JAZN-LDAP: Make use of different LDAP Server

Similar Messages

• Use a different SSO Server than the one specified during install.

  Hello,
  I found on documentation that OAS Portal Configuration Guide would tell me how to use a different SSO Server than the one specified during install. I need to tell an existing Portal installation to use a new Identity Management infrastructure server I installed.
  However, documentation does not mention anything related to that. It states that ptlconfig would do the trick, but ptlconfig instructions are not clear on how to accomplish this.
  Could anyone that has done this before, help me out? Thanks in advance...

  Hello jlubbers,
  That is exactly what I am talking about, the ptlconfig does not model SSO components. So I assume it is incorrectly referenced on several points of documentation as a tool to work with SSO parameters or configuration.
  I need to know how to tell my Portal to look at the new SSO server. If someone has done it before, please let me know.
  Thanks again.

• Can i use a different ADS server as KDC for Kerberos authentication ?

  Hi all:
     For some security concerns, I cannot use my central ADS as KDC and run ktpss, setspn in central ADS.
     Can I use another ADS server as KDC server and run ktpass, setspn to configure the Kerberos ?

  My portal UME is configured to central ADS as Database+LDAP
  I donot want to make the central ADS as KDC server running. I just want to make another ADS server as KDC server, is it possible ?

• How to reconfig agent to use a different OMS server?

  We are using OEM 10g Grid Control R3. We just installed it in a different MS window 2003 server. I am wondering how to reconfigure existing agents to use this new server instead of the old one.
  Thanks a lot for your help,
  Shirley

  Thanks for your response. Actually I followed note 413228.1 to configure one host to be showed up in this new OMS. But I can’t view the performance and top activity page for this single instance database. Sometimes I got blank page sometimes I got errors like “*Internal Error has occured. Check the log file for details*.” I looked into the emagent.trc file in the newly added agent host I see the following error message. Does anybody know anything about it? Thank you so much for your help!!! Shirley
  2008-08-25 13:00:51 Thread-2988 WARN ssl: fd=2096, nmehlssl_write nzos_Write error = 28862
  2008-08-25 13:00:51 Thread-2988 ERROR ssl: 2096: snmehl_read: error on read: An existing connection was forcibly closed by the remote host.
  (error = 10054), ret: -1 rsf: 0
  2008-08-25 13:00:51 Thread-2988 WARN ssl.io: fd=2096: nmehlssl_read, nzos_Read error = 28862 readTimed Out = 0
  2008-08-25 13:00:51 Thread-2988 ERROR http: 2096: SNMEHL_READ_ERROR
  2008-08-25 13:00:51 Thread-2988 ERROR http: --- Error context dump begin for incoming request ---
  2008-08-25 13:00:51 Thread-2988 ERROR http: version=http/1.1 secure = 1
  2008-08-25 13:00:51 Thread-2988 ERROR http: primary header = NULL
  2008-08-25 13:00:51 Thread-2988 ERROR http: --- Error context dump end for incoming request ---
  2008-08-25 13:10:03 Thread-2688 ERROR pingManager: nmepm_pingReposURL: Did not receive a response header from repository
  2008-08-25 13:10:04 Thread-2688 ERROR pingManager: nmepm_pingReposURL: Did not receive a response header from repository
  2008-08-25 13:10:36 Thread-548 ERROR pingManager: nmepm_pingReposURL: Did not receive a response header from repository
  2008-08-25 13:10:37 Thread-548 ERROR pingManager: nmepm_pingReposURL: Did not receive a response header from repository
  2008-08-25 13:11:04 Thread-3036 ERROR upload: Failed to upload file D0000042.xml, ret = -2
  2008-08-25 13:11:08 Thread-3036 ERROR upload: Failed to upload file D0000042.xml, ret = -2

• ALE DIR originals to different content server

  We have a production content server and a test content server attached to our production SAP system and Test SAP system respectively.  The storage category names are the same in both systems.  I need to ALE selected DIRs with attachments from the production system to the test system.   I am able to ALE the DIR from the production system to the test system using bda5, but an ALE error results on the test (target) system during ALE processing because the originals being stored in a different content server, I'm guessing.  I have no problem ALEing DIRs with attachments between systems sharing the same content server.
  Is it possible to ALE a DIR with originals from one system to another if both systems use a different content server?  If so, how is this done?
  Thanks for the help,
  Joe S.

  Hi Joe,
  Have a look into the document in below link. It has very useful information on ALE configuration for DIRs.
  Hope this answers your requirement.
  http://www.sdn.sap.com/irj/scn/index?rid=/library/uuid/90402d62-cfd9-2d10-e78b-d323b71bb158
  Regards,
  Deepak Kori

• One Planning server configured with different BI server

  Hello Everyone,
  I have a Planning server configured with BI workspace (Hyperion 9.3.1). There are 5 Planning applications already running smoothly.
  Can I have another BI server pointing to the same Planning server? Now I want one more Planning application on the same Planning server but different BI server.
  If its possible, won't it affect the other applications already present in the Planning server?
  Is it possible. Your prompt response would be appreciated.
  Thanks

  Hi All,
  Thank you very much for the response....Had not been keeping well, so was unable to follow the forum....
  The fact is the current BI server is on 9.3.1 and Planning server is also on 9.3.1, in which I have 5 apps that are running smoothly....
  I have one more instance of Hyperion Planning application which is on version 3.5.1 and I need to upgrade it to 9.3.1. It would have been a smooth process if I would have just migrated it in the current set up. But we have a constraint here. The BI server is loaded and hence I can't have one more application configured on it. And also the apps belong to different departments. So they want a distinct BI server for this one single app.
  So, I have been asked to use a different BI server for workspace and reporting needs, and the existing Planning server(which is 9.3.1) for the Planning application.
  Kindly suggest me what should be my approach.
  Thanks

• Make the use of LDAP Server optional

  Hi,
  we are running an SAP EP 6 SP20 on Windows 2003 Enterprise Server. Our UME Configuration is defined as using an LDAP Server AND the Portal Database. Our portal is mostly used as an information basis used by anonymous access (Guest), some users are able to authenticate themself against the LDAP Server to get more services.
  No my question: Is it possible to configure the Portal in that way, that it uses the LDAP Server if available otherwise ignore it and therefore
  an authentication of users except the users defined in the portal database is not possible.
  At the moment our portal is not available if the LDAP Server is not available our target is to uncouple the strong binding to the LDAP Server.
  If the LDAP Server is down or not available no authentication against this UME-Datasource is possible, if available it can be used.
  I could not find any parameter or configuration example to configure this behaviour.
  The first priority for our portal is being available for information purposes, the second priority is being available for additional services needing authentication.
  Is there anyone there having an idea how to solve this?
  Regards
  Edmund

  Hi EG,
  As mentioned by GLM above, I share the same view.
  One suggestion maybe is to create those users in the Portal UME and then disable your SSO settings in IE (means that your users have to login to Portal). Till you have your LDAP up and running, then re-config your UME seetings in Portal, pointing to your LDAP and have that as your main UME source.
  Hope that helps.
  Ray

• How can portal use two different LDAP Server in UME

  Hi,
  My question is Can UME in portal be configured for multiple LDAP sources.Currently i have a setting in portal
  as follows:
  Server Name : Abcd
  port : 1234
  user : CN=" ",Ou=" ",Ou=" ",Dc=AD,Dc=my company,Dc=com
  password :
  user path : DC=AD,Dc=My company,Dc=Com
  group Path : same as user path
  I want to configure one more LDAP server to my portal UME,how can give values for that in above sttings.I even want these current settings to be enabled.
  Do anyone have idea on this.
  Thanks and Regards
  Rani A

  Hi again ,
  I know it can be done. But how urgent is this for you.
  I can get back to you in couple of days, me lil busy today.
  cheers,
  Anu...

• Using a Filter on OC4J with JAZN security enabled using LDAP

  I have a LDAP security in place on OC4J. I have to create a filter which uses the HttpRequestWrapper to do some preprocessing with the request parameters. I have all the code in place along and the Filter which uses HttpRequestWrapper. Now the problem is that the OC4J gives an error -
  Servlet error
  javax.servlet.ServletException: JAAS-OC4J: JAZNFilter.doFilter - unable to find the current servlet
  at oracle.security.jazn.oc4j.JAZNFilter.doFilter(Unknown Source)
  at com.evermind[Oracle Application Server Containers for J2EE 10g (9.0.4.2.0)].server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:16)
  at com.myapp.filter.RequestFilter.doFilter(RequestFilter.java:429)
  at com.evermind[Oracle Application Server Containers for J2EE 10g (9.0.4.2.0)].server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:617)
  at com.evermind[Oracle Application Server Containers for J2EE 10g (9.0.4.2.0)].server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:330)
  at com.evermind[Oracle Application Server Containers for J2EE 10g (9.0.4.2.0)].server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:794)
  at com.evermind[Oracle Application Server Containers for J2EE 10g (9.0.4.2.0)].server.http.AJPRequestHandler.run(AJPRequestHandler.java:208)
  at com.evermind[Oracle Application Server Containers for J2EE 10g (9.0.4.2.0)].server.http.AJPRequestHandler.run(AJPRequestHandler.java:125)
  at com.evermind[Oracle Application Server Containers for J2EE 10g (9.0.4.2.0)].util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:192)
  at java.lang.Thread.run(Thread.java:534)
  The error happens while executing the following line:
  chain.doFilter(new MyHttpServletRequestWrapper((HttpServletRequest) request ), response);
  The constructor call MyHttpServletRequestWrapper is successful. Something seems to be wrong as it appears the server is not able to locate the path where to forward to from within the Filter.
  If I execute the same code without the JAZN LDAP security everything works fine.
  Can anybody please provide some help to resolve this issue?

  Yeah, it's a known problem - it caught me out as well.
  The xml parser installed with OJSP is more strict than the one
  with Orion. The order of the parameters becomes important. The
  general solution is to check the dtd listed at the top of the
  xml file for the parameter order and make sure any you specify
  in the xml file are in this order.
  Your specific case: the order of session-config and
  welcome-file-list should be reveresed, ie session-config should
  come first in the web.xml file.
  Jonny

• How can we update data in LDAP server using PL/SQL.

  Hi,
  How can we update data in LDAP server using PL/SQL program.
  Is there any sample code for refrence.
  Thanks,
  Tarun

  Hi Justin,
  Thanks for your help. You got my correct requirements.
  Tim's example returning all the attributes of current user which is admin user. Please correct me if I am wrong.
  I have the following information:
  the admin user and password,server info , port and ldap_base for admin.
  I have uid and password for regular user, I am trying find the ldap_base for regular user, which may be different from adminuser.
  Please help me.
  Thanks,
  Edited by: james. on Jan 12, 2009 5:39 PM

• Sample code to connect LDAP server using jndi

  Hi,
  can any one help me with sample code to connect LDAP server using jndi,
  like i want to make use of Ldap server for serching Active directoty.
  Thanks in advance,
  Regards
  Muthu

  You can set ldap_auth=none for anonymous user.
  User/password is mandatory otherwise. Please refer to http://docs.oracle.com/cd/E21764_01/integrate.1111/e12644/appendix_ldap_driver.htm#CHDHCABH
  Thansk,

• 'authentication failed' using Microsoft ADSI version LDAP server

  Hi All,
  Now days i am facing some problem in authentication (i am using microsoft ADSI version LDAP Server) but am not able to authenticate the LDAP users.
  I have configured my LDAP server in the same manner as u mentioned in this blog.
  when I am trying to authenticate the user from the RPD itself i m gettig the following error:
  “authentication failed” (actually i forgot the exact message but it mean is same as i referred here)
  though i am able authenticate the bind user ( which i used to configure the LDAP Server)
  Please help me in this as i already wasted a lot of time in doing R&D to make it work..
  I have an urgent requirement to do the same..
  Your help will highly appreciated…
  thanks in advance
  PS: I have checked the 'ADSI' box in advance tab:

  Hi,
  Please have a look at the below link:
  Unknown certificate error when testing LDAP SSL connection
  Not sure whether it will help you. But have a look at it.
  Regards,
  Jithin

• LDAP-Server configuration and using

  Hi,
  can anyone tel me how it function with the LDAP-Server in the Adobe LiveCycle Es?
  What i have to do? and how can i get user data from the logged user via LDAP?
  Thank

  LiveCycle ES has an administrative console you can get at http://localhost:8080/adminui. You can log in with administrator/password.
  Under the Settings section, you can go to User Management and then Domain Management.
  In there you can define a new Enteprise Domain and create a new Authorization and Directory for that new domain.
  In the Authorization, you can select LDAP. Under the Directory, you'll be taken through a wizard that will help you configure the LDAP connection to get the list of users and groups.
  Then go back to Domain Management and select "Synch Now". You can set that synchronization to occur periodically.
  Once you can connect to the LDAP server properly and get the list of users, you should be able to log to the different interfaces using users from the LDAP system.
  You might need to give them LiveCyle roles to access some of the interfaces like adminui, workspace, etc. You can add roles under Settings/User Mangement/Role Management
  Jasmin

• Using Portal Server's DS 5.1 as a general LDAP server

  Does anybody use the Portal Server's "built in" Directory Server 5.1 as a general LDAP server? For instance, using the DS to authenticate workstations?
  When I installed our Portal Server 6.0, I installed it on a seperate host so I could use it for other things besides just the Portal Server.
  Before I went this route, I spoke with a Sun engineer and he said it was just like the "full blown" DS 5.1. I figured "Why have two directory servers when one will do the job for everything?"
  Now that I am eyeball deep in this project and about to go production, a different Sun engineer says not to do this because the portal server "wants to have the dir server all to itself." That's a real technical answer.
  Does anybody else do this and have you run into any problems?
  The Directory Server should scale just fine for our portal server and the little bit of misc use elsewhere.
  Any insight would be helpful.

  Hi,
  because the portal server "wants to have the dir server >> all to itself." That's a real technical answer.- ?! Why is that?! - asked I the portal and my
  portal told me, that he wouldn't mind to share
  his user directory with other appications e.g. calendar/im/mail servers...
  Just kidding,
  It is actually nice to have one userbase in one clean directory!
  Cheers,
  Alex :-)

• I can't get at my LDAP server using JMQ 1.1.  What's wrong?

  I have jmq 1.1 running on solaris. We have recently installed an ldap server on another box to provide access for jndi. I am trying to run the
  jmqconfig program to add topic by issuing the following command ...
  /opt/SUNWjmq/bin/jmqconfig -a -t t -n "cn=myTopic" -o "name=This is my Test Topic" -o "host=apollo" -o "subnet=5" -i "com.s
  un.jndi.ldap.LdapCtxFactory" -u "ldap://e-rewards.com:389/o=dev.e-rewards.com" -s simple -p "uid=devadm, o=dev.e-rewards.co
  m" -c dev999
  I am getting this message...
  Error: You have problems with access control. Please verify that
  your jmqadmin.policy file is setup properly.
  Can you tell me what I need to do to the jmqadmin.policy file to make this work?

  It looks like there is a CommunicationException while trying
  to talk to the LDAP server. Please check the SocketPermission
  entry in the jmqadmin.policy file to ensure network permission
  to the LDAP server host/port is granted. If the jmqadmin.policy
  file looks OK, I'd suggest to try a simple JNDI example which
  talks to the LDAP server to see if communication to the LDAP
  server is fine by using a similar java.security.policy file
  as jmqadmin.policy (please see JMQ 1.1 QuickStart guide chapter
  4 for more information on security policy files).
  Please note that iMQ 2.0 (formerly named JMQ) has been released