LDAP attribute for user's last login time?

Similar Messages

• Sunone Messaging Server 6.1--How to list all mail user's last login time

  hi,i want to know how to list all the mail user's last login time.
  There are more than 100000 mailbox accounts on our mail server,
  i want to know which account is not used for more than 2 or 3 years.
  thanks.

  http://wikis.sun.com/display/CommSuite/imsconnutil
  Somchai.

• User Last Login Time

  I'm trying to use DS6 built-in functionality for tracking user's last login time. I created a new password policy and enabled pwdKeepLastAuthTime attribute. Then I tried signing into Access Manager.
  According to the documentation, an attribute pwdLastAuthTime should be added to the user entry, but it is not there.
  Any ideas how I can get this to work?

  Last login time is a feature provided with the new Directory Server password policy implementation introduced in DS 6 and is not part of the compatibility mode. Check the Directory Server password policy compatibility mode:
  $ dsconf get-server-prop ... | grep 'pwd-compat'
  pwd-compat-mode : DS5-compatible-mode
  The Directory Server password policy compatibility mode must be advanced past DS5-compatible-mode:
  $ ldapmodify ...
  dn: cn=Password Policy,cn=config
  changetype:modify
  replace:pwdkeeplastauthtime
  pwdkeeplastauthtime:TRUE
  modifying entry cn=Password Policy,cn=config
  ldap_modify: DSA is unwilling to perform
  ldap_modify: additional info: (Password Policy: modify policy entry) "pwdKeepLastAuthTime: TRUE" is not supported in server mode DS5-compatible-mode ("cn=config" pwdCompat: 0).
  $ dsconf pwd-compat ... to-DS6-migration-mode
  $ dsconf get-server-prop ... | grep 'pwd-compat'
  pwd-compat-mode : DS6-migration-mode
  Now it should work. If not, please try binding directly to the directory server as the user (e.g., do an ldapsearch as that user) and check the entry.

• Last login time of user

  Hi Friends,
  I wanted to know the name of dictionary view which keep the user login details iee. login date and time. I want to check that what was the last login time of user. So that if user has not logged in since 30 days then his acccount must be locked.
  Plz let me know if someone has any idea on this
  Regards
  Alok

  Hi Guys
  Thanks for your response. Let me more clear you what i m looking for.
  I have 100s of developers working with me. I keep on maintaining data which user is being used by whom. I am using product/project based username. I want to achieve the following.
  1) Find the users those are not using their login since X nos of days ie. to know who all are in use. Objective of this to know if any developer has swiched or quite from project.
  2)I will lock those account and notify those owner that account has been locked considering that they are not using.
  3)now these accounts can be allocated to some other developers on need basis.
  This will give me flaxibility of using my existing resource and better management.
  I hope i m clear with what all i need.
  Please suggest best way to do this :)
  Thanks a lot.
  Alok

• Oblix audit logs to track last login time in Sun DS

  Hi,
  I would like to use oblix audit logs to track last login time in Sun DS.
  Is there a straightforward procedure to do that other than parsing the logs and using custom script to update Sun DS.
  Please advice.
  Thanks.

  Hi,
  In OAM you can define your own plugins to run during the authentication (you include them in the relevant authentication schemes) - you could write one that updates the user profile of the logged-in user. You would be pretty much on your own, though, all that OAM would give you is the DN of the logged in user. You would need to include libraries that connect to ldap (or maybe the plugin could send a web service call) and perform the necessary attribute updates. Authn plugins are documented in the Developer Guide: http://docs.oracle.com/cd/E15217_01/doc.1014/e12491/authnapi.htm#BABDABCG (actually that's for 10.1.4.3).
  Regards,
  Colin

• Error - The attributes for user could not be determined

  When I login as a Buyer (with role ZTSX_EC_BBP_PURCHASER - copy of SAP_EC_BBP_PURCHASER), I get the foll. error while trying to Process Purchase Orders:
  The attributes for user could not be determined
  It does not happen on other transactions (like Sourcing or Issue POs).
  The buyer is in the org. plan and I have checked the attributes and they seem ok.
  What could be the issue ???
  Thanks
  -Bakulesh

  Hi
  <b>Please go through these links -></b>
  The attributes for user could not be determined --
  'Error in writing attributes' when using function tab
  Company code for system missing in user attributes
  BBP_POC not working in SRM 5.0
  Re: urgent: regarding ATTRIBUTES
  Regards
  - Atul

• Attribute for user contains errors. Inform system admin

  Hello,
  We've got an issue with shopping carts created by a user that was deleted from system. When trying to see in Monitoring Shopping Carts header or item details of a given sc. A web error occurs:
  The URL http://srp.srm.gruposalinas.com.mx:8000/sap/bc/gui/sap/its/bbpsc11/! was not called due to an error.
  Note
  The following error text was processed in the system SRP : Attribute for user contains errors. Inform system admin.
  The error occurred on the application server srm-pro_SRP_00 and in the work process 2 .
  The termination type was: TH_RES_FREE
  The ABAP call stack was:
  Form: OUTPUT_EXPRESS_MESSAGES of program SAPLBBP_SC_UI_ITS
  Form: EXTERNAL_SCREEN_DETERMINE of program SAPLBBP_SC_UI_ITS
  Module: EXTERNAL_SCREEN_DETERMINE of program SAPLBBP_SC_UI_ITS
  We've cheked SAP NOTE 312058-BBPPU99: Error: Attribute for ... is missing. Inform ...
  But it seems that none of the information applies to us, since this issue is only present for Shopping carts that were created by this deleted user.
  So we tried to re-assing one of this sc, chaning PARTNER_NO,ADDR_NR    
  ADDR NP data in table CRMD_PARTNER according to a new given user, but it didn't work. So we need to know how to re-assing this sc or perhaps how to find what specific attribute is missing.
  Any advice is welcome.
  Thanks in advance.

  Hi
  <b>Which SRM version are you using ? This is an SRM error message.</b>
  The manager role should be enough to change user attribute. The transaction is BBPATTRMAINT. Employee role should have BBPUM02 or BBPAT05 to change their own attribute.
  <u>Please check whether the User ID you are using to Log into BBP_PD (and seems to be assigned in the org structure also)is consistent and has no errors in tcode USERS_GEN.  You should check the user, it's not set up properly in USERS_GEN Transaction, Else repair the user.
  To maintain the user attributes you must have the Administrator role.. Your user should have role SAP_BBP-STAL_ADMINISTRATOR and be integrated in the org structure. your user must be integrated in SRM organizational structure. To see which attributes are missing, you can click on the user in PPOMA_BBP to see details, and go to last tab "Check". This will list all required attributes depending on used scenarios (so you may not require all of them). You can also use transaction BBP_ATTR_CHECK to check user's attributes for a particular scenario.</u>
  <b>Please go through the following links as well -></b>
  bbp_mon_sc attributes
  Re: FM for attribute's value assignation in PPOMA ?
  Note 751022 - Monitor Shopping Cart: Item deletion causes termination
  Re: User Settings are not saved
  Re: Not able to generate user users_gen
  Re: SRM organization plan...
  Re: User creation error
  <u>Hope this will definitely help. Do let me know.</u>
  Regards
  - Atul

• Re: check last login time

  Dear all,
  How to check the last login time in Sun Solaris 8. Any command or file that records it?
  Thanks,
  Joe

  Have a look at the man page for last?

• HOWTO: Control Printer Attributes for a Report at Run Time Reports 6i

  HOWTO: Control Printer Attributes for a Report at Run Time
  Like page width , height etc
  my problem is i had installed a printer and it is set for
  printing different reports ( like invoice slips , legal size ,
  A3 etc ) each time i have to manually set the page settup from
  printer folder .instead if there is an option to set the printer
  attributes from Reports 6i it is great
  rajesh

  All the Printer Setup(Page Height and Page Width) must be set in
  the Reprot Program. These can be set at the Layout-Main Section
  in the Object Navigator.
  hth

• The attributes for user could not be determined --

  Hi,
  Our is extended classic scenario:srm5.0 & ECC6.0
  we are getting the following error in the org plan:
  "The attributes for user could not be determined "
  The error is occuring , when we log into the web browser.
  we also have a error in the org plan, under the user at the check tab,"No attribute found for scenario BBP".
  when we run the BBP_ATTR_CHECK & BBP_BP_OM_Integrate, we have no errors...
  Thanks in advance,
  RK.

  Hi All,
  Thanks for your support...
  I check the T-code:BBP_ATTR_CHECK & BBP_BP_OM_INTEGRATE.
  I also checked the attributes for the CP are ok,still i had the error appearing in the WEB.
  The solution:
  The CP has been deleted from the org plan.
  Once again,we generated the users from USERS_GEN and assign CP to the org plan again at the same.Now the Attributes error is gone.... and the issue is resolved.
  Thanks and Regards,
  RK.

• Add a new attribute for user provisioining on SAP R3

  Hi,
  I want to add a new attribute for user provisioining on SAP R3.
  - I have added new attribute in Process form and Resource form
  - I think i need to add this attribute in lookup definition of SAP attributes also need to do mapping
  but i am not finding lookup definition of SAP attributes .
  What will be name of lookup definition of SAP attributes? (In case of AD, we have AtMap.AD).
  Can any body please help me?
  Thanks

  Hi,
  You cannot add custom fields and do provision or recon for it.I have opened the SR with Oracle and this facility will be available in 9.1. which is launching after 4 months.You need to request the source code and modify it to get the custom fields.
  Thanks

• Sql statement for retrieving the last update time of a table

  Hello all,
  Can somebody give me an example of sql statement for retrieving the last update time of an oracle table.
  Thank you
  Il

  Thanks for the fast replies. It works great when I test it as a sql statement but when trying to populate a datalist with it it raises the following exception:
  Exception Details: System.ArgumentException: SCN_TO_TIMESTAMP(MAX(ORA_ROWSCN is neither a DataColumn nor a DataRelation for table DefaultView
  Part of the Datalist Code:
  ItemTemplate>
  Line 12:             SCN_TO_TIMESTAMP(MAX(ORA_ROWSCN)):
  Line 13:             <asp:Label ID="SCN_TO_TIMESTAMP_MAX_ORA_ROWSCN__Label" runat="server" Text='<%# Eval("[SCN_TO_TIMESTAMP(MAX(ORA_ROWSCN))]") %>'>
  Line 14:             </asp:Label><br/>
  Line 15:             <br/>
  {code}
  Why is this happening? Any ideas?
  Il                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               

• LDAP connection for user attribute via webdynpro code

  Hello,
  Kindly help for below issue
  point1
  While connecting to LDAP exception of simple bind failed is coming. code is as below
            try {
                 Hashtable env = new Hashtable();
                 env.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
                 env.put("java.naming.provider.url", "ldap://10.77.16.220");
                 env.put("java.naming.security.authentication", "simple");
                 env.put(Context.SECURITY_PROTOCOL,"ssl");
                 env.put("java.naming.security.principal", "sapuser");
                 env.put("java.naming.security.credentials", "voda@12345");
                 DirContext ctx;
                 ctx = new InitialDirContext(env);
                 // Create search controls
                 SearchControls controls = new SearchControls();
                 controls.setCountLimit(0);
                 controls.setTimeLimit(0);
                 controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
                 // Create filter
                 String filter = "(sAMAccountName= *)";
                 // Run search
                 NamingEnumeration results = ctx.search("OU=OUs,DC=mycomp,DC=com", filter, controls);
                 //wdComponentAPI.getMessageManager().reportSuccess(results);
            } catch (NamingException e) {
                 // TODO Auto-generated catch block
                 //e.printStackTrace();
                 wdComponentAPI.getMessageManager().reportSuccess(e.getMessage());
  point 2
  is there any method available in this API to reset pasword of user in LDAP ?
  thank you in advance
  B

  Hello,
  If you need this info, you will have to create a password policy that log last logon time.
  But be carefull with this function, it can create a lot of cpu load.
  <http://docs.sun.com/app/docs/doc/820-4809/fhkrj?l=en&n=1&a=view>
  Regards
  Eric.

• Problem with LDAP authentication for users in a group

  I've gone through several forums attempting to find a solution, but I still can't get authentication to work for users in a particular group within AD. Our ASA is running 9.1(2), and the domain controller is a Windows Server 2012 R2.
  I can configure the VPN connection, so that all users can authenticate just fine; however, when I setup the group, there appears to be success, but I'm reprompted to authenticate, and it eventually fails:
  [6707]  memberOf: value = CN=VPN Access,OU=COMPANY Groups,DC=COMPANY,DC=com
  [6707]          mapped to IETF-Radius-Class: value = GroupPolicy_COMPANY_SSL_VPN
  [6707]          mapped to LDAP-Class: value = GroupPolicy_COMPANY_SSL_VPN
  [6707]  msNPAllowDialin: value = TRUE
  I'd be grateful if anyone can point me into the right direction and show me what I'm doing wrong. Thank you.
  ldap attribute-map AuthUsers
    map-name  memberOf IETF-Radius-Class
    map-value memberOf "CN=VPN Access,OU=COMPANY Groups,DC=COMPANY,DC=com" GroupPolicy_COMPANY_SSL_VPN
  aaa-server LDAP protocol ldap
  aaa-server LDAP (COMPANY_PROD_INTERNAL) host 10.10.100.110
   ldap-base-dn DC=COMPANY,DC=com
   ldap-scope subtree
   ldap-naming-attribute sAMAccountName
   ldap-login-password *****
   ldap-login-dn CN=LDAPAuth,CN=Users,DC=COMPANY,DC=com
   server-type microsoft
   ldap-attribute-map AuthUsers
  group-policy NOACCESS internal
  group-policy NOACCESS attributes
   vpn-simultaneous-logins 0
   vpn-tunnel-protocol ikev1 ssl-client ssl-clientless
   webvpn
    anyconnect ask none default anyconnect
  group-policy GroupPolicy_COMPANY_SSL_VPN internal
  group-policy GroupPolicy_COMPANY_SSL_VPN attributes
   wins-server none
   dns-server value 10.10.100.102
   vpn-tunnel-protocol ikev1 ikev2 ssl-client
   split-tunnel-policy tunnelspecified
   split-tunnel-network-list value SPLIT-TUNNEL
   default-domain value net.COMPANY.com
   webvpn
    anyconnect profiles value COMPANY_SSL_VPN_client_profile type user
  tunnel-group COMPANY_SSL_VPN type remote-access
  tunnel-group COMPANY_SSL_VPN general-attributes
   address-pool COMPANY-SSL-VPN-POOL
   authentication-server-group LDAP
   authorization-server-group LDAP
   authorization-server-group (COMPANY_PROD_INTERNAL) LDAP
   default-group-policy NOACCESS
   authorization-required
  tunnel-group COMPANY_SSL_VPN webvpn-attributes
   group-alias COMPANY_SSL_VPN enable
  tunnel-group COMPANY_SSL_VPN ipsec-attributes
   ikev1 pre-shared-key *****

  I just figured it out. Under "group-policy GroupPolicy_COMPANY_SSL_VPN attributes", I had to add "vpn-simultaneous-logins 15". Apparently, it was using the value "vpn-simultaneous-logins 0" under the NOACCESS group policy.

• CSV file for users who have one-time password email address

  Hi Guys,
  I am trying to extract the list of users who have one-time password email address in FIM or users who have registered with one-time password reset authentication workflow. I need to get their email addresses in CSV file.
  Regards
  Sarwar
  Sarwar

  Take a look at:
  http://social.technet.microsoft.com/wiki/contents/articles/3616.how-to-use-powershell-to-export-all-users-who-have-registered-for-self-service-password-reset-sspr.aspx
  The script queries a WorkFlow called "Password Reset AuthN Workflow" and returns its ObjectID, then uses it to do a new query searching for "Users" with these parameters:
  AuthN WorkFlow Registered = ObjectID of "Password Reset AuthN Workflow"
  The script exports these details to a CSV.
  Also, all OTP email addresses should be stored in the "msidmOneTimePasswordEmailAddress" attribute in the FIM Portal.