IDispatch error #19876 - LDAP Authentication Source - User Unique Name Attribute

Similar Messages

• LDAP Profile Source - "Remote Unique Name" oddity

  We have an Active Directory that I've set up to use as an Authentication Source, and it also retrieves a few properties from there - not a problem.
  We also have an LDAP directory which contains other attributes of users that I need to retrieve.
  I set everything up as I thought it should be, however it's querying the LDAP server with the wrong parameters!
  An example user I have is IUSER\803244205. ALUI is showing the Login Name as "IUSER\803244205", the Remote Unique Name as "137eb349-7579-4b15-9a68-b1bff296d933" and the Remote Authentication Name as "803244205@IUSER".
  When I look at the LDAP job, the error log is showing that it's trying to sync using the Remote Unique Name -
  Unable to attach to user 137eb349-7579-4b15-9a68-b1bff296d933, user not found
  My LDAP directory only holds (and is keyed on) the numeric portion of the login name (known as EIN to us) - 803244205. I have got this EIN as a property of the user (a seperate Property that I have mapped to the User object), which is held as a seperate attribute on the Active Directory.
  So how do I tell the sync job to use the EIN (which happens to be the "User Name Attribute" on the Authentication Source - samAccountName), rather than trying to use the "Remote Unique Name", which it appears to have generated for itself!
  Cheers

  Arrgh! Just found the option for myself, seconds after posting this! Cheers anyway.

• Error! No data source found with name 'mynewdsname' (after asking 0 providers)

  Hi all,
  I am trying out the instructions given below.
  http://dev.day.com/docs/en/cq/current/developing/jdbc.html
  I followed them exactly but removed <cq:include script="head.jsp"/> line from the jsp since I do not have a head.jsp.
  my config node settings are as follows.
  But when I go to the page, I get below error message.
  error! No data source found with name 'mynewdsname' (after asking 0 providers)
  DB is up and running. I could not find any issue with it. Code is as follows.
  <%DataSourcePool dspService = sling.getService(DataSourcePool.class);
    try {
       DataSource ds = (DataSource) dspService.getDataSource("mynewdsname");  
  %>
  Any help will be great. TX

  Document is outdated & for now could you please follow http://dev.day.com/content/kb/home/cq5/Development/HowToConfigureSlingDatasource.html

• LDAP Authentication Failed :user is not a member in any of the mapped group

  Hi,
  I tried to set up the LDAP Authentication but I failed.
  LDAP Server Configuration Summary seems to be well filled.
  I managed to add a Mapped LDAP member Group: This group appears correctly in the Group list. 
  But itu2019s impossible to create a User. Although this user is a member of the mapped group (checked with LDAP Brower) , an error message is displayed when I tried to create it (There was an error while writing data back to the server: Creation of the user User cannot complete because the user is not a member in any of the mapped groups)
  LDAP Hosts: ldapserverip:389
  LDAP Server Type: Custom
  Base LDAP Distinguished Name: dc=vds,dc=enterprise
  LDAP Server Administration Distinguished Name: CN=myAdminUser,OU=System Accounts,OU=ZZ Group Global,ou=domain1,dc=vds,dc=enterprise
  LDAP Referral Distinguished Name:
  Maximum Referral Hops: 0
  SSL Type: Basic (no SSL)
  Single Sign On Type: None
  CMS Log :
  trace message: LDAP: No such attribute: supportedControl, assuming no ranging support.
  trace message: LDAP: LdapQueryForEntries: QUERY base: dc=vds, dc=enterprise, scope: 2, filter: (samaccountname=KR50162), attribute: dn objectclass
  trace message: LDAP: LdapQueryForEntries: QUERY result: 0 took 2453 ms
  trace message: LDAP: LdapQueryForEntries() QUERY number of entries returned: 1
  trace message: GetParents from plugin for cn=huh\,chen, ou=accounts, ou=users, ou=domain1, dc=vds, dc=enterprise.
  trace message: LDAP: De-activating query cache
  trace message: LDAP: LdapQueryForEntries: QUERY base: , scope: 0, filter: (objectClass=*), attribute: supportedControl
  trace message: LDAP: LdapQueryForEntries: QUERY result: 0 took 0 ms
  trace message: LDAP: LdapQueryForEntries() QUERY number of entries returned: 0
  trace message: LDAP: query for DSE root returned 89
  trace message: LdapQueryForEntries: incr. retries to 1
  trace message: LDAP: Updating the graph
  trace message: LDAP: Starting Graph Update...
  trace message: LDAP: LdapQueryForEntries: QUERY base: , scope: 0, filter: (objectClass=*), attribute: supportedControl
  trace message: LDAP: LdapQueryForEntries: QUERY result: 0 took 0 ms
  trace message: LDAP: LdapQueryForEntries() QUERY number of entries returned: 0
  trace message: LDAP: query for DSE root returned 89
  trace message: LdapQueryForEntries: incr. retries to 1
  trace message: LDAP: LdapQueryForEntries: QUERY base: , scope: 0, filter: (objectClass=*), attribute: supportedControl
  trace message: LDAP: LdapQueryForEntries: QUERY result: 0 took 0 ms
  trace message: LDAP: LdapQueryForEntries() QUERY number of entries returned: 1
  assert failure: (.\ldap_wrapper.cpp:3066). (pSetAttributes : no message).
  trace message: LDAP: No such attribute: supportedControl, assuming no ranging support.
  trace message: LDAP: LdapQueryForEntries: QUERY base: dc=enterprise, scope: 2, filter: (&(cn=gp-asia)(objectclass=group)(member=cn=huh
  , chen, ou=accounts, ou=users, ou=domain1, dc=vds, dc=enterprise)), attribute: objectclass
  trace message: LDAP: LdapQueryForEntries: QUERY base: , scope: 0, filter: (objectClass=*), attribute: supportedControl
  trace message: LDAP: LdapQueryForEntries: QUERY result: 0 took 0 ms
  trace message: LDAP: LdapQueryForEntries() QUERY number of entries returned: 1
  assert failure: (.\ldap_wrapper.cpp:3066). (pSetAttributes : no message).
  trace message: LDAP: No such attribute: supportedControl, assuming no ranging support.
  trace message: LDAP: LdapQueryForEntries: QUERY base: dc=enterprise, scope: 2, filter: (cn=gp-asia), attribute: member objectclass samaccountname cn
  trace message: LDAP: LdapQueryForEntries: QUERY result: 0 took 3109 ms
  trace message: LDAP: LdapQueryForEntries() QUERY number of entries returned: 0
  trace message: LDAP: query for DSE root returned 0
  trace message: Failed to commit user 'KR50162'. Reason: user is not a member in any of the mapped groups.
  trace message: [UID=0;USID=0;ID=79243] Update object in database failed
  trace message: Commit failed.+
  Can you please help?
  Joffrey

  Please do this after you verify all permission settings for all the groups the account is associated with. Also, make sure you check the NTFS folder permissions before doing this as well.
  Since the same result happens on multiple computers, it is not the profile.
  I am recommending you delete the AD account (or rename to backup the account).
  It will not effect the users Exchange account, but you will need to link it back to the new AD user account. 
  You can also delete her profile just to remove it, for the "just in case" scenario.
  Don't forget to mark the post that solved your issue as &quot;Answered.&quot; By marking the Answer you are enabling users with similar issues to find what helped you. Lewis Renwick - IT Professional

• CUP 5.3 SP8 - Authentication Source/User Details Source question

  Hello,
  Here is another issue I'm noticing with CUP.
  Currently we have it configured as such:
  Authentication Source: LDAP
  Search Data Sourec: SAPHR
  User Details Data Source: SAPHR
  When a Requestor logs in to create a request for themself, Requestor Username and Email are correctly populated under the Requestor section of the request screen. This Username and Email match identically from SAPHR; and it should, as that is what we have defined as our User Data Source
  When a Requestor logs in to create a request for another user, Requestor Username and Email are populated differently under the Requestor section of the request screen; this information in this case appears to be coming from LDAP. This does not seem correct to me. LDAP is only defined as the Authentication Source, not the User Data Source.
  1) Why would the Requestor section populate differently when creating a request for yourself vs. another user?
  2) Is this a bug in CUP?
  3) Has anyone else noticed this or found a fix?
  Thanks!!
  Jes

  We are on the same SP level and are configured similarly but don't see this issue. 
  Data Source - LDAP
  Search - SAP
  Datasource - Multiple (SAPHR, SAP(BI), LDAP, SAP(SRM))
  Also, our LDAP does not carry the email address (yet).
  When I create a new request for someone else, all the information is filled in correctly from our SAPHR system, if they are in HR, or from our BI system if they are not in HR but are in BI.  However, since we don't carry e-mail address in our LDAP system yet, the requestor e-mail field is left blank and I have to manually fill it in.  (We do plan on changing this).
  Hope this helps,
  Peggy

• Error while creating Data Source for master data attributes

  Hi BI Experts,
  Well its been some time for me that I have been part of Extraction in BI.I primarily handled reporting in my last assignments.
  I was trying extraction with flat files in SAP BI 7(new to sap bi 7 but very much familiar with BW3.5) but failed in the activity during master data attributes and text upload in infoobject (say IOSP_Mat).
  Here is the procedure that I did after creation of characteristic IOSP_Mat.I created a source system for flat file followed by data source for Master data attributes, i selected all the parameters correctly.i.e. csv file format, data seperator as   ,
  and other settings, now when i am trying to look at the proposed data in the next tab using Load example data.its not showing the desired result.The columns that I have maintained in Flat File is  MAT_NUMBER and MAT_NAME (with say 100 data in the file)
  same is the result when I am trying to load the text data too columns maintained are
  (LANGUAGE MAT_NUMBER Short Description)(same 100 data).
  now i used to rsa1old transaction  to upload the file using 3.5 version.i created info source for master data/text/hierarchies for  IOSP_Mat
  now when trying to upload it using info package for master and text data,I observe its(the data) not maintained in the characteristic IOSP_Mat.
  When I monitored ,I figured the data has not been even uploaded to the PSA level.
  Can you BI experts tell me the answer for this.
  Thanks,
  Srijith

  apologies to all of you for late response,
  was busy with some other activities.
  I don't remember the exact message,but I remember it was not loaded to even the PSA level.I will try it again and post the exact message.
  Thanks again for your quick response.
  Once again sorry to all of you for my late response
  Thanks,
  Sri

• TS5376 Help!  I can't fix or uninstall/reinstall iTunes without getting this error message: "The path \C\Users\(my name)\AppData\Local\Apple\Apple Software Update\iTunes64msi.' cannot be found."  So I can't remove iTunes.

  Here's the complete message:
  "The path \C\Users\(my name)\AppData\Local\Apple\Apple Software Update\iTunes64msi.' cannot be found. Verify that you have access to this location and try again, or try to find the installation package 'iTunes64.msi' in a folder in which you can uninstall the product from iTunes."
  So I'm stuck in this loop in which I can't download an update, can't remove iTunes to reinstall, and can't use iTunes currently as it shuts down at the drop of a hat.  Am I hopeless or is there a fix I can find?

  See Troubleshooting issues with iTunes for Windows updates. Use the same advice as in note 1 but for iTunes. Try the MS fixit, or leave it in place and go to the next step.
  tt2

• Error in LDAP Authentication for Sun One App Server 8..pls help

  I need to authenticate my sun java system application server 8 with openldap server.....
  i have added ldap realm as given in the administrators guide http://docs.sun.com/source/817-6088/security.html
  My settings in the sun app server were like this:
  Realm: ldap
  Class Name: com.sun.enterprise.security.auth.realm.ldap.LDAPRealm
  directory ldap://10.1.1.79:389
  base-dn o=stooges
  jaas-context ldapRealm
  search-bind-dn cn=StoogeAdmin,o=stooges
  search-bind-password secret1
  My openldap schema is as follows
  file : /etc/openldap/slapd.conf
  include /etc/openldap/schema/core.schema
  include /etc/openldap/schema/cosine.schema
  include /etc/openldap/schema/inetorgperson.schema
  include /etc/openldap/schema/nis.schema
  database ldbm
  suffix "o=stooges"
  rootdn "cn=StoogeAdmin,o=stooges"
  rootpw secret1
  directory /var/lib/ldap/stooges
  defaultaccess read
  schemacheck off
  lastmod on
  index cn,sn,st pres,eq,sub
  index uid,userPassword eq
  file : /var/lib/ldap/stooges/stooges.ldif
  dn: o=stooges
  objectClass: top
  objectClass: organization
  o: stooges
  description: The Three Stooges
  dn: cn=StoogeAdmin,o=stooges
  objectClass: organizationalRole
  cn: StoogeAdmin
  description: LDAP Directory Administrator
  dn: ou=MemberGroupA,o=stooges
  ou: MemberGroupA
  objectClass: top
  objectClass: organizationalUnit
  description: Members of MemberGroupA
  dn: ou=MemberGroupB,o=stooges
  ou: MemberGroupB
  objectClass: top
  objectClass: organizationalUnit
  description: Members of MemberGroupB
  dn: uid=vikram,ou=MemberGroupA,o=stooges
  uid:vikram
  givenName:vicky
  objectClass:top
  objectClass:person
  objectClass:organizationalPerson
  objectClass:inetorgperson
  sn:kone
  cn:Kone Vikram
  userPassword:glamsham
  When i start ldap server and sun server,
  the login page for sun server asks for username and password ....
  when i give
  username : vikram
  password : glamsham
  Error page comes.....
  HTTP Status 403 - Access to the requested resource has been denied
  type Status report
  message Access to the requested resource has been denied
  description Access to the specified resource (Access to the requested resource has been denied) has been forbidden.
  Sun-Java-System/Application-Server-PE-8.0
  Subsequent attempts to login gives another error page
  HTTP Status 500 -
  type Exception report
  message
  description The server encountered an internal error () that prevented it from fulfilling this request.
  exception
  com.sun.enterprise.tools.guiframework.exception.FrameworkException: Unabled to handle pre-compiled JSP '/jsp/j_security_check'. Expected pre-compiled classname: 'org.apache.jsp.jsp.j_005fsecurity_005fcheck'.
  com.sun.enterprise.tools.admingui.servlet.HandlePrecompiledJsp.doPost(HandlePrecompiledJsp.java:59)
  javax.servlet.http.HttpServlet.service(HttpServlet.java:768)
  javax.servlet.http.HttpServlet.service(HttpServlet.java:861)
  sun.reflect.GeneratedMethodAccessor55.invoke(Unknown Source)
  sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  java.lang.reflect.Method.invoke(Method.java:324)
  org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:289)
  java.security.AccessController.doPrivileged(Native Method)
  javax.security.auth.Subject.doAsPrivileged(Subject.java:500)
  org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:311)
  org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:205)
  note The full stack trace of the root cause is available in the Sun-Java-System/Application-Server-PE-8.0 logs.
  Sun-Java-System/Application-Server-PE-8.0
  So pls... help as to how to go about this..
  P.S. My ldap server runs as "ldap" user not as root

  Try with "vikram" as a member of "cn=asadmin" group in your LDAP directory...

• Problem with LDAP authentication for users in a group

  I've gone through several forums attempting to find a solution, but I still can't get authentication to work for users in a particular group within AD. Our ASA is running 9.1(2), and the domain controller is a Windows Server 2012 R2.
  I can configure the VPN connection, so that all users can authenticate just fine; however, when I setup the group, there appears to be success, but I'm reprompted to authenticate, and it eventually fails:
  [6707]  memberOf: value = CN=VPN Access,OU=COMPANY Groups,DC=COMPANY,DC=com
  [6707]          mapped to IETF-Radius-Class: value = GroupPolicy_COMPANY_SSL_VPN
  [6707]          mapped to LDAP-Class: value = GroupPolicy_COMPANY_SSL_VPN
  [6707]  msNPAllowDialin: value = TRUE
  I'd be grateful if anyone can point me into the right direction and show me what I'm doing wrong. Thank you.
  ldap attribute-map AuthUsers
    map-name  memberOf IETF-Radius-Class
    map-value memberOf "CN=VPN Access,OU=COMPANY Groups,DC=COMPANY,DC=com" GroupPolicy_COMPANY_SSL_VPN
  aaa-server LDAP protocol ldap
  aaa-server LDAP (COMPANY_PROD_INTERNAL) host 10.10.100.110
   ldap-base-dn DC=COMPANY,DC=com
   ldap-scope subtree
   ldap-naming-attribute sAMAccountName
   ldap-login-password *****
   ldap-login-dn CN=LDAPAuth,CN=Users,DC=COMPANY,DC=com
   server-type microsoft
   ldap-attribute-map AuthUsers
  group-policy NOACCESS internal
  group-policy NOACCESS attributes
   vpn-simultaneous-logins 0
   vpn-tunnel-protocol ikev1 ssl-client ssl-clientless
   webvpn
    anyconnect ask none default anyconnect
  group-policy GroupPolicy_COMPANY_SSL_VPN internal
  group-policy GroupPolicy_COMPANY_SSL_VPN attributes
   wins-server none
   dns-server value 10.10.100.102
   vpn-tunnel-protocol ikev1 ikev2 ssl-client
   split-tunnel-policy tunnelspecified
   split-tunnel-network-list value SPLIT-TUNNEL
   default-domain value net.COMPANY.com
   webvpn
    anyconnect profiles value COMPANY_SSL_VPN_client_profile type user
  tunnel-group COMPANY_SSL_VPN type remote-access
  tunnel-group COMPANY_SSL_VPN general-attributes
   address-pool COMPANY-SSL-VPN-POOL
   authentication-server-group LDAP
   authorization-server-group LDAP
   authorization-server-group (COMPANY_PROD_INTERNAL) LDAP
   default-group-policy NOACCESS
   authorization-required
  tunnel-group COMPANY_SSL_VPN webvpn-attributes
   group-alias COMPANY_SSL_VPN enable
  tunnel-group COMPANY_SSL_VPN ipsec-attributes
   ikev1 pre-shared-key *****

  I just figured it out. Under "group-policy GroupPolicy_COMPANY_SSL_VPN attributes", I had to add "vpn-simultaneous-logins 15". Apparently, it was using the value "vpn-simultaneous-logins 0" under the NOACCESS group policy.

• G6: Consolidating Multiple Authentication Sources

  Hello everyone!
  When our development environment was setup an Authentication Source was created to go against 1 of the 4 containers in our Active Directory. The containers correspond to different regions of our organization (North, South, East West). At the time we just wanted to test the North people so we set the OU to that container.
  This past week I wanted to expand our user base to include the 3 other containers. Unsure of the exact procedure to do this, I copied the original AuthSource and created 3 new ones. The users were successfully pulled in, however at the login screen there are now 5 authentication sources (Plumtree Users, North, South, East, West). I realize now that a mistaken was made from the start in pulling from a container rather than the root, or in my second step of creating new sources rather than manipulating the original. (chalk it up to a learning curve!)
  The Authentication Sources are tied directly to the users that they have loaded and can't be deleted unless the associated users/groups are "removed".
  Would I be correct in assuming that the only way to consolidate our login Authentication Sources would be to delete all of our users followed by all of the Auth Sources and then create a single source to query the root? Is there any way to change the users Auth Source?
  Are there was any other "best practices" or pitfalls that I should be aware of? Especially things that can't be modified after the initial import as in this case?
  Thanks for any help,
  Geoff
  Geoff Garcia
  Producer, Enterprise Portal
  March of Dimes National Office
  1275 Mamaroneck Ave.
  White Plains, NY 10605
  914 997.4275 (Office)
  908 531.6364 (Cell)
  [email protected]
  Improving the health of babies by preventing birth defects, premature birth, and infant mortality

  I would do this:
  Delete the "new" (South, West, East) users, groups, then delete the corresponding authentication sources
  Modify the "original" (North) authentication source's User Query Base (and Query Filter if necessary) Rename the authentication source if you like. Do not change the User Unique Name attribute.
  Sync the original authentication souce. This should just add the users from the modifed root, and assuming that the original users are still included in the modified base and query, they should just stay right there.

• LDAP authenticator setting in Weblogic 10

  Hi there,
  I am a newbie to weblogic. I am migrating an application from OAS to Weblogic 10. The application is using LDAP for login. I am havng a trouble to set up those users in weblogic console.
  Here is what I did:
  in web.xml:
  <security-constraint>
  <display-name>Example Security Constraint</display-name>
  <web-resource-collection>
  <web-resource-name>Protected Area</web-resource-name>
  <url-pattern>*</url-pattern>
  <http-method>*</http-method>
  </web-resource-collection>
  <auth-constraint>
  <role-name>UserRole</role-name>
  </auth-constraint>
  </security-constraint>
  <security-role>
  <login-config>
  <auth-method>FORM</auth-method>
  <realm-name>RegularUser</realm-name>
  <form-login-config>
  <form-login-page>/login.jsp</form-login-page>
  <form-error-page>/loginerror.jsp</form-error-page>
  </form-login-config>
  </login-config>
  <role-name>UserRole</role-name>
  </security-role>
  In Weblogic.xml
  <?xml version="1.0" encoding="windows-1252"?>
  <weblogic-web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.bea.com/ns/weblogic/weblogic-web-app http://www.bea.com/ns/weblogic/weblogic-web-app/1.0/weblogic-web-app.xsd" xmlns="http://www.bea.com/ns/weblogic/weblogic-web-app">
  <security-role-assignment>
  <role-name>UserRole</role-name>
  <externally-defined/>
  </security-role-assignment>
  </weblogic-web-app>
  In Weblogic console, I created a new realm called RegularUser and setup LDAP authenticator. User Base DN is ou=axxx,dc=bxxx,dc=cxx. I can see those users already in the user list.
  Did I miss any step?
  Thanks

  Thanks, Faisal.
  Here is my config.xml. Do I need to select Custom Roles at the time of deployment? I manually deployed the application in console.
  <?xml version='1.0' encoding='UTF-8'?>
  <domain xmlns="http://xmlns.oracle.com/weblogic/domain" xmlns:sec="http://xmlns.oracle.com/weblogic/security" xmlns:wls="http://xmlns.oracle.com/weblogic/security/wls" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.oracle.com/weblogic/security/xacml http://xmlns.oracle.com/weblogic/security/xacml/1.0/xacml.xsd http://xmlns.oracle.com/weblogic/security/providers/passwordvalidator http://xmlns.oracle.com/weblogic/security/providers/passwordvalidator/1.0/passwordvalidator.xsd http://xmlns.oracle.com/weblogic/domain http://xmlns.oracle.com/weblogic/1.0/domain.xsd http://xmlns.oracle.com/weblogic/security http://xmlns.oracle.com/weblogic/1.0/security.xsd http://xmlns.oracle.com/weblogic/security/wls http://xmlns.oracle.com/weblogic/security/wls/1.0/wls.xsd">
  <name>myTestDomain</name>
  <domain-version>10.3.3.0</domain-version>
  <security-configuration>
  <name>myTestDomain</name>
  <realm>
  <sec:authentication-provider xsi:type="wls:default-authenticatorType"></sec:authentication-provider>
  <sec:authentication-provider xsi:type="wls:default-identity-asserterType">
  <sec:active-type>AuthenticatedUser</sec:active-type>
  </sec:authentication-provider>
  <sec:authentication-provider xsi:type="wls:ldap-authenticatorType">
  <sec:name>RegularUsers</sec:name>
  <sec:control-flag>OPTIONAL</sec:control-flag>
  <wls:host>holdap1.abc.org</wls:host>
  <wls:user-object-class>user</wls:user-object-class>
  <wls:user-name-attribute>sAMAccountName</wls:user-name-attribute>
  <wls:principal>ldapviewsd</wls:principal>
  <wls:user-base-dn>ou=a,dc=b,dc=c</wls:user-base-dn>
  <wls:credential-encrypted>{AES}5dVfr76v1nSUvb8iMBO5e1WxZG5BA/M3MWZvNxDVMO4=</wls:credential-encrypted>
  <wls:user-from-name-filter>(&amp;(sAMAccountName=%u)(objectclass=user))</wls:user-from-name-filter>
  <wls:group-base-dn>ou=a,dc=b,dc=c</wls:group-base-dn>
  <wls:group-from-name-filter>(&amp;(cn=%g)(objectclass=group))</wls:group-from-name-filter>
  <wls:static-group-object-class>group</wls:static-group-object-class>
  <wls:static-member-dn-attribute>member</wls:static-member-dn-attribute>
  <wls:static-group-dns-from-member-dn-filter>(&amp;(member=%M)(objectclass=group))</wls:static-group-dns-from-member-dn-filter>
  </sec:authentication-provider>
  <sec:role-mapper xmlns:xac="http://xmlns.oracle.com/weblogic/security/xacml" xsi:type="xac:xacml-role-mapperType"></sec:role-mapper>
  <sec:authorizer xmlns:xac="http://xmlns.oracle.com/weblogic/security/xacml" xsi:type="xac:xacml-authorizerType"></sec:authorizer>
  <sec:adjudicator xsi:type="wls:default-adjudicatorType"></sec:adjudicator>
  <sec:credential-mapper xsi:type="wls:default-credential-mapperType"></sec:credential-mapper>
  <sec:cert-path-provider xsi:type="wls:web-logic-cert-path-providerType"></sec:cert-path-provider>
  <sec:cert-path-builder>WebLogicCertPathProvider</sec:cert-path-builder>
  <sec:name>myrealm</sec:name>
  <sec:password-validator xmlns:pas="http://xmlns.oracle.com/weblogic/security/providers/passwordvalidator" xsi:type="pas:system-password-validatorType">
  <sec:name>SystemPasswordValidator</sec:name>
  <pas:min-password-length>8</pas:min-password-length>
  <pas:min-numeric-or-special-characters>1</pas:min-numeric-or-special-characters>
  </sec:password-validator>
  </realm>
  <realm>
  <sec:authentication-provider xsi:type="wls:active-directory-authenticatorType">
  <sec:name>RewardsUser</sec:name>
  <sec:control-flag>SUFFICIENT</sec:control-flag>
  <wls:host>holdap1.abc.org</wls:host>
  <wls:user-name-attribute>sAMAccountName</wls:user-name-attribute>
  <wls:principal>ldapviewsd</wls:principal>
  <wls:user-base-dn>ou=a,dc=b,dc=c</wls:user-base-dn>
  <wls:credential-encrypted>{AES}6mfAIvAqFASMkZ4yHygBe3AODqNyzYyLLePzCI2HTE0=</wls:credential-encrypted>
  <wls:user-from-name-filter>(&amp;(sAMAccountName=%u)(objectclass=user))</wls:user-from-name-filter>
  <wls:group-base-dn>ou=a,dc=bdc=c</wls:group-base-dn>
  <wls:max-sid-to-group-lookups-in-cache>1500</wls:max-sid-to-group-lookups-in-cache>
  </sec:authentication-provider>
  <sec:deploy-role-ignored>false</sec:deploy-role-ignored>
  <sec:deploy-policy-ignored>false</sec:deploy-policy-ignored>
  <sec:deploy-credential-mapping-ignored>false</sec:deploy-credential-mapping-ignored>
  <sec:security-dd-model>CustomRoles</sec:security-dd-model>
  <sec:combined-role-mapping-enabled>true</sec:combined-role-mapping-enabled>
  <sec:name>RewardsUser</sec:name>
  <sec:delegate-m-bean-authorization>false</sec:delegate-m-bean-authorization>
  </realm>
  <default-realm>myrealm</default-realm>
  <credential-encrypted>{AES}AOnncmyo+t9U78VAJHcbv8uiDUVggDlU55WY5xh6NukBIg3m2MK0In76UwCRuKdlVzHp9uWx/4uYZpkVQmq9Hqk3fTRZRx4dIuyU07siwupmYdq1UHttcgTIwqqKoaWn</credential-encrypted>
  <node-manager-username>weblogic</node-manager-username>
  <node-manager-password-encrypted>{AES}Yx0pabvYpXxQr7K7YRVB5B0f3Kyy8Lpn0cu1WQCXve8=</node-manager-password-encrypted>
  </security-configuration>
  <server>
  <name>AdminServer</name>
  <server-debug>
  <debug-scope>
  <name>weblogic.security.atn</name>
  <enabled>true</enabled>
  </debug-scope>
  <debug-scope>
  <name>weblogic.security.atz</name>
  <enabled>true</enabled>
  </debug-scope>
  <debug-security-atn>true</debug-security-atn>
  <debug-security-atz>true</debug-security-atz>
  <debug-security-saml-atn>true</debug-security-saml-atn>
  <debug-security-saml2-atn>true</debug-security-saml2-atn>
  </server-debug>
  <listen-address></listen-address>
  </server>
  <embedded-ldap>
  <name>myTestDomain</name>
  <credential-encrypted>{AES}Iidvc9S3UqScbvwktaeOZMYr4V9BQ4aU/T5z+npeFwiYEzUZi6iLF59pfpCNI0DQ</credential-encrypted>
  </embedded-ldap>
  <configuration-version>10.3.3.0</configuration-version>
  <app-deployment>
  <name>rewards</name>
  <target>AdminServer</target>
  <module-type>ear</module-type>
  <source-path>servers\AdminServer\upload\rewards.ear</source-path>
  <security-dd-model>DDOnly</security-dd-model>
  </app-deployment>
  <admin-server-name>AdminServer</admin-server-name>
  </domain>

• Open LDAP Authenticator Configuration on WLSSP5

  I have problems in the open LDAP authenticator configuration on Weblogic Server with Service Pack 5. I have users on OpenLDAP Server that do not belong to any group. My LDIF file contents are as given below.
  dn: dc=my-domain,dc=com
  dc: my-domain
  objectClass: dcObject
  objectClass: organization
  o: MYABC, Inc
  dn: cn=Manager, dc=my-domain,dc=com
  userPassword:: c2VjcmV0
  objectClass: person
  sn: Manager
  cn: Manager
  dn: cn=myabcsystem, dc=my-domain,dc=com
  userPassword:: dmVuZGF2b3N5c3RlbQ==
  objectClass: person
  sn: myabcsystem
  cn: myabcsystem
  dn: cn=Philippe, dc=my-domain,dc=com
  userPassword:: UGhpbGlwcGU=
  objectClass: person
  sn: Philippe
  cn: Philippe
  dn: cn=mlrick, dc=my-domain,dc=com
  userPassword:: bWxyaWNr
  objectClass: person
  sn: mlrick
  cn: mlrick
  All these users appear in the Users tab after configuration on the console only if LDAP Server is up. While I select group tab, I get errors indicating BAD SEARCH Filter.
  Inspite of me not having any groups in the ldap as indicated in ldif contents.
  While I try to login t the application with this LDAP configuration, I do not get any errors. LDAP authentication is not happening with just the LDAP authenticator in place. Even if I stop the LDAP server, I do nto get any exceptions while trying ot login. The config params for the Open LADP are as given below
  <weblogic.security.providers.authentication.OpenLDAPAuthenticator
  AllGroupsFilter="objectclass=*"
  Credential="{3DES}rGCpYmhaIorI99BjZ2u6Fg=="
  GroupBaseDN="dc=my-domain,dc=com"
  GroupFromNameFilter="(cn=%u)"
  Name="Security:Name=MYABCAuthenticationOpenLDAPAuthenticator"
  Principal="cn=myabcsystem,dc=my-domain,dc=com"
  Realm="Security:Name=MYABCAuthentication"
  StaticGroupDNsfromMemberDNFilter=""
  StaticGroupNameAttribute="" StaticGroupObjectClass=""
  StaticMemberDNAttribute="" UserBaseDN="dc=my-domain, dc=com"/>
  ####<Mar 3, 2006 4:21:34 PM IST> <Debug> <SecurityDebug> <hemalatha> <myserver> <ExecuteThread: '49' for queue: 'default'> <<WLS Kernel>> <> <000000> <LDAP ATN LoginModule initialized>
  ####<Mar 3, 2006 4:21:34 PM IST> <Debug> <SecurityDebug> <hemalatha> <myserver> <ExecuteThread: '49' for queue: 'default'> <<WLS Kernel>> <> <000000> <LDAP Atn Login>
  ####<Mar 3, 2006 4:21:34 PM IST> <Debug> <SecurityDebug> <hemalatha> <myserver> <ExecuteThread: '49' for queue: 'default'> <<WLS Kernel>> <> <000000> <LDAP Atn Login username: bob>
  ####<Mar 3, 2006 4:21:34 PM IST> <Debug> <SecurityDebug> <hemalatha> <myserver> <ExecuteThread: '49' for queue: 'default'> <<WLS Kernel>> <> <000000> <getConnection return conn:LDAPConnection { ldapVersion:2 bindDN:""}>
  ####<Mar 3, 2006 4:21:34 PM IST> <Debug> <SecurityDebug> <hemalatha> <myserver> <ExecuteThread: '49' for queue: 'default'> <<WLS Kernel>> <> <000000> <authenticate user:bob>
  ####<Mar 3, 2006 4:21:34 PM IST> <Debug> <SecurityDebug> <hemalatha> <myserver> <ExecuteThread: '49' for queue: 'default'> <<WLS Kernel>> <> <000000> <getDNForUser search("ou=people,ou=MYABCAuthentication,dc=myabc", "(&(uid=bob)(objectclass=person))", base DN & below)>
  ####<Mar 3, 2006 4:21:34 PM IST> <Debug> <SecurityDebug> <hemalatha> <myserver> <ExecuteThread: '49' for queue: 'default'> <<WLS Kernel>> <> <000000> <returnConnection conn:LDAPConnection { ldapVersion:2 bindDN:""}>
  CAN ANYONE HELP ME IDENTIFY WHAT IS THE ISSUE. Why is the authentication not happening?

  Hi Amol,
  I've seen this happen at least two times in 11.1.1.1 installs. You can safely restart and then add the service back again. Suggest you reboot after you re-add the service back or cycle all the Hyperion services.
  I was not aware you could install the service with that command.
  I used the below command instead:
  sc create OpenLDAP-slapd start= auto binPath= "D:\Hyperion\...\slapd.exe service" DisplayName= "Hyperion Shared Services OpenLAP"
  Regards,
  -John

• CUC 8.5.1 IMAP - LDAP Authentication

  I have Unity Connection 8.5.1. It is setup for LDAP Sync. It's set to use LDAP Authentication for users. The passwords and search bases are correct becasue I can authenticate for inbox/PCA and admin. It's using SSL and I have changed the Server information to the host name to match the certificate installed. There are no custom filters.
  I am trying to get CUPC Voicemail configured and it keeps telling me credentials are rejected.
  I connect to IMAP using telnet <server ip> 143
  attempting to login using 02 login username password
  it returns 02 NO Logon Failure: unknown user or incorrect password.
  If I create a user not linked to ldap I can login with username and web password.
  I have even restarted the servers after changing ldap server to hostname.
  The LDAP user has the same COS that is assigned to non-ldap user that I am able to log in with.
  Any other suggestions?

  Hi,
  Sounds like you're hitting
  http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtr94356
  Brad

• CUP 5.2 - LDAP Authentication error - "User credentials not valid."

  Hi Experts ,
  I have set up LDAP "SUN ONE" as a authentication source for our CUP 5.2 SP11 Patch1 (Build-62316). But when I try to logon with my network id,I receive error "User credentials not valid."
  Please find the log below.
  Thank you for your help,
  Regards,
  Abderrahim
  2011-03-01 12:07:57,232 [SAPEngine_Application_Thread[impl:3]_27] ERROR Failed to log in a867168
  com.virsa.ae.service.umi.AuthenticationFailureException: No user details found
       at com.virsa.ae.service.umi.ldap.LDAPAuthenticator.validate(LDAPAuthenticator.java:140)
       at com.virsa.ae.actions.LoginAction.requestorLoginHandler(LoginAction.java:847)
       at com.virsa.ae.actions.LoginAction.execute(LoginAction.java:82)
       at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:256)
       at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:423)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
       at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
       at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
       at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
       at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
       at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
       at java.security.AccessController.doPrivileged(AccessController.java:207)
       at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
       at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
  Caused by:
  com.virsa.ae.service.umi.UMIException: SUNONE error reading search results
       at com.virsa.ae.service.umi.ldap.LDAPSearchUser.getUsers(LDAPSearchUser.java:698)
       at com.virsa.ae.service.umi.ldap.LDAPSearchUser.getUserById(LDAPSearchUser.java:760)
       at com.virsa.ae.service.umi.ldap.LDAPAuthenticator.validate(LDAPAuthenticator.java:131)
       at com.virsa.ae.actions.LoginAction.requestorLoginHandler(LoginAction.java:847)
       at com.virsa.ae.actions.LoginAction.execute(LoginAction.java:82)
       at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:256)
       at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:423)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
       at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
       at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
       at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
       at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
       at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
       at java.security.AccessController.doPrivileged(AccessController.java:207)
       at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
       at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
  Caused by:
  javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]; remaining name ''
       at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3030)
       at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2951)
       at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2757)
       at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1828)
       at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1751)
       at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:386)
       at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:347)
       at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:332)
       at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:252)
       at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:252)
       at com.virsa.ae.service.umi.ldap.LDAPSearchUser.getUsers(LDAPSearchUser.java:518)
       at com.virsa.ae.service.umi.ldap.LDAPSearchUser.getUserById(LDAPSearchUser.java:760)
       at com.virsa.ae.service.umi.ldap.LDAPAuthenticator.validate(LDAPAuthenticator.java:131)
       at com.virsa.ae.actions.LoginAction.requestorLoginHandler(LoginAction.java:847)
       at com.virsa.ae.actions.LoginAction.execute(LoginAction.java:82)
       at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:256)
       at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:423)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
       at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
       at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
       at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
       at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
       at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
       at java.security.AccessController.doPrivileged(AccessController.java:207)
       at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
       at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)

  My issue is stil not received, i hav send a document to the system team to follow for the integration. The AD configuration for QM shud be very expicit or else integration will not work. I am attachin the doc here. Let me knw if that helps.

• ERROR: Ldap Authentication failed for dap during installation of iAS 6.0 SP3

  I am attempting to install ias Enterprise Edition (6.0 SP3) on solaris 2.8 using typical in basesetup. I am trying to install new Directory server as I don't have an existing one.
  During the installation I got the following error.
  ERROR: Ldap Authentication failed for url ldap://hostname:389/o=NetScape Root user id admin (151: Unknown Error)
  Fatal Slapd did not add Directory server information to config Server.
  Warning slapd could'nt populate with ldif file Yes error code 151.
  ERROR:Failure installing iPlanet Directory Server.
  Do you want to continue: ( I entered yes )
  Configuring Administration Server Segmentation fault core dumped.
  Error: Failure installing Netscape Administration Server.
  Do you want to continue:( I responded with yes).
  And during the Extraction I got the following
  ERROR:mple_bind: Can't connect to the LDAP server - No route to host
  ERROR: Unable to connect to LDAP Directory Server
  Hostname: hostname
  Port: 389
  User: cn=Directory Manager
  Password: <password-for-cn=Directory Manager
  Please make sure this Directory Server is currently running.
  You might need to run 'stop-slapd' and then
  'start-slapd' in the Directory Server home directory, in order to restart
  LDAP. When finished, press ENTER to continue, or S to skip this step:
  Start registering Bootstrap EJB...
  javax.naming.NameNotFoundException
  at java.lang.Throwable.fillInStackTrace(Native Method)
  at java.lang.Throwable.fillInStackTrace(Compiled Code)
  at java.lang.Throwable.<init>(Compiled Code)
  at java.lang.Exception.<init>(Compiled > Code)
  at javax.naming.NamingException.<init>(NamingException.java:114)
  at javax.naming.NameNotFoundException.<init>(NameNotFoundException.java: 48)
  at com.netscape.server.jndi.RootContext.resolveCtx(Unknown Source)
  "ldaperror" 76 lines, 2944 characters
  at com.netscape.server.jndi.RootContext.resolveCtx(Unknown Source)
  at com.netscape.server.jndi.RootContext.bind(Unknown Source)
  at com.netscape.server.jndi.RootContext.bind(Unknown Source)
  at javax.naming.InitialContext.bind(InitialContext.java:371)
  at com.netscape.server.deployment.EjbReg.deployToNaming(Unknown Source)
  at com.netscape.server.deployment.EjbReg.registerEjbJar(Compiled Code)
  at com.netscape.server.deployment.EjbReg.registerEjbJar(Compiled Code)
  at com.netscape.server.deployment.EjbReg.run(Compiled Code)
  at com.netscape.server.deployment.EjbReg.main(Unknown Source)
  Start registering iAS 60 Fortune Application...
  Start iPlanet Application Server
  Start iPlanet Application Server
  Start Web Server iPlanet-WebServer-Enterprise/6.0SP1 B08/20/200100:58
  warning: daemon is running as super-user
  [LS ls1] http://gedemo1.plateau.com, port 80 ready
  to accept requests
  startup: server started successfully.
  After completion of installation, I tried to start the console. But I got the following error;
  "Cant connect ot the admin server. The url is not correct or the server is not running.
  Finally,when I started the admintool(iASTT),it shows the iAS1
  was registered( marked with a red cross mark) and says "cant login. make sure the user
  name & passwdord are correct" when i click on it.
  Thanks in advance for any help
  Madhavi

  Hi,
  Make sure that the directory server is installed first. If it is running
  ok, then you can try adding an admin user, please check the following
  technote.
  http://knowledgebase.iplanet.com/ikb/kb/articles/4106.html
  regards
  Swami
  madhavi korupolu wrote:
  I am attempting to install ias Enterprise Edition (6.0 SP3) on
  solaris 2.8 using typical in basesetup. I am trying to install new
  Directory server as I don't have an existing one.
  During the installation I got the following error.
  ERROR: Ldap Authentication failed for url
  ldap://hostname:389/o=NetScape Root user id admin (151: Unknown
  Error)
  Fatal Slapd did not add Directory server information to config
  Server.
  Warning slapd could'nt populate with ldif file Yes error code 151.
  ERROR:Failure installing iPlanet Directory Server.
  Do you want to continue: ( I entered yes )
  Configuring Administration Server Segmentation fault core dumped.
  Error: Failure installing Netscape Administration Server.
  Do you want to continue:( I responded with yes).
  And during the Extraction I got the following
  ERROR:mple_bind: Can't connect to the LDAP server - No route to host
  ERROR: Unable to connect to LDAP Directory Server
  Hostname: hostname
  Port: 389
  User: cn=Directory Manager
  Password: <password-for-cn=Directory Manager
  Please make sure this Directory Server is currently running.
  You might need to run 'stop-slapd' and then
  'start-slapd' in the Directory Server home directory, in order to
  restart
  LDAP. When finished, press ENTER to continue, or S to skip this
  step:
  Start registering Bootstrap EJB...
  javax.naming.NameNotFoundException
  at java.lang.Throwable.fillInStackTrace(Native Method)
  at java.lang.Throwable.fillInStackTrace(Compiled Code)
  at java.lang.Throwable.<init>(Compiled Code)
  at java.lang.Exception.<init>(Compiled > Code)
  at javax.naming.NamingException.<init>(NamingException.java:114)
  at
  javax.naming.NameNotFoundException.<init>(NameNotFoundException.java:
  48)
  at com.netscape.server.jndi.RootContext.resolveCtx(Unknown Source)
  "ldaperror" 76 lines, 2944 characters
  at com.netscape.server.jndi.RootContext.resolveCtx(Unknown Source)
  at com.netscape.server.jndi.RootContext.bind(Unknown Source)
  at com.netscape.server.jndi.RootContext.bind(Unknown Source)
  at javax.naming.InitialContext.bind(InitialContext.java:371)
  at com.netscape.server.deployment.EjbReg.deployToNaming(Unknown
  Source)
  at com.netscape.server.deployment.EjbReg.registerEjbJar(Compiled
  Code)
  at com.netscape.server.deployment.EjbReg.registerEjbJar(Compiled
  Code)
  at com.netscape.server.deployment.EjbReg.run(Compiled Code)
  at com.netscape.server.deployment.EjbReg.main(Unknown Source)
  Start registering iAS 60 Fortune Application...
  Start iPlanet Application Server
  Start iPlanet Application Server
  Start Web Server iPlanet-WebServer-Enterprise/6.0SP1 B08/20/200100:58
  warning: daemon is running as super-user
  [LS ls1] http://gedemo1.plateau.com, port 80 ready
  to accept requests
  startup: server started successfully.
  After completion of installation, I tried to start the console. But I
  got the following error;
  "Cant connect ot the admin server. The url is not correct or the
  server is not running.
  Finally,when I started the admintool(iASTT),it shows the iAS1
  was registered( marked with a red cross mark) and says "cant login.
  make sure the user
  name & passwdord are correct" when i click on it.
  Thanks in advance for any help
  Madhavi
  Try our New Web Based Forum at http://softwareforum.sun.com
  Includes Access to our Product Knowledge Base!