Ise 1.2.1 User session time limit?

Similar Messages

• Multipoint for Libraries - user session time limit?

  We are getting a Multipoint Server system for our small local public library. We will be using this system for Public Access workstations. We would like to limit the amount of time a patron can use a workstation before the workstation is logged out. By limiting
  the amount of time, we provide equitable access to all patrons. Can Multipoint Server be configured to provide auto-logoff after a certain amount of time? If not, what other solutions are there that can provide this timer feature? Optimally, we would like
  the patron to be notified a few minutes before the auto logoff so he/she can save their work.

  We use an open source application called Cybera.  It is no longer being developed, and you do need to be a bit techie to customize it the way you want it.  I am running catalog computers on Multipoint 2011, and getting ready to put our internet
  computers on Multipoint 2012.  So far I've verified that Cybera works on Multipoint 2011.  Let me know if you want more information.
  Dover NH Public Library
  Peggy Thrasher

• RemoteApp Session Time Limit

  Hi,
  I'm a Windows Server 2008 R2 user. 
  I'm looking to terminate a remoteApp session that is left idle.
  I have already change the "Set Time Limit for Active but idle Remote Desktop Services Session to 1 minute" and i have also enabled "Terminate Session When time limits are reached" for both Computer Congfiguration and User Configuration. 
  Other Session Time Limits options are not configured. 
  After doing so, i did type gpupdate in the command prompt. 
  But whatever changes i make, doesn't have any effect on the RemoteApp. 
  Please to help to advice,
  Thanks,
  Jvarman

  Hi,
  Thank you for your post in Windows Server Forum.
  As you have already configure Session Time Limit group policy, you need to apply other group policy related to RemoteApp that is “Set time limit for logoff of RemoteApp sessions”. You can specify the time limit for RemoteApp to disconnect.
  The setting is under the same path which you have provided for Session Time limit. 
  Note: We recommend that you set other session limit policy settings that end the session to a time limit that is higher than the RemoteApp logoff delay policy setting. If this is not the case, there is a possibility for conflict.
  More information:
  Terminal Services RemoteApp Session Termination Logic
  http://blogs.msdn.com/b/rds/archive/2007/09/28/terminal-services-remoteapp-session-termination-logic.aspx
  Hope it helps!
  Thanks,
  Dharmesh

• How to know user session time

  Hi,
  I want to know how to know or calculate the user session time till now from the time when user got connected
  in simple current_time-begin_time.
  thanks in advance

  Try using the logon_time of v$session
  test@>desc v$session;
  Name                                                  Null?    Type
    LOGON_TIME DATE All columns of the view have not been displayed.
  Adith

• OPENINFO and SesTm (session time limit)

  Hi All
  And thanks in advance.
  We don't quite understand SesTm and it's behavior. (We have spent lots of time reading about it and still)
  We have SesTm=60 (and transaction timeout set to 5 min) how come a call to the database last 10 min and only then return with "ORA-02049" ?
  * "ORA-02049: timeout: distributed transaction waiting for lock"
  1) Why the query didn't return after 60 sec with an error as SesTm=60 instructs ?
  *May be we don't understand SesTm. (please advice)
  2) Why the query didn't return after 5 min as the transaction timeout instructs ? (TMQFORWORD -t 300)
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  EXTRA INFORMATION (OPTIONAL) documentation of SesTm
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  The SesTm definition:
  " SesTm=session_time_limit
  Specifies the maximum number of seconds allowed in a transaction between one service and the next, or between a service and the commit or rollback of the transaction, before the system aborts the transaction. For example, SesTM=15 indicates that the session idle time limit is 15 seconds.
  For example, if the TPM uses remote procedure calls between the client and the servers, then SesTM applies to the time between the completion of one RPC and the initiation of the next RPC, or the tx_commit, or the tx_rollback.
  The value of 0 indicates no limit. Entering a value of 0 is strongly discouraged. It might tie up resources for a long time if something goes wrong. Also, if a child process has SesTM=0, then the SesTM setting is not effective after the parent process is terminated ."
  You can read more about OPENINFO here:
  http://download-east.oracle.com/docs/cd/B19306_01/appdev.102/b14251/adfns_xa.htm#i1006488
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  Regards
  TechSgin
  Edited by: TechSgin on May 6, 2010 2:09 PM
  Edited by: TechSgin on May 6, 2010 2:42 PM

  Hi,
  timeouts can be tricky (see other threads in this forum for some elaborations on timeouts).
  To be brief, always set SesTm to a higher value than your transaction timeout. Rationale: You'll want Tuxedo to take action first, not Oracle ("behind Tuxedo's back"). If Tuxedo takes action first, the transaction will be managed more predictably if more data sources are involved.
  Now it gets even more complicated. The transaction timeout value does not really specify how long something is really going to last, only how long time we're ready to wait for it until we give up. The -t 300 parameter to TMQFORWARD really means that the transaction will be forced to be rolled back unless it completes in (some) 300 seconds (it's really 300 seconds + BLOCKTIME - 1 that gives the maximum time due to rounding issues).
  Just because the client (TMQFORWARD in this case) gives up waiting for a reply, the server won't necessary give up trying to produce it. In fact, it will continue to try as hard as possible to finally deliver a result. Any DML operation after the transaction timeout will most probably fail, but the server might try a lot of them (and the one causing the timeout will generally have to complete first).
  If you really want to terminate long-running transactions in the server you need to specify a SVCTIMEOUT for the service(s) in question. In this case, Tuxedo will kill (using SIGINT and/or SIGKILL) any process running a service that takes too long time. In this case you better configure the server (the potential "killee") with RESTART=Y and MAXGEN=x.
  Hope this helps,
  /Per

• How to set per user session time out.

  Hi folks,
  I am trying to set longer session time out to selective users with the following line, but it turns out setting this time out for the whole app. Is there a way to change the session time out per user only?
  request.getSession(true).setMaxInactiveInterval(172800);
  Billy

  Well, there's the rub. If you want more control over session handling, you have to take the good with the bad. My suggestion is to use a good open source caching solution and let the cache evict entries for you. You should be able to specify both an interval over which data goes stale and/or the maximum size you want the cache to reach. Really, a session is just a specialized form of caching anyway.
  http://java-source.net/open-source/cache-solutions
  - Saish

• How to make an exception to RDS session Idle Time Limit?

  A little bit of background:
  We are running WYSE Thin Clients to connect to a RDS server farm at our company. We have set the Idle Session Time Limit to 12 hours, in Remote Desktop Session Host Configuration (in Connection --> Properties --> Sessions tab). This limit
  is a site requirement.
  The issue: We would like to configure a few accounts to stay logged into the RDS server indefinitely, past the 12 hour limit. How can we do this without changing the time limit for everyone?
  I have tried a script to simulate mouse movements/key presses at intervals on the client session to trick RDS, but Remote Desktop Service Manager does not show that the script affects the idle time for that client. Is there another automatic way to simulate
  user input to keep the client session active? What kind of hardware interrupt is RDS hooking into to determine that a human input has been pressed? A script would be the least intrusive to our infrastructure so if it is possible this is definitely preferred.
  I've heard that Group Policy may be a solution here - but our local IT department do not have admin access to the Domain Controller for our site, it is managed by a third party. However, if I were to solve this using group policy, what would be the
  steps? I would appreciate a step-by-step walk through if it is possible. We would have hundreds of users that need the 12 hour limit applied, and only a few that needs the infinite logon - so please keep practicality in mind.
  Thanks in advance to anyone who helps.

  Hi,
  Thank you for posting in Windows Server Forum.
  In your case, I would like to suggest the steps for you. Yes, you need to take this successful via group policy. 
  You can create 2 group: Just for reference: 
  Group 1- MinLoginTime  
  Group 2-MaxLoginTime
  Add the required users to particular group. 
  Users upto 12Hrs- MinLoginTime
  Users above 12 Hrs- MaxLoginTime
  Now need to apply group policy setting on this required groups. 
  Group 1- MinLoginTime: 
  Set time limit for active but idle Remote Desktop Services sessions-
  Enable -Set 12 Hrs
  End Session when time limits are reached- Enable
  This is because it will disconnect the session of your users who reached to 12 hrs.
  Group 2-MaxLoginTime: 
  Set time limit for active but idle Remote Desktop Services sessions-
  Not configured\Disable
  If you disable or do not configure this policy setting, this policy setting is not specified at the Group Policy level. By default, Remote Desktop Services allows sessions to remain active for an unlimited amount of time. 
  You can find the above setting option under below mention path.
  Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Session Time Limits
  User Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Session Time Limits
  Note: These Group Policy settings will take precedence over the settings configured in Remote Desktop Session Host Configuration. If both the Computer Configuration and the User Configuration policy settings are configured, the Computer Configuration policy
  settings take precedence.
  More information:
  Configure Timeout and Reconnection Settings for Remote Desktop Services Sessions
  http://technet.microsoft.com/en-us/library/cc754272.aspx
  Hope it helps!
  Thanks.
  Dharmesh Solanki

• Idle session time out

  Dear support,
  i have windows 2003 server,
  i need RDP idle session time limit in this server .
  Regards,
  Krishna

  Hi,
  I would like to check if you need further assistance.
  Thanks.
  Jeremy Wu
  TechNet Community Support

• Time limit user login session

  Hi folks
  Using PHP/MySQL to allow the logged in user access to
  protected pages it seems
  that the default session which is established does not time
  expire but remains
  valid for the duration of that browser session.
  What is the prescribed method for placing a time limit on a
  given browser
  session?
  Thanks in advance for any pointers.
  Ronnie MacGregor
  Scotland
  Ronnie at
  dBASEdeveloper
  dot co dot uk
  www.dBASEdeveloper.co.uk

  Ronnie:
  Sorry for the delay in responding. To be honest, I'm not sure
  how to do
  this. 8(
  Murray --- ICQ 71997575
  Adobe Community Expert
  (If you *MUST* email me, don't LAUGH when you do so!)
  ==================
  http://www.projectseven.com/go
  - DW FAQs, Tutorials & Resources
  http://www.dwfaq.com - DW FAQs,
  Tutorials & Resources
  ==================
  "Ronnie MacGregor" <[email protected]> wrote in message
  news:[email protected]..
  > Hi folks
  >
  > Using PHP/MySQL to allow the logged in user access to
  protected pages it
  > seems
  > that the default session which is established does not
  time expire but
  > remains
  > valid for the duration of that browser session.
  >
  > What is the prescribed method for placing a time limit
  on a given browser
  > session?
  >
  > Thanks in advance for any pointers.
  >
  > --
  > Ronnie MacGregor
  > Scotland
  >
  > Ronnie at
  > dBASEdeveloper
  > dot co dot uk
  >
  > www.dBASEdeveloper.co.uk
  >
  >
  >

• CISCO ACS, How to Limit User Session ?

  Hi Guys,
  hope you would help me,
  how to limit the user session in ACS 5.x ?
  i'm aware the menu on
  Access Policies >Max User Session Policy > Max Session Group Settings
  i already set the global value to 1, Max Session for User in Group to 1, and Max Session for Group to 1.
  so it means the user only could open 1 connect at the same time right?
  the problem, it didn't works.
  i had 1 ACS 5.5
  2 CISCO Cisco IOS Software, 3700 Software (C3725-ADVENTERPRISEK9-M), Version 12.4(15)T13, RELEASE SOFTWARE (fc3)
  (let's call it R1 and R2 )
  i'm trying to telnet both of them at the same time, and it works ( it means the session limit didn't works, cmiiw )
  i already include :
  radius-server attribute 44 include-in-access-req
  radius-server host 192.168.217.98 auth-port 1645 acct-port 1646 key somekey
  on the line vty :
   accounting connection acs
   login authentication acs
  am i missing something?
  also, is this feature works on tacacs+ too?
  Thanks,

  Dash,
  You can leverage the group mapping feature where members of a certain AD group are mapped to a local group in ACS with the max sessions defined.
  http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_secure_access_control_system/5-3/user/guide/acsuserguide/access_policies.html#pgfId-1162308
  Thanks,
  Tarik Admani

• Limit user session in ADF security

  I want single user work in web application only with a single session at any time. How can I limit user sessions?

  Hi,
  +1. How can I override ADF security (based on JAAS) credentials checking mechanism j_security_check ?+
  Why do you want to override this?
  +2. How can I store users log-in log-out information in database? Which classess and which methods must be overriden? Can you show code sample of your realisation, please?+
  Authentication is not handled by ADF but WebLogic Server. If you want to track database login information you will need to write a custom JAAS Login Module and configure it as an authentication provider in WLS
  How can I check if user closed browser?
  I would use a temporary cookie with no lifetime. This way, when the browser is closed, the cokie is unavailable, indicating that the user is good to login again. However, this then allows users to start 2 sessions using different browsers (again something you would need to check)
  Frank

• ISE acct-session-time to extend session period

  Hello,
  I want to avoid employees and contractors having to introduce user/password into the captive portal frequently. At lunch time for ex, if users wanna go out of the buildings and therefore out of the range of the WiFi network, I wanna configure Cisco ISE so that users don't have to introduce their credentials again. I found out the acct-session-time parameter to make it possible. I suppouse, if the user has already registered his device (or he/she has already acceded to the network, the calling-station-ID that's it, the MAC address is stored. Could I configure the authorization so that the MAC address is tested? I think the MAC address is stored in different instances, whether the device is registered (in MyDevice) or is detected in the first network connection.
  Thanks a lot!

  invalidate() is use to invalidate the session right..
  But i am asking there is similar way to metion the time out period in servlets.

• Session Time Out For UNLOGGED IN USER During Search -pls help SIR!

  Hi,
  The problem lies in searchresultscontroller.java/searchcontroller.java file under search/web/handler of an application that supports educational note sharing.
  The problem is that -
  When I search with query strings in different fields(as you will find in the above mentioned java files)..the keywords in resourcedto and get some files as search results.
  Then I click on one of the file from within the search result and visit the file.
  Here if I m logged in as an user, and the session time out is set to 1 minute in the web.xml file of the web folder not the admin folder then when I hit the BACK TO SEARCH button it easily goes back to the previous search result page along with the queries string that I had input previously.
  The problem is that when I m NOT LOGGED in as an user, and I've performed a search with queries and other dropdowns in the search panel, I get the search result page, I visit the file by clicking on one of them but when I hit the BACK TO SEARCH button I don't see the previous search result page from where I had navigated to view the file.
  Please suggest on what changes shall I make in the code so that even if I m not logged in as an user, I get back to the search result page on hitting the BACK TO SEARCH button from the file view page.Sir I m herein pasting the code of the searchresultscontroller.java file, but please feel free to ask for anyother file whose code you might want to see.SEARCHRESULTSCONTROLLER.JAVA FILE CONTENT-
  package com.mgh.sps.search.web.handler;
  import java.util.Map;
  import java.util.regex.Pattern;
  import javax.servlet.http.HttpServletRequest;
  import javax.servlet.http.HttpServletResponse;
  import org.apache.log4j.Logger;
  import org.springframework.validation.BindException;
  import org.springframework.validation.Errors;
  import org.springframework.web.servlet.ModelAndView;
  import org.springframework.web.servlet.mvc.SimpleFormController;
  import com.mgh.sps.search.business.facade.Search;
  import com.mgh.sps.common.dto.ResourceDTO;
  import com.mgh.sps.common.util.SessionAttributeKey;
  import com.mgh.sps.common.util.SessionManager;
  import com.mgh.sps.fileusage.web.constants.FileUsageWebConstants;
  public class SearchResultsController extends SimpleFormController {
  * SearchResults Controller
  * @author Muralikrishna.s
  * @Codedondate DD-MM-YY=26-07-07
  * @Usecase/s associated =UC504
  private static final Logger logger = Logger
  .getLogger(SearchResultsController.class.getName());
  private final static String REG_EXP = "^[A-Za-z0-9]*$";
  private final static Pattern EMAIL_PATTERN_REG = Pattern.compile(REG_EXP);
  * Spring framework method used to hold reference data
  * @param request
  * HttpServletRequest
  * @param command
  * Object
  * @param arg2
  * Errors
  * @return Map
  * @throws Exception
  @Override
  protected Map referenceData(HttpServletRequest request, Object command,
  Errors errors) throws Exception {
  logger.debug("SearchResultsController.referenceData() method entered:"
  + request + "," + command + "," + errors);
  SessionManager.setSessionAttribute(SessionAttributeKey.tabIndex,
  FileUsageWebConstants.TAB_SEARCH, request);
  Search search = (Search) super.getWebApplicationContext().getBean(
  "searchfacade");
  ResourceDTO resourceDto = (ResourceDTO) command;
  String[] allValues = new String[7];
  if (null != (String[]) SessionManager.getSessionAttribute(
  SessionAttributeKey.allValues, request)) {
  allValues = (String[]) SessionManager.getSessionAttribute(
  SessionAttributeKey.allValues, request);
  resourceDto.setKeywords(allValues[0]);
  resourceDto.setCountry(allValues[1]);
  resourceDto.setUniversityName(allValues[2]);
  resourceDto.setSubjectArea(allValues[3]);
  resourceDto.setQualification(allValues[4]);
  resourceDto.setYearLevel(allValues[5]);
  resourceDto.setSpecificType(allValues[6]);
  logger.debug("%%%%%%%%%%%%%%%%%qualification%%%%%%%%%%%%%%%"
  + resourceDto.getQualification());
  String flag = (String) request.getParameter("id");
  resourceDto.setFlag(flag);
  logger.debug("SearchResultsController.referenceData() method exited:");
  return search.retrieveReferenceData(resourceDto);
  * Spring framework method used to hold OnSubmit
  * @param request
  * HttpServletRequest
  * @param response
  * HttpServletResponse
  * @param command
  * Object
  * @param arg3
  * BindException
  * @return ModelAndView
  * @throws Exception
  @Override
  protected ModelAndView onSubmit(HttpServletRequest request,
  HttpServletResponse response, Object command, BindException errors)
  throws Exception {
  SessionManager.cleanup(request);
  logger.debug("SearchResultsController.onSubmit() method entered:"
  + request + "," + command + "," + response + "," + errors);
  Search search = (Search) super.getWebApplicationContext().getBean(
  "searchfacade");
  Map dynamic = (Map) getServletContext().getAttribute("config");
  ResourceDTO resourceDto = (ResourceDTO) command;
  SessionManager.removeSessionAttribute(SessionAttributeKey.allValues,
  request);
  //changed by sreelatha on sep21
  //resourceDto.setKeywords(request.getParameter("keywords"));
  //String key = request.getParameter("keywords");
  //logger.debug("&&&&&&&&&&&&& key &&&&&&&&&&&&" + key);
  String keywords = (request.getParameter("keywords"));
  if(null!=keywords) {
  keywords = keywords.trim();
  resourceDto.setKeywords(keywords);
  // changes end
  resourceDto.setUniversityName(request.getParameter("universityName"));
  resourceDto.setSubjectArea(request.getParameter("subjectArea"));
  resourceDto.setCountry(request.getParameter("country"));
  resourceDto.setQualification(request.getParameter("qualification"));
  resourceDto.setYearLevel(request.getParameter("yearLevel"));
  resourceDto.setSpecificType(request.getParameter("specificType"));
  String[] allValues = new String[7];
  //changed by sreelatha on sep21
  //allValues[0] = request.getParameter("keywords");
  allValues[0] = resourceDto.getKeywords();
  //changes end
  allValues[1] = request.getParameter("country");
  allValues[2] = request.getParameter("universityName");
  allValues[3] = request.getParameter("subjectArea");
  allValues[4] = request.getParameter("qualification");
  allValues[5] = request.getParameter("yearLevel");
  allValues[6] = request.getParameter("specificType");
  SessionManager.setSessionAttribute(SessionAttributeKey.allValues,
  allValues, request);
  if(null!=keywords) {
  keywords = keywords.trim();
  String words="";
  for(int i=0;i<keywords.length();i++) {
  String key=String.valueOf(keywords.charAt(i));
  if(key.contains("*")) {
  key = key.replace("*"," ");
  } else if(key.contains("?")) {
  key = key.replace("?"," ");
  } else if(key.contains("[")) {
  key = key.replace("["," ");
  } else if(key.contains("{")) {
  key = key.replace("{"," ");
  } else if(key.contains("(")) {
  key = key.replace("("," ");
  } else if(key.contains(")")) {
  key = key.replace(")"," ");
  } else if(key.contains("+")) {
  key = key.replace("+"," ");
  } else if(key.contains("
  key = key.replace("
  } else if(key.contains(" ")) {
  key = key.replace(" "," ");
  } else if(key.contains("_")) {
  key = key.replace("","");
  } else if(!EMAIL_PATTERN_REG.matcher(key).matches()) {
  key = key.replaceAll(key," ");
  words = words + key;
  keywords = words;
  resourceDto.setKeywords(keywords);
  SessionManager.setSessionAttribute(SessionAttributeKey.test, search.setInputValues(resourceDto, dynamic), request);
  String name = (String) SessionManager.getSessionAttribute(SessionAttributeKey.tempName, request);
  String flag1 = request.getParameter("id");
  String status="";
  if (flag1 !=null && flag1.equals("loggedInUser"))
  if(name==null)
  return new ModelAndView();
  if (flag1 !=null && flag1.equals("loggedInUser")){
  status = "redirect:SearchResults.htm?id=loggedInUser";
  }else if(flag1 !=null && flag1.equals("nonLoggedInUser"))
  status = "redirect:SearchResultsnlu.htm?id=nonLoggedInUser";
  super.setSuccessView(status);
  ModelAndView mav = new ModelAndView(super.getSuccessView());
  logger.debug("SearchResultsController.onSubmit() method exited:");
  return mav;
  }

  Cross-posted in many forums. Don't answer this one.

• Session Time Out For UNLOGGED USER During Search -pls help

  Hi,
  The problem lies in searchresultscontroller.java/searchcontroller.java file under search/web/handler of an application that supports educational note sharing.
  The problem is that -
  When I search with query strings in different fields(as you will find in the above mentioned java files)..the keywords in resourcedto and get some files as search results.
  Then I click on one of the file from within the search result and visit the file.
  Here if I m logged in as an user, and the session time out is set to 1 minute in the web.xml file of the web folder not the admin folder then when I hit the BACK TO SEARCH button it easily goes back to the previous search result page along with the queries string that I had input previously.
  The problem is that when I m NOT LOGGED in as an user, and I've performed a search with queries and other dropdowns in the search panel, I get the search result page, I visit the file by clicking on one of them but when I hit the BACK TO SEARCH button I don't see the previous search result page from where I had navigated to view the file.
  Please suggest on what changes shall I make in the code so that even if I m not logged in as an user, I get back to the search result page on hitting the BACK TO SEARCH button from the file view page.Sir I m herein pasting the code of the searchresultscontroller.java file, but please feel free to ask for anyother file whose code you might want to see.
  SEARCHRESULTSCONTROLLER.JAVA FILE CONTENT-
  package com.mgh.sps.search.web.handler;
  import java.util.Map;
  import java.util.regex.Pattern;
  import javax.servlet.http.HttpServletRequest;
  import javax.servlet.http.HttpServletResponse;
  import org.apache.log4j.Logger;
  import org.springframework.validation.BindException;
  import org.springframework.validation.Errors;
  import org.springframework.web.servlet.ModelAndView;
  import org.springframework.web.servlet.mvc.SimpleFormController;
  import com.mgh.sps.search.business.facade.Search;
  import com.mgh.sps.common.dto.ResourceDTO;
  import com.mgh.sps.common.util.SessionAttributeKey;
  import com.mgh.sps.common.util.SessionManager;
  import com.mgh.sps.fileusage.web.constants.FileUsageWebConstants;
  public class SearchResultsController extends SimpleFormController {
       * SearchResults Controller
       * @author Muralikrishna.s
       * @Codedondate DD-MM-YY=26-07-07
       * @Usecase/s associated =UC504
       private static final Logger logger = Logger
                 .getLogger(SearchResultsController.class.getName());
       private final static String REG_EXP = "^[A-Za-z0-9]*$";
       private final static Pattern EMAIL_PATTERN_REG = Pattern.compile(REG_EXP);
       * Spring framework method used to hold reference data
       * @param request
       * HttpServletRequest
       * @param command
       * Object
       * @param arg2
       * Errors
       * @return Map
       * @throws Exception
       @Override
       protected Map referenceData(HttpServletRequest request, Object command,
                 Errors errors) throws Exception {
            logger.debug("SearchResultsController.referenceData() method entered:"
                      + request + "," + command + "," + errors);
            SessionManager.setSessionAttribute(SessionAttributeKey.tabIndex,
                      FileUsageWebConstants.TAB_SEARCH, request);
            Search search = (Search) super.getWebApplicationContext().getBean(
                      "searchfacade");
            ResourceDTO resourceDto = (ResourceDTO) command;
            String[] allValues = new String[7];
            if (null != (String[]) SessionManager.getSessionAttribute(
                      SessionAttributeKey.allValues, request)) {
                 allValues = (String[]) SessionManager.getSessionAttribute(
                           SessionAttributeKey.allValues, request);
                 resourceDto.setKeywords(allValues[0]);
                 resourceDto.setCountry(allValues[1]);
                 resourceDto.setUniversityName(allValues[2]);
                 resourceDto.setSubjectArea(allValues[3]);
                 resourceDto.setQualification(allValues[4]);
                 resourceDto.setYearLevel(allValues[5]);
                 resourceDto.setSpecificType(allValues[6]);
            logger.debug("%%%%%%%%%%%%%%%%%qualification%%%%%%%%%%%%%%%"
                      + resourceDto.getQualification());
            String flag = (String) request.getParameter("id");
            resourceDto.setFlag(flag);
            logger.debug("SearchResultsController.referenceData() method exited:");
            return search.retrieveReferenceData(resourceDto);
       * Spring framework method used to hold OnSubmit
       * @param request
       * HttpServletRequest
       * @param response
       * HttpServletResponse
       * @param command
       * Object
       * @param arg3
       * BindException
       * @return ModelAndView
       * @throws Exception
       @Override
       protected ModelAndView onSubmit(HttpServletRequest request,
                 HttpServletResponse response, Object command, BindException errors)
                 throws Exception {
            SessionManager.cleanup(request);
            logger.debug("SearchResultsController.onSubmit() method entered:"
                      + request + "," + command + "," + response + "," + errors);
            Search search = (Search) super.getWebApplicationContext().getBean(
                      "searchfacade");
            Map dynamic = (Map) getServletContext().getAttribute("config");
            ResourceDTO resourceDto = (ResourceDTO) command;
            SessionManager.removeSessionAttribute(SessionAttributeKey.allValues,
                      request);
            //changed by sreelatha on sep21
            //resourceDto.setKeywords(request.getParameter("keywords"));
            //String key = request.getParameter("keywords");
            //logger.debug("&&&&&&&&&&&&& key &&&&&&&&&&&&" + key);
            String keywords = (request.getParameter("keywords"));
            if(null!=keywords) {
                 keywords = keywords.trim();
            resourceDto.setKeywords(keywords);
  //          changes end
            resourceDto.setUniversityName(request.getParameter("universityName"));
            resourceDto.setSubjectArea(request.getParameter("subjectArea"));
            resourceDto.setCountry(request.getParameter("country"));
            resourceDto.setQualification(request.getParameter("qualification"));
            resourceDto.setYearLevel(request.getParameter("yearLevel"));
            resourceDto.setSpecificType(request.getParameter("specificType"));
            String[] allValues = new String[7];
            //changed by sreelatha on sep21
            //allValues[0] = request.getParameter("keywords");
            allValues[0] = resourceDto.getKeywords();
            //changes end
            allValues[1] = request.getParameter("country");
            allValues[2] = request.getParameter("universityName");
            allValues[3] = request.getParameter("subjectArea");
            allValues[4] = request.getParameter("qualification");
            allValues[5] = request.getParameter("yearLevel");
            allValues[6] = request.getParameter("specificType");
            SessionManager.setSessionAttribute(SessionAttributeKey.allValues,
                      allValues, request);
                 if(null!=keywords) {
                 keywords = keywords.trim();
                 String words="";
                 for(int i=0;i<keywords.length();i++) {               
                      String key=String.valueOf(keywords.charAt(i));
                      if(key.contains("*")) {
                                key = key.replace("*"," ");
                           } else if(key.contains("?")) {
                                key = key.replace("?"," ");
                           } else if(key.contains("[")) {
                                key = key.replace("["," ");
                           } else if(key.contains("{")) {
                                key = key.replace("{"," ");
                           } else if(key.contains("(")) {
                                key = key.replace("("," ");
                           } else if(key.contains(")")) {
                                key = key.replace(")"," ");
                           } else if(key.contains("+")) {
                                key = key.replace("+"," ");
                           } else if(key.contains("\\")) {
                                key = key.replace("\\"," ");
                           } else if(key.contains(" ")) {
                                key = key.replace(" "," ");
                           } else if(key.contains("_")) {
                                key = key.replace("_","_");
                           } else if(!EMAIL_PATTERN_REG.matcher(key).matches()) {
                                key = key.replaceAll(key," ");
                      words = words + key;
                 keywords = words;
                 resourceDto.setKeywords(keywords);
            SessionManager.setSessionAttribute(SessionAttributeKey.test, search.setInputValues(resourceDto, dynamic), request);
            String name = (String) SessionManager.getSessionAttribute(SessionAttributeKey.tempName, request);
            String flag1 = request.getParameter("id");
            String status="";
            if (flag1 !=null && flag1.equals("loggedInUser"))
            if(name==null)
                      return new ModelAndView();
            if (flag1 !=null && flag1.equals("loggedInUser")){
                 status = "redirect:SearchResults.htm?id=loggedInUser";
            }else if(flag1 !=null && flag1.equals("nonLoggedInUser"))
                 status = "redirect:SearchResultsnlu.htm?id=nonLoggedInUser";     
            super.setSuccessView(status);
            ModelAndView mav = new ModelAndView(super.getSuccessView());
            logger.debug("SearchResultsController.onSubmit() method exited:");
            return mav;
  }

  Cross-posted in many forums. Don't answer this one.

• Help creating a script to move users in and out of an OU based on a time limit

  Here's my scenario: we currently have OUs based on the locations of our facilities, we also have a sub-OU(?) underneath it for users that need a group policy applied to them where whitelist applications allowed to run. From time to time we have need to pull
  users out of that sub-OU for a short period of time to let them run applications they normally wouldn't be able to and won't need to run long term. Sometimes we also forget to add these people back into that policy controlled sub-OU because we get busy do
  other things. Server is 2008 R2.
  Here's what I'm looking for: A script that prompts for the users name, pulls that user out of the sub-OU, puts them in the main OU but only for 24 hours. After that time limit is up, a script/command runs that puts the user back in the policy controlled
  sub-OU. I'm thinking a PS script would be the best way to do this.
  Research: Looking at these posts here and here I'm
  thinking I should be able to Frankenstein something together but I have very limited PS scripting experience.
  Can anyone help me create this?

  You've probably figured this out, but we're not typically in the business of writing complete solutions for people. With that said, there are projects I find particularly interesting, such as this one, where I am willing to help get someone started if they
  are willing to take the time to work through the examples and learn from them.
  You have two requests - one is a script that prompts for a user it then moves to a different  location in Active Directory. The second request is a way to move them back without manual interaction. This will require an automated task (scheduled task)
  that will run at select times during a day.
  Here's the first script (1/2): The first two lines set two different variables. The first line sets the $OUPath variable to the SubOU. The second line prompts for a user and, once a user is entered, sets that user to the $User variable. It then runs the
  first try-catch, attempting to replace the $User variable with the data returned from the Get-ADUser cmdlet. Notice the use of the -Properties parameter. By default the modified date and the extensionAttributes are not returned. We will be using the modified
  date so we can be certain that 24 hours passes before we move them back (see part 2/2). Including extensionAttribute13 will ensure we only move users out of the OU if they were moved in by the script. Note: The modified date on a user in AD is changed when
  it is moved from one OU to another. If the user cannot be located in the first try-catch it will say it cannot locate the user in Active Directory. If it can locate it, it will set the $User variable, as described so far, and then move on.
  In the second (or, nested) try-catch we split the user's DistingusihedName at the first comma so that we have two parts. We use the second part (that doesn't include their CN) and see if that matches the $OUPath variable. If it does match then that user
  has already been moved. If it doesn't match then we 1. Move the user, 2. Replace extensionAttribute13 with the string 'MovedUser,' and 3. Output that the user has been moved.
  $OUPath = 'OU=SubOU,OU=MainOU,DC=mydomain,DC=com'
  $User = Read-Host -Prompt 'Enter SamAccountName'
  try {
  $User = Get-ADUser -Identity $User -Properties Modified,extensionAttribute13
  try {
  If ($User.DistinguishedName.Split(',',2) -eq $OUPath) {
  Write-Output -Verbose 'User already moved.'
  } Else {
  Move-ADObject -Identity $User.DistinguishedName -TargetPath $OUPath
  Set-ADUser -Identity $User.SamAccountName -Replace @{extensionAttribute13='MovedUser'}
  Write-Output "'$($User.SamAccountName)' has been moved."
  catch {
  Write-Output "'$($User.SamAccountName)' cannot be moved."
  catch {
  Write-Output -Verbose "Unable to locate '$User' in Active Directory."
  The second script (2/2): Here we also set a couple variables - one is the SubOU's DistinguishedName where we want to return the user and the other is the all of the users from the MainOU. Foreach user in $Users we check if their extensionAttribute13 is set
  to 'MovedUser' and if their modified date is greater than or equal (-ge) to 24 hours. If it is, the script will move the user, clear extensionAttribute13, and let us know the user was moved. If for some reason your $OUPath variable is wrong, the script will
  run the catch portion of the only try-catch we used in this script. Again, you'll have to schedule Task Scheduler to run this script. Good luck!
  $OUPath = 'OU=MainOU,DC=mydomain,DC=com'
  $Users = Get-ADUser -Filter * -SearchBase $OUPath -Properties Modified,extensionAttribute13
  Foreach ($User in $Users) {
  $TimeSince = New-TimeSpan -Start $User.Modified -End (Get-Date)
  If ($User.extensionAttribute13 -eq 'MovedUser' -and $TimeSince.Hours -ge 24) {
  try {
  Move-ADObject -Identity $User.DistinguishedName -TargetPath $OUPath
  Set-ADUser -Identity $User.SamAccountName -Clear extensionAttribute13
  Write-Output "$($User.SamAccountName) has been moved."
  catch {
  Write-Output "$($User.SamAccountName) cannot be moved."
  } Else {
  Write-Output 'No Users to move.'
  If you decide to use this, be sure to change the paths you use for the $OUPath variables. Also, if you're using this with PowerShell 2.0, you will need to use the Import-Module cmdlet to import the ActiveDirectory module. In versions above 2.0 it will be
  imported automatically if you try to use an AD cmdlet.
  Edit: Typo - Get-ADUser property