Identity server agent interaction

I am trying to get an agent to enforce an identity server policy. If I set the agent to "SSO Only" it works fine, but when I try link it to a policy it doesn't work. Any ideas? Thanks.

Hello,
(in response to http://swforum.sun.com/jive/thread.jspa?threadID=48651&tstart=0):
I have not solved this exact problem - but found this is working
perfekt when using the Tomcat-Agent on Solaris.
At least, this prove that we don't do anything completely wrong ;-)
In a few weeks, I should have access to a support contract.
Then, I will try to solve the posted problems again and complete the
threads I opened.
Regards,
Juergen Maihoefner

Similar Messages

  • Web Policy Agent 2.1 for Apache 1.3.27 with Identity Server 6.1

    Web Policy Agent 2.1 for Apache 1.3.27 with Identity Server 6.1
    Does anybody has a working combination of the above ? I get a ID login page and after that I always get a access denied page. I get this exception on the agent logs:
    2004-10-14 16:28:00.917 Warning 6347:c1818 PolicyAgent: in get_cookie: no cooki
    e in ap_table
    2004-10-14 16:28:01.895 Warning 6359:c1818 PolicyAgent: Invalid URL for propert
    y (com.sun.am.policy.agents.accessDeniedURL) specified
    2004-10-14 16:28:56.742 Warning 6349:c1818 PolicyAgent: am_web_is_access_allowe
    d(http://xx.xx.xx.net:8080/, GET) denying access: status = access de
    nied (20)
    2004-10-14 16:28:56.743 128 6349:c1818 RemoteLog: User testuser1 was denie
    d access to http://xx.xx.xx.net:8080/.
    2004-10-14 16:28:56.831 -1 6349:c1818 PolicyAgent: URL Access Agent: acces
    s denied to testuser1
    We can ignore Invalid URL property part because its just looking for a custom url in place there. I have cookies enabled in my browser. I even turned on the prompt option. No luck yet.
    Any suggestions would be of great help.
    Thanks,
    Sunil.

    From your description, since the agent installs file with a different JRE, I would suspect it has something to do with the availability of JCE provider in the first JRE. By default, WebSphere's JRE is equipped with IBM JCE provider which is what the agent uses to encrypt the necessary
    information. If this provider is not configured correctly it could result in the error that you are seeing. Please check the WebSphere installation and make sure that the JRE used by it has the necessary IBM JCE provider configured. The java.security file for this should contain something like:
    security.provider.1=sun.security.provider.Sun
    security.provider.2=com.ibm.crypto.provider.IBMJCE
    security.provider.3=com.ibm.jsse.IBMJSSEProvider
    security.provider.4=com.ibm.security.cert.IBMCertPath
    security.provider.5=com.ibm.crypto.pkcs11.provider.IBMPKCS11
    Also, make sure that when you are installing the agent you specify the Java Home as prompted by the agent to point to the location where this JRE is installed. Typically this is under WebSphere/AppServer/java directory. HTH, Jerry

  • Sun One Identity Server Policy Agent 2.0 for IIS 5.0

    Hi,
    I try to use Sun Indentity Server with IIS, so I installed policy agent 2.0 for IIS 5.0. my operating system is Windows 2000 professional. I can see the ISAPI fiiter is loaded, but when I try to test the installation by access a testing page, like http://localhost/test.asp, I can not go anywhere, the sun identity server log in page is not loaded. I checked the debug log file, there are just two warning message:
    2003-02-12 11:11:52.314 Warning 1316:00A548E8 PolicyAgent: Invalid URL for property (com.sun.am.policy.agents.accessDeniedURL) specified
    2003-02-12 11:11:52.798 Warning 1316:00A548E8 PolicyAgent: FqdnHandler::FqdnHandler() No value specified for fqdnMap.
    Could someone help me out here? Any suggestion will be appreciated.
    Thanks,
    Harold Chen

    Well, it's in the Agent's installation guide, section "Read me first", "Setting Fully Qualified Domain Name". :)

  • What is Agent-Identity Server Shared Secret ?? thanks

    what is Agent-Identity Server Shared Secret ??
    when I install policy agent for iis 6
    thanks

    Shared secret is a word amldapuser itself :)
    com.iplanet.am.service.secret=AQIC5wM2LY4Sfcw+fG5fAF7/a7DwD4dTy53r
    bash-2.03# java TDec AQIC5wM2LY4Sfcw+fG5fAF7/a7DwD4dTy53r
    amldapuser
    I suggest that you should change it asap.

  • Does URL Policy Agent of SunONE Web Server 6.1 works with Identity Server 6

    Hi,
    I'm using URL Policy Agent of SunONE Web Server 6.1, and using Identity Server 6.1 to configure policy to access web resource such as http://myweb.org.cn/test/*
    After configyration, I try to access the resources http://myweb.org.cn/test/test.html
    The redirection is ok, the IS login appear, but after login successfully, it still tell me that I don't have permission to view this web page.
    Is this because of URL policy agent don't support IS 6.1?
    Many thanks,

    Can anybody help me with the steps to generate core for this issue.. I followed the steps as said in http://blogs.sun.com/meena/entry/troubleshooting_server_crashes_enabling_core but I don't see any core generated when server crashes..
    Setup Info:
    - OS is RHEL 4.0
    - Sun ONE Web Server 6.1SP7
    - Policy Agent 2.2

  • Which is the right IDE to develop policy Agents in Identity Server

    Hi,
    Can any one tell me which is the right IDE to develop agents in Identity Server.Am thinking of using Sun One Studio??Any better IDEs??
    Thanks,
    Ramnath

    Your favorite text editor and a comman-line javac. What do you expect from an IDE?!

  • Custom Authentication Module on Identity Server

    Hi,
    I have a custom authentication module which I am trying to access through the policy agent.
    I have set the following property in AMAgent.properties file
    com.sun.am.policy.am.loginURL= http://host:port/amserver/UI/Login?module=CustomLoginModule.
    My login module code is something like this:
    package com.iplanet.am.samples.authentication.providers;
    import java.util.*;
    import javax.security.auth.Subject;
    import javax.security.auth.callback.Callback;
    import javax.security.auth.callback.NameCallback;
    import javax.security.auth.callback.PasswordCallback;
    import javax.security.auth.login.LoginException;
    import com.sun.identity.authentication.spi.AMLoginModule;
    import com.sun.identity.authentication.spi.AuthLoginException;
    import java.rmi.RemoteException;
    import java.io.FileInputStream;
    import java.util.Properties;
    public class LoginModule1 extends AMLoginModule
    private String userName;
    private String userTokenId;
    private HashMap usersMap;
    private java.security.Principal userPrincipal = null;
    public LoginModule1() throws LoginException
    public void init(Subject subject, Map sharedState, Map options)
              System.out.println("LoginModule1 initialization");
              usersMap = new HashMap();
              ResourceBundle bundle = ResourceBundle.getBundle("users");
              Enumeration users = bundle.getKeys();
              while (users.hasMoreElements())
                   String user = (String)users.nextElement();
                   String password = bundle.getString(user.trim());
                   usersMap.put(user, password);
    public int process(Callback[] callbacks, int state) throws AuthLoginException
              int currentState = state;
              if (currentState == 1)
                   userName = ((NameCallback) callbacks[0]).getName().trim();
                   char[] passwd = ((PasswordCallback) callbacks[1]).getPassword();
                   String passwdString = new String (passwd);
                   if (userName.equals(""))
                        throw new AuthLoginException("names must not be empty");
                   if (userName.equals("testuser") && passwdString.equals("testuser"))
                        userTokenId = userName;
                        return -1;
                   if (usersMap.containsKey(userName))
                        if (usersMap.get(userName).equals(new String(passwd)))
                             userTokenId = userName;
                             return -1;
                   return 0;
         public java.security.Principal getPrincipal()
              if (userPrincipal != null)
                   return userPrincipal;
              else
              if (userTokenId != null)
                   userPrincipal = new SamplePrincipal("testuser");
                   return userPrincipal;
              else
                   return null;
    So When the user requests a protected resource, the policy agent forwards the user to Identity Server with the module as CustomLoginModule. However, after this, authentication does not succeed and I get the following error message in the agent log file.
    2004-08-09 15:24:08.640 Error 2712:130f060 PolicyAgent: validate_session_policy() access allowed to unknown user
    2004-08-09 15:24:09.030 Error 2712:24fda5e8 PolicyAgent: validate_session_policy() access allowed to unknown user
    2004-08-09 15:24:23.484 Error 2712:130f060 PolicyAgent: validate_session_policy() access allowed to unknown user
    2004-08-09 15:24:28.281 Error 2712:24fda5e8 PolicyEngine: am_policy_evaluate: InternalException in Service::construct_auth_svc with error message:Application authentication failed during service creation. and code:20
    2004-08-09 15:24:28.281 Error 2712:24fda5e8 PolicyAgent: validate_session_policy() access allowed to unknown user
    2004-08-09 15:24:29.484 Error 2712:130f060 PolicyAgent: validate_session_policy() access allowed to unknown user
    2004-08-09 15:24:29.499 Error 2712:24fda5e8 PolicyEngine: am_policy_evaluate: InternalException in Service::construct_auth_svc with error message:Application authentication failed during service creation. and code:20
    2004-08-09 15:24:29.499 128 2712:24fda5e8 RemoteLog: User unknown was denied access to http://ps0391.persistent.co.in:80/test/index.html.
    2004-08-09 15:24:29.499 Error 2712:24fda5e8 LogService: LogService::logMessage() loggedBy SSOTokenID is invalid.
    2004-08-09 15:24:29.499 Error 2712:24fda5e8 all: am_log_vlog() failed with status AM_REMOTE_LOG_FAILURE.
    2004-08-09 15:24:29.499 -1 2712:24fda5e8 PolicyAgent: validate_session_policy() access denied to unknown user
    The necessary policy object is already created in Identity Server. Please send your suggestions to fix this problem.
    Thanks
    Srinivas

    Does the principal "testuser" exist in your realm? If I understand your module correctly, it looks like it always returns "testuser".
    I am guessing that Access Manager is not finding your principal. Typically if access manager cannot associate the principal returned by the custom AMLoginModule it will fail the authentication.
    I am wondering if this is related to a seperate problem I have seen with custom login modules. Try chaning the code to return an LDAP style principal it may work:
    so return "uid=testuser,ou=People,dc=yourdomain,dc=com" for example. In theory this should not be necessary but it solved some problems for me, though I am not sure why.

  • SQL Server Agent - Job History not being recorded (SQL Server 2005)

    I have been trying to get to the bottom of an issue with SQL Server Agent not recording any job history. I am using SQL Server 2005 on a single Windows Server 2008 machine (i.e. no other domain controllers/active directory servers).
    The SQL Server Agent service is configured to 'Log On As' NT user account 'sqlagent'. The jobs themselves are executed successfully (all 'Transact-SQL' type steps actually use the 'sa' account) however the there is no actual job history to be found for any
    of the jobs -- in the SQL Activity monitor, the 'Last Run Outcome' is always 'Unknown' and the 'Last Run' date is always 'Never' for all jobs; in the SQL Job History Viewer there are no entries for any instances of a job being executed.
    The 'sqlagent' NT user account ia a member of the 'Administrators' NT group; the 'Administrators' group appears under Security > Logins on the database server. I have another server that also uses the same setup with a 'sqlagent' NT user account, on that
    database server the 'sqlagent' user account appears under Security > Logins and the SQL job history works correctly. I have attempted to add the 'sqlagent' to the Logins on the affected server using the SQL Server Surface Area configuration but this operation
    returns an error, detailed below.
    Additionally, I have attempted to use the built-in NT system account 'NETWORKSEVICES' to run the SQL Agent Service but this also results in exceptions in the error log and no job history being recorded. The entries in the error logs are very similar to those
    from the 'sqlagent' NT user account but instead the user is referred to as 'NT AUTHORITY\ANONYMOUS LOGON' in the error logs, again these are detailed below.
    Many thanks in advance for anyone's time and help with this issue!
    Arthur
    The following errors are raised in SQL Server Agent > Error Logs each time a job is executed:
    Date 11/11/2012 18:30:01
    Log SQL Agent (Current - 11/11/2012 18:30:00)
    Message
    [298] SQLServer Error: 18452, Login failed for user ''. The user is not associated with a trusted SQL Server connection. [SQLSTATE 28000]
    Date 11/11/2012 18:30:01
    Log SQL Agent (Current - 11/11/2012 18:30:00)
    Message
    [382] Logon to server 'XXXXXXXX' failed (ConnAttemptCachableOp)
    If the SQLAgent service is configured to use the NT system account 'NETWORKSERVICE' then the following errors are returned instead:
    Date 29/10/2012 18:30:15
    Log SQL Agent (Archive #1 - 29/10/2012 18:38:00)
    Message
    [298] SQLServer Error: 18456, Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. [SQLSTATE 28000]
    Date 29/10/2012 18:30:15
    Log SQL Agent (Archive #1 - 29/10/2012 18:38:00)
    Message
    [382] Logon to server 'XXXXXXXX' failed (ConnAttemptCachableOp)
    I have tried granting the 'sqlagent' NT user account with SysAdmin Server Role privaledges using the SQL Server User Provisioning tool in SQL Server Surface Area Configuration, but this always throws the following, similar error:
    Login failed for user ''. The user is not associated with a trusted SQL Server connection. (Error: 18452)
    ===================================
    Login failed for user ''. The user is not associated with a trusted SQL Server connection. (.Net SqlClient Data Provider)
    For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&EvtSrc=MSSQLServer&EvtID=18452&LinkId=20476
    Server Name: 127.0.0.1,1344
    Error Number: 18452
    Severity: 14
    State: 1
    Line Number: 65536
    Program Location:
       at System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection)
       at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj)
       at System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj)
       at System.Data.SqlClient.SqlInternalConnectionTds.CompleteLogin(Boolean enlistOK)
       at System.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, Boolean ignoreSniOpenTimeout, Int64 timerExpire, SqlConnection owningObject)
       at System.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(String host, String newPassword, Boolean redirectedUserInstance, SqlConnection owningObject, SqlConnectionString connectionOptions, Int64 timerStart)
       at System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(SqlConnection owningObject, SqlConnectionString connectionOptions, String newPassword, Boolean redirectedUserInstance)
       at System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, Object providerInfo, String newPassword, SqlConnection owningObject, Boolean redirectedUserInstance)
       at System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection)
       at System.Data.ProviderBase.DbConnectionFactory.CreatePooledConnection(DbConnection owningConnection, DbConnectionPool pool, DbConnectionOptions options)
       at System.Data.ProviderBase.DbConnectionPool.CreateObject(DbConnection owningObject)
       at System.Data.ProviderBase.DbConnectionPool.UserCreateRequest(DbConnection owningObject)
       at System.Data.ProviderBase.DbConnectionPool.GetConnection(DbConnection owningObject)
       at System.Data.ProviderBase.DbConnectionFactory.GetConnection(DbConnection owningConnection)
       at System.Data.ProviderBase.DbConnectionClosed.OpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory)
       at System.Data.SqlClient.SqlConnection.Open()
       at sqlprov.SysAdminServerRole.ProvisionInstance(Instance instance, String userName)
       at sqlprov.ProvisionTask.Provision(Instance instance, String userName)
       at sqlprov.MainForm.ProvisionTasks()

    Hi Rama,
    Thanks for your reply. I have run the query you specified and can see only one entry with "NTLM" in the auth_scheme column, all of the rest have "SQL". It figures that the entry with "NTLM" is relating to the one NT user account that can successfully log
    in to the service (as mentioned in my reply to Nag above, this is the NT user account that installed the service on the machine). I have also executed the same query on the other machine that I mentioned in my original post and this contains two "NTLM" entries,
    I'd assume that these relate to the NT user that installed the software and the correctly working "sqlagent" NT user account that is correctly logging the job history on that machine.
    I think the problem is very much to do with granting access to new NT user accounts, as per the KB article that you have quoted above. In this case, it is not relating to scenarios 1 or 2 as these relate to SQL Server logins and this issue is about a Windows
    Authentication login. As I mentioned to Nag above, I am unable to grant any NT user accounts with access to the service however the NT accounts are all defined locally on the same machine as the SQL server is installed (i.e. there is no domain controller,
    active directory controller, etc) so I don't understand how the Windows login cannot be verified.
    Any further advice on the issue would be greatly appreciated, please let me know if there is any more information I can provide to help diagnose the problem.
    Many thanks!
    Arthur

  • Identity Policy Agent Realm

    Hi all
    Does anyone know how i can define a group in the AgentRealm of the Policy Agent ???
    I already map roles to principals using sun-web.xml and it works, but i don't know how to define a group in the AgentRealm so that i can map a role to a group of users using sun-web.xml
    thanks a lot

    I had the same problem, and I discovered that although in the sun-web.xml descriptor you map security-roles to group-names, you must declare Roles in the identity server (with the name of the group-name in your descriptor, of course).
    Seems like Groups in the identity server are not used for authorization.
    Hope this helps,
    6q

  • Security solution with Identity server for SOX compliance

    Hi all,
    Has anybody used Identity Server as security solution to achieve SOX compliance? i want to know general view, opinions , experiance of ppl while implementing such solution.
    Just a little background of SOX: It is Created by US Congress in the wake of corporate scandals like Enron in 2001 and 2002.it is an attempts to tighten controls over corporate financial reporting and transparency.
    I am basically interested in implementing security solutions using Identity server for SOX compliance. Section 404 of this act deals with internal controls, which essentially requires organizations to provide following facilities -
    1. User Identification, authorization and access
    2. User control of user accounts
    3. Central identification and access rights/permissions management
    4. Violation and security activity report
    Has anybody developed such solution? What are your general experiance, problems , issues etc? Please share your view....

    Just too quick to draw conclusion: See below FAQ
    If you are not in the same AS container, let me know. Jerry
    Copy from J2EE agent FAQ
    Question - Is it possible to install a J2EE 2.1agent and Identity Server on the same instance of the application server ?
    Installing the IS60SP1/IS61 server and J2EE 2.1 policy agent on the sameninstance of Application server is not a supported configuration. We do support the 21 J2EE agent and IS installed on different instances of the application server. So, users can install theJ2EE 2.1 agent on a one instance of the application server and install IS on a different instance of the apps server.

  • Management Studio Fails when added Integration Services step to SQL Server Agent Job

    Hi,
    I have two new servers I've setup with Windows Server 2012, SQL Server 2012 SP1, Visual Studio 2012 SP4. I've previously been on SQL 2008 and VS 2008 so this is new to me.
    I am finding SSMS is throwing an exception on both machines when i do the following:
    1. Go to SQL Server Agent | Jobs
    2. Create a new Job.
    3. Select Steps and click New Step
    4. Change the job type to SQL Server Integration Services Package.
    Following error occurs:
    TITLE: Microsoft SQL Server Management Studio
    The type initializer for '<Module>' threw an exception. (SqlManagerUI)
    ADDITIONAL INFORMATION:
    The C++ module failed to load.
     (DTEParseMgd)
    Index was outside the bounds of the array. (DTEParseMgd)
    I also find if I take an existing job with SSIS package steps and attempt to edit those steps the same message appears. This issue happens on both my servers as they have been configured almost identically. This doesn't occur when selecting any other job
    type.
    I've also tried installing cumulative update 8 in a hope that this may fix it but with no success.
    As my entire environment is based around SQL Agents running SSIS i'm a little bit concerned, especially since I have some tight deadlines getting these servers running.
    I have found nothing relating to this issue. Any help greatly appreciated.
    Simon
    Below is the detailed error message:
    ===================================
    The type initializer for '<Module>' threw an exception. (SqlManagerUI)
    Program Location:
       at Microsoft.SqlServer.Management.SqlManagerUI.DTSJobSubSystemDefinition.Microsoft.SqlServer.Management.SqlManagerUI.IJobStepPropertiesControl.Load(JobStepData data)
       at Microsoft.SqlServer.Management.SqlManagerUI.JobStepProperties.UpdateJobStep()
       at Microsoft.SqlServer.Management.SqlManagerUI.JobStepProperties.typeList_SelectedIndexChanged(Object sender, EventArgs e)
       at System.Windows.Forms.ComboBox.OnSelectedIndexChanged(EventArgs e)
       at System.Windows.Forms.ComboBox.set_SelectedIndex(Int32 value)
       at System.Windows.Forms.ComboBox.set_SelectedItem(Object value)
       at Microsoft.SqlServer.Management.SqlManagerUI.JobStepProperties.InitializeStepCombo()
       at Microsoft.SqlServer.Management.SqlManagerUI.JobStepProperties.InitializeData()
       at Microsoft.SqlServer.Management.SqlManagerUI.JobStepProperties.OnInitialization()
       at Microsoft.SqlServer.Management.SqlMgmt.ViewSwitcherControlsManager.SetView(Int32 index, TreeNode node)
       at Microsoft.SqlServer.Management.SqlMgmt.ViewSwitcherControlsManager.SelectCurrentNode()
       at Microsoft.SqlServer.Management.SqlMgmt.ViewSwitcherControlsManager.InitializeUI(ViewSwitcherTreeView treeView, ISqlControlCollection viewsHolder, Panel rightPane)
       at Microsoft.SqlServer.Management.SqlMgmt.LaunchForm.InitializeForm(XmlDocument doc, IServiceProvider provider, ISqlControlCollection control)
       at Microsoft.SqlServer.Management.SqlMgmt.LaunchForm..ctor(ISqlControlCollection control, IServiceProvider provider)
       at Microsoft.SqlServer.Management.SqlManagerUI.JobSteps.editJobStep_Click(Object sender, EventArgs e)
       at System.Windows.Forms.Control.OnClick(EventArgs e)
       at System.Windows.Forms.Button.OnClick(EventArgs e)
       at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)
       at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)
       at System.Windows.Forms.Control.WndProc(Message& m)
       at System.Windows.Forms.ButtonBase.WndProc(Message& m)
       at System.Windows.Forms.Button.WndProc(Message& m)
       at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)
       at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
       at System.Windows.Forms.NativeWindow.DebuggableCallback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
       at System.Windows.Forms.UnsafeNativeMethods.DispatchMessageW(MSG& msg)
       at System.Windows.Forms.Application.ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoComponentManager.FPushMessageLoop(IntPtr dwComponentID, Int32 reason, Int32 pvLoopData)
       at System.Windows.Forms.Application.ThreadContext.RunMessageLoopInner(Int32 reason, ApplicationContext context)
       at System.Windows.Forms.Application.ThreadContext.RunMessageLoop(Int32 reason, ApplicationContext context)
       at System.Windows.Forms.Application.RunDialog(Form form)
       at System.Windows.Forms.Form.ShowDialog(IWin32Window owner)
       at System.Windows.Forms.Form.ShowDialog()
       at Microsoft.SqlServer.Management.SqlMgmt.RunningFormsTable.RunningFormsTableImpl.ThreadStarter.StartThread()
    ===================================
    The C++ module failed to load.
     (DTEParseMgd)
    Program Location:
       at <CrtImplementationDetails>.LanguageSupport.Initialize(LanguageSupport* )
       at .cctor()
    ===================================
    Index was outside the bounds of the array. (DTEParseMgd)
    Program Location:
       at _getFiberPtrId()

    Hi,
    I hadn't installed CU3 however as a test i tried installing CU4 and this didn't help. Since my first emails i have more issues that have brought a complete hault to the upgrade project.
    If i double click on a package to run it manually I basically get the same issue. This means i have no way of running any packages except throught VS.
    I've also found that regardless of the order of the software installs it still fails. It's related to SP1 of SQL and SP4 of VS.
    I'm on Server 2012. When install in the following order SQL 2012, SQL SP1, VS2012, BIDS, VS SP4 i have no problem until VS SP4 is installed. If i install VS SP4 then BIDS it also fails at the last step. If i install all the VS and BIDS software first, then
    SQL then SQL SP1 it fails at the SQL SP1 step.
    This means i could actually install everything and either ignore the SQL SP1 or the VS SP4 and i'd be fine however this is not really a solution as i will never be able to patch the software and once live this is very dangerous.
    I am still surprised there is no obvious solution to this. I'm only installing MS software on a fresh box and only installing 5 pieces of software (including the SPs). I would have though if this was an issue others would have come across it too.
    Has anyone else installed all these components and got them working on the same OS. I believe early on in my testing i installed these in Windows Server 2008 and didn't have the issue.
    Regards.
    Simon.

  • Can't launch executable from SQL Server Agent Job

    I'm trying to launch an .exe from SQL Server Agent Job and basically nothing happens. I created a job, with 1 step, type is Operating System (CmdExec), run as sql agent service account, and in the command box I typed "start notepad" (no quotes). The job owner is set to administrator. I manually start the job, it processes successfully yet notepad does not launch. I've tried with other .exe's and result is the same. Any advice? Thanks!

    I tried several things and not just with notepad, I tried a couple other small executables. I've tried:
    c:\notepad       --(I copied it to c:\ thinking it maybe it's not finding the file.)
    c:\notepad.exe
    notepad.exe
    start notepad
    start notepad.exe
    and also launching it from a batch file.
    If I use just notepad the job hangs saying it's executing and I have to stop it. If I use start notepad it comes back as executed but actually nothing happens, ie, notepad does not launch. I've tried different security settings within SQL Server (ie assigning all available default roles to the login at the same time and individually one at a time) with identical results. SQL Server is loging in with local administrator priviledges and so is SQL Server Agent. My settings are the default installation settings (for Windows Server 2003 and SQL Server 2005) except that I read the BOL page "Configuring SQL Server Agent" which indicates the permissions needed for the following:
    Adjust memory quotas for a process
    Act as part of the operating system
    Bypass traverse checking
    Log on as a batch job
    Log on as a service
    Replace a process level token
    And they have been set. Still the same. BTW, I get the same result when trying to launch the file using xp_cmdshell with all the variations, and the proxy account for xp_cmdshell has been set to a login with administrator priviledges....
    I think it's some security setting in Windows Server, if only because I think I've tried all the settings within SQL Server...
    BTW, also, nothing is setup for Proxies under the SQL Server Agent node, but I don't think I should need to if I'm using the administrator level login...

  • Proxy Server 3.6 with Identity Server 5.1!

    Hi All,
    I'm doing a Proof of Concept on integrating Identity Server 5.1 with proxy server 3.6. The proxy server is configured as a reverse proxy for another web server (since the web server is not supported by agent pack).
    I've configured the reverse proxy and add the agent to the proxy. However, each time after auth. in the Identity server and return back to the reverse proxy, it'll go to http://rproxy.domain.com/.domain.com not http://rproxy.domain.com.
    Moreover, even the user session is invalid, the user can go to the reverse proxy without re-auth even I've disable all the cache in the proxy server.
    Is it possible to use reverse proxy with identity server? If yes, how to config?
    Thanks
    Clive Chan

    Hi Clive Chan,
    i am also have the same problem, can you tell me which patch have you add to solve the problem?
    Thanks a lot!
    Angus

  • Use of Sun One Identity Server for SAML

    Hi all,
    I want to use Sun One Identity Server as the asserting server and SAP WAS 6.40 as the trusting server. Can any one help me with from where and what patch of Sun One Identity Server i'll have to download and how to make the connectivity of Sun One Identity Server with SAP WAS 6.40.
    Thank you very much.

    Well, it's in the Agent's installation guide, section "Read me first", "Setting Fully Qualified Domain Name". :)

  • Sun Identity Server 6.1 with Weblogic 8.1 sp2

    Hi,
    I've installed the IS 6.1 with WLS 8.1 sp2 and the agent 2.1.1 and followed the agent configuration guide to configure the xml files (web.xml and weblogic.xml) and agent authenticator.
    When I login to the restricted resource, the browser is redirected to the IS server login page. After login, the browser is redirected back to the resource with 403 forbidden.
    Is there any step missing? Should I additional add some policy in the IS console? .....
    Clive

    I have just installed Sun Identity Server 6.2 with WebLogic 8.1 SP3 and am experiencing the same results. Have you resolved this issue in your environment? We are evaluating Portal Server running on a BEA WLS Container and thus do not have Sun Support on the Identity Server Component of this configuration.

Maybe you are looking for

  • How to deactivate an entry in tnsnames.ora file

    Hi all, I am working with Oracle 10g enterprise edition. I have a data source named with DEVDATA which should not be affected while I am working on my project. Usually, I will add DEVDATA entry in tnsname.ora file if I want to use it and I will remov

  • UDF in XL reporter

    Hi, i have created row level UDF in marketing document. let say UDF1, UDF2. I want to prepare report in XL reporter. can i see these UDF in XL reporter composer..?? swap

  • Removing a scratch from the iPad back with Meguiar's Scratch X 2.0

    Within three weeks of getting my new Ipad and with extreme caution of use, somehow I managed to create a 1" long faint scratch on the back of the unit.  These kinds of scratches are unbelievably easy to make since the back of the unit is only anodize

  • ICal in Macbook Pro

    How do I delete the table that shows up at the bottom of the monthly iCal in Mac

  • CD burner unable to read or burn CD's- DVD's play and Burn fine???

    My Mac pro is less than 6 months old. I have burned less than 10 CD's since I've had it. Recently CD's no longer cue up or burn. The drive just spins then spits it out. I tried several brands of CD's- all with the same result. But I can still play an