IPlanet Delegated Admin .... Comm Express
Hi,
I am trying to checkout the SJMS 2005Q1...
The classical iMS 5.2 used to have web based Delegated Admin....
This would let me keep a DA admin for each domain...and each domain would easily access the DA page from web.
in SJMS ....i.e. Comm express DA....this is a GUI...
how can I give access to the DA over internet??
What are the improvements of this new DA vs the old.
Cheers
msg_admin
Hi,
I am trying to checkout the SJMS 2005Q1...
The classical iMS 5.2 used to have web based
Delegated Admin....We called it, iPlanet Delegated Admin
This would let me keep a DA admin for each
domain...and each domain would easily access the DA
page from web.
in SJMS ....i.e. Comm express DA....this is a GUI...
how can I give access to the DA over internet??Provide access to the DA port through your firewall.
>
What are the improvements of this new DA vs the old.It's a little more limited, actually....
The real "improvement" is that it works with Schema 2. If you decide to run your new server under Schema 1 configuration, you can continue to use the old iDA.\
>
Cheers
msg_admin
Similar Messages
-
Iplanet delegated admin creates users under ou=people only
hi,
ldap tree has ou=people and ou=others under o=dom.com
how can we create a new mail user using iDA (iplanet version) under ou=others?
by default, the user in ida is created under ou=people.
thxThe "ou=people" branch is an accepted standard for holding user accounts. What you're doing will require that nearly EVERY application/utility you encounter will require some type of hack or custom configuration.
I don't think iDA can search multiple branches like that. In fact, most apps I've seen can only search one branch. If you want iDA to only search/create users in "ou=others", I'm guessing thats a config parameter.. Where it is and what it's called, I don't know.
HTH,
Roger S. -
From schema 1 to schema 2 migration delegated admin problem
I want migrate from schema 1 to schema 2 the messaging server 6.2 ( jes 2005q1).
I have install access manager and delegated admin.
With the commdirmig I migrate the domain and schema , the messaging work correctly.
I have a problem with the delegated admin web interface.
The delegated don't view my domain. If I add the sundelegatedorganization objectclass I can view my domain on delegated admin but I can view user and group.
Any Idea?
TIA
Bye GiovanniThere are two very different products called "deletaged admin". The old iPlanet Delegated Admin (iDA) only works with Schema 1. The current Delegated Admin, that comes with JES3 only works with Schema 2.
If you're using the old iDA that worked with schema 1, it won't work with schema 2. You have to install the new DA for that.
It doesn't work with groups/lists, only with users and domains. -
Delegated admin problems with 5.2
I just installed iMS 5.2 and the delegated admin server. i'm using Direct ldap, my ldap server is on another machine. my problem is, i cannot log into the delegated admin at all, using any account.
my ldap error log tailed no entries.
this is the ldap access log:
[17/Feb/2006:09:24:00 -0500] conn=250 fd=60 slot=60 connection from 160.10.4.10 to 160.10.36.186
[17/Feb/2006:09:24:00 -0500] conn=250 op=0 BIND dn="uid=NDAUser, ou=config, o=ida" method=128 version=3
[17/Feb/2006:09:24:00 -0500] conn=250 op=0 RESULT err=32 tag=97 nentries=0 etime=0
[17/Feb/2006:09:24:00 -0500] conn=250 op=1 BIND dn="" method=128 version=3
[17/Feb/2006:09:24:00 -0500] conn=250 op=1 RESULT err=0 tag=97 nentries=0 etime=0 dn=""
[17/Feb/2006:09:31:31 -0500] conn=251 fd=61 slot=61 connection from 160.10.4.10 to 160.10.36.186
[17/Feb/2006:09:31:31 -0500] conn=251 op=-1 fd=61 closed - B1
[17/Feb/2006:09:41:31 -0500] conn=252 fd=61 slot=61 connection from 160.10.4.10 to 160.10.36.186
[17/Feb/2006:09:41:31 -0500] conn=252 op=-1 fd=61 closed - B1
[17/Feb/2006:09:51:30 -0500] conn=253 fd=61 slot=61 connection from 160.10.4.10 to 160.10.36.186
[17/Feb/2006:09:51:30 -0500] conn=253 op=-1 fd=61 closed - B1
[17/Feb/2006:10:01:30 -0500] conn=254 fd=61 slot=61 connection from 160.10.4.10 to 160.10.36.186
[17/Feb/2006:10:01:30 -0500] conn=254 op=-1 fd=61 closed - B1
[17/Feb/2006:10:02:49 -0500] conn=255 fd=61 slot=61 connection from 160.10.4.10 to 160.10.36.186
[17/Feb/2006:10:02:49 -0500] conn=255 op=0 BIND dn="uid=NDAUser, ou=config, o=ida" method=128 version=3
[17/Feb/2006:10:02:49 -0500] conn=255 op=0 RESULT err=32 tag=97 nentries=0 etime=0
[17/Feb/2006:10:02:49 -0500] conn=255 op=1 BIND dn="" method=128 version=3
[17/Feb/2006:10:02:49 -0500] conn=255 op=1 RESULT err=0 tag=97 nentries=0 etime=0 dn=""
[17/Feb/2006:10:11:31 -0500] conn=256 fd=62 slot=62 connection from 160.10.4.10 to 160.10.36.186
[17/Feb/2006:10:11:31 -0500] conn=256 op=-1 fd=62 closed - B1
Thanks in advance for any help anyone can give. i know i'll need to provide more detail so if you need any info i'll be happy to divulge it, i just thought this would be an ok starter. I do need some help with this, I just want to get this working.
Thanks in advance for any help.The old iPlanet Delegated Admin uses a special account itself, rather than the one you use to log in as.
I see that login failing:
[17/Feb/2006:10:02:49 -0500] conn=255 op=0 BIND dn="uid=NDAUser, ou=config, o=ida" method=128 version=3
[17/Feb/2006:10:02:49 -0500] conn=255 op=0 RESULT err=32 tag=97 nentries=0 etime=0
err=32 means, "no such object". This means that this user, NDAUser has been deleted, as have some of the entries above that.
A failure to bind or locate an entry is not "an error" to Directory Server, it's a failed lookup or failure to bind. Nothing like this is going to be logged into the errors log.
It's still clearly the problem....
The password for NDAUser is in clear text in your iDA config file, "resource.properties" Likely, you could create the user and password, or you coule reinstall Delegated Admin.
If you haven't downloaded the later version, 1.2p2, I STRONGLY recommend that you uninstall the version that came with Messaging 5.2, and install the later one. -
Configure directiry server failover for delegated admin schema 2
Hello,
I am using Delegated Admin for Schema 2 on solaris 9 sparc platform.
I want to configure directory servers failover for delegated admin.
Unfortunately I havent found any clue for the same.
Can anyone help me?
Regards,
Shujaat Nazir
Senior System Engineer
Cyber Internet Services, Pakistan
http://www.cyber.net.pkDifferent product.
Schema 1 used the old iPlanet Delegated Admin.
Schema 2 uses Delegated Admin, based on Identity Server.
As far as I know, failover is not in this product. -
Can't login to Delegated Admin after redeploy
I originally had Delegated Admin 6.4 running on port 80 in Webserver 7u3 along with AM, and UWC. I needed to move DA off of port 80 so I created another Webserver instance on port 81 and then uninstalled and reinstalled Delegated Admin against the new instance. In the configurator I specified port 80 where it asked about Access Manager and port 81 where it asked to deploy DA. Now I cannot login to DA. It keeps telling me: "Invalid login ID or password, please try again". The ID and password are correct. No LDAP traffic is being generated during the attempted login. I turned on DA logging and this is what I get:
Aug 23, 2008 4:43:39 PM com.sun.comm.da.security.DALoginManager login
INFO: Login failed, login id [admin]
com.sun.comm.jdapi.DAException: Moved Temporarily: Moved Temporarily
at com.sun.comm.jdapi.DAConnection.liveAuth(DAConnection.java:88)
at com.sun.comm.jdapi.DAConnection.authenticate(DAConnection.java:130)
at com.sun.comm.da.security.DALoginManager.login(DALoginManager.java:209)
at com.sun.comm.da.view.LoginViewBean.handleLoginButtonRequest(LoginViewBean.java:212)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.iplanet.jato.view.command.DefaultRequestHandlingCommand.execute(DefaultRequestHandlingCommand.java:183)
at com.iplanet.jato.view.RequestHandlingViewBase.handleRequest(RequestHandlingViewBase.java:308)
at com.iplanet.jato.view.ViewBeanBase.dispatchInvocation(ViewBeanBase.java:802)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:740)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandler(ViewBeanBase.java:571)
at com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:957)
at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:615)
at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:473)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:816)
at com.sun.comm.da.DAServlet.service(DAServlet.java:152)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:917)
at org.apache.catalina.core.ApplicationFilterChain.servletService(ApplicationFilterChain.java:398)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:304)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:185)
at com.sun.comm.da.LoginFilter.doFilter(LoginFilter.java:133)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:217)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:185)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275)
at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:255)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:188)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:586)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:556)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:187)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:586)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:556)
at com.sun.webserver.connector.nsapi.NSAPIProcessor.service(NSAPIProcessor.java:160)
Here is a sample of what I get when I run commadmin:
./commadmin -v search domain o=xyz.com
[Debug]: DBG:Object = search ; task = domain
[Debug]: default domain from Properties: xyz.com
[Debug]: IShost from Properties: webmail.xyz.com
[Debug]: ISPort from Properties: 80
Enter login ID: admin
Enter login password:
[Debug]: Contacting : http://webmail.xyz.com:80/commcli/auth
[Debug]: To servlet: domain=xyz.com&username=admin&password=xxxxxxxx&charsetenc=UTF-8
[Debug]: Http Error recvd: Moved Temporarily
Moved Temporarily: Moved Temporarily
Invalid value for Identity server host name: webmail.xyz.com
Invalid value for Identity server port: 80
Enter Identity server port[80]:
Any ideas?sheger77 wrote:
I originally had Delegated Admin 6.4 running on port 80 in Webserver 7u3 along with AM, and UWC. I needed to move DA off of port 80 so I created another Webserver instance on port 81 and then uninstalled and reinstalled Delegated Admin against the new instance. In the configurator I specified port 80 where it asked about Access Manager and port 81 where it asked to deploy DA.As per the administration guide, Delegated Administrator server needs to be installed in the same web-container/instance as Access Manager.
http://docs.sun.com/app/docs/doc/819-4438/acfck?a=view
"The Delegated Administrator server uses the same Web container as Access Manager. The configuration program asks for Web container information after it asks for the Access Manager base directory."
[Debug]: IShost from Properties: webmail.xyz.com
[Debug]: ISPort from Properties: 80The commadmin client is trying to contact the DA server which is supposed to be installed in the same Web container as Access Manager
(hence the use of IShost/ISPort):
[Debug]: Contacting : http://webmail.xyz.com:80/commcli/auth
[Debug]: To servlet: domain=xyz.com&username=admin&password=xxxxxxxx&charsetenc=UTF-8
[Debug]: Http Error recvd: Moved TemporarilyCan't contact DA server so attempt fails.
Regards,
Shane. -
Delegated Admin- Adding user causes unhandled exceptions
Now that I've finally settled on 05q1, Im trying to create accounts using the delegated admin GUI.
I click on my domain, then on "New". I then fill out first, last name, role is Business OA, no postal address, assign no service package, change the loginId and two passwords. At this point, when I click "Next", I get a "Server Error" screen with this information:
This server has encountered an internal error which prevents it from fulfilling your request. The most likely cause is a misconfiguration. Please ask the administrator to look for messages in the server's error log.
The messages below show up in /opt/sun/webserver/https-imap.domain.com/logs/errors. I couldn't find any other error for ds, identity, admin server, etc. After this exception, I also have to log back in to DA. The messages are quite vague (from an administrative standpoint) so any help is appreciated!
[11/Jan/2006:10:32:02] failure (18149): for host xx.xxx.xxx.xxx trying to POST /da/wizard/WizardWindow, service-j2ee reports: Ap
plicationDispatcher[da] WEB2649: Servlet.service() for servlet jsp threw exception
javax.servlet.ServletException
at org.apache.jasper.runtime.PageContextImpl.handlePageException(PageContextImpl.java:536)
at jsps.com_sun_web_ui._jsp._wizard._WizardWindow_jsp._jspService(_WizardWindow_jsp.java:559)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:107)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
at com.iplanet.ias.web.jsp.JspServlet$JspServletWrapper.service(JspServlet.java:687)
at com.iplanet.ias.web.jsp.JspServlet.serviceJspFile(JspServlet.java:459)
at com.iplanet.ias.web.jsp.JspServlet.service(JspServlet.java:375)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:772)
at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:471)
at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:382)
at com.iplanet.jato.view.ViewBeanBase.forward(ViewBeanBase.java:340)
at com.iplanet.jato.view.ViewBeanBase.forwardTo(ViewBeanBase.java:261)
at com.sun.web.ui.view.wizard.CCWizard.handleNextButtonRequest(CCWizard.java:730)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.iplanet.jato.view.command.DefaultRequestHandlingCommand.execute(DefaultRequestHandlingCommand.java:183)
at com.iplanet.jato.view.RequestHandlingViewBase.handleRequest(RequestHandlingViewBase.java:308)
at com.iplanet.jato.view.ViewBeanBase.dispatchInvocation(ViewBeanBase.java:802)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:740)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:760)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandler(ViewBeanBase.java:571)
at com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:957)
at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:615)
at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:473)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:807)
at com.sun.comm.da.WizardWinServlet.service(WizardWinServlet.java:111)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
at com.sun.comm.da.LoginFilter.doFilter(LoginFilter.java:128)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:213)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:280)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:212)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:209)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
at com.iplanet.ias.web.connector.nsapi.NSAPIProcessor.process(NSAPIProcessor.java:161)
at com.iplanet.ias.web.WebContainer.service(WebContainer.java:580)
----- Root Cause -----
javax.servlet.jsp.JspException
at com.sun.web.ui.taglib.wizard.CCWizardTag.getWizardPageHTML(CCWizardTag.java:1577)
at com.sun.web.ui.taglib.wizard.CCWizardTag.appendPageletBodyContentHTML(CCWizardTag.java:668)
at com.sun.web.ui.taglib.wizard.CCWizardTag.appendWizardBodyHTML(CCWi
[11/Jan/2006:10:32:02] failure (18149): for host xx.xxx.xxx.xxx trying to POST /da/wizard/WizardWindow, service-j2ee reports: WE
B2798: [da] ServletContext.log(): [ERROR] Uncaught application exception
com.iplanet.jato.NavigationException: Exception encountered during forward
Root cause = [javax.servlet.jsp.JspException]
at com.iplanet.jato.view.ViewBeanBase.forward(ViewBeanBase.java:380)
at com.iplanet.jato.view.ViewBeanBase.forwardTo(ViewBeanBase.java:261)
at com.sun.web.ui.view.wizard.CCWizard.handleNextButtonRequest(CCWizard.java:730)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.iplanet.jato.view.command.DefaultRequestHandlingCommand.execute(DefaultRequestHandlingCommand.java:183)
at com.iplanet.jato.view.RequestHandlingViewBase.handleRequest(RequestHandlingViewBase.java:308)
at com.iplanet.jato.view.ViewBeanBase.dispatchInvocation(ViewBeanBase.java:802)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:740)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:760)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandler(ViewBeanBase.java:571)
at com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:957)
at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:615)
at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:473)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:807)
at com.sun.comm.da.WizardWinServlet.service(WizardWinServlet.java:111)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
at com.sun.comm.da.LoginFilter.doFilter(LoginFilter.java:128)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:213)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:280)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:212)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:209)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
at com.iplanet.ias.web.connector.nsapi.NSAPIProcessor.process(NSAPIProcessor.java:161)
at com.iplanet.ias.web.WebContainer.service(WebContainer.java:580)
Root cause:
javax.servlet.jsp.JspException
at com.sun.web.ui.taglib.wizard.CCWizardTag.getWizardPageHTML(CCWizardTag.java:1577)
at com.sun.web.ui.taglib.wizard.CCWizardTag.appendPageletBodyContentHTML(CCWizardTag.java:668)
at com.sun.web.ui.taglib.wizard.CCWizardTag.appendWizardBodyHTML(CCWizardTag.java:658)
at com.sun.web.ui.taglib.wizard.CCWizardTag.getHTMLStringInternal(CCWizardTag.java:469)
at com.sun.web.ui.taglib.common.CCTagBase.doEndTag(CCTagBase.java:114)
at jsps.com_sun_web_ui._jsp._wizard._WizardWindow_jsp._jspService(_WizardWindow_jsp.java:260)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:107)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
at com.iplanet.ias.web.jsp.JspServlet$JspServletWrapper.service(JspServlet.java:687)
at com.iplanet.ias.web.jsp.JspServlet.serviceJspFile(JspServlet.java:459)
at com.iplanet.ias.web.jsp.JspServlet.service(JspServlet.java:375)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:772)
at org.apache.catalina.cor
[11/Jan/2006:10:32:02] failure (18149): for host xx.xxx.xxx.xxx trying to POST /da/wizard/WizardWindow, service-j2ee reports: St
andardWrapperValve[WizardWinServlet]: WEB2792: Servlet.service() for servlet WizardWinServlet threw exception
javax.servlet.ServletException: Uncaught exception
at com.iplanet.jato.ApplicationServletBase.onUncaughtException(ApplicationServletBase.java:1415)
at com.sun.comm.da.WizardWinServlet.onUncaughtException(WizardWinServlet.java:98)
at com.iplanet.jato.ApplicationServletBase.fireUncaughtException(ApplicationServletBase.java:1164)
at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:639)
at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:473)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:807)
at com.sun.comm.da.WizardWinServlet.service(WizardWinServlet.java:111)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
at com.sun.comm.da.LoginFilter.doFilter(LoginFilter.java:128)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:213)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:280)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:212)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:209)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
at com.iplanet.ias.web.connector.nsapi.NSAPIProcessor.process(NSAPIProcessor.java:161)
at com.iplanet.ias.web.WebContainer.service(WebContainer.java:580)
----- Root Cause -----
com.iplanet.jato.NavigationException: Exception encountered during forward
Root cause = [javax.servlet.jsp.JspException]
at com.iplanet.jato.view.ViewBeanBase.forward(ViewBeanBase.java:380)
at com.iplanet.jato.view.ViewBeanBase.forwardTo(ViewBeanBase.java:261)
at com.sun.web.ui.view.wizard.CCWizard.handleNextButtonRequest(CCWizard.java:730)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.iplanet.jato.view.command.DefaultRequestHandlingCommand.execute(DefaultRequestHandlingCommand.java:183)
at com.iplanet.jato.view.RequestHandlingViewBase.handleRequest(RequestHandlingViewBase.java:308)
at com.iplanet.jato.view.ViewBeanBase.dispatchInvocation(ViewBeanBase.java:802)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:740)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:760)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandler(ViewBeanBase.java:571)
at com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:957)
at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:615)
at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:473)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:807)
at com.sun.comm.da.WizardWinServlet.service(WizardWinServlet.java:111)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
at com.sun.comm.da.LoginFilter.doFilter(LoginFilter.java:128)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.Might it have something to do with having not assigned service package? I read in the 05Q4 notes that in 05Q1, a service package had to be defined. I just tried to allocate some service packages to the domain and I get the same "Server Error" page when I click "Next" on the page where I choose how many service packages to allocate (i.e. the screen right before the "Summary" page)
At least the errors are a little more informative in the webserver error log (sample below)
I chose 3 service packages and attempted to allocate 50 each, No anonymous logins for calendar server and put in a calendar server hostname. All other fields were left to default.
[12/Jan/2006:15:14:13] failure (18149): for host 63.241.196.147 trying to POST /da/wizard/WizardWindow, service-j2ee reports: Ap
plicationDispatcher[da] WEB2649: Servlet.service() for servlet jsp threw exception
javax.servlet.ServletException: String index out of range: -15
at org.apache.jasper.runtime.PageContextImpl.handlePageException(PageContextImpl.java:536)
at jsps.com_sun_web_ui._jsp._wizard._WizardWindow_jsp._jspService(_WizardWindow_jsp.java:559)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:107)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
at com.iplanet.ias.web.jsp.JspServlet$JspServletWrapper.service(JspServlet.java:687)
at com.iplanet.ias.web.jsp.JspServlet.serviceJspFile(JspServlet.java:459)
at com.iplanet.ias.web.jsp.JspServlet.service(JspServlet.java:375)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:772)
at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:471)
at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:382)
at com.iplanet.jato.view.ViewBeanBase.forward(ViewBeanBase.java:340)
at com.iplanet.jato.view.ViewBeanBase.forwardTo(ViewBeanBase.java:261)
at com.sun.web.ui.view.wizard.CCWizard.handleNextButtonRequest(CCWizard.java:730)
at sun.reflect.GeneratedMethodAccessor37.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.iplanet.jato.view.command.DefaultRequestHandlingCommand.execute(DefaultRequestHandlingCommand.java:183)
at com.iplanet.jato.view.RequestHandlingViewBase.handleRequest(RequestHandlingViewBase.java:308)
at com.iplanet.jato.view.ViewBeanBase.dispatchInvocation(ViewBeanBase.java:802)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:740)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:760)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandler(ViewBeanBase.java:571)
at com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:957)
at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:615)
at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:473)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:807) -
I'm setting up a demo of JES3 Messaging for a customer with the Delegated Admin. It seems to work for I can create users with the correct attributes. These users can log into Messagent express and can see their mail but cannot send outgoing mail. Also I can't pop from the command line fror any of these users but sending mail to them from he command line does work. This seems to be probles with MailAllowed Services, but it seems ok on a ldapsearch (see below).
Synopsis of results:
I can send mail to these users with a telnet to port 25. But MExpress canot send mail from any of these users.
Messaging Express smtp error:
"Not authorized to sned messages"
But MExpress get's incoming mail for these users.
Messager Express gets mail for the users but pop fails:
Telnet <server> 110
User testuser2
pass password
"-ERR [AUTH] Not authorized to login as specified user"
ldapsearch output for testuser2
uid=testuser2,ou=People,o=myjazz.com,dc=myjazz,dc=com
psIncludeInGAB=true
uid=testuser2
iplanet-am-modifiable-by=cn=Organization Admin Role,o=myjazz.com,dc=myjazz,dc=com
givenName=Test
[email protected]
mailUserStatus=active
sn=User2
cn=Test User2
inetCOS=gold
preferredLocale=en
mailHost=bigun.myjazz.com
objectClass=userpresenceprofile
objectClass=top
objectClass=iplanet-am-managed-person
objectClass=iplanet-am-user-service
objectClass=inetadmin
objectClass=organizationalperson
objectClass=person
objectClass=inetuser
objectClass=inetlocalmailrecipient
objectClass=iplanetpreferences
objectClass=ipuser
objectClass=inetorgperson
objectClass=inetsubscriber
objectClass=inetmailuser
inetUserStatus=Active
userPassword={SSHA}I8oftLKYhg0DzYAzCh1UfzaluWNuKVNIjXO7RQ==
mailDeliveryOption=mailbox
preferredLanguage=en
nswmExtendedUserPrefs=meDraftFolder=Drafts
nswmExtendedUserPrefs=meSentFolder=Sent
nswmExtendedUserPrefs=meTrashFolder=Trash
nswmExtendedUserPrefs=meInitialized=true
pabURI=ldap://bigun.myjazz.com:389/ou=testuser2,ou=People,o=myjazz.com,dc=myjazz,dc=com,o=pab
mailAllowedServiceAccess=+imaps:ALL$+pops:ALL$+smtps:ALL$+http:ALL
mailMsgMaxBlocks=700
mailMsgQuota=3000
mailQuota=8000000I had the same problem. When I created a user account through the Delegated Admin interface the user could log into Communications Express, but was unable to send outgoing email. I then created another user account using the command below and this user is able to send email. I have not quite figured out the significany difference yet.
./commadmin user create -D admin -w <password> -X host.domain.com -n domain.com -d hosteddomain.com -l test5 -F Test5 -L User -W pass -S mail,cal -k legacy -E [email protected] -H host.domain.com -
Delegated Admin and non-flat user/group structures
Hello, I am trying to build a directory structure with several containers under an organization used to store different portions of userdata and group data (i.e. not only ou=people and ou=group, but also a few ou's like them). Server software is from OUCS 7u2 release. Users in "other" containers are populated into LDAP (ODSEE 11) by replication, filling in all the same attributes as a freshly DA-created account has.
The Delegated Admin interface and other parts of the software accept this and work okay with this setup, displaying user information, allowing logins and so on - except for attempts to edit user accounts in the alternate containers in the DA (i.e. add/remove service packages, change quotas, etc.). First I've verified that this is not an LDAP problem - I can use both command-line ldapmodify and an LDAPBrowser GUI to edit the entries with no hiccups.
I tracked that when trying to save account information for accounts in non-standard containers, the DA still tries to use a hard-coded path (i.e. uid=USERNAME,ou=people,o=DOMAINNAME,dc=DOMAIN,dc=NAME) despite the fact that the user account is (and DA displayed it from) uid=USERNAME,ou=morePeople,o=DOMAINNAME,dc=DOMAIN,dc=NAME.
Possibly, this "hardcoding" stems from DA configuration in WEB-INF/classes/sun/comm/cli/server/servlet/serverconfig.properties which does list components of the LDAP structure:
# Ldap configuration.
# List of ldap hosts. Form is <ldaphost>:<portnumber>. (Default port = 389)
# add additional hosts with ldaphost-<consecutive number>
# Schema type is either "1" or "2".
# Reconnect interval is in seconds
# Group and people container is dn from organization dn (e.g ou=people)
ldaphost-1=oucsldap01:389
ldaphost-2=oucsldap02:389
ldaphost-suffix=dc=DOMAIN,dc=NAME
ldaphost-dcsuffix=dc=DOMAIN,dc=NAME
ldaphost-maxcount=50
ldaphost-schematype=2
ldaphost-reconnectinterval=60
ldaphost-peoplecontainer=ou=People
ldaphost-groupcontainer=ou=Groups
ldaphost-orgadminrole=cn=Organization Admin Role
While the organization root dn is not explicit here (and shouldn't be), the default people container is... I might guess a coding error logic like this: indeed, the "ou=People" container should be used by default when creating a user via DA; as a likely error, it might also be used when editing existing users - instead of their existing full DN/parent DN.
Questions:
1) Does anyone have a working configuration with several user/group containers within an organization like this? Would you care to share details and workarounds, if were needed?
2) I think that possibly the "shared domain/organization hosting" mode might help here - at least it is expected to have several LDAP trees with their delegated administrators performing as a single e-mail domain. Before I go and reconfigure everything, I'd love to hear if there are any success stories with this route? Is it a proper solution (or THE solution) for such config?
Thanks,
//Jim KlimovI wanted to follow up that reconfiguring the directory structure according to shared domain hosting, with branches for ISW-synchronized accounts as one of the sub-organizations which share the domain, and manually created OUCS-only accounts being in another sub-organization. This works for both messaging components and the DA, as long as UIDs are in ou=People in their organization. Somewhat unfortunately, ISW config seems to allow only one DSEE target branch and puts groups (CN) there as well. Well, for our needs to edit user attributes and service packages via DA, this suffices. Sometimes there are hiccups (Can not save changes), but they are intermittent and harder to trace debug; usually go away with restart of the DA web container. The DSEE LDAP instances are configured with plugins to enforce uid uniqueness across the organization and uniqueness of values of messaging email address attributes (mail, mailAlternateAddress, mailEqiuvalentAddress) to avoid mixups between user accounts in different branches.
Also, we had a problem with Calendar server after migrating the LDAP entries: since our deployment used the nsUniqueID for calendar user identification, relocation of entries (the way we did it) generated new values for new entries and users got new empty caledar databases. On this POC this was not a major problem, and newer OUCS releases with a davUniqueID attribute should specifically be immune to this problem. However, for others trodding this path I can suggest that they export the LDAP database into LDIF including the unique IDs, recreate the suffixes as needed (the ISW target organization in DSEE should be a separate LDAP database suffix), change the LDIF entry pathnames, and import the LDIF anew. This would wipe old LDAP data and should add old nsUniqueIDs to relocated entries (unlike recreation via ldapadd or relocation via ldapmodrdn).
We have also hit a problem with DA refusing to render the list of accounts (returning 0 or 25 empty entries in a table). The LDAP logs showed that on the LDAP side all is ok, and expected amount of replies was located. Pattern searches often produced the proper table with a subset of users in DA. Ultimately, we linked the problem to ISW binary base64-encoded attributes (dspswuserlink et al; some of those values also garbaged output of commadmin queries in a terminal) and created an LDAP ACI which forbade our DA-admin user to read,search,compare these attributes. This solved the problem for us. I wonder if a more generic solution is possible, so as to apply this ACI not to an explicitly named admin user but to any users with DA admin privileges (by group or role? which string, to cover them all in advance)? Or, perhaps, nobody except the ISW user account should see these ISW attributes?
Hope this report helps others who would try to pioneer this path of messaging integration
//Jim Klimov -
I am running Iplanet messaging server 5.2 and am having problems loging into the delegated administrator. When I try to log in as ServiceAdmin I immediately get a screen telling me that the session has timed out and to re-authenticate.
Any ideas what is wrong?Unknown. Not nearly enough data to guess.
Please examine your LDAP access logs, and comment.
You should be looking for BIND commands for "NDAdmin". This is the first step in logging into Delegated Admin. If this fails, no user will be able to use DA.
Do you have password expiration set up in DS? did you remove this account? Change the pw? -
Delegated Admin web application only requests first 100 accounts?
Hi,
- Sun Java System Messenger Express 6.2
- Delegated Administrator 6.3-0.09 built Sep 6, 2005
Is this true that the Delegated Admin (DA) web application only requests first 100 accounts?
Once logged in to DA web application, we only see "Retrieved Users (100)" if we want to see all users; but if we do a search on uid or username, all other users are retrieved.
One of the admin gave us the following response:
This is not a directory-related problem, but rather a matter of the design of the DA application you are using. The web-based java app only requests the first 100 accounts from the directory (presented by default as 10 pages of 10 accoints each.) , since you're supposed to be using the search facility to find accounts when you need to modify or delete them.
This is a deliberate design choice by the Sun programmers who wrote the thing, probably because the directory is capable of holding several thousand accounts and pulling them all would take quite a bit of time (not to mention memory space), so in the interest of response-time speed they limited the data pull.
I cannot modify this application's functionality. If you need a list of all user accounts in your domain, I can supply an LDIF on request, with any attributes (mail, uid, cn, etc.) that you like.
Please let us know if there is any way we can view all users (approx. 1000) from DA web application.
Thank you for your time,
GJYes, the terminal commands I gave are changing permissions.
Properly written OS X apps should run under any user account, and should store any account-specific information in the each user's home folder. Some poorly written apps might only be executable by the administrator. Running the first command I have will make the app executable to all users.
Some even more poorly written apps will write user data into the application itself rather than to the user's home folder. This is a particularly bad problem with game software, which for example might write high score info into the app itself. If this is the case for your misbehaving apps, the second command I gave will make the app writable by everybody and should solve the problem. -
Delegated admin 6.3 Invalid login ID or password, please try again
Dear Oracle,
I am having problem login to delegated admin. previously the login was OK
until recently not sure what cause the login fail.
Please advice where should i start to t/s
Cheer
SamDear Oracle,
I found the DA fail might related to access manager not functioning
after several time restart webserver for da & amserver
the error log shown as below
20/Nov/2010:14:17:31 failure Click to view more details for this
message WebModule[amserver]StandardWrapper.Throwable
java.lang.NullPointerException at
com.sun.identity.authentication.UI.LoginLogoutMapping.initializeAuth(LoginLogoutMapping.java:89)
at com.sun.identity.authentication.UI.LoginLogoutMapping.init(LoginLogoutMapping.java:74)
at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1165)
at org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:994)
at org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:4731)
at org.apache.catalina.core.StandardContext.start(StandardContext.java:5123)
at com.sun.webserver.connector.nsapi.WebModule.start(WebModule.java:182)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1224)
at org.apache.catalina.core.StandardHost.start(StandardHost.java:924)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1224)
at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:520)
at org.apache.catalina.startup.Embedded.start(Embedded.java:917) at
com.sun.enterprise.web.PwcWebContainer.onStartup(PwcWebContainer.java:70)
at com.sun.webserver.connector.nsapi.WebContainer.start(WebContainer.java:472)
at com.sun.webserver.init.J2EERunner.confPostInit(J2EERunner.java:304)
20/Nov/2010:14:17:31 failure Click to view more details for this
message WebModule[amserver]PWC1396: Servlet /amserver threw load()
exception
0/Nov/2010:14:11:03 failure Click to view more details for this
message for host 10.0.1.28 trying to GET /amserver/UI/Login,
service-j2ee reports: WebModule[amserver][ERROR] Uncaught application
exception
java.util.MissingResourceException: Can't find resource for bundle
java.util.PropertyResourceBundle, key at
java.util.ResourceBundle.getObject(ResourceBundle.java:325) at
java.util.ResourceBundle.getObject(ResourceBundle.java:322) at
java.util.ResourceBundle.getString(ResourceBundle.java:285) at
com.sun.identity.authentication.client.AuthClientUtils.getErrorVal(AuthClientUtils.java:1389)
at com.sun.identity.authentication.client.AuthClientUtils.getErrorTemplate(AuthClientUtils.java:453)
at com.sun.identity.authentication.UI.LoginViewBean.setErrorMessage(LoginViewBean.java:1650)
at com.sun.identity.authentication.UI.LoginViewBean.forwardTo(LoginViewBean.java:373)
at com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:981)
at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:615)
at com.iplanet.jato.ApplicationServletBase.doGet(ApplicationServletBase.java:459)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:796) at
javax.servlet.http.HttpServlet.service(HttpServlet.java:917) at
org.apache.catalina.core.ApplicationFilterChain.servletService(ApplicationFilterChain.java:398)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:304)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:185)
at com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:86)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:217)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:185)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275)
at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:255)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:188)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:586)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:556)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:187)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:586)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:556)
at com.sun.webserver.connector.nsapi.NSAPIProcessor.service(NSAPIProcessor.java:160)
20/Nov/2010:14:11:03 failure Click to view more details for this
messagefor host 10.0.1.28 trying to GET /amserver/UI/Login,
service-j2ee reports: StandardWrapperValve[LoginServlet]: PWC1406:
Servlet.service() for servlet LoginServlet threw exception
Cheers
Sam -
Delegated Admin for Messaging does not run properly
Hi, my environment is:
iDS5.1, iMS5.2, iCS5.1 and Delegated Admin for Messaging 1.2.
I have installed all the components and it seems to run fine, but when I log on to the Delegated Admin I cna't see the frame in the middle of the browser window. An error appears that "The page cannot be displayed".
I had a look in the error log of the WebServer to see what might happen and I saw the following error message:
Internal error: servlet service function had thrown ServletException (uri=/servlet/getPage): javax.servlet.ServletException: java.lang.Exception: ../templates/isp/SearchSelected.html:45 -> Template contains directive that first requires LdapEntry to be initiallized by program., stack: javax.servlet.ServletException: java.lang.Exception: ../templates/isp/SearchSelected.html:45 -> Template contains directive that first requires LdapEntry to be initiallized by program. at java.lang.Throwable.fillInStackTrace(Native Method) at java.lang.Throwable.fillInStackTrace(Compiled Code) at java.lang.Throwable.<init>(Compiled Code) at java.lang.Exception.<init>(Compiled Code) at javax.servlet.ServletException.<init>(ServletException.java:107) at netscape.nda.servlet.NDAIMSGetPage.execute(Compiled Code) at netscape.nda.servlet.NDAServlet.doPost(NDAServlet.java:117) at netscape.nda.servlet.NDAServlet.doGet(NDAServlet.java:138) at javax.servlet.http.HttpServlet.service(HttpServlet.java:740) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at com.iplanet.server.http.servlet.NSServletRunner.invokeServletService(NSServletRunner.java:897) at com.iplanet.server.http.servlet.NSServletRunner.Service(NSServletRunner.java:464) , root cause:
I had no errors during the installation and the access to the LDAP server seems to be o.k. because it is possible to log on to the Del. Admin.
Does anyone can give me hint what this might be?
Any help would be very appreciate.
THX
MarceliDS5.1, iMS5.2, iCS5.1 and Delegated Admin for Messaging 1.2.
Why is anybody installing 3-year old software today?
The error message implies that not all installation steps were done correctly. The most common problem is that when ims_dssetup.pl is run, the entries there are not correct for what you intend to put in during Messaging install... -
We are running SunOne Messaging 5.2 Hotfix 1.21 with SunOne Directory 5.2 and are having trouble with the delegated admin console.
In general (For 620 out of 621 domains) it is working fine and everything is OK.
The domain that isn't working is one which has been migrated from our test server which was running Iplanet Messaging 5.2 (not sure which version of the directory). When you login to an account created through the DA you get a 'page not found' error. The address in the bar at the top also shows http://mailstore.domain.ac.uk for this domain whereas for the others it shows http://webmail.domain.ac.uk.
If I create a user in the domain which doesn't work then it appears in the directory like follows:
uid=testa, ou=people, o=subdomain.domain.ac.uk,o=base
objectClass=top
objectClass=person
objectClass=organizationalPerson
objectClass=inetOrgPerson
objectClass=inetUser
objectClass=ipUser
objectClass=nsManagedPerson
objectClass=userPresenceProfile
objectClass=inetMailUser
objectClass=inetLocalMailRecipient
[email protected]
mailUserStatus=active
dataSource=NDA 4.5 Delegated Administrator
mailHost=mailstore.domain.ac.uk
givenName=test
cn=test usera
uid=testa
nsdaCapability=mailListCreate
sn=usera
mailDeliveryOption=mailbox
preferredLanguage=en
inetUserStatus=active
but if i create one for any other domain it appears like this:
uid=testa, ou=people, o=subdomain2.domain.ac.uk,o=base
pabURI=ldap://ds0.domain.ac.uk:389/ou=testa,ou=people,o=subdomain2.domain.ac.uk,o=base,o=pab
nswmExtendedUserPrefs=meDraftFolder=Drafts
nswmExtendedUserPrefs=meSentFolder=Sent
nswmExtendedUserPrefs=meTrashFolder=Trash
nswmExtendedUserPrefs=meInitialized=true
preferredLanguage=en
mailDeliveryOption=mailbox
objectClass=top
objectClass=person
objectClass=organizationalPerson
objectClass=inetOrgPerson
objectClass=inetUser
objectClass=ipUser
objectClass=nsManagedPerson
objectClass=userPresenceProfile
objectClass=inetMailUser
objectClass=inetLocalMailRecipient
[email protected]
mailUserStatus=active
dataSource=NDA 4.5 Delegated Administrator
mailHost=mailstore.domain.ac.uk
givenName=test
cn=test usera
uid=testa
nsdaCapability=mailListCreate
sn=usera
inetUserStatus=active
There are a few differences.
Which ones (if any) could be causing problems?
How do I change the way that the DA creates the accounts to stop it happening?
Any other ideas?
Thanks in advanceThere is no way to "change the way Delegated Admin creates accounts".
The trick is to figure out what's wrong with the domain as created already, and fix that.
Suggeste comparing your domain data with what's in the "provisioning guide":
http://docs.sun.com/source/816-6018-10/domains.htm -
How can i Create Dynamic mailing lists with Iplanet Delegated Administrator
Hello people,
Could anyone help me in this matter please?
I am running IMS5.2 with Netscape Directory4.16. I need help about how to create a Dynamic Mailing list using de Iplanet Delegated Administrator, not using the traditional Netscape Console.
If someone can help me, i will apreciate.
bye.
Azim LakhaIn 24.4.0 there is no File|New|Address Book. There is File|New|Address Book Contact. How do I create a new address book ?
Maybe you are looking for
-
Sharepoint Visio Services .vdw file not getting refreshed
Hello, I recently imported an orgchart in visio from (sql server table, excel sheet) that created shapes for me. And I can publish the file as .vdw on a sharepoint library and it works fine over there. But I wanted to refresh the data as the data in
-
GR reduction impossible. Wrong CI with FT 30 instead of 40 in GR/IR acct.
Hi Gurus I want to clear my GR/IR G/L account using transaction code MR11 for a Service Order, and I'm getting error message' FMUP009 - GR reduction impossible. Wrong CI with FT 30 instead of 40 in GR/IR acct". 1. The FT of my GR/IR commitment item m
-
I have been using apple tv for 2+ years and i just purchased several new shows that began in Sept 2013. In the past, episodes I have not yet watched were marked with a green dot, but now that dot is not there.
-
HOWTO and script: create and burn an UDF image with 4+GB files
Most people think, creating UDF images with files bigger than 4GB or even 1GB is impossible, however it's not true! You just need udftools. Also you need to load loop and udf modules. There's a good howto by grigio, I also created an (admitably prett
-
I'm trying to sync ipad but it automatically cancel
I accidentally restored my moms tablet and I erased all her pictures and music and since she didn't save it on iCloud or back it up on the computer now I'be being trying to sync everything back her pictures and songs, it starts but when is around p