Integrating BIP with multiple LDAP servers
Hi,
my question is very simple. In Admin->Security Configuration->Security Model section i've setted Security model combobox with LDAP value. Then i've filled all LDAP information field (for example:URL). All works. But in my rpd i 've multiple LDAP servers (multiple URL) and in the form i can insert information about only one LDAP server.
Is it possible configure BIP with multiple LDAP servers?
Thanks
Giancarlo
P.S. I'm using OBIEE 10g
Hi,
my question is very simple. In Admin->Security Configuration->Security Model section i've setted Security model combobox with LDAP value. Then i've filled all LDAP information field (for example:URL). All works. But in my rpd i 've multiple LDAP servers (multiple URL) and in the form i can insert information about only one LDAP server.
Is it possible configure BIP with multiple LDAP servers?
Thanks
Giancarlo
P.S. I'm using OBIEE 10g
Similar Messages
-
Calendar Server with multiple LDAP servers
Can anybuddy tell me how calendar server shifts to failover (2nd) Directory Server when one fails ? What will be the parameter in ics.conf file ?
Thanx,
RehanCan anybuddy tell me how calendar server shifts to failover (2nd) Directory Server when one fails ? What will be the parameter in ics.conf file ?
Thanx,
Rehan -
Multiple LDAP Servers in Fusion Middleware (OBIEE 11g)
Hello,
I have a question, regarding integration of multiple LDAP servers with single Weblogic Server of Fusion Middleware (OBIEE 11g). We are currently using OBIEE 10g. We are on verge of migrating to 11g. However, I have a question regarding the LDAP server.
Our two applications run on two distinct LDAP servers. The plan is to provide a single sign on link for OBIEE 11g reports to the end users and depending on what application they are using, they must be authenticated against the respective LDAP server.
So, my question, is it possible to Integrate two different LDAP servers in the Weblogic of Fusion Middleware (OBIEE 11g). If so, what would be the steps. Any helpful document will also be appreciated.
Thank you,
Chandu.Yes, you can configure multiple authentication providers one by one as you generally do.
When you configure multiple Authentication providers, use the JAAS Control Flag for each provider to control how the Authentication providers are used in the login sequence. You can set the JAAS Control Flag in the WebLogic Administration Console.
REQUIRED—The Authentication provider is always called, and the user must always pass its authentication test. If authentication succeeds or fails, authentication still continues down the list of providers.
REQUISITE—The user is required to pass the authentication test of the Authentication provider. If the user passes the authentication test of this Authentication provider, subsequent providers are executed but can fail (except for Authentication providers with the JAAS Control Flag set to REQUIRED).
SUFFICIENT—The user is not required to pass the authentication test of the Authentication provider. If authentication succeeds, no subsequent Authentication providers are executed. If authentication fails, authentication continues down the list of providers.
OPTIONAL—The user is allowed to pass or fail the authentication test of this Authentication provider. However, if all Authentication providers configured in a security realm have the JAAS Control Flag set to OPTIONAL, the user must pass the authentication test of one of the configured providers.
refer - http://docs.oracle.com/cd/E13222_01/wls/docs92/secmanage/atn.html
Regards
Mukesh Negi
http://weblogicserveradministration.blogspot.in/ -
Cisco ACS 5.2 authentication against multiple LDAP servers
Hi Folks,
I have a wireless network that uses ACS 5.2 to handle authentication. The ACS is integrated with an Active Directory LDAP server (my_ldap) and is working correctly at the moment. The authentication flow looks like this:
- User tries to associate to WLAN
- Authentication request is sent to ACS
- Service selection rule chooses an access-policy (wireless_access_policy)
- wireless_access_policy is configured to use my_ldap as identity source.
A sister company is about to move into our offices, and will need access to the same WLAN. Users in the sister company are members of a separate AD domain (sister_company_ldap). I would like to modify the wireless_access_policy so that when it receives an authentication request it will query both my_ldap and sister_company_ldap, and return a passed authentication if either attempt is successful. Is this possible?Assuming you're already authenticating using your AD binding and AD1 as your identity source, you can add a further LDAP server as another identity source and add this to your identity store sequence in your access policy to authenticate against both.
You can also add multiple LDAP servers and add them both to the identity store sequence (if you're not using AD1). -
How to configure one TREX host with multiple index servers ?
Hi All,
Does anyone know how to configure TREX on the one host,
with multiple index servers ?
Reason for this is to make better use of resources available on the host server(4 Gig, 4 Processor, Windows2003), to improve the search performance of
our KM content for portal users.
I am using TREX 7 and have not been able to do this,
despite reading the Single and Distributed install
documentation.
Any help would be appreciated.
Regards,
AndresHi Andres,
To make use of the RAM a Server provides you have to run two indexserver processes (each can then consume 2 GB);
Proceed like this:
1. Go to TREXdeamon.ini; check if section [indexserver2] is there (it is already provided, but not active in standard installation)
2. In TREXdeamon.ini go to
[daemon]
references sections below
programs=nameserver,preprocessor1,indexserver1,queueserver,alertserver
and add indexserver2 here. Restart TREX; second porcess is then started; can be checked in TREX monitor in Portal as well
3. To distribute existing indexes to the new process, start TREXadmintool and go to Index: Landscape
Go to the last two columns and move the indexes (move master here/secondary mouse click)
If you don't distribute the indexes the new index server process will be regarded when an new index is created.
Hope this helps!
cheers
Bettina -
Multiple LDAP servers on single System
hi,
Would like to know if its a good idea to have multiple LDAP servers running on a single System (Hardware) ..
100,000 user base
We would like to run the old and new LDAP databases on the same server till we phase out the old LDAP database after migrating all applications..
System:
2 x V880 4CPU 8GB RAM --multi-master configuration
4 x V420R 4CPU 8GB RAM -- read only replicasShouldnt be an issue - thats not a particularly large user base and thats some heft y HW. Keep in mind though that they will be on different ports so any software you migrate may eventually need tweaking to the default port when the new takes over.
-
LDAP Authentication Scheme - Multiple LDAP Servers?
How to set up ldap authentication so that multiple ldap servers are available? Scenario: ldap service is replicated through several servers, but does not sit behind a common dns/reverse proxy connection, so applications would list each ldap server and attempt to contact each in order if one or more ldap servers is unreachable.
How to set up ldap authentication so that multiple ldap servers are available? Scenario: ldap service is replicated through several servers, but does not sit behind a common dns/reverse proxy connection, so applications would list each ldap server and attempt to contact each in order if one or more ldap servers is unreachable.
-
Multiple LDAP Servers and Attribute-Based Data Partitioning
Hello
We currently want to implement following szenario on Netweaver 2004s. From the
following SAP Help documentation we want attribute based data partitioning:
http://help.sap.com/saphelp_nw70/helpdata/EN/4e/4d0d40c04af72ee10000000a1550b0/frameset.htm
The difference to the SAP document is that we want a distribution of attributes over
multiple LDAP servers. So we tried to fit that concept into xml. see attached xml source.
The Portal finds both LDAP Systems but it is NOT that the useres are beeing merged
but they appear as two distict users in the portal UME. If you do a lookup in the portal
usernamagent system you get and see two users.
User1: unique ID = USER.Datasource1.uid
User2: unique ID = USER.Datasource2.uid
Obviously the UME system was not able to merge that information of the two distict
LDAP Systems. MSADS and Lotus Notes.
Hence my questions:
1) is it possible to distribute attributes over multiple ldap data sources
2) any ideas why UME constructs two different users based in Datasource ID's specified in XML
Thanks for any contributions or ideas,
Ulrich Scherb
<?xml version="1.0" encoding="UTF-8"?>
<dataSources>
<dataSource id="PRIVATE_DATASOURCE"
className="com.sap.security.core.persistence.datasource.imp.DataBasePersistence"
isReadonly="false"
isPrimary="true">
<homeFor>
<principals>
<principal type="group"/>
<principal type="user"/>
<principal type="account"/>
<principal type="team"/>
<principal type="ROOT" />
<principal type="OOOO" />
</principals>
</homeFor>
<notHomeFor/>
<responsibleFor>
<principals>
<principal type="group"/>
<principal type="user"/>
<principal type="account"/>
<principal type="team"/>
<principal type="ROOT" />
<principal type="OOOO" />
</principals>
</responsibleFor>
<privateSection>
</privateSection>
</dataSource>
<dataSource id="NOTES_LDAP"
className="com.sap.security.core.persistence.datasource.imp.LDAPPersistence"
isReadonly="true"
isPrimary="true">
<homeFor/>
<responsibleFor>
<principal type="account">
<nameSpace name="com.sap.security.core.usermanagement">
<attribute name="j_user"/>
<attribute name="logonalias"/>
<attribute name="j_password"/>
<attribute name="userid"/>
</nameSpace>
<nameSpace name="com.sap.security.core.authentication">
<attribute name="principal"/>
</nameSpace>
</principal>
<principal type="user">
<nameSpace name="com.sap.security.core.usermanagement">
<attribute name="firstname" populateInitially="true"/>
<attribute name="lastname" populateInitially="true"/>
<attribute name="email"/>
<attribute name="uniquename" populateInitially="true"/>
</nameSpace>
<nameSpace name="$usermapping$">
<attribute name="REFERENCE_SYSTEM_USER"/>
</nameSpace>
</principal>
</responsibleFor>
<attributeMapping>
<principal type="account">
<nameSpace name="com.sap.security.core.usermanagement">
<attribute name="j_user">
<physicalAttribute name="uid"/>
</attribute>
<attribute name="logonalias">
<physicalAttribute name="uid"/>
</attribute>
<attribute name="j_password">
<physicalAttribute name="unicodepwd"/>
</attribute>
<attribute name="userid">
<physicalAttribute name="*null*"/>
</attribute>
</nameSpace>
<nameSpace name="com.sap.security.core.authentication">
<attribute name="principal">
<physicalAttribute name="uid"/>
</attribute>
</nameSpace>
</principal>
<principal type="user">
<nameSpace name="com.sap.security.core.usermanagement">
<attribute name="firstname">
<physicalAttribute name="givenname"/>
</attribute>
<attribute name="lastname">
<physicalAttribute name="sn"/>
</attribute>
<attribute name="uniquename">
<physicalAttribute name="uid"/>
</attribute>
<attribute name="loginid">
<physicalAttribute name="*null*"/>
</attribute>
<attribute name="email">
<physicalAttribute name="mail"/>
</attribute>
</nameSpace>
<nameSpace name="$usermapping$">
<attribute name="REFERENCE_SYSTEM_USER">
<physicalAttribute name="sapusername"/>
</attribute>
</nameSpace>
</principal>
</attributeMapping>
<privateSection>
<ume.ldap.access.server_type>MSADS</ume.ldap.access.server_type>
<ume.ldap.access.server_name>ldap1</ume.ldap.access.server_name>
<ume.ldap.access.server_port>389</ume.ldap.access.server_port>
<ume.ldap.access.authentication>simple</ume.ldap.access.authentication>
<ume.ldap.access.user>xxxxx</ume.ldap.access.user>
<ume.ldap.access.password>xxxxx</ume.ldap.access.password>
<ume.ldap.access.base_path.user>O=SMT_TEST</ume.ldap.access.base_path.user>
<ume.ldap.record_access>TRUE</ume.ldap.record_access>
<ume.ldap.unique_uacc_attribute>uid</ume.ldap.unique_uacc_attribute>
<ume.ldap.unique_user_attribute>uid</ume.ldap.unique_user_attribute>
<ume.ldap.access.context_factory>com.sun.jndi.ldap.LdapCtxFactory</ume.ldap.access.context_factory>
<ume.ldap.access.user_as_account>true</ume.ldap.access.user_as_account>
<ume.ldap.access.ssl_socket_factory>com.sap.security.core.server.https.SecureConnectionFactory</ume.ldap.access.ssl_socket_factory>
<ume.ldap.access.objectclass.user>person</ume.ldap.access.objectclass.user>
<ume.ldap.access.objectclass.uacc>person</ume.ldap.access.objectclass.uacc>
<ume.ldap.access.naming_attribute.user>cn</ume.ldap.access.naming_attribute.user>
<ume.ldap.access.auxiliary_naming_attribute.user>uid</ume.ldap.access.auxiliary_naming_attribute.user>
<ume.ldap.access.naming_attribute.uacc>cn</ume.ldap.access.naming_attribute.uacc>
<ume.ldap.access.auxiliary_naming_attribute.uacc>uid</ume.ldap.access.auxiliary_naming_attribute.uacc>
</privateSection>
</dataSource>
<dataSource id="CORP_LDAP"
className="com.sap.security.core.persistence.datasource.imp.LDAPPersistence"
isReadonly="true"
isPrimary="true">
<homeFor/>
<responsibleFor>
<principal type="account">
<nameSpace name="com.sap.security.core.usermanagement">
<attribute name="j_user"/>
<attribute name="logonalias"/>
<attribute name="j_password"/>
<attribute name="userid"/>
</nameSpace>
<nameSpace name="com.sap.security.core.authentication">
<attribute name="principal"/>
<attribute name="realm"/>
<attribute name="domain"/>
</nameSpace>
</principal>
<principal type="user">
<nameSpace name="com.sap.security.core.usermanagement">
<attribute name="firstname" populateInitially="true"/>
<attribute name="displayname" populateInitially="true"/>
<attribute name="lastname" populateInitially="true"/>
<attribute name="fax"/>
<attribute name="title"/>
<attribute name="department"/>
<attribute name="description"/>
<attribute name="mobile"/>
<attribute name="telephone"/>
<attribute name="streetaddress"/>
<attribute name="uniquename" populateInitially="true"/>
</nameSpace>
<nameSpace name="com.sap.security.core.usermanagement.relation">
<attribute name="PRINCIPAL_RELATION_PARENT_ATTRIBUTE"/>
</nameSpace>
<nameSpace name="$usermapping$">
<attribute name="REFERENCE_SYSTEM_USER"/>
</nameSpace>
</principal>
<principal type="group">
<nameSpace name="com.sap.security.core.usermanagement">
<attribute name="displayname" populateInitially="true"/>
<attribute name="description" populateInitially="true"/>
<attribute name="uniquename"/>
</nameSpace>
<nameSpace name="com.sap.security.core.usermanagement.relation">
<attribute name="PRINCIPAL_RELATION_MEMBER_ATTRIBUTE"/>
<attribute name="PRINCIPAL_RELATION_PARENT_ATTRIBUTE"/>
</nameSpace>
<nameSpace name="com.sap.security.core.bridge">
<attribute name="dn"/>
</nameSpace>
</principal>
</responsibleFor>
<attributeMapping>
<principal type="account">
<nameSpace name="com.sap.security.core.usermanagement">
<attribute name="j_user">
<physicalAttribute name="samaccountname"/>
</attribute>
<attribute name="logonalias">
<physicalAttribute name="samaccountname"/>
</attribute>
<attribute name="j_password">
<physicalAttribute name="unicodepwd"/>
</attribute>
<attribute name="userid">
<physicalAttribute name="*null*"/>
</attribute>
</nameSpace>
<nameSpace name="com.sap.security.core.authentication">
<attribute name="principal">
<physicalAttribute name="samaccountname"/>
</attribute>
<attribute name="realm">
<physicalAttribute name="*null*"/>
</attribute>
<attribute name="domain">
<physicalAttribute name="*null*"/>
</attribute>
</nameSpace>
</principal>
<principal type="user">
<nameSpace name="com.sap.security.core.usermanagement">
<attribute name="firstname">
<physicalAttribute name="givenname"/>
</attribute>
<attribute name="displayname">
<physicalAttribute name="displayname"/>
</attribute>
<attribute name="lastname">
<physicalAttribute name="sn"/>
</attribute>
<attribute name="fax">
<physicalAttribute name="facsimiletelephonenumber"/>
</attribute>
<attribute name="uniquename">
<physicalAttribute name="samaccountname"/>
</attribute>
<attribute name="loginid">
<physicalAttribute name="*null*"/>
</attribute>
<attribute name="mobile">
<physicalAttribute name="mobile"/>
</attribute>
<attribute name="telephone">
<physicalAttribute name="telephonenumber"/>
</attribute>
<attribute name="department">
<physicalAttribute name="ou"/>
</attribute>
<attribute name="description">
<physicalAttribute name="description"/>
</attribute>
<attribute name="streetaddress">
<physicalAttribute name="postaladdress"/>
</attribute>
<attribute name="pobox">
<physicalAttribute name="postofficebox"/>
</attribute>
</nameSpace>
<nameSpace name="com.sap.security.core.usermanagement.relation">
<attribute name="PRINCIPAL_RELATION_PARENT_ATTRIBUTE">
<physicalAttribute name="memberof"/>
</attribute>
</nameSpace>
<nameSpace name="$usermapping$">
<attribute name="REFERENCE_SYSTEM_USER">
<physicalAttribute name="sapusername"/>
</attribute>
</nameSpace>
</principal>
<principal type="group">
<nameSpace name="com.sap.security.core.usermanagement">
<attribute name="displayname">
<physicalAttribute name="displayname"/>
</attribute>
<attribute name="description">
<physicalAttribute name="description"/>
</attribute>
<attribute name="uniquename" populateInitially="true">
<physicalAttribute name="cn"/>
</attribute>
</nameSpace>
<nameSpace name="com.sap.security.core.usermanagement.relation">
<attribute name="PRINCIPAL_RELATION_MEMBER_ATTRIBUTE">
<physicalAttribute name="member"/>
</attribute>
<attribute name="PRINCIPAL_RELATION_PARENT_ATTRIBUTE">
<physicalAttribute name="memberof"/>
</attribute>
</nameSpace>
<nameSpace name="com.sap.security.core.bridge">
<attribute name="dn">
<physicalAttribute name="*null*"/>
</attribute>
</nameSpace>
</principal>
</attributeMapping>
<privateSection>
<ume.ldap.access.server_type>MSADS</ume.ldap.access.server_type>
<ume.ldap.access.server_name>ldap2</ume.ldap.access.server_name>
<ume.ldap.access.server_port>389</ume.ldap.access.server_port>
<ume.ldap.access.authentication>simple</ume.ldap.access.authentication>
<ume.ldap.access.user>yyyyy</ume.ldap.access.user>
<ume.ldap.access.password>yyyyy</ume.ldap.access.password>
<ume.ldap.access.base_path.user>O=SMT_TEST</ume.ldap.access.base_path.user>
<ume.ldap.access.base_path.grup>O=SMT_TEST</ume.ldap.access.base_path.grup>
<ume.ldap.record_access>TRUE</ume.ldap.record_access>
<ume.ldap.unique_uacc_attribute>samaccountname</ume.ldap.unique_uacc_attribute>
<ume.ldap.unique_user_attribute>samaccountname</ume.ldap.unique_user_attribute>
<ume.ldap.access.context_factory>com.sun.jndi.ldap.LdapCtxFactory</ume.ldap.access.context_factory>
<ume.ldap.access.authentication>simple</ume.ldap.access.authentication>
<ume.ldap.access.flat_group_hierachy>true</ume.ldap.access.flat_group_hierachy>
<ume.ldap.access.user_as_account>true</ume.ldap.access.user_as_account>
<ume.ldap.access.dynamic_groups>false</ume.ldap.access.dynamic_groups>
<ume.ldap.access.ssl_socket_factory>com.sap.security.core.server.https.SecureConnectionFactory</ume.ldap.access.ssl_socket_factory>
<ume.ldap.access.objectclass.user>User</ume.ldap.access.objectclass.user>
<ume.ldap.access.objectclass.uacc>User</ume.ldap.access.objectclass.uacc>
<ume.ldap.access.objectclass.grup>Group</ume.ldap.access.objectclass.grup>
<ume.ldap.access.naming_attribute.user>cn</ume.ldap.access.naming_attribute.user>
<ume.ldap.access.auxiliary_naming_attribute.user>samaccountname</ume.ldap.access.auxiliary_naming_attribute.user>
<ume.ldap.access.naming_attribute.uacc>cn</ume.ldap.access.naming_attribute.uacc>
<ume.ldap.access.auxiliary_naming_attribute.uacc>samaccountname</ume.ldap.access.auxiliary_naming_attribute.uacc>
<ume.ldap.access.naming_attribute.grup>cn</ume.ldap.access.naming_attribute.grup>
</privateSection>
</dataSource>
</dataSources>Hi Ulrich,
Hope your problem is resolved. We are using EP7 and SP18. We are doing some study on your first issue. i.e. Distributing a user attribute into multiple LDAPs. Can you please let me know the feasibility? If yes, what are all step do I have to follow? Expecting your valuable answer. Thanks in advance!
Regards,
Kabali -
BSPs configuration with multiple apps servers
Hi Masters,
This is regrarding configure ICM and BSPs on our production box with multiple application servers.
We have our production box in a cluster environment.
The central instance is dbciSAP and apps servers are sapaps2 thru sapaps6. The database is on shared disks. Whenever the central instance fails sapaps2 takes the control and become as dbciSAP but the main dbciSAP never become a application server when ever sapaps2 acts as dbciSAP. Since we have configured load balancing concept in production environment the users can login to system thru any application server. This is waht our environment.
As part of our production box to SAP 4.7 upgrade from 4.6C, we are asked to configure the environment to deploy BSPs. We have successfully configured and deployed the BSPs in our DEV and QAS system (Both are central instances with no application servers) except production box which is due in the next month.
The process we follow to activate BSPs is as follows:
1.Define an ICM service port in /etc/services file.
2.Add the ICM related parameters in instance profiles.
3.Make sure the ICM status is active in SMICM tx.
4.Activate the BSP services in SICF as per OSS note 571484.
Now, the question is how to configure the same ICM service and activate the BSPs since we have multiple multiple application servers.
Subsequently What I am enquirying is:
Do I need to define ICM service ports on each and every hosts where the application servers are running?
Do I need to make changes to each and every instance profile of the application server?
What are the differences in configuring ICM services on central instance and application instances?
Appreciate any help in this regard.
Thanks and Regards
Murty PatchipalaGrasshopper,
I think what you should really read up on is the SAP WebDispatcher. If are serious about running BSP/ICM across multiple app servers, this is the key technology:
http://help.sap.com/saphelp_nw04/helpdata/en/42/5cfd3b0e59774ee10000000a114084/frameset.htm This may also answer some of your questions about profile parameters.
Other than that I can share what we did. We did activate the ICM and services on all app servers and central instance. The service ports of the individual servers aren't that important now because of the WebDispatcher (at least they aren't visible to the user).
Yes we did make some of the ICM profile changes in each instance profile. If your settings are the same, consider using the default profile. Are their particular settings you are interested? I will look over ours, but I don't remember any huge differences from APP server to Central Instance. -
Session cleanup issue with multiple Application servers
Hi ,
I am facing a strange problem with multiple application servers. The java Webdynro session does not get cleaned up completely when user closes the browser ( without using logoff ). On re-login it gets handle of old session and then fails for consecutive view on other webdynpro iviews with an invalid session error. It again starts working with a refresh event.
Any ideas/suggestion if you have seen something similar before ?
Thanks and regards,
Amit.Hi Amit
It seems that issues is not server related, but caused by your client browser. I know, for example, that IE8.0 keeps user session even if two separate browser instances opened on the same client machine. IE 7.0 and lower behave differently - they are separate user sessions per browser instance.
BR, Siarhei -
Integrating Presence with multiple AD/Exchange Domains
We have a single CUCM cluster that support several organizations. Some of these organizations want to implement CUPS with integration with their Exchange Servers. Each organization has their own, seperate AD Tree and Exchange server (some integrate with their own Unity, some others have their own Unity Connection server). However, Presence only allows a single Outlook Presence Gateway for Free/Busy indication. This is a problem.
One thought is that each organization get their own Presence server, but can non-clustered Presence servers integrate with one CUCM cluster? I know that a single Presence Cluster will not support multiple CUCM clusters, but does it have to be a 1-to-1 relationship?
Second, can different Presence servers in the same cluster point to different Outlook Presence Gateways? If so, we can simply add a Presence server for each organization that points to that org's Exchange server.The answer is yes and no.
Yes, you may install multiple CUPS servers with one CUCM cluster. You may point each CUPS server to different Exchange server.
Most of the features will work but phone presence ("on-the-phone" status). Because on CUCM, you can only specify one SIP trunk as PUBLISH trunk. And one SIP trunk can only point to one CUPS server (cluster).
There might be some "workarounds". But I haven't tested them yet. So it might or might not work.
Workaround 1: Set up a "proxy device" to redirect traffic. All CUPS server point to this device. This device will redirect the traffic based on difference email domain. This device could be a layer 7 content switch, an Exchange server, or a firewall/web proxy with content inspection features.
Workaround 2: On CUPS > Presence > Settings, uncheck "Enable SIP Publish on CUCM". Without this option, CUPS will use SUBSCRIBE/NOTIFY model to get phone presence from CUCM. You don't have to specify a PUBLISH trunk on CUCM. This works on CUCM 5.x. But I haven't tested on CUCM 6.x or above.
Ultimate Solution: talk to a Cisco sale person and request multi-tenant feature to be added to CUPS. You're not the first one who asked for this. Development team just wait for enough requests to justify the decision.
Michael
http://htluo.blogspot.com -
Is it possible to configure and use two or more LDAP servers to authenticate OBIEE users? We have users with logins in two different domains that need to log in to our OBI servers.
Yes, It is.
Just list out all the LDAP servers with domain identifiers.
then In your authentication initialization block add all the LDAP servers. So the BI Server will authenticate against each server until it finds a match. or based on domain identifier it will go to the correspondent LDAP server.
- Madan -
SharePoint writer metadata information in a SharePoint farm with multiple WFE servers.
I am working on Microsoft Volume Shadow Copy Service (VSS) framework. I know that in a 3-Tier SharePoint environment the SharePoint writer metadata on WFE server gives all the information related to that farm.
My question is -
a) How would i get all the information related to the SharePoint farm from the SharePoint writer metadata in an environment where multiple WFE servers are configured?
b) Is it possible that in a SharePoint farm where multiple WFE servers are deployed, SP writer of only one WFE server (Master/Main server) contains all the information about the respective SP farm servers in its metadata?Hi Aaditya,
All Writer Metadata is stored in Writer Metadata Document which is produced by writer. The backup application uses the Writer Metadata document to get information about that writer, the data it owns,
and how to restore that data. Once the writer produces it, the Writer Metadata Document is a read-only document to the backup application.
The Writer Metadata Document contains three sets of data: writer identification and classification information, writer-level specifications, and component data.
For getting Writer Metadata, you can use
IVssBackupComponents::GetWriterMetadata method.
For more information, you can refer to the articles:
http://msdn.microsoft.com/en-us/library/aa384992(v=vs.85).aspx
http://msdn.microsoft.com/en-us/library/aa384996(v=vs.85).aspx
http://blogs.technet.com/b/dpm/archive/2011/06/02/explaining-sharepoint-data-source-enumeration-with-data-protection-manager-2010.aspx
Best Regards,
Eric
Eric Tao
TechNet Community Support -
Run Admin Server with multiple Managed Servers each using different userid?
We currently run separate WebLogic domain instances for each business application in a Unix environment. Each one is created using a unix userid unique to that application and which owns all the files and is used to run the process when that particular WebLogic instance is started up. We have run this way for a while.
I am considering altering our approach to the one that is recommended, i.e. in our Production environment we would run a single Admin instance with numerous managed servers. One issue I'm stuck on is the fact that in our current environment, each application has a different unix userid that owns the files making up the WebLogic domain instance and that WebLogic instance is run under that userid.
I've investigated and experimented using WebLogic 10.3 preview and WebLogic 10.0, but I haven't been able to determine what I have to do to make each managed server's files and processes belong to a different unix userid, if that is even possible.
Is there a way, using the recommended approach, where there is a single Admin instance that has multiple managed servers whose files and processes are owned by different unique, unix userids?
If not, how would you separate access to each of the Managed Servers so that the programmers who maintain them don't have access to Managed Servers that they are not responsible for?
Thanks for any help or suggestions.....Hi:
I played with this stuff and I found that this will work, without the Location elements:
<IfModule mod_weblogic.c>
MatchExpression /app1 WebLogicHost=server1|WebLogicPort=7003
MatchExpression /app2 WebLogicHost=server2|WebLogicPort=7003
</IfModule>
Also this will work too, with no entries inside the IfModule element:
<Location /app1 >
SetHandler weblogic-handler
WebLogicHost server1
WebLogicPort 7003
</Location>
<Location /app2 >
SetHandler weblogic-handler
WebLogicHost server2
WebLogicPort 7003
</Location> -
Application Server slowdown with multiple proxy servers ?
Our environment has our iAS boxes talking to iWS web servers which are front-ended with iPlanet Proxy servers (Proxy 3.53 I believe). We are seeing significant slowdown if we try and hit our web apps through the proxy as opposed to going directly to the web server (bypassing the proxy servers). One of our "proxy" guys recalls hearing that there is an issue with the app server's handling of sessions if requests from the same user come in to the web server (and by extension the app server) from multiple proxy servers with different ip's. Has any body ever encountered this or does any body know if the app server has an issue handling the same sessions whose requests come from different ip addresses (different proxies)?
The proxy work with HTTP 1.0 and the webserver with HTTP 1.1.
This difference could be the cause of your problems.
"David Fuelling" <[email protected]> escribio en el mensaje
news:[email protected]..
Our environment has our iAS boxes talking to iWS web servers which are
front-ended with iPlanet Proxy servers (Proxy 3.53 I believe). We
are seeing significant slowdown if we try and hit our web apps through
the proxy as opposed to going directly to the web server (bypassing
the proxy servers). One of our "proxy" guys recalls hearing that
there is an issue with the app server's handling of sessions if
requests from the same user come in to the web server (and by
extension the app server) from multiple proxy servers with different
ip's. Has any body ever encountered this or does any body know if the
app server has an issue handling the same sessions whose requests come
from different ip addresses (different proxies)?
Try our New Web Based Forum at http://softwareforum.sun.com
Includes Access to our Product Knowledge Base!
Maybe you are looking for
-
I attempted to open my itunes store. The message said it could not connect to the Itunes store. An unknow error occurred. (-3212) This was after I installed the latest upddate. Any ideas?
-
"The files appears to be unsupported or damaged" - I can't open the files in any software
I have just returned from a trip where i was on the road for 7 weeks and out of 5000 shots have 30 corrupted DNG files, one of which i would love to save please can you help? My work flow: Shoot DNG files using Leica M9 Take SD card out sporadically
-
Transferring files in InDesign
I have creaded several family histories using InDesign CS4 on an older macBook. I have now puechased a new MacBook Pro and wish to transfer my files to my new computer. I tried using a flash drive but now all my links are missing and a few fonts.
-
Can notifications be kept permanently open
can notifications be kept permanently open in 10.10.3
-
How to enable Change control locking in an environment?
Hi all, Can anybody tell me how to enable change control locking_ in an environemnt? Any documentation regarding the same will also be very helpfull. Thanks, Anoop Edited by: The Student on May 13, 2009 10:04 PM