDNAME="$ORACLE_HOME/bin/sqlplus -s ods/${ODSPWD}@${CONNECT} "
fi
# Check if ODS password and connect string is correct
${ORACLE_HOME}/bin/sqlplus -L ods/${ODSPWD}@${CONNECT} << END 1>/dev/null 2>/dev/null
exit;
END
if [ $? -ne 0 ]; then
echo "Incorrect connect string or ODS password specified"
exit 1;
fi
if [ ${OIDHOST} = "A" ] ; then
echo " "
printf "Please enter OID host name: "
read OIDHOST
fi
## oid host is required
if [ "${OIDHOST}" = "" ]
then
echo "OID host name is required";
exit 1;
fi
if [ ${OIDPORT} = "1" ] ; then
printf "Please enter OID port number [389]: "
read OIDPORT
if [ "${OIDPORT}" = "" ]
then
OIDPORT="389"
fi
fi
# Check if OID host and port is correct
${ORACLE_HOME}/bin/ldapbind -h ${OIDHOST} -p ${OIDPORT} 1>/dev/null 2>/dev/null
if [ $? -ne 0 ]; then
echo "Incorrect OID host or port specified"
exit 1;
fi
if [ ${ORCLADMINPWD} = "A" ] ; then
printf "Please enter orcladmin password: "
stty -echo ; read ORCLADMINPWD ; stty echo ; echo
fi
if [ "${ORCLADMINPWD}" = "" ]
then
echo "orcladmin password is required";
exit 1;
fi
if [ ${ORCLADMINPWD2} = "A" ] ; then
printf "Please enter confirmed orcladmin password: "
stty -echo ; read ORCLADMINPWD2 ; stty echo ; echo
fi
if [ "${ORCLADMINPWD}" != "${ORCLADMINPWD2}" ]
then
echo "The input passwords are not matched";
exit 1;
fi
# Check if orcladmin password is correct
${ORACLE_HOME}/bin/ldapbind -h ${OIDHOST} -p ${OIDPORT} -D 'cn=orcladmin' -w ${ORCLADMINPWD} 1>/dev/null 2>/dev/null
if [ $? -ne 0 ]; then
echo "Incorrect orcladmin password specified"
exit 1;
fi
echo " "
if [ ${SCUSB} = "A" ] ; then
printf "Please enter the subscriber common user search base [orclcommonusersearchbase]: "
read SCUSB
if [ "${SCUSB}" = "" ]
then
SCUSB=`${ORACLE_HOME}/bin/ldapsearch -h ${OIDHOST} -p ${OIDPORT} -D 'cn=orcladmin' -w ${ORCLADMINPWD} -s base -b 'cn=common,cn=products,cn=oraclecontext' -L 'objectclass=*' orclcommonusersearchbase | head -2 | grep -v 'dn:' | awk '{printf $2}'`
fi
fi
if [ ${PRGDN} = "A" ] ; then
printf "Please enter the Plug-in Request Group DN: "
read PRGDN
fi
if [ ${EP} = "A" ] ; then
printf "Please enter the exception entry property [(!(objectclass=orcladuser))]: "
read EP
if [ "${EP}" = "" ]
then
EP='(!(objectclass=orcladuser))'
fi
fi
echo " "
printf "Do you want to setup the backup Active Directory for failover? (y/n) "
read ISFAILOVER
if [ "${ISFAILOVER}" = "y" ]
then
if [ ${SECADHOST} = "A" ] ; then
printf "Please enter the backup Active Directory host name: "
read SECADHOST
if [ "${SECADHOST}" = "" ]
then
echo "Backup Active Directory host name is required";
exit 1;
fi
fi
printf "Do you want to use SSL to connect to the backup Active Directory? (y/n) "
read ISFAILOVERSSL
if [ "${ISFAILOVERSSL}" = "n" ]
then
if [ ${SECADPORT} = "1" ] ; then
printf "Please enter the backup Active Directory port number [389]: "
read SECADPORT
if [ "${SECADPORT}" = "" ]
then
SECADPORT="389"
fi
fi
fi
if [ "${ISFAILOVERSSL}" = "y" ]
then
if [ ${SECADSSLPORT} = "1" ] ; then
printf "Please enter the backup Active Directory SSL port number [636]: "
read SECADSSLPORT
if [ "${SECADSSLPORT}" = "" ]
then
SECADSSLPORT="636"
fi
fi
if [ ${SECWALLETLOC} = "A" ] ; then
echo " "
printf "Please enter Oracle wallet location: "
read SECWALLETLOC
fi
## wallet location is required
if [ "${SECWALLETLOC}" = "" ]
then
echo "Oracle wallet location is required";
exit 1;
fi
if [ ${SECWALLETPWD} = "A" ] ; then
printf "Please enter Oracle wallet password: "
stty -echo ; read SECWALLETPWD ; stty echo ; echo
fi
if [ "${SECWALLETPWD}" = "" ]
then
echo "Oracle wallet password is required";
exit 1;
fi
if [ ${SECWALLETPWD2} = "A" ] ; then
printf "Please enter confirmed Oracle wallet password: "
stty -echo ; read SECWALLETPWD2 ; stty echo ; echo
fi
 if [ "${SECWALLETPWD}" != "${SECWALLETPWD2}" ]
 then
 echo "The input passwords are not matched";
 exit 1;
 fi
fi
fi
# install the plug-in PL/SQL packages
echo " "
echo "Installing Plug-in Packages ..."
echo " "
# install plug-in debug tool
cp $ORACLE_HOME/ldap/admin/oidspdsu.pls $LDAP_LOG
chmod +w $LDAP_LOG/oidspdsu.pls
echo "EXIT;" >> $LDAP_LOG/oidspdsu.pls
${CMDNAME} @$LDAP_LOG/oidspdsu.pls
rm $LDAP_LOG/oidspdsu.pls
${CMDNAME} @$ORACLE_HOME/ldap/admin/oidspdof.pls
# install plug-in packages
${CMDNAME} @$ORACLE_HOME/ldap/admin/oidspad2.pls ${ISSSL} ${ADHOST} ${ADPORT} ${ADHOST} ${ADPORT} ${ADHOST} ${ADSSLPORT} ${WALLETLOC} ${WALLETPWD} ${ADHOST} ${ADSSLPORT} ${WALLETLOC} ${WALLETPWD} ${ISFAILOVER} ${ISFAILOVERSSL} ${SECADHOST} ${SECADPORT} ${SECADHOST} ${SECADPORT} ${SECADHOST} ${SECADSSLPORT} ${SECWALLETLOC} ${SECWALLETPWD} ${SECADHOST} ${SECADSSLPORT} ${SECWALLETLOC} ${SECWALLETPWD} ${ISSSL} ${ADHOST} ${ADPORT} ${ADHOST} ${ADPORT} ${ADHOST} ${ADSSLPORT} ${WALLETLOC} ${WALLETPWD} ${ADHOST} ${ADSSLPORT} ${WALLETLOC} ${WALLETPWD} ${ISFAILOVER} ${ISFAILOVERSSL} ${SECADHOST} ${SECADPORT} ${SECADHOST} ${SECADPORT} ${SECADHOST} ${SECADSSLPORT} ${SECWALLETLOC} ${SECWALLETPWD} ${SECADHOST} ${SECADSSLPORT} ${SECWALLETLOC} ${SECWALLETPWD} 2>&1 ; stty echo ; echo
#stty -echo; eval ${CMDNAME} @$ORACLE_HOME/ldap/admin/oidspad2.pls ${ISSSL} ${ADHOST} ${ADPORT} ${ADHOST} ${ADPORT} ${ADHOST} ${ADSSLPORT} ${WALLETLOC} ${WALLETPWD} ${ADHOST} ${ADSSLPORT} ${WALLETLOC} ${WALLETPWD} ${ISFAILOVER} ${ISFAILOVERSSL} ${SECADHOST} ${SECADPORT} ${SECADHOST} ${SECADPORT} ${SECADHOST} ${SECADSSLPORT} ${SECWALLETLOC} ${SECWALLETPWD} ${SECADHOST} ${SECADSSLPORT} ${SECWALLETLOC} ${SECWALLETPWD} ${ISSSL} ${ADHOST} ${ADPORT} ${ADHOST} ${ADPORT} ${ADHOST} ${ADSSLPORT} ${WALLETLOC} ${WALLETPWD} ${ADHOST} ${ADSSLPORT} ${WALLETLOC} ${WALLETPWD} ${ISFAILOVER} ${ISFAILOVERSSL} ${SECADHOST} ${SECADPORT} ${SECADHOST} ${SECADPORT} ${SECADHOST} ${SECADSSLPORT} ${SECWALLETLOC} ${SECWALLETPWD} ${SECADHOST} ${SECADSSLPORT} ${SECWALLETLOC} ${SECWALLETPWD} 2>&1 ; stty echo ; echo
# usessl, adhost, adport, adhost, adsslport, walletloc, walletpwd
# isfailover, isfailoverssl, sechost, secport, sechost, secsslport
# secwalletloc, secwalletpwd
# usessl, adhost, adport, adhost, adsslport, walletloc, walletpwd
# isfailover, isfailoverssl, sechost, secport, sechost, secsslport
# secwalletloc, secwalletpwd
# register the plug-ins
echo " "
echo "Registering Plug-ins ..."
echo " "
$ORACLE_HOME/bin/ldapadd -h ${OIDHOST} -p ${OIDPORT} -D cn=orcladmin -w ${ORCLADMINPWD} << EOF
dn: cn=adwhencompare2,cn=plugin,cn=subconfigsubentry
objectclass:orclPluginConfig
objectclass:top
orclpluginname:OIDADPSW2
orclplugintype:operational
orclplugintiming:when
orclpluginldapoperation:ldapcompare
orclpluginenable:1
orclpluginversion:1.0.1
orclPluginIsReplace:1
cn:adwhencompare2
orclpluginsubscriberdnlist:${SCUSB}
orclpluginattributelist:userpassword
orclpluginrequestgroup:${PRGDN}
orclpluginentryproperties:${EP}
dn: cn=adwhenbind2,cn=plugin,cn=subconfigsubentry
objectclass:orclPluginConfig
objectclass:top
orclpluginname:OIDADPSW2
orclplugintype:operational
orclplugintiming:when
orclpluginldapoperation:ldapbind
orclpluginenable:1
orclpluginversion:1.0.1
orclPluginIsReplace:1
cn:adwhenbind2
orclpluginsubscriberdnlist:${SCUSB}
orclpluginrequestgroup:${PRGDN}
orclpluginentryproperties:${EP}
EOF
cat <<DONE
Done.
DONE

Hi,
This is a problem that is not made clear in the note. What is probably happening here is that both plugins are being fired when a user logs in. OID will only read the value returned from the final plugin to fire. This can be a problem if the user authenticates correctly against the first plug-in but fails on the second. This is entirely legitimate as this note tells you to configure this way but the OID only observes the final result. The note doesn't tell us this.
Here's an example:
We've two OID User users in different containers: cn=Al is in container cn=usersA,dc=oracle,dc=com and cn=BOB is in container cn=usersB,dc=oracle,dc=com.
We have two plugins: pluginA and PluginB. Installed in that order.
When Al logs in the two plugins fire. pluginA finds Al and returns a true, but then pluginB fires and returns a false undoing the good result. OID only accepts the final answer and so rejects the user. When Bob logins in both plugins fire again but it's the second plugin that returns the answer again. This is true and bob gets in.
There's a couple of ways around this and one of the more effective ways is to associate the plugin with the dn. So in our example, we associate the pluginA to fire only for the dn cn=usersA,dc=oracle,dc=com and pluginB only to fire when a user is in cn=usersB,dc=oracle,dc=com. This gets around the problem of mulitple plugins firing and giving conflicting answers as the appropriate plugin only fires once.
I've used this solution in a realtime environment when connecting and provisioning multiple ADs into one OID and found it to be extremely effective.
Another solution is to associate the plugins with groups.
Both of these options may be configured easily by modifying the plugin properties in ODM. Don't forget to restart OID after you've made the changes.
HTH!
Phil.
If

Command how many mails when through the mailstore for a specific domain.

I need to get info from the maillog to see how many mails when through the mailstore for a specific domain.
For example all the mails send and received by example.com witch is hosted on that 2005q1 mailserver.
Anyone know the commands to get it out.

The data is certainly in the mail.log.
You may want to start with the perl log parsing script, here:
http://ims.balius.com/resources/downloads/files/imslog.pl

Microsoft Exchange Server 2013 Cumulative Update 7 Setup - Active Directory Topology service on server 'TopologyClientTcpEndpoint (localhost)' returned an error - Set-SharedConfigDC

What am I trying to do?
I have tried installing Microsoft Exchange Server 2013 Cumulative Update 7 Setup on a fresh install of Windows Server 2012 R2 but it gets stuck when running the setup exe on Step 8 of 14 “Mailbox Transport Service” I have included full
error logs at the bottom of the page but the basics are in order it will throw which loop around are:
[01/20/2015 17:13:20.0084] [2] Beginning processing Set-SharedConfigDC
[01/20/2015 17:13:20.0178] [2] The call to Microsoft Exchange Active Directory Topology service on server 'TopologyClientTcpEndpoint (localhost)' returned an error. Error details No Minimal Required Number of Suitable Directory Servers
Found in Forest mydomain.com Site Default-First-Site and connected Sites..
[01/20/2015 17:13:20.0178] [2] No Minimal Required Number of Suitable Directory Servers Found in Forest mydomain.com Site Default-First-Site and connected Sites.
Exchange is currently running in the envirmonet on 2010 Sp3 I am installing 2013 CU7 fresh so I can migrate the databases over.
What am I running?
2 X DC on domain and forest functional level 2008R2 both writable
1 X fresh install of Windows 2012 R2 which is domain joined
What have I tried?
Checked Ipv6 is enabled on all DC NICS and Existing Exchange Servers
Rebooted every server
Run setup as Administrator
My account is part of the domain Enterprise Admin group
Tried adding "Exchange Server" or "Exchange Enterprise Servers" to the group policy and doing the relevant gpupdate /force and reboot :
Computer Configuration Windows Settings
Security Settings + Local Policies
User Rights Assignment Mange auditing and security log
Turned off firewall on DC and Exchange Server even stopped the service
Turned off all AV on the DC and Exchange Server
Checked I could telnet to global catalog servers on port 3268 which I can
Checked the global catalog records existed in DNS which they all do
Done the obvious ping tests all round which confirms connectivity
Schema has been prepared using appropriate commands before running the setup exe
setup.exe /PrepareSchema /IacceptExchangeServerLicenseTerms
Making sure the following path has full permissions:
EXCHANGE14:\Current\Release\Shared\Datacenter\Setup
Restarted Microsoft Exchange Active Directory Topology service
DcDiag all looks good
What have I noticed that is suspicious?
Microsoft Exchange Transport service will not start even though both of its dependences services have started:
Microsoft Filtering Management Service
Microsoft Exchange Active Directory Topology Service
It will eventually error with
“Windows could not start the Microsoft Exchange Transport Service on local computer
Error 1053: This Service did not respond to the start of control request in a timely fashion”
This error is from the GUI wizard itself:
Error:
The following error was generated when "$error.Clear();
$maxWait = New-TimeSpan -Minutes 8
$timeout = Get-Date;
$timeout = $timeout.Add($maxWait);
$currTime = Get-Date;
$successfullySetConfigDC = $false;
while($currTime -le $timeout)
$setSharedCDCErrors = @();
try
Set-SharedConfigDC -DomainController $RoleDomainController -ErrorVariable setSharedCDCErrors -ErrorAction SilentlyContinue;
$successfullySetConfigDC = ($setSharedCDCErrors.Count -eq 0);
if($successfullySetConfigDC)
break;
Write-ExchangeSetupLog -Info ("An error ocurred while setting shared config DC. Error: " + $setSharedCDCErrors[0]);
catch
Write-ExchangeSetupLog -Info ("An exception ocurred while setting shared config DC. Exception: " + $_.Exception.Message);
Write-ExchangeSetupLog -Info ("Waiting 30 seconds before attempting again.");
Start-Sleep -Seconds 30;
$currTime = Get-Date;
if( -not $successfullySetConfigDC)
Write-ExchangeSetupLog -Error "Unable to set shared config DC.";
" was run: "System.Exception: Unable to set shared config DC.
at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target, Boolean reThrow, String helpUrl)
at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target)
at Microsoft.Exchange.Management.Deployment.WriteExchangeSetupLog.InternalProcessRecord()
at Microsoft.Exchange.Configuration.Tasks.Task.<ProcessRecord>b__b()
at Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String funcName, Action func, Boolean terminatePipelineIfFailed)".
Exchange logs which have been written:
**The error will loop around for 8 minutes on trying to set-sharedconfig DC whatever this is trying to do ??
[01/20/2015 17:13:20.0084] [2] Active Directory session settings for 'Set-SharedConfigDC' are: View Entire Forest: 'True', Configuration Domain Controller:mydomain.com', Preferred Global Catalog: 'mydomain.com', Preferred Domain Controllers:
'{ mydomain.com}'
[01/20/2015 17:13:20.0084] [2] User specified parameters:
-DomainController:mydomain.com' -ErrorVariable:'setSharedCDCErrors' -ErrorAction:'SilentlyContinue'
[01/20/2015 17:13:20.0084] [2] Beginning processing Set-SharedConfigDC
[01/20/2015 17:13:20.0178] [2] The call to Microsoft Exchange Active Directory Topology service on server 'TopologyClientTcpEndpoint (localhost)' returned an error. Error details No Minimal Required Number of Suitable Directory Servers
Found in Forest mydomain.com Site Default-First-Site and connected Sites..
[01/20/2015 17:13:20.0178] [2] No Minimal Required Number of Suitable Directory Servers Found in Forest mydomain.com Site Default-First-Site and connected Sites.
[01/20/2015 17:13:20.0178] [2] The call to Microsoft Exchange Active Directory Topology service on server 'TopologyClientTcpEndpoint (localhost)' returned an error. Error details No Minimal Required Number of Suitable Directory Servers
Found in Forest mydomain.com Site Default-First-Site and connected Sites..
[01/20/2015 17:13:20.0178] [2] No Minimal Required Number of Suitable Directory Servers Found in Forest mydomain.com Site Default-First-Site and connected Sites.
[01/20/2015 17:13:20.0178] [2] Ending processing Set-SharedConfigDC
[01/20/2015 17:13:20.0193] [2] Beginning processing Write-ExchangeSetupLog
[01/20/2015 17:13:20.0193] [2] An error ocurred while setting shared config DC. Error: The call to Microsoft Exchange Active Directory Topology service on server 'TopologyClientTcpEndpoint (localhost)' returned an error. Error details
No Minimal Required Number of Suitable Directory Servers Found in Forest mydomain.com Site Default-First-Site and connected Sites..
[01/20/2015 17:13:20.0193] [2] Ending processing Write-ExchangeSetupLog
[01/20/2015 17:13:20.0193] [2] Beginning processing Write-ExchangeSetupLog
[01/20/2015 17:13:20.0193] [2] Waiting 30 seconds before attempting again.
[01/20/2015 17:13:20.0193] [2] Ending processing Write-ExchangeSetupLog
[01/20/2015 17:13:50.0195] [2] Beginning processing Write-ExchangeSetupLog
[01/20/2015 17:13:50.0273] [2] [ERROR] Unable to set shared config DC.
[01/20/2015 17:13:50.0273] [2] [ERROR] Unable to set shared config DC.
[01/20/2015 17:13:50.0288] [2] Ending processing Write-ExchangeSetupLog
[01/20/2015 17:13:50.0288] [1] The following 1 error(s) occurred during task execution:
[01/20/2015 17:13:50.0288] [1] 0. ErrorRecord: Unable to set shared config DC.
[01/20/2015 17:13:50.0288] [1] 0. ErrorRecord: System.Exception: Unable to set shared config DC.
 at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target, Boolean reThrow, String helpUrl)
 at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target)
 at Microsoft.Exchange.Management.Deployment.WriteExchangeSetupLog.InternalProcessRecord()
 at Microsoft.Exchange.Configuration.Tasks.Task.<ProcessRecord>b__b()
 at Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String funcName, Action func, Boolean terminatePipelineIfFailed)
[01/20/2015 17:13:50.0288] [1] [ERROR] The following error was generated when "$error.Clear();
$maxWait = New-TimeSpan -Minutes 8
$timeout = Get-Date;
$timeout = $timeout.Add($maxWait);
$currTime = Get-Date;
$successfullySetConfigDC = $false;
while($currTime -le $timeout)
$setSharedCDCErrors = @();
try
Set-SharedConfigDC -DomainController $RoleDomainController -ErrorVariable setSharedCDCErrors -ErrorAction SilentlyContinue;
$successfullySetConfigDC = ($setSharedCDCErrors.Count -eq 0);
if($successfullySetConfigDC)
break;
Write-ExchangeSetupLog -Info ("An error ocurred while setting shared config DC. Error: " + $setSharedCDCErrors[0]);
catch
Write-ExchangeSetupLog -Info ("An exception ocurred while setting shared config DC. Exception: " + $_.Exception.Message);
Write-ExchangeSetupLog -Info ("Waiting 30 seconds before attempting again.");
Start-Sleep -Seconds 30;
$currTime = Get-Date;
if( -not $successfullySetConfigDC)
Write-ExchangeSetupLog -Error "Unable to set shared config DC.";
 " was run: "System.Exception: Unable to set shared config DC.
 at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target, Boolean reThrow, String helpUrl)
 at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target)
 at Microsoft.Exchange.Management.Deployment.WriteExchangeSetupLog.InternalProcessRecord()
 at Microsoft.Exchange.Configuration.Tasks.Task.<ProcessRecord>b__b()
 at Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String funcName, Action func, Boolean terminatePipelineIfFailed)".
[01/20/2015 17:13:50.0288] [1] [ERROR] Unable to set shared config DC.
[01/20/2015 17:13:50.0288] [1] [ERROR-REFERENCE] Id=AllADRolesCommonServiceControl___ee47ab1c06fb47919398e2e95ed99c6c Component=EXCHANGE14:\Current\Release\Shared\Datacenter\Setup
[01/20/2015 17:13:50.0288] [1] Setup is stopping now because of one or more critical errors.
[01/20/2015 17:13:50.0288] [1] Finished executing component tasks.
[01/20/2015 17:13:50.0304] [1] Ending processing Install-BridgeheadRole
Windows Event Viewer:
Process Microsoft.Exchange.Directory.TopologyService.exe (PID=5276) Forest mydomain.com. Exchange Active Directory Provider couldn't find minimal required number of suitable Global Catalog servers
in either the local site 'Default-First-Site' or the following sites:

Hi apl228,
1. Please make sure the IPv6 is enabled.
2. Please make sure the account that install Exchange server has Administrator permission.
3. Please make sure DNS has been configured correctly.
Thanks
Mavis Huang
TechNet Community Support

PowerShell Script Get the User's Active Directory Fully Qualified Login Name for Specific Locked Out Accounts

I have a script which displays locked out accounts. It works great.
I'd like to display the fully qualified Active Directory Login Name instead of the LastName, First Name:
Example: Davis, Susan
Want instead: Domain\Susan.Davis
I'd also like to include an additional filter to look for only Domain\Susan.Davis OR Domain\Robin.Givens
Here is my script:
$objDomain = New-Object System.DirectoryServices.DirectoryEntry
$objSearcher = New-Object System.DirectoryServices.DirectorySearcher
$objSearcher.SearchRoot = $objDomain
$objSearcher.PageSize = 1000
$objSearcher.Filter = "(&(objectClass=User)(lockoutTime>=1))"
$colProplist = "name","samaccountname"
foreach ($i in $colPropList){$objSearcher.PropertiesToLoad.Add($i) | out-null}
$colResults = $objSearcher.FindAll()
foreach ($objResult in $colResults) {
$domainname = $objDomain.name
$samaccountname = $objResult.Properties.samaccountname
$user = [ADSI]"WinNT://$domainname/$samaccountname"
$ADS_UF_LOCKOUT = 0x00000010
if(($user.UserFlags.Value -band $ADS_UF_LOCKOUT) -eq $ADS_UF_LOCKOUT) {
$objResult.Properties.name
John
John

Sorry, I should have mentioned that the cmdlets I'm using are part of the Active Directory module. You'll need to install the RSAT (Win7+) to use them.
If you'd rather stick with your DirectorySearcher methods instead of moving to the AD module, you can adjust your output by using something like this instead:
if(($user.UserFlags.Value -band $ADS_UF_LOCKOUT) -eq $ADS_UF_LOCKOUT) {
"$domainname\$($objResult.Properties.samaccountname)"
$domainname might not be what you're expecting, just FYI.
As for filtering, you can add to the if statement and check for your known usernames only.
Don't retire TechNet! -
(Don't give up yet - 12,700+ strong and growing)

How to handle SQL connection if password Active directory always change? (Connection using Active directory via network SQL 2012 )

I have 3 server (Web server, database sql 2012 server and Active directory). I'm using sqlsvr version 3.0, PHP version 5.3 ,IIS version 7 and windows server 2008.
Right now my php connection to SQL 2012 using AD id, so How to handle if password on active directory change?

Solved : Using Kaberos

UME connected to Active Directory. How to change what fields are available

I have successfully changed my UME to point to Active Directory. I'll describe process further on in post. My issue now is how to modify what AD fields will be available in UME and what UME fields they'll be 'mapped' to.
I'll try to describe the process I've gone through so far:
1) Download the 'dataSourceConfiguration_ads_readonly_db.xml' file from Config Tool
2) Renamed file and added the following:
 a) in <responsibleFor><principal type="user"> <nameSpaces><nameSpace name="com.sap.security.core.usermanagement"><attributes> section I added a <attribute name="xxx"/> tag for each new field I wanted. 'xxx' is, of course, the name of the field
 b) in <attributeMapping><principals><principal type="user"> <nameSpaces><nameSpace name="com.sap.security.core.usermanagement"><attributes> section I added a <attribute name="xxx"><physicalAttribute name="yyy"/></attribute> tag for each new field I wanted. 'xxx' is, of course, the name of the field in UME and 'yyy' is the field in the LDAP
Then I uploaded the new file into Config Tool and switched the "Data source configuration file" selection to that new file. Saved the change and restarted the engine.
When I ran some test code I was getting information back from the user's AD entry. For example, I tested the email field. This is a field that is not maintained in the UME but I got the correct value back so I knew it was getting it from AD.
Then I wanted to see if I could get one of the new fields. When I ran my test code the user.getXxx() method call returend null.
Since I knew that getting the e-mail worked I thought I'd change the mapping for the email UME field to point to the 'yyy' field in AD. I did this by making this change:
FROM:
<attribute name="email">
 <physicalAttribute name="mail"/>
</attribute>
TO:
<attribute name="email">
 <physicalAttribute name="yyy"/>
</attribute>
I then uploaded that new xml file and switched to it in Config Tool. Then I restarted the engine.
However, when I ran my test code (see below for snippet) it still shows the email value instead of the value of field 'yyy'.
Any help would be GREATLY appreciated.
Web Dynpro code snippet:
String input = "smith";
IUserFactory userFactory = UMFactory.getUserFactory();
try {
IUserSearchFilter searchFilter = userFactory.getUserSearchFilter();
searchFilter.setLastName(input, ISearchAttribute.LIKE_OPERATOR, false);
ISearchResult searchResult = userFactory.searchUsers(searchFilter);
while (searchResult.hasNext()) {
 String userID = (String)searchResult.next();
 IUser user = userFactory.getUser(userID);
 String email = user.getEmail();
} catch (UMException e1) {
//error handling

Update. I uploaded the wrong file the 2nd time. When I changed the XML file to 'bind' theAD field to the 'email' UME field, my code did return the AD value when I did
user.getEmail();
However, I'm still not able to get the AD field bound to any other UME field that wasn't part of the default XML file.
Is there something else I need to do besides adding the tags I described in my original entry?
Thanks

How to script out linked in servers from sql 7.0

Can someone help me with the syntax of scripting out the linked server. Thanks

Hi Suresh,
In addition to other post, you can use the detailed T-SQL scripts below to script out all linked and remote servers on SQL 7.0.
--Script to script out all linked/remote servers
--Works on 7.0 and 2000 servers
--remote password decrypt only works on 7.0
declare
@status smallint, -- server status
@server sysname, -- server name
@srvid smallint, -- server id
@srvproduct nvarchar(128), -- product name (dflt to ss)
@allsetopt int, --sum of all settable options
@provider nvarchar(128), -- oledb provider name
@datasrc nvarchar(4000), -- oledb datasource property
@location nvarchar(4000), -- oledb location property
@provstr nvarchar(4000), -- oledb provider-string property
@catalog sysname, -- oledb catalog property
@netname varchar(30), -- Server net name
@srvoption varchar(30), -- server options
@loclogin varchar(30), -- Local user
@rmtlogin varchar(30), -- Remote user
@selfstatus smallint, -- linked server login status
@rmtpass varbinary(256), -- linked server login password
@pwdtext nvarchar(128), -- linked server decrypted password
@i int, -- linked server pswd decrypt var
@lsb tinyint, -- linked server pswd decrypt var
@msb tinyint, -- linked server pswd decrypt var
@tmp varbinary(256) -- linked server pswd decrypt var
select @allsetopt=number from master.dbo.spt_values
where type = 'A' and name = 'ALL SETTABLE OPTIONS' -- Only 7.0 else use 4063
declare d cursor for SELECT srvid,srvstatus, srvname, srvproduct, providername, datasource,
location, providerstring, catalog, srvnetname
from master..sysservers
where srvid > 0 -- Local Server
open d
fetch next from d into @srvid, @status, @server, @srvproduct, @provider, @datasrc,
@location, @provstr, @catalog, @netname
SET NOCOUNT ON
while (@@FETCH_STATUS<>-1) begin
PRINT '--------------------------------'
Print '-- ' + @server
PRINT '--------------------------------'
If @status in (64,65) --Remote Server
Begin
Print 'sp_addserver'
Print ' @server = '''+ @server + ''''
Print ' GO'
If @status = 64
Begin
Print 'sp_serveroption'
Print ' @server = '''+ @server + ''','
Print ' @optname = ''rpc'','
Print ' @optvalue = ''false'''
Print ' GO'
End
exec ('declare r cursor for
select l.name, r.remoteusername from
sysremotelogins r join sysservers s on
r.remoteserverid = s.srvid
join syslogins l on
r.sid = l.sid
where s.srvname = '''+ @server + '''')
open r
fetch next from r into @loclogin, @rmtlogin
while (@@FETCH_STATUS<>-1)
begin
Print 'sp_addremotelogin'
Print ' @remoteserver = '''+ @server + ''','
Print ' @loginame = '''+ @loclogin + ''','
Print ' @remotename = '''+ @rmtlogin + ''''
Print ' GO'
fetch next from r into @loclogin, @rmtlogin
end
close r
deallocate r
End
Else --Linked server
Begin
If exists (select * from tempdb..sysobjects where name like '#tmpsrvoption%')
Begin
drop table #tmpsrvoption
End
Create Table #tmpsrvoption
srvoption varchar(30)
insert #tmpsrvoption
select v.name
from master.dbo.spt_values v, master.dbo.sysservers s
where srvid = @srvid
and (v.number & s.srvstatus)=v.number
and (v.number & isnull(@allsetopt,4063)) <> 0
and v.number not in (-1, isnull(@allsetopt,4063))
and v.type = 'A'
PRINT 'sp_addlinkedserver'
Print ' @server = '''+ @server + ''''
Print ', @srvproduct = ''' + @srvproduct + ''''
If @srvproduct <> 'SQL Server' --Cannot specify additional info for SQL Server Product
Begin
Print ', @provider = ''' + @provider + ''''
Print ', @datasrc = ''' + @datasrc + ''''
Print ', @location = ''' + @location + ''''
Print ', @provstr = ''' + @provstr + ''''
Print ', @catalog = ''' + @catalog + ''''
End
Print ' GO'
-- Set all servers options to false, then reset correct server options
Print 'sp_serveroption'
Print ' @server = '''+ @server + ''','
Print ' @optname = ''rpc'','
Print ' @optvalue = ''false'''
Print ' GO'
Print 'sp_serveroption'
Print ' @server = '''+ @server + ''','
Print ' @optname = ''rpc out'','
Print ' @optvalue = ''false'''
Print ' GO'
Print 'sp_serveroption'
Print ' @server = '''+ @server + ''','
Print ' @optname = ''data access'','
Print ' @optvalue = ''false'''
Print ' GO'
declare s cursor for SELECT srvoption
from #tmpsrvoption
open s
fetch next from s into @srvoption
while (@@FETCH_STATUS<>-1)
begin
Print 'sp_serveroption'
Print ' @server = '''+ @server + ''','
Print ' @optname = '''+ @srvoption + ''','
Print ' @optvalue = ''true'''
Print ' GO'
fetch next from s into @srvoption
End
close s
deallocate s
--Script linked server logins
If exists (select * from tempdb..sysobjects where name like '#tmplink%')
Begin
drop table #tmplink
End
create table #tmplink
rmtserver sysname,
loclogin sysname null,
selfstatus smallint,
rmtlogin sysname null
insert #tmplink
exec ('sp_helplinkedsrvlogin '''+ @server + '''')
declare ll cursor for
select loclogin, selfstatus, rmtlogin from #tmplink order by rmtlogin
open ll
fetch next from ll into @loclogin, @selfstatus, @rmtlogin
while (@@FETCH_STATUS<>-1)
begin
-- Use self no remote user/password
If (@selfstatus = 1 and @loclogin is null)
Begin
Print 'sp_addlinkedsrvlogin'
Print ' @rmtsrvname = '''+ @server + ''','
Print ' @useself = ''true'''
Print ' GO'
End
Else
If (@selfstatus = 1 and @loclogin is not null) Begin
Print 'sp_addlinkedsrvlogin'
Print ' @rmtsrvname = '''+ @server + ''','
Print ' @useself = ''true'','
Print ' @locallogin = '''+ @loclogin + ''','
Print ' @rmtuser = NULL,'
Print ' @rmtpassword = NULL'
Print ' GO'
End
Else
If (@selfstatus = 0 and @rmtlogin is null) Begin
Print 'sp_addlinkedsrvlogin'
Print ' @rmtsrvname = '''+ @server + ''','
Print ' @useself = ''false'','
Print ' @locallogin = NULL,'
Print ' @rmtuser = NULL,'
Print ' @rmtpassword = NULL'
Print ' GO'
End
Else
If (@selfstatus = 0) Begin -- Check for Use self mappings
exec ('declare pwd cursor for
select l.password from master..sysservers s
join master..sysxlogins l on s.srvid = l.srvid --where l.sid is not null
where s.srvname = '''+ @server + ''' and l.name = '''+ @rmtlogin + '''')
-- Decrypt passwords
-- Only works for 7.0 server
-- Encrypt algorithm changed in 2000
open pwd
fetch next from pwd into @rmtpass
while @@fetch_status = 0
begin
set @i = 0
set @pwdtext = N''
while @i < datalength(@rmtpass)
begin
set @tmp = encrypt(@pwdtext + nchar(0))
set @lsb = convert(tinyint, substring(@tmp, @i + 1, 1))
^ convert(tinyint, substring(@rmtpass, @i + 1, 1))
set @i = @i + 1
set @tmp = encrypt(@pwdtext + nchar(@lsb))
set @msb = convert(tinyint, substring(@tmp, @i + 1, 1))
^ convert(tinyint, substring(@rmtpass, @i + 1, 1))
set @i = @i + 1
set @pwdtext = @pwdtext + nchar(convert(smallint, @lsb)
+ 256 * convert(smallint, @msb))
end
Print 'sp_addlinkedsrvlogin'
Print ' @rmtsrvname = '''+ @server + ''','
Print ' @useself = ''false'','
If (@loclogin is null)
Begin
Print ' @locallogin = NULL,'
End
Else
Begin
Print ' @locallogin = '''+ @loclogin + ''','
End
If (@rmtlogin is null)
Begin
Print ' @rmtuser = NULL,'
End
Else
Begin
Print ' @rmtuser = '''+ @rmtlogin + ''','
End
If (@pwdtext is null)
Begin
Print ' @rmtpassword = NULL'
End
Else
Begin
print ' @rmtpassword = '''+ @pwdtext + ''''
End
Print ' GO'
fetch next from pwd into @rmtpass
end
close pwd
deallocate pwd
End
fetch next from ll into @loclogin, @selfstatus, @rmtlogin
End
close ll
deallocate ll
End
If @netname <> @server -- If the srvnetname.sysservers is different from srvname.sysservers
Begin
Print 'sp_setnetname'
Print ' @server = '''+ @server + ''','
Print ' @network_name = '''+ @netname + ''''
End
fetch next from d into @srvid,@status, @server, @srvproduct, @provider, @datasrc,
@location, @provstr, @catalog, @netname
End
close d
deallocate d
Reference:
http://www.sqlservercentral.com/scripts/Miscellaneous/30620/
Thanks,
Lydia Zhang
Lydia Zhang
TechNet Community Support

Unable to connect to Active directory from obiee 11g

Hi Gurus,
I was trying to integrate Active directory into OBIEE 11g. Followed the Oracle documentation and Rittman Mead too but cannot get past a connection issue. I create a new provider,provide the connection details,use bissytemuser in AD as the Principal but when WLS is bounced/restarted, it fails to connect and throws the below error:
"Cannot initialize identity store, cause: oracle.security.idm.ConfigurationException: javax.naming.CommunicationException: <hostname>:389 [Root exception is java.net.UnknownHostException: <hostname>]".
Not sure if this makes a difference but admin and managed server come up but not analytics.
Please help me out with scenarios to test if my bi server is connecting to AD or not?
Thanks,
Dan

To answer this need more details.
btw: I would suggest to check these
Property Name=virtualize
Value=true
and
Control Flag list to OPTIONAL
you may send me email

Unable to import User Profiles even though I can connect to Active Directory. What could be wrong?

Hi,
I have set up User Profile to import from Active Directory. So, I have a connection and have selected a number of directories in AD folder which should import a number of user profiles. However, when I click on the "Run Now" to start the sync timer
job it shows AD syncing and then within a second goes back to idle state. The account I am using is userprofile account which is in Farm Administrators group. There is nothing obvious in the logs. This account has been set up for "Replicate Directory
Changes" (as far as we know anyway).
Any ideas how to check or where I might be going wrong?
Thanks.
John.

Hi John,
According to your description, my understanding is that the user profile of the user profile service account with "Replicate Directory Changes" didn't import from AD to SharePoint.
I did a test as your description. After I set "Replicate Direstory Changes" as
it, I wen to User profile service application, then clicked "Start Profile Synchronization"->Start Full Synchronization->OK.
Then find the timer jobs "User Profile Service Application-User Profile to SharePoint Full Synchronization" and "User Profile Serivce Application-User Profile Change Job".
Wait for the Idle status. Then I went to Manage user profiles, searched the user profile service account, the change was displayed in this user profile.
Please do again as the above, compare the result.
If this issue still exists, please feel free to reply.
Best Regards,
Wendy
Forum Support
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
[email protected]
Wendy Li
TechNet Community Support

How to script out to connect to Active Directory specific domain controller server?

Similar Messages

Maybe you are looking for