Josso not able authenticate against sun directory configuration

Similar Messages

• Error installing OAM against Sun Directory Server 6.3: No such object (32)

  Hi folks,
  I'm getting error installing OAM 10.1.4.3.0 (Linux, 64 bit) against Sun Directory Server 6.3. I've followed Oracle troubleshooting doc (http://download.oracle.com/docs/cd/E15217_01/doc.1014/e12493/trouble.htm#BABBAAFH), and replaced every occurrence of cn=userRoot with cn=my_company_name inside iPlanet5_oblix_index_add.ldif. I still get the same error "ldapmodify: No such object (32)" for every entry in the file. Has someone managed to get it to work?
  Thank you, Roman

  Hi folks,
  I got it to work, here're the steps:
  1. After loading the schema file, follow the article (http://download.oracle.com/docs/cd/E15217_01/doc.1014/e12493/trouble.htm#BABBAAFH, not the doc 552157.1 as it states incorrect info, sorry
  Notoriuos) to edit the index file (iPlanet5_oblix_index_add.ldif) and replace all occurrences of "userRoot" with "your_company_name" (which is your ldap suffix without the c=us part as in
  o=your_company_name, c=us) using vi command:
  :%s/userRoot/your_company_name/g
  2. run ldapadd (not ldapmodify! as all but the one last object listed on the dn: line might already exist under cn=config), here's example:
  $ ldapadd -x -h your_ldap_host -p your_port -c -f IdentityServer_install_dir/identity/oblix/data.ldap/common/iPlanet5_oblix_index_add.ldif -D "cn=directory manager" -w directory_manager_passwd
  3. If done right, you should see smth like this:
  adding new entry "cn=obactionname,............... per every entry in the index file
  HTH
  Roman

• Not able to select physicalschema directory for file data server in ODI 11g

  Hi,
  I am a beginner to ODI tech and stuck up with an error while doing a tutorial (mentioned in this link - http://st-curriculum.oracle.com/obe/fmw/odi/odi_11g/ODIproject_ff-to-ff/ODIproject_flatfile-to-flatfile.htm).
  While creating a physical schema for default file server(FILE_GENERIC) , I am not able to select schema directories and the name field with value 'FILE_GENERIC.Directory' is grayed out (non editable)
  I have gone through many documents but could not find any relevant information for this.
  So could you please let me know if any configurations required for this?
  Thanks,
  Anusha

  Hi Oleg,
  Thanks for your reply.
  While creation of physical schema , Name field is grayed out , is that the default behaviour of the screen? because in the tutorial I could see the name filead is pointing to a file directory path.
  Thanks,
  Anusha

• Cannot get iLOM to authenticate against Active Directory

  I'm hoping it is some sort of configuration mistake, I'll happily take the fall for misconfiguration, if it solves my issue.
  We have a number of different Sun systems we just purchased, and LOVE the iLOM capabilities. Unfortunately, we have not been able to configure the Active Directory authentication properly. We've gotten the RADIUS auth to work, but since it doesn't have any extensible groups, there's no way to cleanly divide folks up. Have read the User's Guide extensively, and tried multiple variations on the LDAP configuration of the Active Directory AdminGroup settings, with no luck.
  I have verified the iLOM unit is reaching the AD server, I have captured communications, but sine it's encrypted, I can't see where the fault lies. The clocks are certainly within 5 minutes of each other, so it's not a kerberos time issue. The 'Trace' level of logging doesn't seem to include much info to me, but here is what is captured:
  2008-07-29 14:26:14     Local0.Warning     10.40.5.7     logmgr: ID = 1366 : Tue Jul 29 14:27:42 2008 : ActDir : Log : minor : (ActDir) module loaded, MOD-VER:Tue Jun 3 07:53:02 CST 2008
  2008-07-29 14:26:14     Local0.Critical     10.40.5.7     logmgr: ID = 1367 : Tue Jul 29 14:27:42 2008 : ActDir : Log : critical : (ActDir) _BindAUser: bind error. -1:-1, Can't contact LDAP server. Check cert-file, network connectivity, local date/time
  2008-07-29 14:26:14     Local0.Critical     10.40.5.7     logmgr: ID = 1368 : Tue Jul 29 14:27:42 2008 : ActDir : Log : critical : (ActDir) _BindAUser: bind error. -1:-1, Can't contact LDAP server. Check cert-file, network connectivity, local date/time
  2008-07-29 14:26:14     Local0.Error     10.40.5.7     logmgr: ID = 1369 : Tue Jul 29 14:27:42 2008 : ActDir : Log : major : (ActDir) ServerUserAuth - Error 0, error binding user to ActiveDirectory server
  2008-07-29 14:26:15     Local0.Error     10.40.5.7     logmgr: ID = 1370 : Tue Jul 29 14:27:42 2008 : ActDir : Log : major : (ActDir) server-authenticate: auth-error idx 0 server x.x.x.x
  2008-07-29 14:26:15     Local0.Critical     10.40.5.7     logmgr: ID = 1371 : Tue Jul 29 14:27:42 2008 : ActDir : Log : critical : (ActDir) authentication status: auth-ERROR
  2008-07-29 14:26:17     Local0.Warning     10.40.5.7     logmgr: ID = 1372 : Tue Jul 29 14:27:45 2008 : Audit : Log : minor : cleverlyc : Open Session : object = /session/type : value = www : error
  We have no certificates, and do not plan on using any (for quite some time). I cannot find any errors, notifications, or other data on the AD server, showing any sort of error/misrepresented credentials etc.
  Any ideas/help?
  Thanks!!

  Looks like this seems to be a common issue as I am having the same issue using current iLOM release.
  SP Firmware Version 2.0.2.10
  SP Firmware Build Number 35249
  SP Firmware Date Wed Jul 23 22:40:58 PDT 2008
  SP Filesystem Version 0.1.14
  Addition information I can provide is when reviewing the security logs on the DC I see no attempt at of any creds being used.
  Edited by: evil_bobster on Sep 22, 2008 10:50 AM

• Not able to decide on : Mission Configurable Authorization

  Hello,
  I post here after begging people to
  please understand my problem first.this is what I need to achieve:
  It is about dynamic authorization.
  My application will have an admin page where the admin will be able to give access rights to users for certain actions on certain pages. these could be any permutation and combination.
  I need to be able to authorize them based on this condition.
  For example :
  If it were a mechanic application.
  The admin will be able to authorize MechA to be able to perform "Add, Delete" actions on garage A, but only VIEW rights on garage B.
  similarly MechB to be able to only "ADD" in garage A, but ADD,DELETE in garageB.Again, the number of garages can be many. the admin will be able to add a garage and delete a garage.
  (ofcourse, based on the current access rights they have, the JSP will display those current access rights)
  I have poured over google search and forums and security frameworks to decide on an approach for this.
  I initially had thought that I will have a table which will have two cols USER and PERMISSIONS.
  where users would be the suers and permissions would be URLs. Ex. :
  mechA | garageA/add.jsp
  mechA | garageA/delete.jsp
  mechA | garageb/view.jsp
  However, this premature understanding will not work because of obvious reasons (if I need to update or delete the URL for the user.. I am screwing up everything).
  Then, now I am thinking of an XML based authorization now. where the parent node will be the user name and his child nodes will be the URLs he has access to. Though i have not worked on this, I know this will be of no use, because my application will have the capability to switch between a db and LDAP. I have very little knowledge of LDAP though.
  No secuirty framework is going to be of help ( i have looked extensively through JAAS and Acegi).
  because they function majorly on ROLES. In my case I have no ROLES at all :-(
  I have been pulling my hair out trying for a solution for this kind of a configurable scenario, where the user base could be on a DB and on LDAP.
  Any ideas/help/pointers towards an approach would be highly appreciated.
  thanks in advance for your time.

  If you don't have roles now, rethink your design.
  What if another mechanic comes in as a replacement
  for an existing mechanic who left or goes on holiday?
  Do you really want to have to assign all permissions
  to the new mechanic again? No, you want to be able to
  say: this new mechanic has the same role(s) as the
  original mechanic and be done with it. Or what if a
  mechanic gets promoted? Instead of having to add and
  remove all the accompanying permissions, just set or
  add the new roles.Well, there will also be Groups, to which the mechanics can be assigned, but it is not a necessity for them to be under a group.
  A mechanic can be an individual with individual rights, or can be a part of a group which has certain permissions. In my case, everything needs to be highly configurable. Creating a single user(with specific permissions) or creating the group(with specific permissions) and then assigning mechanics to the group, will really be the admins choice, who will set the users up.
  If you realy, really, really can't think of any roles
  that make sense, you can pretend each mechanic
  defines his own special role (the role is the same as
  the mechanic) and still use those frameworks.hmmm... I have typically assigned URLS with wildcard chars. like /admin/*.* with ROLE_ADMIN thing.
  In this case,I will probably have to have many relative URLS mapped with a singular ROLE. However, how I can change/update these URLs based on the admins input, still remains a mystery to me.
  Any other suggestions ?

• Not able to open active directory user and computer in windows server 2008r2

  Hi All techies,
  i would like to know one issue which i am facing mostly, i have created 5 virtual machine all with window server2008r2 and one windows 7 on vm-ware now when ever i start my virtual machines everything going rite but when i try to open active directory user/
  computer or domain and trust i get a following error "data from active directory user and computers is not available from dc(null) bcoz unspecified error" even when i chk in events log its give me no help, and after 15-30 min everything works good
  Please let me know the cause of it and really appreciate it .
  Thanks
  Atul

  You need to ensure that
  1. group policy that says "wait for network before logon" is applied to all computers including servers and workstations is applied
  2. DNS record exists for all DCs in DNS
  3. If there are multiple Domain Controllers in Forests, then they point them as secondary DNS server. This way they will be able to resolve IPs if local DNS server service takes time to start.
  As Chris mentioned, you need to start all DCs first, give a time of 5 minutes and then start member servers and workstations for successful logon.
  - Sarvesh Goel - Enterprise Messaging Administrator

• Not able to copletly Uninstall directory server

  Hi All,
  I am trying to install Portal server(7.0), directory server,access manager,with SRAG on single machine.
  Start from begining I am getting the error Portal server installation failed and configuration failed.
  I uninstalled through ./unistalled command and also removed SUNW Package from /opt, /etc/opt ,/var/opt/ and moved the product registery file . First time it unistalled sucessfully. Then second time i tried to installe the same , again failed .
  I am trying to unistalled and i saw the summary , i am seeing that DS is patially unistalled .i removed all the SUNW packege and mps directory as define above
  But Installing in next time(it means 3 rd time) it is showing DS is installed and i am going with installed DS , Then in installing process it is asking Access manager Directory server host name -I m giving some maching host name but is saying error in host name please provide correct host name.
  Now I am unable in install and uninstall both is stucked now .
  Can you please help me on this sitution.
  Portal server version 7.0
  access manager 7.0
  DS(directory server) version 5.2
  Thanks,

  Hi,
  there is a solution. I recommend to make a file included a list of all JES packages (look at JES install media), but dont remove shared_components packages, they include Solaris system packages !
  http://swforum.sun.com/jive/thread.jspa?threadID=104413
  Peter

• Not able to get the standard configuration settings in GTS system

  Hi All
  We couldnot able to get any GTS related standard configuration settings in feeder & GTS clients (installed in one system)
  We have installed SLL-LEG 720 Plug-in for SAP ECC 6.0 (SAP_AP - Release 700- Level 0012)
  Thanks
  Ram

  Hi Ram ,
  You can follow the given step to get standar configuration of SAP:
  Choose a transaction in the customizing ( Define Partner Function)
  Go to the menu Utilities u2013 Adjustment
  Select the FRC connection from client 000
  Select your entries and click on Adjust
  Select COPY ALL button
  Click on YES (copy changes)
  Your entry is added in the list
  You need RFC connection to client 000.
  Hope this helps
  Kind Regards,
  Sameer

• Not able to completly Uninstall Directory Server

  Hi All,
  I am trying to install Portal server(7.0), directory server,access manager,with SRAG on single machine.
  Start from begining I am getting the error Portal server installation failed and configuration failed.
  I uninstalled through ./unistalled command and also removed SUNW Package from /opt, /etc/opt ,/var/opt/ and moved the product registery file . First time it unistalled sucessfully. Then second time i tried to installe the same , again failed .
  I am trying to unistall and i saw the summary , i am seeing that DS is patially unistalled .i removed all the SUNW packege and mps directory as define above
  But Installing in next time(it means 3 rd time) it is showing DS is installed and i am going with installed DS , Then in installing process it is asking Access manager Directory server host name -I m giving some maching host name but is saying error in host name please provide correct host name.
  Now I am unable in install and uninstall both is stucked now .
  Can you please help me on this sitution.
  Portal server version 7.0
  access manager 7.0
  DS(directory server) version 5.2
  Thanks,
  Message was edited by:
  Raja_Perumal_R

  hi Raja,
  THe machine name u r giving has slapd running on it ??

• Not able to deploy Integration Library COnfiguration for ORM

  I'm trying to install OIM-ORM integration library 10.1.4.2.
  I'm following the integration guide and trying to perform the steps in
  section 5 Configuring Oracle Role Manager > 5.1 Deploying the Integration Library Configuration.
  But getting following error and getting stuck :(
  Jul 20, 2009 4:58:29 PM oracle.iam.rm.bizlogic.impl.BusinessLogicCDM validate
  +INFO: [bizLogicCDM] validate complete. Validation error count = 2+
  Jul 20, 2009 4:58:29 PM oracle.iam.rm.authentication.impl.AuthenticationCDM validate
  +INFO: [autheCDM] validate complete. Validation error count = 2+
  Jul 20, 2009 4:58:29 PM oracle.iam.rm.deployment.DefaultStatusMonitor onProgress
  INFO: Deployment 26% complete.
  Jul 20, 2009 4:58:29 PM oracle.iam.rm.event.impl.IncomingEventCDM validate
  +INFO: [incomingEventCDM] validate complete. Validation error count = 2+
  Jul 20, 2009 4:58:29 PM oracle.iam.rm.deployment.DefaultStatusMonitor onProgress
  INFO: Deployment 27% complete.
  Jul 20, 2009 4:58:29 PM oracle.iam.rm.deployment.DefaultStatusMonitor onProgress
  INFO: Deployment 28% complete.
  Jul 20, 2009 4:58:29 PM oracle.iam.rm.deployment.DefaultStatusMonitor onProgress
  INFO: Deployment 31% complete.
  Jul 20, 2009 4:58:29 PM oracle.iam.rm.deployment.DefaultStatusMonitor onProgress
  INFO: Deployment 35% complete.
  Jul 20, 2009 4:58:29 PM oracle.iam.rm.deployment.DefaultStatusMonitor onFailure
  SEVERE: Deprecated failure management
  Validation failures:
  +[+
  Subsystem: BusinessLogicCDM Config: bizlogic.oim_integration - Transaction Operation 'reconcileAccessPolicy': Plugin 'reconcile_ITRole' in pack 'oracle.iam.rm.bizlogic.plugin.standard_ext' not found.
  Subsystem: BusinessLogicCDM Config: bizlogic.oim_integration - Transaction Operation 'reconcileUserGroups': Plugin 'reconcile_BusinessRole' in pack 'oracle.iam.rm.bizlogic.plugin.standard_ext' not found.
  +]+
  at oracle.iam.rm.deployment.impl.AbstractDeployManager.deploy(AbstractDeployManager.java:390)
  at oracle.iam.rm.deployment.DeploymentTool.deploy(DeploymentTool.java:178)
  at oracle.iam.rm.deployment.DeploymentTool.invoke(DeploymentTool.java:133)
  at oracle.iam.rm.util.cmd.CmdLineApp.invoke(CmdLineApp.java:129)
  at oracle.iam.rm.deployment.DeploymentTool.main(DeploymentTool.java:32)
  Jul 20, 2009 4:58:29 PM org.springframework.context.support.AbstractApplicationContext doClose
  +INFO: Closing application context [org.springframework.context.support.GenericApplicationContext;hashCode=18450577]+
  Jul 20, 2009 4:58:29 PM org.springframework.beans.factory.support.DefaultSingletonBeanRegistry destroySingletons
  +INFO: Destroying singletons in {org.springframework.beans.factory.support.DefaultListableBeanFactory defining beans [deploymentFactory,oracle.iam.rm.deployment.DeploymentManager,oracle.iam.rm.approval.ApprovalCDM,oracle.iam.rm.authentication.AuthenticationCDM,oracle.iam.rm.bizlogic.BusinessLogicCDM,oracle.iam.rm.bootstrap.BootstrapCDM,oracle.iam.rm.cache.CacheCDM,oracle.iam.rm.config.ConfigurationRDM,oracle.iam.rm.event.IncomingEventCDM,oracle.iam.rm.event.OutgoingEventCDM,oracle.iam.rm.i18n.InternationalizationRDM,oracle.iam.rm.i18n.InternationalizationCDM,oracle.iam.rm.loader.LoaderCDM,oracl+
  +e.iam.rm.plugin.PluginRDM,oracle.iam.rm.temporal.TemporalEngineCDM,oracle.iam.rm.timer.TimerCDM,oracle.iam.rm.hierarchy.HierarchyIndexManagerCDM]; root of BeanFactory hierarchy}+
  Deployment Failed: correct the errors or ensure that the server is down, and then re run.
  Please help.
  Thanks,
  Amruta

  I'm doing it manually.
  No customization (I'm doing it the first time).
  As per your error it is showing that*
  bizlogic.oim_integration file is not correct. Just open the oim_integration.car file. You'll find 6-7 folders there.*
  there will be one file oim_integration.xml in oracle.iam.rm.bizlogic.def folder. Just check the file, is it correct.*
  *+<business-transaction id="reconcileAccessPolicy" related-object-type="itRole" permission="manage">+*
  *+<snapshot-logic-definition plugin-pack-id="oracle.iam.rm.bizlogic.plugin.standard_ext" plugin-id="reconcile_ITRole">+*
  Are above information is present there or not , if yes are they correct?*
  Yes all this information is present in this file. How do I know if it is correct?
  I'm copying this information here.
  +<business-transaction id="reconcileAccessPolicy" related-object-type="itRole" permission="manage">+
  +<title>Reconcile IT Role</title>+
  +<audit-event>+
  +<argument-mappings>+
  +<input-argument-mapping argument-id="0" input-argument-id="displayName" dereference="false"/>+
  +<input-argument-mapping argument-id="1" input-argument-id="oimAccessPolicyId" dereference="false"/>+
  +</argument-mappings>+
  +<message>+
  +<i18n:message>IT Role ''{0}'' with OIM Access Policy key {1} was created as a result of integration with OIM.</i18n:message>+
  +<i18n:arguments>+
  +<i18n:argument type="string">+
  +<i18n:description>Name of the IT Role.</i18n:description>+
  +</i18n:argument>+
  +</i18n:arguments>+
  +</message>+
  +</audit-event>+
  +<arguments>+
  +<argument id="oimAccessPolicyId">+
  +<title>OIM Identifier</title>+
  +<related-object-type>itRole</related-object-type>+
  +<related-object-attribute>oimAccessPolicyId</related-object-attribute>+
  +</argument>+
  +<argument id="displayName">+
  +<title>Display Name</title>+
  +<related-object-type>itRole</related-object-type>+
  +<related-object-attribute>displayName</related-object-attribute>+
  +</argument>+
  +          <argument id="entitlements">+
  +<title>Comma separated values of mapped OIM entitlements Keys</title>+
  +<t:string>+
  +<t:length id="csvLength" max-length="2147483647">+
  +<t:violation-message>Entitlements csv must be a string of valid length.</t:violation-message>+
  +</t:length>+
  +</t:string>+
  +</argument>+
  +</arguments>+
  +<snapshot-logic-definition plugin-pack-id="oracle.iam.rm.bizlogic.plugin.standard_ext" plugin-id="reconcile_ITRole">+
  +<ext config-version="1.0">+
  +<config>+
  +<![CDATA[+
  +<reconcile-entity-with-mappings xmlns="http://xmlns.oracle.com/iam/rm/bizlogic/plugin/standard_ext/1_0" entity-type="itRole" identifying-attribute="oimAccessPolicyId">+
  +<mappings>+
  +<mappings-config related-entity-type="itPrivilege" related-entity-source-identifying-attribute="oimEntitlementId" related-entity-identifying-attribute="itPrivilege_id" relationship-entity-type="itRolePrivilegeMapping" identifying-attribute="itRole_id" />+
  +</mappings>+
  +<attributes>+
  +<attribute attribute-id="oimAccessPolicyId" argument-id="oimAccessPolicyId"/>+
  +     <attribute attribute-id="displayName" argument-id="displayName"/>+
  +     <attribute attribute-id="oimEntitlementId" argument-id="entitlements"/>+
  +</attributes>+
  +</reconcile-entity-with-mappings> ]]>+
  +</config>+
  +</ext>+
  +</snapshot-logic-definition>+
  +</business-transaction>+
  +<business-transaction id="reconcileUserGroups" related-object-type="businessRole" permission="manage">+
  +<title>Reconcile Business Role</title>+
  +<audit-event>+
  +<argument-mappings>+
  +<input-argument-mapping argument-id="0" input-argument-id="displayName" dereference="false"/>+
  +<input-argument-mapping argument-id="1" input-argument-id="oimUserGroupId" dereference="false"/>+
  +</argument-mappings>+
  +<message>+
  +<i18n:message> Business Role ''{0}'' with OIM User Group key {1} was created as a result of integration with OIM.</i18n:message>+
  +<i18n:arguments>+
  +<i18n:argument type="string">+
  +<i18n:description>Name of the Business Role.</i18n:description>+
  +</i18n:argument>+
  +</i18n:arguments>+
  +</message>+
  +</audit-event>+
  +<arguments>+
  +<argument id="oimUserGroupId">+
  +<title>OIM User Group Key</title>+
  +<related-object-type>businessRole</related-object-type>+
  +<related-object-attribute>oimUserGroupId</related-object-attribute>+
  +</argument>+
  +<argument id="displayName">+
  +<title>Display Name</title>+
  +<related-object-type>businessRole</related-object-type>+
  +<related-object-attribute>displayName</related-object-attribute>+
  +</argument>+
  +<argument id="rule">+
  +<title>Membership Rule of Dynamic Business Role</title>+
  +<related-object-type>businessRole</related-object-type>+
  +<related-object-attribute>membershipRule</related-object-attribute>+
  +</argument>+
  +<argument id="accessPoliciesMapping">+
  +<title>Business Role to IT Role Mapping</title>+
  +<t:string>+
  +<t:length id="csvLength" max-length="2147483647">+
  +<t:violation-message>Access policies csv must be a string of valid length.</t:violation-message>+
  +</t:length>+
  +</t:string>+
  +</argument>+
  +<argument id="members">+
  +<title>Members of Business Role</title>+
  +<t:string>+
  +<t:length id="csvLength" max-length="2147483647">+
  +<t:violation-message>Members csv must be a string of valid length.</t:violation-message>+
  +</t:length>+
  +</t:string>+
  +</argument>+
  +</arguments>+
  +<snapshot-logic-definition plugin-pack-id="oracle.iam.rm.bizlogic.plugin.standard_ext" plugin-id="reconcile_BusinessRole">+
  +<ext config-version="1.0">+
  +<config>+
  +<![CDATA[+
  +<reconcile-entity-with-mappings xmlns="http://xmlns.oracle.com/iam/rm/bizlogic/plugin/standard_ext/1_0" entity-type="businessRole" identifying-attribute="oimUserGroupId" >+
  +<mappings>+
  +<mappings-config related-entity-type="itRole" related-entity-identifying-attribute="itRole_id" related-entity-source-identifying-attribute="oimAccessPolicyId" relationship-entity-type="roleMapping" identifying-attribute="businessRole_id"/>+
  +     <mappings-config related-entity-type="person" related-entity-identifying-attribute="grantee_id" related-entity-source-identifying-attribute="oimId" relationship-entity-type="roleGrant" identifying-attribute="role_id"/>+
  +</mappings>+
  +<attributes>+
  +<attribute attribute-id="oimUserGroupId" argument-id="oimUserGroupId"/>+
  +<attribute attribute-id="displayName" argument-id="displayName"/>+
  +<attribute attribute-id="membershipRule" argument-id="rule"/>+
  +<attribute attribute-id="oimAccessPolicyId" argument-id="accessPoliciesMapping"/>+
  +<attribute attribute-id="oimId" argument-id="members"/>+
  +</attributes>+
  +</reconcile-entity-with-mappings>+
  +]]>+
  +</config>+
  +</ext>+
  +</snapshot-logic-definition>+
  +</business-transaction>+

• Integration Directory(Configuration) Problem

  Hi All,
  I am facing one Probelm. I am working one the client through Citrix. I am not able to open Integration Directory(Configuration Problem) . In onsite it's working fine. Reming all other applications(Integartion Repository and SLD and Runtime work bench) are working fine.
  if I open Integration Directory i am getting this messge.
  <jnlp spec="1.0+" codebase="http://filp55.group.upm-kymmene.com:50100/dir">
      <information>
          <title>Integration Builder</title>
          <vendor>SAP AG</vendor>
          <homepage href="http://www.sap.com" />
          <description type="one-line">Directory</description>
          <description type="short">Directory</description>
          <description type="tooltip">Directory</description>
          <icon hight="64" href="start/graphics/sap6464.gif" type="splash" width="64" />
          <icon hight="32" href="start/graphics/SAP3232.gif" width="32" />
      </information>
      <security>
          <all-permissions />
      </security>
      <resources>
          <j2se version="1.4+" initial-heap-size="32m" max-heap-size="1024m" />
          <jar href="directory/aii_ibdir_client.jar" />
          <jar href="directory/aii_ibdir_core.jar" />
          <jar href="directory/aii_ibdir_sbeans.jar" />
          <jar href="directory/aii_ibdir_rb.jar" />
          <jar href="directory/aii_ib_client.jar" />
          <jar href="directory/aii_ib_core.jar" />
          <jar href="directory/aii_ib_sbeans.jar" />
          <jar href="directory/aii_ib_rb.jar" />
          <jar href="directory/aii_util_icons.jar" />
          <jar href="directory/aii_util_swing.jar" />
          <jar href="directory/aii_util_xml.jar" />
          <jar href="directory/aii_util_xsd.jar" />
          <jar href="directory/aii_utilxi_misc.jar" />
          <jar href="directory/aii_util_rb.jar" />
          <jar href="directory/clientaii_ib_sbeans.jar" />
          <jar href="directory/clientaii_ibdir_sbeans.jar" />
          <jar href="directory/frog.jar" />
          <jar href="directory/focus14.jar" />
          <jar href="directory/sapxmltoolkit.jar" />
          <jar href="directory/jta.jar" />
          <jar href="directory/ejb20.jar" />
          <jar href="directory/exception.jar" />
          <jar href="directory/logging.jar" />
          <jar href="directory/guidgenerator.jar" />
          <jar href="directory/jperflib.jar" />
          <jar href="directory/sapni.jar" />
          <jar href="directory/sapj2eeclient.jar" />
          <property name="sap.theme" value="Streamline" />
          <property name="jnlp.log.initialConfiguration" value="FILE, SIMPLE" />
      <property name="jnlp.com.sap.aii.ib.client.properties" value="com.sap.aii.ib.client., com.sap.aii.ib.core., com.sap.aii.util.xml., com.sap.aii.connect., com.sap.aii.repository.mapping.additionaltypes, com.sap.aii.docu., com.sap.aii.ibrep.core., com.sap.aii.ibdir.core.*" /><property name="jnlp.com.sap.aii.connect.integrationserver.r3.sysnr" value="01" /><property name="jnlp.com.sap.aii.connect.landscape.contextroot" value="sld" /><property name="jnlp.com.sap.aii.connect.cr.name" value="filp40.group.upm-kymmene.com" /><property name="jnlp.com.sap.aii.ib.client.content.languages" value="EN,DE" /><property name="jnlp.com.sap.aii.connect.repository.contextroot" value="rep" /><property name="jnlp.com.sap.aii.ib.client.login.languages" value="EN,DE" /><property name="jnlp.com.sap.aii.connect.directory.rmiport" value="50104" /><property name="jnlp.com.sap.aii.connect.cr.contextroot" value="sld" /><property name="jnlp.com.sap.aii.connect.rwb.r3.client" value="790" /><property name="jnlp.com.sap.aii.connect.directory.contextroot" value="dir" /><property name="jnlp.com.sap.aii.connect.rwb.contextroot" value="rwb" /><property name="jnlp.com.sap.aii.connect.landscape.httpsport" value="@com.sap.aii.server.httpsport.lcr@" /><property name="jnlp.com.sap.aii.connect.repository.rmiport" value="50104" /><property name="jnlp.com.sap.aii.connect.repository.httpport" value="50100" /><property name="jnlp.com.sap.aii.connect.directory.name" value="filp55.group.upm-kymmene.com" /><property name="jnlp.com.sap.aii.connect.cr.httpsport" value="@com.sap.aii.server.httpsport.cr@" /><property name="jnlp.com.sap.aii.connect.repository.name" value="filp55.group.upm-kymmene.com" /><property name="jnlp.com.sap.aii.connect.integrationserver.contextroot" value="run" /><property name="jnlp.com.sap.aii.connect.integrationserver.name" value="filp55.group.upm-kymmene.com" /><property name="jnlp.com.sap.aii.connect.rwb.httpsport" value="@com.sap.aii.connect.rwb.httpsport@" /><property name="jnlp.com.sap.aii.connect.landscape.httpport" value="50000" /><property name="jnlp.com.sap.aii.docu.languages" value="null" /><property name="jnlp.com.sap.aii.ib.client.jnlp.j2se.initialheapsize" value="32m" /><property name="jnlp.com.sap.aii.util.xml.parserFactory" value="com.sap.engine.lib.jaxp.SAXParserFactoryImpl" /><property name="jnlp.com.sap.aii.connect.directory.httpport" value="50100" /><property name="jnlp.com.sap.aii.connect.directory.httpsport" value="@com.sap.aii.server.httpsport.directory@" /><property name="jnlp.com.sap.aii.connect.integrationserver.r3.httpport" value="8001" /><property name="jnlp.com.sap.aii.connect.rwb.name" value="filp55.group.upm-kymmene.com" /><property name="jnlp.com.sap.aii.connect.integrationserver.r3.client" value="790" /><property name="jnlp.com.sap.aii.connect.cr.httpport" value="50000" /><property name="jnlp.com.sap.aii.connect.landscape.name" value="filp40.group.upm-kymmene.com" /><property name="jnlp.SAPMYNAME" value="filp55_GTX_01" /><property name="jnlp.com.sap.aii.connect.rwb.httpport" value="50100" /><property name="jnlp.com.sap.aii.docu.url" value="null" /><property name="jnlp.com.sap.aii.ib.client.applicationname.directory" value="sap.com/com.sap.xi.directory/" /><property name="jnlp.com.sap.aii.util.xml.transformerFactory" value="com.sap.engine.lib.jaxp.TransformerFactoryImpl" /><property name="jnlp.com.sap.aii.ib.client.applicationname.repository" value="sap.com/com.sap.xi.repository/" /><property name="jnlp.com.sap.aii.ib.client.login.InitialContextFactory" value="com.sap.engine.services.jndi.InitialContextFactoryImpl" /><property name="jnlp.com.sap.aii.connect.integrationserver.httpport" value="50100" /><property name="jnlp.client" value="true" /><property name="jnlp.com.sap.aii.connect.repository.httpsport" value="@com.sap.aii.server.httpsport.repository@" /><property name="jnlp.com.sap.aii.ib.client.jnlp.j2se.maxheapsize" value="1024m" /><property name="jnlp.com.sap.aii.connect.integrationserver.httpsport" value="@com.sap.aii.connect.integrationserver.httpsport@" /><property name="jnlp.com.sap.aii.connect.integrationbuilder.startpage.url" value="rep/start/index.jsp" /><property name="jnlp.com.sap.aii.connect.integrationserver.r3.httpsport" value="@com.sap.aii.connect.integrationserver.r3.httpsport@" /><property name="jnlp.com.sap.aii.connect.rwb.r3.sysnr" value="01" /><property name="jnlp.com.sap.aii.util.xml.schemaValidator" value="com.sap.engine.lib.schema.validator.SchemaValidator" /><property name="jnlp.rc.release" value="7_00" /><property name="jnlp.rc.applname" value="DIRECTORY" /><property name="jnlp.rc.supportpackage" value="09" /><property name="jnlp.rc.synctime" value="${sync.time}" /></resources>
      <application-desc main-class="com.sap.aii.ibdir.gui.appl.ApplicationImpl">
          <argument>webstart</argument>
      </application-desc>
  </jnlp>
  Please help me on this..........
  Thanks in Advacne.
  Regards,
  Chandra

  Hello,
  1)
  May be the problem is a network connectivity issue. Do one thing copy the "cahce" folder from some other client PC(which has successfully opened IR and ID) to your client PC. The folder resides in "C:Documents and Settings<yourUserProfile>Application DataSunJavaDeploymentjavaws".
  Copy "cache" folder to your client PC under the above path.
  /people/shabarish.vijayakumar/blog/2006/02/13/unable-to-open-iresrid-xipipi-71-updated-for-pi-71-support
  https://www.sdn.sap.com/irj/sdn/weblogs?blog=/pub/wlg/1688 [original link is broken] [original link is broken] [original link is broken]
  2) Go to http://filp55.group.upm-kymmene.com:50100/rep/
  Click on Administration -> Java™ Web Start -> Java™ Web Start Administration ->
  Try
  1. Re-initialization (then try logging)
  2. Re-initialization and force-signing (then try logging)
  3. Delete lock (then try logging)
  Do this for IR and ID tabs.
  3) Check can be a firewall issue.
  4) Check wether sufficient roles have been assigned -> Tcode -> SU01 -> roles tab. These roles need to be assigned to your username
  SAP_BC_AI_LANDSCAPE_DB_RFC
  SAP_SLD_CONFIGURATOR
  SAP_SLD_DEVELOPER
  SAP_XI_BPE_CONFIGURATOR_ABAP
  SAP_XI_BPE_MONITOR_ABAP
  SAP_XI_DEVELOPER
  SAP_XI_DEVELOPER_ABAP
  SAP_XI_DEVELOPER_J2EE
  SAP_XI_MONITOR
  SAP_XI_MONITOR_ABAP
  SAP_XI_MONITOR_J2EE
  <b>*******************Reward,if found useful</b>
  Edited by: BVS on May 7, 2008 3:01 PM

• Not able to use Alert Configuration/Alert Inbox in the Runtime Workbench

  Hi Experts,
                    I have installed PI 7.1 on my system. I'm not able to use the Alert Configuration/Alert Inbox in the Runtime WorkBench. It is asking for a logon and the logon which i used for ABAP & Java Stack is not working.
  e.g., For ABAP Stack, the User Id is: "sapuser" & For Java Stack, the User Id is: "pisuper". But, both these User Id's are not working for the Alert Configuration/Alert Inbox in the RWB.
  Can someone pls suggest me, how to proceed?
  Br
  G@nesh

  Hi Preethi,
  Can u pls help me, how to check whether the relevant roles are assigned to this user i.e., pisuper for the JAVA stack in the UME or not? i even tried to use Alert Configuration/Alert Inbox with the User ID: ddic & j2ee_admin, but it too didn't work...
  I would like to use Alert Configuration/Alert Inbox with my User Id: pisuper, which i'm using to logon to the JAVA stack
  while exploring, i logged on to the useradmin page i.e., http://p71:58800/useradmin with the User Id: j2ee_admin... If this is correct, can u pls let me know how can i add the necessary roles to my User Id: pisuper so that i can use Alert Configuration/Alert Inbox with my User Id: pisuper
  Br
  G@nesh

• In Fusion-Order-Demo appln  , not able to find directory  /labs/files

  hi,
  I'm practicing FOD application(FusionOrderDemo_R1PS2).For writing codes, the pdf (Oracle Fusion Middleare , building Applications with ADF) suggests for taking code from /labs/files directory.but I'm not able to find this directory.Please suggest as where I should look for this directory.
  Rgds,
  Shaan

  I have the same problem..ufffff

• Assigning a login module to a single WebDynpro to authenticate against LDAP

  Hi there,
  we are running the J2EE Engine 7.0 within XI on SAP NetWeaver 2004s / Linux x86_64.
  Basically, i want to Authenticate a Java WebDynpro against an LDAP (Active Directory). With the XI Usage installed, I can not customize the UME to authenticate against an LDAP (not supported and not possible).
  Thus, I want to use a custom login module or, if suitable, a standard login module to authenticate against LDAP. I know that all WebDynpro Apps use the default authentication scheme that in turn references the authentication template "ticket".
  1) Can I use a predefined Login Module to authenticate against Active Directory LDAP or do I have to write a custom login module?
  2) Is it possible to assign a login module to a single WebDynpro and how can I do this?
  Thanks a lot in advance,
  Oliver Kalkofen

  > Thus, I want to use a custom login module or, if
  > suitable, a standard login module to authenticate
  > against LDAP.
  We have developed a custom login module which does this. It looks to the user like the BasicPasswordLoginModule provided with SAP, but the userid and password entered has to be a valid accountpassword from the Active Director domain. We use the Kerberos protocol to perform this useridpassword validation, not LDAP. The userid can be just a name, in which case the default domain (realm in Kerberos terminology) or it can be specified as user@REALM in which case a non-default realm can be used to authenticate. Once the authentication is complete, we look in USRACL table to map this Kerberos principal name onto a SAP userid so we can then create an SSO2 ticket.
  If you interested to evaluate, or get a quote for purchasing this, please contact me offline. Of course, you can develop your own if you are happy to do so. I just thought you might be interested to know of an alternative.
  Thanks,
  Tim

• External User directory configuration MSAD

  Hi,
  I am trying to configure MSAD External User directory in Hyperion Shared services 9.3.1 and got succeed. After restarting Shared services I am not able to find MSAD directory in user directories and showing as below
  Directory name Directory Type search order
  Native Directory NATIVE 1
  MSADDIR MSAD Not Used
  when i trying to test the connection it is showing successful.
  Can anyone help me on this.
  Any help would be greatly appreciated.
  Regards
  PrakashV

  Hi Jhon,
  Thank you for your quick response.
  Previously I configured with OID and given the Server connection details only and the OID configured successfully. Now I am trying to configure with MSAD now I have given only server connection details. I have not specified search details. Atleast it has to be visible at "User Directories" in shared services (left panel).
  If i have supplied any wrong information test connection should not be success. But I am able to test success. Here are the details i have given.
  Server Info
  Directory Server: Microsoft
  Name: MSADDIR
  Hostname: <Server IP>
  Port : 389
  SSL enabled: <Not checked>
  Base DN: DC=<>, DC=local,
  ID Attribute: ObjectGUID
  Maxmum Size: 100
  Anonymous bind: <Not checked>
  Trusted: <Checked>
  User Info:
  append base DN: <Checked>
  User DN: cn=hyperion
  Password: <password>
  Please help me if you have any idea.
  Regards
  PrakashV