LDAP and Notes Group Security Authentication Troubles
First, my apologies if this is in the wrong forum, but after looking at the forum names a few times this seemed the most appropriate.
I have a PDF file that I would like to have access restricted to a certain group on my organization's directory server. I'm kind of the new guy here, so I'm not 100% certain on this, but I'm pretty sure that our setup is:
A Lotus Domino LDAP server storing the directory information in a Lotus Notes database. Each user has a Notes certificate stored on the server for authentication to various databases we have on our intranet.
I've entered the LDAP server information in the Security Settings... window in Acrobat, and I'm sure its correct as I can use the same information to browse the LDAP server with Softerra LDAP browser. There is no authentication required, but the server might restrict access based on domain; I'm not sure (shouldn't matter). Anyway, when I go to Manage Trusted Identities... then Add Contacts, then Search, I can never get any results to return.
I wish to only allow users in a certain group, CN=ALLOWED - GROUP, to have access to the PDF. I feel that there should be a way to accomplish this with the Notes certificates. Anyone know what I'm doing wrong or need to do?
If something I've said is wrong or unclear, I'd be happy to try again; this sort of thing isn't my forte.
Thanks in advance,
Mark
> I guess the CA is the machine that's hosting the Lotus notes database
No, the CA is merely an "entity". It's your Certificate Authority, the master certificate used to sign and authenticate all subsidiary certificates. You are talking about setting this up as a PKI for signature validation and managed security, right? Or am I way off base with your workflow and leading you away from where you should be (if so, feel free to ignore me - lots of people do)?
Leonard is right though, for securing individual PDFs to a specific group you would need LiveCycle Rights Management ES. The security needs to be in the PDF itself otherwise its useless. Say you configure your security at an application level, as you are trying to do, and then someone copies the PDF to a USB key and takes it home. No longer on your network, so they can now freely open the document.
Similar Messages
-
LDAP- When importing a Group it goes into Security Users and not Groups.
Hello,
I created a new LDAP Server
cn=GroupBI,OU=Groups,OU=Systems,OU=Milan,OU=Italy,OU=Countries,DC=u,DC=a,DC=g
Connection Test was ok.
The problem is on importing members of my group, on Security Import window instead of having the group drop-down list populated I have the user drop-down list populated with "GroupBI".
If I import this group (considered as a user by BI) it goes into Security > Users and not Security > Groups.
This does not make sense.
I'm sure this "GroupBI" is a group and not a user and the atribute type used is sAMAccountname
Any help?
CheersLet me tell how we did Authentication using LDAP
I havent imported any groups or users once the LDAP is set up and connection was successfull. I simply created the session variables USER DISPLAYNAME EMAIL and mapped to LDAP Variables uid, displayname, mail.
Authentication is done in this way by mapping the OBIEE variables to LDAP variables instead of importing the groups.
Now for Authorization I created the groups populated using some db tables and captured the group name and loglevel and applied filters on the group in the rpd for data level and permissions on the group in webcat for object level.
So just for Authentication purposes I think we can authenticate with out really importing groups as long as you map OB variables to LDAP
hope it helps
Prash -
I am using wls version 5.1 with service pack 7. I still need to add all
users the the "everyone" group in order to be able to authenticate. I
thought this issue was resolved in the latest service pack. But I still
get an exception thrown if my user is not in "everyone" group. Does
anyone know what the status of this bug is? Is it resolved or not?
Here is the exception:
java.rmi.RemoteException: Security violation: insufficient permission to
access method
at
weblogic.ejb.internal.BaseEJBObject.preInvoke(BaseEJBObject.java:431)
at
com.itginc.webtrade.ejb.LoginBeanEOImpl.loginUser(LoginBeanEOImpl.java:143)
at
com.itginc.webtrade.ejb.LoginBeanEOImpl_ServiceStub.loginUser(LoginBeanEOImpl_ServiceStub.java:112)
at
com.itginc.webtrade.servlets.LoginServlet.service(LoginServlet.java:190)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:865)
at
weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:106)
at
weblogic.servlet.internal.ServletContextImpl.invokeServlet(ServletContextImpl.java:907)
at
weblogic.servlet.internal.ServletContextImpl.invokeServlet(ServletContextImpl.java:851)
at
weblogic.servlet.internal.ServletContextManager.invokeServlet(ServletContextManager.java:252)
at
weblogic.socket.MuxableSocketHTTP.invokeServlet(MuxableSocketHTTP.java:364)
at
weblogic.socket.MuxableSocketHTTP.execute(MuxableSocketHTTP.java:252)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:129)Glen wrote:
>
I just encountered this error and deleted the 'everyone' group as a workaround.We authenticate with LDAP and WL always complained about not finding the group 'everyone'. The app worked fine but I thought I'd be a good guy and add the group to LDAP. Once I did, I got your error.Could the issue be that the 'everyone' group is OK but the permissions on the group deny access? I'm searching BEA to find out the expected permissions when I found your posting.I still need the expected permissions for the 'everyone' group.According to http://www.weblogic.com/docs51/admindocs/ldap.html#changes
.. you don't need to define the everyone group in any version after WLS 5.0
because of the introduction of the CachingRealm. -
JAX-WS web service client and Windows integrated Security authentication
I am currently developing a JAX-WS web service client running on WebLogic 10.3.2.0. The client is connecting to exchange web service running on IIS.
Everything works well when EWS is configured with Http basic authentication.
The problems started when I changed the autentication method on EWS from Http basic authentication to Windows integrated Security authentication.
The client is then unable to authenticate to the web service. Every request made to EWS returns with the message : Invalid HTTP server response [401] - Unauthorized.
I tried using an authenticator like this one:
static class RetrieveWSDLAuthenticator extends Authenticator
private String username, password;
public RetrieveWSDLAuthenticator(String user, String pass)
username = user;
password = pass;
@Override
protected PasswordAuthentication getPasswordAuthentication()
return new PasswordAuthentication(username, password.toCharArray());
and setting it as the default authenticator :
Authenticator.setDefault(new MyAuthenticator("username", "password"));
but the method getPasswordAuthentication() was not even called.
Is there a way to make a JAX-WS client works with Windows integrated Security ?WIS is not suppported on WLS JAX-WS. You'll need to use other authentication mechanisms such as http basic (which you tried already), or message-level security such as UNT, or SAML.
Regards,
Pyounguk -
Dynamic Login Environment with LDAP and Database level security.
JDeveloper 11.1.1.0.1 + ADF BC + ADF RC
Hi everyone,
We are ready to begin creating a dynamic login environment.
We would like to be able to keep security on the database side, instead of in the application layer.
We also want to be able to use Oracle LDAP for authentication.
Can anyone suggest any good documentation for our situation?
Highly appreciated. Thanks!Alexander,
unlike in Forms, authentication is separate from connection. You can have individual user connections - like in Forms - but this most likely is not of best performance. A document and example for this to follow is
http://radio.weblogs.com/0118231/2008/08/06.html#a902
Note that authentication does not need to be hard coded in either way. If you use a single database connection and container managed authentication, then all users access the database from the same user account but can have their authenticated names passed through. In ADF BC you can use the prepareSession method on the ApplicationModule to pass the name to the database as a prepared statement (e.g. to set the predicate on a VPD database). However, using PLSQL for authorization is a bit difficult because the business logic, unlike in Forms isn't executed in PLSQL. You can look up PLSQ from ADF BC - or Java in general - but its a separate call.
Frank -
LDAP user not found when authenticating
In the next episode of my LDAP sync struggles, I am not able to authenticate any user when LDAP authentication is set.
The user data is synching fine through the Active Directory, but when attempting to log in I get the "Incorrect User Name or Passward" message.
In the client management log it says the user does not exist. I know the user exists because I can run beectl list_users and it shows up.
The log for the authentication service returns a no data found: BEE_CODE.AUTH_PKG", line 506 error.
Any ideas?
Thanks,
TomAlso a "beectl validate_directory_entry --all --profiel OCSDEV1" is not working on that box. It fails with:
[2009-07-16T20:51:44.289+02:00] [beehive] [ERROR] [] [commandline.framework.CommandExecutionStatus] [host: beerctest1.kuttigdemo.com] [nwaddr: 172.16.1.67] [tid: 10] [userId: oracle] [ecid: 172.16.1.67:57755:1247769990410:1,0] Command Execution Error Stack Trace : [[ oracle.ocs.commandline.BeeCtlException: CsiException occurred. Internal error message: BEER-00700[[
at oracle.ocs.commandline.commandimpl.uds.DirectoryReconcile.execute(DirectoryReconcile.java:677)
at oracle.ocs.mgmtsvc.clicommunication.ExecuteCommand.executeCommand(ExecuteCommand.java:218)
at oracle.ocs.mgmtsvc.clicommunication.CLICommunicator$1.call(CLICommunicator.java:66)
at oracle.ocs.mgmtsvc.clicommunication.CLICommunicator$1.call(CLICommunicator.java:64)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:269)
at java.util.concurrent.FutureTask.run(FutureTask.java:123)
at oracle.ocs.framework.service.FrameworkServiceExecutor.executeCommand(FrameworkServiceExecutor.java:92)
at oracle.ocs.omb.lib.LimitingExecutor.runPendingTasks(LimitingExecutor.java:117)
at oracle.ocs.framework.service.FrameworkServiceExecutor.access$001(FrameworkServiceExecutor.java:23)
at oracle.ocs.framework.service.FrameworkServiceExecutor$1$1.run(FrameworkServiceExecutor.java:73)
at oracle.ocs.framework.service.FrameworkServiceExecutor$1$1.run(FrameworkServiceExecutor.java:64)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:454)
at oracle.ocs.csi.impl.util.OcsUserContextUtil.performPrivilegedActionDoAs(OcsUserContextUtil.java:453)
at oracle.ocs.authentication.csi.controls.OcsUserContextUtilFactoryImpl.performPrivilegedActionDoAs(OcsUserContextUtilFactoryImpl.java:197)
at oracle.ocs.framework.service.FrameworkServiceExecutor$1.run(FrameworkServiceExecutor.java:83)
at oracle.ocs.service.AbstractServiceLifeCycleListener.execute(AbstractServiceLifeCycleListener.java:66)
at sun.reflect.GeneratedMethodAccessor40.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.evermind.server.ejb.interceptor.joinpoint.EJBJoinPointImpl.invoke(EJBJoinPointImpl.java:35)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
at com.evermind.server.ejb.interceptor.system.DMSInterceptor.invoke(DMSInterceptor.java:52)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
at com.evermind.server.ejb.interceptor.system.SetContextActionInterceptor.invoke(SetContextActionInterceptor.java:44)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
at com.evermind.server.ejb.InvocationContextPool.invoke(InvocationContextPool.java:55)
at oracle.j2ee.connector.messageinflow.MessageEndpointImpl.OC4J_invokeMethod(MessageEndpointImpl.java:297)
at MgmtSvcLifeCycleMdb_EndPointProxy_7ob046.execute(Unknown Source)
at oracle.ocs.framework.service.FrameworkServiceExecutor.runPendingTasks(FrameworkServiceExecutor.java:114)
at oracle.ocs.omb.lib.LimitingExecutor$1.run(LimitingExecutor.java:129)
at oracle.ocs.omb.lib.LimitingExecutor.executeCommand(LimitingExecutor.java:122)
at oracle.ocs.omb.lib.LimitingExecutor.runPendingTasks(LimitingExecutor.java:117)
at oracle.ocs.omb.lib.LimitingExecutor$1.run(LimitingExecutor.java:129)
at oracle.ocs.framework.ra.util.RaExecutor$WorkManagerAdapter$1.run(RaExecutor.java:57)
at oracle.ocs.framework.ra.FrameworkRa$OcsWorkManager$OcsWrappedWork.run(FrameworkRa.java:1875)
at oracle.j2ee.connector.work.WorkWrapper.runTargetWork(WorkWrapper.java:242)
at oracle.j2ee.connector.work.WorkWrapper.doWork(WorkWrapper.java:215)
at oracle.j2ee.connector.work.WorkWrapper.run(WorkWrapper.java:190)
at EDU.oswego.cs.dl.util.concurrent.PooledExecutor$Worker.run(PooledExecutor.java:830)
at java.lang.Thread.run(Thread.java:595)
Caused by: oracle.csi.CsiException: BEER-00700
CsiException:oracle.ocs.core.store.exceptions.sqlexception.OcsFatalConnectionException: Io exception: Socket read timed out:Class: ExceptionMetadataFactory
ErrorCode: ErrorCode:[BEER-00700,SEVERE,A database operation failed due to a transient or permanent error]
Details: Io exception: Socket read timed out
Cause: A database operation failed due to a transient or permanent error
Effect: The attempted operation could not be completed
Action: Try again later. If the problem persists, contact your system administrator
Message: null
Caused by: null
Service instance ids: [26d5da72-2fb6-43d9-ae85-e43ca380f76a, 8c4ee1a2-1caa-4f9d-ad78-ae496df9b963, 8c4ee1a2-1caa-4f9d-ad78-ae496df9b963]
Service instance list: [instance_mgmtsvc_BEEMGMT_Instance.beerctest1.kuttigdemo.com, instance_uds-service_BEECORE_Instance.beerctest1.kuttigdemo.com, instance_uds-service_BEECORE_Instance.beerctest1.kuttigdemo.com]
Audit logon attributes: [BEE_LOGON_REC_CLIENT_LOCALE:en_US; BEE_LOGON_REC_ID:100; BEE_LOGON_REC_PRINCIPAL_NAME:SYSTEM; ]
at REMOTE_CALL_TO_Instance.beerctest1.kuttigdemo.com.BEECORE(uds-service_8c4ee1a2-1caa-4f9d-ad78-ae496df9b963:0)
at REMOTE_CALL_TO_Instance.beerctest1.kuttigdemo.com.BEECORE(uds-service_8c4ee1a2-1caa-4f9d-ad78-ae496df9b963:0)
at oracle.ocs.uds.service.ControlImpl.throwDatabaseError(ControlImpl.java:75)
at oracle.ocs.uds.service.directory.user.UserControlImpl.loadUsersByCollabId(UserControlImpl.java:593)
at oracle.ocs.uds.service.directory.user.UserControlImpl.loadUsers(UserControlImpl.java:618)
at oracle.ocs.uds.service.directory.UserDirectoryControlBean.loadUsers(UserDirectoryControlBean.java:309)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.evermind.server.ejb.interceptor.joinpoint.EJBJoinPointImpl.invoke(EJBJoinPointImpl.java:35)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
at com.evermind.server.ejb.interceptor.MethodBasedInterceptor$EJBInvocationCallbackImpl.proceed(MethodBasedInterceptor.java:110)
at oracle.ocs.csi.impl.framework.BeehiveEjbInterceptor.intercept(BeehiveEjbInterceptor.java:103)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.evermind.server.ejb.interceptor.MethodBasedInterceptor.invoke(MethodBasedInterceptor.java:47)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
at com.evermind.server.ejb.interceptor.MethodBasedInterceptor$EJBInvocationCallbackImpl.proceed(MethodBasedInterceptor.java:110)
at oracle.ocs.uds.service.stats.StatsInterceptor.intercept(StatsInterceptor.java:84)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.evermind.server.ejb.interceptor.MethodBasedInterceptor.invoke(MethodBasedInterceptor.java:47)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
at com.evermind.server.ejb.interceptor.system.SetContextActionInterceptor.invoke(SetContextActionInterceptor.java:44)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
at com.evermind.server.ejb.interceptor.system.DMSInterceptor.invoke(DMSInterceptor.java:52)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
at com.evermind.server.ejb.interceptor.system.JAASInterceptor$1.run(JAASInterceptor.java:31)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:396)
at com.evermind.server.ThreadState.runAs(ThreadState.java:695)
at com.evermind.server.ejb.interceptor.system.JAASInterceptor.invoke(JAASInterceptor.java:34)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
at com.evermind.server.ejb.interceptor.system.TxSupportsInterceptor.invoke(TxSupportsInterceptor.java:37)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
at com.evermind.server.ejb.interceptor.system.DMSInterceptor.invoke(DMSInterceptor.java:52)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
at com.evermind.server.ejb.InvocationContextPool.invoke(InvocationContextPool.java:55)
at com.evermind.server.ejb.StatelessSessionEJBObject.OC4J_invokeMethod(StatelessSessionEJBObject.java:87)
at UserDirectoryControl_RemoteProxy_4k6c09i.loadUsers(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.evermind.server.rmi.RmiMethodCall.run(RmiMethodCall.java:53)
at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303)
at java.lang.Thread.run(Thread.java:595)
at com.evermind.server.rmi.RMICall.warningExceptionOriginatesFromTheRemoteServer(RMICall.java:109)
at com.evermind.server.rmi.RMICall.throwRecordedException(RMICall.java:129)
at com.evermind.server.rmi.RMIClientConnection.obtainRemoteMethodResponse(RMIClientConnection.java:603)
at com.evermind.server.rmi.RMIClientConnection.invokeMethod(RMIClientConnection.java:540)
at com.evermind.server.rmi.RemoteInvocationHandler.invoke(RemoteInvocationHandler.java:63)
at com.evermind.server.rmi.RecoverableRemoteInvocationHandler.invoke(RecoverableRemoteInvocationHandler.java:28)
at com.evermind.server.ejb.StatelessSessionRemoteInvocationHandler.invoke(StatelessSessionRemoteInvocationHandler.java:43)
at __Proxy6.loadUsers(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at oracle.ocs.csi.impl.framework.AdvancedBeehiveControlLocator$RMICallProxy.invoke(AdvancedBeehiveControlLocator.java:615)
at oracle.ocs.csi.impl.framework.AdvancedBeehiveControlLocator$RMICallProxy.invoke(AdvancedBeehiveControlLocator.java:532)
at $Proxy214.loadUsers(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at oracle.ocs.uds.csi.directory.UserDirectoryControlCustomStub.invokeRemoteMethod(UserDirectoryControlCustomStub.java:87)
at oracle.ocs.uds.csi.directory.UserDirectoryControlCustomStub.invoke(UserDirectoryControlCustomStub.java:59)
at $Proxy214.loadUsers(Unknown Source)
at oracle.ocs.uds.service.directory.user.bulk.MultiUserReconcile.bulkLoadFrmBeehive(MultiUserReconcile.java:1025)
at oracle.ocs.uds.service.directory.user.bulk.MultiUserReconcile.reconcileWorker(MultiUserReconcile.java:563)
at oracle.ocs.uds.service.directory.user.bulk.MultiUserReconcile.allUserReconcile(MultiUserReconcile.java:438)
at oracle.ocs.uds.service.directory.user.bulk.OcsUserDirectoryControlBean.allEntityReconcile(OcsUserDirectoryControlBean.java:593)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.evermind.server.ejb.interceptor.joinpoint.EJBJoinPointImpl.invoke(EJBJoinPointImpl.java:35)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
at com.evermind.server.ejb.interceptor.MethodBasedInterceptor$EJBInvocationCallbackImpl.proceed(MethodBasedInterceptor.java:110)
at oracle.ocs.csi.impl.framework.BeehiveEjbInterceptor.intercept(BeehiveEjbInterceptor.java:103)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.evermind.server.ejb.interceptor.MethodBasedInterceptor.invoke(MethodBasedInterceptor.java:47)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
at com.evermind.server.ejb.interceptor.MethodBasedInterceptor$EJBInvocationCallbackImpl.proceed(MethodBasedInterceptor.java:110)
at oracle.ocs.uds.service.stats.StatsInterceptor.intercept(StatsInterceptor.java:84)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.evermind.server.ejb.interceptor.MethodBasedInterceptor.invoke(MethodBasedInterceptor.java:47)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
at com.evermind.server.ejb.interceptor.system.SetContextActionInterceptor.invoke(SetContextActionInterceptor.java:44)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
at com.evermind.server.ejb.interceptor.system.DMSInterceptor.invoke(DMSInterceptor.java:52)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
at com.evermind.server.ejb.interceptor.system.JAASInterceptor$1.run(JAASInterceptor.java:31)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:396)
at com.evermind.server.ThreadState.runAs(ThreadState.java:695)
at com.evermind.server.ejb.interceptor.system.JAASInterceptor.invoke(JAASInterceptor.java:34)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
at com.evermind.server.ejb.interceptor.system.TxSupportsInterceptor.invoke(TxSupportsInterceptor.java:37)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
at com.evermind.server.ejb.interceptor.system.DMSInterceptor.invoke(DMSInterceptor.java:52)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
at com.evermind.server.ejb.InvocationContextPool.invoke(InvocationContextPool.java:55)
at com.evermind.server.ejb.StatelessSessionEJBObject.OC4J_invokeMethod(StatelessSessionEJBObject.java:87)
at OcsUserDirectoryControl_RemoteProxy_4k6c09i.allEntityReconcile(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.evermind.server.rmi.RmiMethodCall.run(RmiMethodCall.java:53)
at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303)
at java.lang.Thread.run(Thread.java:595)
at com.evermind.server.rmi.RMICall.warningExceptionOriginatesFromTheRemoteServer(RMICall.java:109)
at com.evermind.server.rmi.RMICall.throwRecordedException(RMICall.java:129)
at com.evermind.server.rmi.RMIClientConnection.obtainRemoteMethodResponse(RMIClientConnection.java:603)
at com.evermind.server.rmi.RMIClientConnection.invokeMethod(RMIClientConnection.java:540)
at com.evermind.server.rmi.RemoteInvocationHandler.invoke(RemoteInvocationHandler.java:63)
at com.evermind.server.rmi.RecoverableRemoteInvocationHandler.invoke(RecoverableRemoteInvocationHandler.java:28)
at com.evermind.server.ejb.StatelessSessionRemoteInvocationHandler.invoke(StatelessSessionRemoteInvocationHandler.java:43)
at __Proxy4.allEntityReconcile(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at oracle.ocs.csi.impl.framework.AdvancedBeehiveControlLocator$RMICallProxy.invoke(AdvancedBeehiveControlLocator.java:615)
at oracle.ocs.csi.impl.framework.AdvancedBeehiveControlLocator$RMICallProxy.invoke(AdvancedBeehiveControlLocator.java:532)
at $Proxy231.allEntityReconcile(Unknown Source)
at oracle.ocs.commandline.commandimpl.uds.DirectoryReconcile.execute(DirectoryReconcile.java:671)
... 40 more
Caused by: oracle.ocs.core.store.exceptions.sqlexception.OcsFatalConnectionException: Io exception: Socket read timed out
at oracle.ocs.core.store.DbUtil.analyzeException(DbUtil.java:157)
at oracle.ocs.core.store.DbUtil.analyzeExceptionAndCloseConnection(DbUtil.java:240)
at oracle.ocs.framework.store.db.OcsOracleStatementProxyHandler.invoke(OcsOracleStatementProxyHandler.java:155)
at $Proxy1.execute(Unknown Source)
at oracle.ocs.framework.store.db.OcsOraclePreparedStatement.execute(OcsOraclePreparedStatement.java:864)
at oracle.ocs.uds.service.directory.user.OrganizationUserStorage.load(OrganizationUserStorage.java:1255)
at oracle.ocs.uds.service.directory.user.OrganizationUserStorage.loadBatch(OrganizationUserStorage.java:1181)
at oracle.ocs.uds.service.DirectoryObjectStorage.loadAll(DirectoryObjectStorage.java:2550)
at oracle.ocs.uds.service.directory.user.OrganizationUserStorage.loadAll(OrganizationUserStorage.java:1171)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at oracle.ocs.uds.service.ControlImpl.invokeWithRetry(ControlImpl.java:243)
at oracle.ocs.uds.service.directory.user.UserControlImpl.loadUsersByCollabId(UserControlImpl.java:586)
at oracle.ocs.uds.service.directory.user.UserControlImpl.loadUsers(UserControlImpl.java:618)
at oracle.ocs.uds.service.directory.UserDirectoryControlBean.loadUsers(UserDirectoryControlBean.java:309)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.evermind.server.ejb.interceptor.joinpoint.EJBJoinPointImpl.invoke(EJBJoinPointImpl.java:35)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
at com.evermind.server.ejb.interceptor.MethodBasedInterceptor$EJBInvocationCallbackImpl.proceed(MethodBasedInterceptor.java:110)
at oracle.ocs.csi.impl.framework.BeehiveEjbInterceptor.intercept(BeehiveEjbInterceptor.java:103)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.evermind.server.ejb.interceptor.MethodBasedInterceptor.invoke(MethodBasedInterceptor.java:47)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
at com.evermind.server.ejb.interceptor.MethodBasedInterceptor$EJBInvocationCallbackImpl.proceed(MethodBasedInterceptor.java:110)
at oracle.ocs.uds.service.stats.StatsInterceptor.intercept(StatsInterceptor.java:84)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.evermind.server.ejb.interceptor.MethodBasedInterceptor.invoke(MethodBasedInterceptor.java:47)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
at com.evermind.server.ejb.interceptor.system.SetContextActionInterceptor.invoke(SetContextActionInterceptor.java:44)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
at com.evermind.server.ejb.interceptor.system.DMSInterceptor.invoke(DMSInterceptor.java:52)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
at com.evermind.server.ejb.interceptor.system.JAASInterceptor$1.run(JAASInterceptor.java:31)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:396)
at com.evermind.server.ThreadState.runAs(ThreadState.java:695)
at com.evermind.server.ejb.interceptor.system.JAASInterceptor.invoke(JAASInterceptor.java:34)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
at com.evermind.server.ejb.interceptor.system.TxSupportsInterceptor.invoke(TxSupportsInterceptor.java:37)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
at com.evermind.server.ejb.interceptor.system.DMSInterceptor.invoke(DMSInterceptor.java:52)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
at com.evermind.server.ejb.InvocationContextPool.invoke(InvocationContextPool.java:55)
at com.evermind.server.ejb.StatelessSessionEJBObject.OC4J_invokeMethod(StatelessSessionEJBObject.java:87)
at UserDirectoryControl_RemoteProxy_4k6c09i.loadUsers(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.evermind.server.rmi.RmiMethodCall.run(RmiMethodCall.java:53)
at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303)
... 1 more
Caused by: java.sql.SQLException: Io exception: Socket read timed out
at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:112)
at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:146)
at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:255)
at oracle.jdbc.driver.T4CCallableStatement.executeForRows(T4CCallableStatement.java:991)
at oracle.jdbc.driver.OracleStatement.doExecuteWithTimeout(OracleStatement.java:1285)
at oracle.jdbc.driver.OraclePreparedStatement.executeInternal(OraclePreparedStatement.java:3376)
at oracle.jdbc.driver.OraclePreparedStatement.execute(OraclePreparedStatement.java:3482)
at oracle.jdbc.driver.OracleCallableStatement.execute(OracleCallableStatement.java:4400)
at oracle.ocs.framework.store.db.OcsOraclePreparedStatementExtentionImpl.execute(OcsOraclePreparedStatementExtentionImpl.java:92)
at sun.reflect.GeneratedMethodAccessor34.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at oracle.ocs.framework.store.db.OcsOracleStatementProxyHandler.invoke(OcsOracleStatementProxyHandler.java:126)
... 60 more -
Send Button and XMLP_SCHEDULER group security bug
hi folks,
My BIP users are grouped into basic users who can just read reports and advanced users who can schedule them. Obviously i've done this using the XMLP_SCHEDULER group, no problem. Those in XMLP_SCHEDULER see the scheduler button and it works fine and those not in the group cannot see the schedule button.
However, the basic users who are NOT in the XMLP_SCHEDULER group still see the "send" button, but when they click on it it gives an error:
"Unauthorized Access: please contact the administrator."
I would like the basic users to be able to send, NOT to schedule. Or if this is not possible at least for them not to see the send button!
This seems like a bug in the security setup which i wonder if anyone else has managed to work around.
thanks
neilHi Saichand,
I have a related and one requirement on SEND button in BI Publisher. we want to disable SEND button for the users for few reports or enable for few reports.
I mean not taking of the buttion, anyways SEND buttion comes with the product. but they want to enable or disable the buttion for users.
Any ideas / thoughts would be greatly apprecated.
Thanks in advance
skat -
Add entry to ldap and not tnsnames
Hi all.
Oracle DB:
Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 - 64bi
PL/SQL Release 10.2.0.4.0 - Production
CORE 10.2.0.4.0 Production
TNS for Linux: Version 10.2.0.4.0 - Production
NLSRTL Version 10.2.0.4.0 - Production
Oracle Reports Server:
OAS 10g (9.0.4) Reports
May seem elementary but having dificulty finding out where to add an entry for a new db so I can acces it from our report server.
I didn't set up the Oracle Reports Server and am wondering how I can add an entry to ldap so I can access database running on seperate server.
I can tnsping other dbs on same machine from report server: (unawlo1 and wlocdbt1 are running on same server and both exist in tnsnames.ora file on that server)
[oracle@rcwlo-oas admin]$ tnsping unawlo1
TNS Ping Utility for Linux: Version 9.0.1.4.0 - Production on 27-JAN-2010 11:30:25
Copyright (c) 1997 Oracle Corporation. All rights reserved.
Used parameter files:
/u01/app/oracle/product/904oas/infra/network/admin/sqlnet.ora
Used LDAP adapter to resolve the alias
Attempting to contact (DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=rcwlo-ods10g.cdn.ray.com)(PORT=1521)))(CONNECT_DATA=(SERVICE_NAME=unawlo1)))
OK (0 msec)
[oracle@rcwlo-oas admin]$ tnsping wlocdbt1
TNS Ping Utility for Linux: Version 9.0.1.4.0 - Production on 27-JAN-2010 11:30:32
Copyright (c) 1997 Oracle Corporation. All rights reserved.
Used parameter files:
/u01/app/oracle/product/904oas/infra/network/admin/sqlnet.ora
TNS-03505: Failed to resolve name
Using LDAP adapter but not sure where I can add info for wlocdbt1 on the report server.
Any help is appreciated.
ThanksAdded to tnsnames.ora and still can't tnsping..
WLOCDBT1 =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = RCWLO-ODS10g.cdn.ray.com)(PORT = 1521))
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = wlocdbt1)
[oracle@rcwlo-oas admin]$ tnsping wlocdbt1
TNS Ping Utility for Linux: Version 9.0.1.4.0 - Production on 27-JAN-2010 12:13:23
Copyright (c) 1997 Oracle Corporation. All rights reserved.
Used parameter files:
/u01/app/oracle/product/904oas/infra/network/admin/sqlnet.ora
TNS-03505: Failed to resolve name
The rest are added and used by ldap so I would like to keep it consistent... Not sure how to add it...
Edited by: Jamie CC on Jan 27, 2010 9:13 AM -
My Apple ID is disabled and not for security reasons. Please help!
Apple won't give me any clear answer on what to do. I think it has something to do with my credit card but I honestly don't know. Anyone know how to fix this?
yeah and i'm not really getting a clear answer with them
-
I'm wondering how the "embedded group" feature works from an ACI point of view.
I've defined an ACI bades on groupdn = "ldap:///cn=group_A,ou=groups,dc....
If group_A is a static group containing group_B, it works fine if group_B it a static group that uses objectclass=groupofuniquenames and RDN = cn (I mean using uniquemember attribute is not enough).
If group_A is a static group containing group_B and group_B is dynamic - filter = (&(objeclass=person)(uid=testuser)) - it works fine too.
But - maybe I mis use the feature - : if group_A is a dynamic group containg - through filter = (&(objectclass=groupofuniquename)(cn=group_B)) - and group_B is either dynamic or static, it doesn't work.
Does it mean that dynamic groups used within ACI can only contain users and not groups or that the "embedded group" feature doesn't work with dynamic group concept unless the dynamic group is the last one of the chain and therefore contains users ?
I'm sure I don't understand something but I can't figure what.
Regards,
Christianismemberof only works for static groups.
My main objective so to use dynamic groups to setup some ACI.
eg: allow user w/ attribute gidNumber=400 full read/write.Have you considered using filtered roles ? -
My computer got infected with some terrible virus. I contacted the manufacturer and they said the only thing to do was wipe the whole thing. I could not back it up bec this mess?ause it would include the infection. I have been trying to recover the lost music from several different places. A friend tried to help me by putting all of his music on my computer from his external hard drive. That was very nice of him but now it is a terrible mess. The recovered songs are not grouped into albums correctly. Some albums are mixed - every other song is from the other album. Some songs are listed separately and not grouped as an album. I tried to ask iTunes to find album art work and it has been running that for over 48 hours. Is that possible? When I try to stop it I get a message that says I will lose all the data. I admit that I am not very tech. savvy and I really don't know what I am doing. It took me more than 20 years to make that collection and I am heart broken. Do you have any ideas about how I start to fix
Unfortunately you've discovered too late how important it is to maintain an up-to-date backup of your iTunes library (and all other data of value). You could, before wiping the drive, have considered making use of a commercial data recovery service that could (albeit at considerable cost) have extracted your library from the hard disk, even if virus infected.
In the absence of that option, you will need to restore the content of your library from its original sources:
Depending on your location, you may be able to re-download any iTunes Store purchases that are still available on the Store
Likewise, most digital purchases from Amazon (including auto-rip copies of purchased CDs) should be available from the Amazon Cloud and via the Amazon Music application - the same may be true of other commercial sources for digital downloads
Content imported from your CDs will have to imported again
The specific situation that you describe regarding the music imported from your friend's external HDD suggests that either the source is badly organized and/or originates from a source other than iTunes (other media players may use alternative tags for information like artist, title, album, etc. that are not wholly consistent with how iTunes handle these). Without details of the issues you're seeing it is difficult to suggest a remedy other than going through the media album-by-album, track-by-track, and correcting the inconsistencies.
In the absence of a backup or access to the original library data there is no option other than painstakingly recreating your library as described above. As you do so, you'll now realize how important creating and maintaining backups are - in my case I have at all times three separate duplicates of my library, in two different locations, where none is ever more than a week old compared to the content of my master library. -
Export/import login server and user grup security
Hi,
I followed the instructions to export Login server, user group
security using the ssoexp.csh, secexp.csh. Then I imported the
login server, and user group security using the ssoimp.csh,
secimp.csh .
I then logged into Portal and check the users, all the users are
imported properly. However, I didn't see any group that are
supposed to be imported. Do I missing anything?
The syntax to run the secimp is as follows:
secimp.csh -s portal30 -p portal30 -o portal30 -m reuse -d
sec.dmp -c target_database
The import finished w/o error. How can I see the groups in the
new portal instance that I tried to import objects in?
I noticed that the wwsec_group$ in the source area is over 3000,
and in the target the count is only 10, which is the number of
group I have before the import. But during the export, I don't
see the wwsec_group$ table being exported, is that the problem?
P.S. versions are: 9iAS 1.0.2, portal version 3.0.9.8 on solaris.
Thanks;
Kelly.This question is best suited to the Oracle9iAS SSO and Portal Security forum.
Thanks -
SQL Developer, Deploy Cloud Cart Status is at Approved for a long time and not moving forward i.e. not processing.
Please help.
Thanks
SrinivasHi Gustavo,
It appears your Service SFTP user was not created correctly. Please contact support and mention the fact that your Service SFTP user appears on Security/Users tab and not on Security/SFTP Users tab.
Vlad -
ASA LDAP authentication trouble
Hi,
I have a weird situation when using LDAP (MS AD) to authenticate logon to ASDM.
I've created the setup and map the ASAAdmin group membership to Privilege level 15. (see lines from config)
ldap attribute-map ADAuth
map-name memberOf Privilege-Level
map-value memberOf CN=ASAAdmin,CN=Users,DC=chapel,DC=orbdata,DC=com 15
It works fine when I login. See extract from the debugs:
[732] memberOf: value = CN=ASAAdmin,CN=Users,DC=chapel,DC=orbdata,DC=com
[732] mapped to Privilege-Level: value = 15
1 User-Name(1) 11 "zsolt.fejer"
2 User-Password(2) 8 (hidden)
3 AAA-AVP-Table(4243) 1993 "[C9][07][00][00],[00][00][00][B8][01][00][00][CF][01]"
4 Privilege Level(4316) 4 15
5 Privilege Level(4316) 4 0
6 Privilege Level(4316) 4 0
7 Privilege Level(4316) 4 0
8 Privilege Level(4316) 4 0
9 Privilege Level(4316) 4 0
10 Privilege Level(4316) 4 0
I'm authenticated and can work properly.
But when I try to login as Administrator (other users have the same issue), I get the message that the Privilege level is only 0 which isn't enough to start ASDM. The Administrator also member of the said group. See the extract from the debug.
user attributes:
1 User-Name(1) 13 "administrator"
2 User-Password(2) 9 (hidden)
3 AAA-AVP-Table(4243) 1925 "[85][07][00][00])[00][00][00][A0][01][00][00][B7][01]"
4 Privilege Level(4316) 4 0
5 Privilege Level(4316) 4 0
6 Privilege Level(4316) 4 0
7 Privilege Level(4316) 4 15
8 Privilege Level(4316) 4 0
9 Privilege Level(4316) 4 0
10 Privilege Level(4316) 4 0
11 Privilege Level(4316) 4 0
12 Privilege Level(4316) 4 0
13 Privilege Level(4316) 4 0
Also when I add myself to another more group I'm locked out of the ASDM.
Why does it happen? How can I prevent it?
Thanks!Hi Steve,
The admin user should have full read-only access to query/read the full directory/structure.
This is what you need to enable password change feature for VPN users on ASA.
LDAP configuration on ASA
aaa-server LDAP-AD protocol ldap
aaa-server LDAP-AD host server-port 636
ldap-base-dn
ldap-scope subtree
ldap-naming-attribute sAMAccountName
ldap-login-dn
ldap-login-password
ldap-over-ssl enable
server-type Microsoft
NOTE: This will only work with secure LDAP TCP 636
VPN configuration on ASA
tunnel-group DefaultWEBVPNGroup type remote-access
tunnel-group DefaultWEBVPNGroup general-attributes
authentication-server-group LDAP-AD
default-group-policy DfltGrpPolicy
password-management password-expire-in-days
Settings on the LDAP server
We can create a new user account with password settings "user must change password at next logon" or specific number of days whenever you allow users to change their password.
HTH
Regards,
JK -
OBIEE 11.1.1.5.0 LDAP group restriction @authentication
Hi all,
We have OBIEE 11.1.1.5.0 with LDAP authenticator... We want just one group @LDAP to login and other groups not authenticated .. What should we do ?Hi,
@weblogic Home >Summary of Security Realms >myrealm >Providers >LDAPAuthenticator>Provider Specific>Users
I tried something like :
All Users Filter:(&(memberOf=cn=LDAPGroupName,cn=Users,dc=xxxx,dc=yyy,dc=com))
User From Name Filter: (&(cn=%u)(objectclass=user))
the original was:
All Users Filter: (&(uid=*)(objectclass=person))
User From Name Filter: (&(uid=%u)(objectclass=person))
and restarted the server but it did not work ...
Maybe you are looking for
-
Is there someone can tell the status of my thinkpad T401 ?
I bought a thinkpad T401 in April 2011. But It had 3 problems in 3 month(fan, battery and Video) Last weekend, I received a box from Lenovo and I packed my laptop then sent it back. But now, I don't know the status of my laptop. I`m a PhD student all
-
Help please with capture / sequence settings for DVCAM PAL 16:9
Simple question but I'm baffled by choices for capture/sequence using FCP6 to capture 16:9 PAL DVCAM. Have tried esay set up (not enough options) and also sequence and capture settings manually too many options ) and always seem to end up with border
-
I recently had major issues with my Macbook Air and after several exchanges, I finally have a new and funcioning MBA. The only issue is I cannot login to the Itunes store account. Is there anyway without signing in to deauthorize my old computers. Ch
-
In pages, when I make a table, the lines print very faintly. Any ideas?
Hello: when I make a table in Pages, the table will not print well; the grid lines are very faint. I get the same result in Numbers. Any ideas?
-
Allow commenting in Adobe Reader
I am using Acrobat 6.0 with Windows XP and would like to enable commenting on the pdf for users who have only Adobe Reader. Is this possible?