LDAP Integration
Background:
The most recent Novell eDirectory has something called LUM (Linux User Management) that automatically manages UNIX attributes for login. With some simple attribute mappings we have authentication working. All in all, configuring our first workstation took 10 minutes with no schema extensions or anything. Obviously we are missing workgroup manager... so not finished yet
We have a login script that creates a profile and assigns permissions. In the GUI everything appears to be correct with the correct User and Group ownerships. However in the console File System rights show the numeric GID and not the alphanumeric translation from LDAP. The translation works for user in both GUI and console. Anyone any idea what we missed?
Thanks for your help
Chris
Hi Adam,
We ran in to the same scenario, and had to get a custom SSO event delivered by nS professional services. It's a bit of a pain, as samAccountName can be duplicated across different domains.
We set our BindDN in our LDAP configuration to be the parent domain; and our SSO event does the rest. Buzz me if you'd like to discuss any further!
Cheers,
Ant
Similar Messages
-
Current State:
• I have a customer running CUCM 6.1 and UCCX 7.01SR5. Currently their CUCM is *NOT* LDAP integrated and using local accounts only. UCCX is AXL integrated to CUCM as usual and is pulling users from CUCM and using CUCM for login validation for CAD.
• The local user accounts in CUCM currently match the naming format in active directory (John Smith in CUCM is jsmith and John Smith is jsmith in AD)
Goal:
• Upgrade software versions and migrate to new hardware for UCCX
• LDAP integrate the CUCM users
Desired Future State and Proposed Upgrade Method
Using the UCCX Pre Upgrade Tool (PUT), backup the current UCCX 7.01 server.
Then during a weekend maintenance window……
• Upgrade the CUCM cluster from 6.1 to 8.0 in 2 step process
• Integrate the CUCM cluster to corporate active directory (LDAP) - sync the same users that were present before, associate with physical phones, select the same ACD/UCCX line under the users settings as before
• Then build UCCX 8.0 server on new hardware and stop at the initial setup stage
• Restore the data from the UCCX PUT tool
• Continue setup per documentation
At this point does UCCX see these agents as the same as they were before?
Is the historical reporting data the same with regards to agent John Smith (local CUCM user) from last week and agent John Smith (LDAP imported CUCM user) from this week ?
I have the feeling that UCCX will see the agents as different almost as if there is a unique identifier that's used in addition to the simple user name.
We can simplify this question along these lines
Starting at the beginning with CUCM 6.1 (local users) and UCCX 7.01. Let's say the customer decided to LDAP integrate the CUCM users and not upgrade any software.
If I follow the same steps with re-associating the users to devices and selecting the ACD/UCCX extension, what happens?
I would guess that UCCX would see all the users it knew about get deleted (making them inactive agents) and the see a whole group of new agents get created.
What would historical reporting show in this case? A set of old agents and a set of new agents treated differently?
Has anyone run into this before?
Is my goal possible while keeping the agent configuration and HR data as it was before?I was doing some more research looking at the DB schema for UCCX 8.
Looking at the Resource table in UCCX, it looks like there is primary key that represents each user.
My question, is this key replicated from CUCM or created locally when the user is imported into UCCX?
How does UCCX determine if user account jsmith in CUCM, when it’s a local account, is different than user account jsmith in CUCM that is LDAP imported?
Would it be possible (with TAC's help most likely) to edit this field back to the previous values so that AQM and historical reporting would think the user accounts are the same?
Database table name: Resource
The Unified CCX system creates a new record in the Resource table when the Unified CCX system retrieves agent information from the Unified CM.
A Resource record contains information about the resource (agent). One such record exists for each active and inactive resource. When a resource is deleted, the old record is flagged as inactive; when a resource is updated, a new record is created and the old one is flagged as inactive. -
Enterprise Portal - MDM - LDAP integration
We are succesfully able to integrate Portal to MDM with a trusted connection and with portal users existing in LDAP and mdm users existing in MDM console.
We also successfully integrated MDM with LDAP so that we dont have to store users in console, but manage them in LDAP. But once we did the LDAP integration, portal to MDM connection was lost saying mdm user details could not be retrieved.
Has anybody faced this issue? what key steps to taken care during MDM-LDAP integration.Hi goerge,
When ever we integrate MDM with LDAP, we need to make a setting in MDS.ini file.
Please check the "User Identifier" setting in MDS.ini file.
Typically this should be The name of the LDAP id field which will match the value the user provides as the Username at logon.
Make the entry in MDS.ini like User Identifier = cn or SamAccountName.
If that is done, please verify other parameters corresponding to LDAP in MDS.ini as per the table 91 in Page no 291 in MDM Console referece guide.
Or refer to the SAP note 1635338 for reference which is pointing to same issue.
This should solve your problem.
Regards,
Sravan -
LDAP Integration with CUCM 9.0
We would like to use LDAP to sync all of our users from Active Directory. All of our current CM Users are local, the problem is that they have the same user names as our Active Directory users. From what I understand this is going to be a problem because:
"If accounts from LDAP match an existing Unified CM account that is not marked as an LDAP synchronized account, then these accounts are ignored."
Does that mean we will have to delete all our existing CM users in order to sync the LDAP users correctly? Is there a best practice for this? Once we syncronize the LDAP users how to I ensure that the user gets associated with the proper phone? Or do I have to visit each user individually?I just did a quick test for this, my lab CUCM 9 is already LDAP integrated, but I created a local user, then I created that same local user in my LDAP OU, and performed a full sync.
The user is no longer showing as a local active user, but as an active LDAP synchronized user.
Which was my thought, there's only one conversion, from LDAP to local.
The behavior is just as with any previous release, local users who match an LDAP user after you enable it, are just updated, and kept with all their configurations.
I checked the option to turn it back again into a local user, did a full sync, and it's again an active LDAP user.
HTH
java
if this helps, please rate
www.cisco.com/go/pdihelpdesk -
Hello,
I have a question about the LDAP integration with the ISE:
Since the ISE has a limitation of reading only 100 groups, I cannot find the groups that I need to use on the authorization, and also the ISE cannot find group if I search for it directly.
What I mean here, that I can fetch the first 100 groups from the top of the directory, but when I search as example for any group (appear on the list or not) the ISE did not find it.
Even I tried to change the base DN and the search DN but without luck.
The ISE version is 1.1.4 installed on VM and the LDAP schema is AD.
Is there any missing information/tips required in such integration?Hello,
I found a cisco doc that provides resolution of Key Features of Integration of Cisco ISE and LDAP .I hope this helps!
This section contains the following:
•Directory Service
•Multiple LDAP Instances
•Failover
•LDAP Connection Management
•User Authentication
•Authentication Using LDAP
•Binding Errors
•User Lookup
•MAC Address Lookup
•Group Membership Information Retrieval
•Attributes Retrieval
•Certificate Retrieval
http://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_man_id_stores.html#wp1059913 -
Hi,
We have integrated MDM with LDAP, by creating LDAP Roles & mapping them with MDM Roles. We are having log entries for Admin user for all repositories after every 10 milli-seconds. Any idea why these entries, how to stop this?
2010-03-03T22:56:22.978,1096 ,23,"Log-on failure: LDAP Error, userName = Admin User not found",MDSPublicServer@AuthorizeSessionForRepository,CatMgrDatabase.cpp,1866,,,1155,Admin,REPO 1<dbserver\DEV [SQL_Server]>,,,
2010-03-03T22:56:22.994,1096 ,14,"GetUserInfo: Unspecified Exit Point",Horizontal@LDAP,<file not specified>,,GetUserInfo,,1155,Admin,REPO1 <dbserver\DEV [SQL_Server]>,End,,
Thanks,
KetanKetan,
Please refer this document for MDM LDAP Integration Process Step by Step,
http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/8054d5e1-1000-2c10-a09e-a168973f74b5?quicklink=index&overridelayout=true
Also refer SAP Notes, Note 1279785 - LDAP users connect to MDM with Fallback setting
Note 1096642 - Check-in/out does not work with LDAP user authentication
Hope it helps...
Thanks and Regards,
Mandeep Saini -
CM 7.1 LDAP integration not updating
I have an LDAP integration that worked at 1 time to import all the users but now when I make a change to a user in AD, it never gets to CM. The sync process seems to just sit there and the only option is to "Cancel Sync". I can update the LDAP fields without error so the user/pass and search space all appear t obe correct. I have looked for issues online but cant find anything to matches this issue, they are usually a search base issue.
I'm facing the same problem.
I have set up a lab for LDAP integration and after setting up for the first time worked but one user that exists on CUCM and do not exists on AD was flaged as active i decided to remake ldap settings after that nothing works anymore, it sayd that users are active even if they do not exist on AD.
If i add a new ldap directory does not sync and users are not added.
Any idea?
already restarted server...no joy -
We are creating a custom LDAP integration to replace the deprecated one in the application. We have all of our remote container services on a separate server from the slave server(s). Do we have to install the custom assemblies on the remote container server and if so what directories? The documentation in the EP says to only install into the bin directories of the web applications. Thanks.
Yes, put it in the same directory as the RemotingContainer.exe file.
-
CUBAC Enable external LDAP integration
Hi,
I've client where Attendant is seeing the User's Home Phone number. Customer's requirement is to show the Mobile and IP Phone extension.
To me it seems they aren't synchronizing with CUCM but directly with Microsoft AD. Enable external LDAP integration is checked and greyed out.
Is my doubt correct, the client is pulling the Phone information from AD directly?
How can I uncheck the External LDAP Integration checkbox, do I need to rerun the setup or LDAPServer.exe to do it? Would there be any loss of configuration?
If Customer wants to continue pulling the info from MS AD directly, can I add some kind of filters in CUBAC not to pick up Home phone field but Mobile Phone and IP Phone extension if those fields are populated?
CUBAC version is 3.1.8
Thanks,
inner_silenceHi Madhav,
See inline COMMENTS (below)
Bala
"madhav" <[email protected]> wrote:
>
Hi,
Context:
I'm using SunOne Directory server as the External LDAP server for my
application.
Q1 ) My understanding is that the default providers provided by Weblogic
communicate
ONLY with the embedded LDAP server. Is this understanding correct? That
means
if I'm integrating with the external LDAP server, I need to have custom
implementation
for ALL the providers ( i.e Authentication Provider, Authorization provider,
IDentity
Assertion Provider, RoleMapper , Credential Mapper etc). COMMENTS :
Your understading is correct. (for Authentication, Autherization, RoleMapper,
CredentialMapper). But you dont need to create custom implementation for all providers.
You can plug and play OR stack providers in the default realm (myrealm). Or you
can create your own realm and still can add the weblogic OOTB providers, wherever
you dont want to implement custom providers. OOTB BEA provides an Authentication
provider which can integrate with 3rd party Directory Servers (see http://e-docs.bea.com/wls/docs81/secmanage/providers.html#1172008
for more info). But if you wish to perform other services like Authorization,
CredentialMapping, RoleMapping with external LDAP providers, then YES you have
to write custom providers.
>
Q2) Or is there a way I can configure the weblogic to communicate with
an External
LDAP server so that I can use the default providers i.e when I invoke
request.isUserInRole(....),
the look up should be on the external LDAP NOT the internal LDAP.COMMENTS :
No the default providers are written to look up the Embeded LDAP. But writing
a provider is well documented (see http://e-docs.bea.com/wls/docs81/dvspisec/index.html
more info)
>
Regards,
Madhav -
LDAP integration - "LDAP Import adapter warning: No LDAP entry was defined"
Hi,
I am trying to integrate ETPM with LDAP (Microsoft AD). I have successfully connected Weblogic and can see the AD users there; I followed the instructions in the "Oracle Utilities Application Framework Administartion User's Guide" on how to integrate with LDAP:
1) I defined the JNDI server
2) I created a mapping file as described
3) registered the file within XAIParameterInfo.xml and MPLParamaterInfo
WHen i try to import users via the LDAP Import menu the reponse is empty, in the logs I see the following message: "LDAP Import adapter warning: No LDAP entry was defined". Does anybody have had similar issues and maybe a solution to this issue?
My versions:
Customer Release V4.1.0 000 000
Oracle Enterprise Taxation Management V2.3.1.1.0 001 001
Oracle Utilities Application Framework V4.1.0.1.0 001 000
My assumption is there is something wrong with the config, as all other connection (including the one from Weblogic) are successful.
I appreciate any feedback on this.
Best regards,
SebastianWould have liked to post an update in my other post, but that one is locked. I found so many problems with the LDAP integration but eventually managed. If anyone runs into similar issues, here is what you need to check:
1) AD admin user password - is limited to 8 characters (nowhere mentioned in the docs!!!)
2) Be careful using cases; do NOT rely on the documentation, it is wrong! here is a sample ldapdef.xml (I highlighted the changes you need to make in comparison to the documentation):
<LDAPEntries>
<LDAPEntry name="User" baseDN="CN=Users,DC=yourdomain,DC=com" cdxEntity="User" searchFilter="(&(objectClass=user)(name=%searchParm%))">
<LDAPCDXAttrMappings>
<LDAPCDXAttrMapping ldapAttr="name" cdxName="*user*" />
<LDAPCDXAttrMapping cdxName="LanguageCode" default="ENG" />
<LDAPCDXAttrMapping cdxName="FirstName" default="fn1" />
<LDAPCDXAttrMapping cdxName="LastName" default="fn2" />
<LDAPCDXAttrMapping cdxName="DisplayProfileCode" default="NORTHAM" />
<LDAPCDXAttrMapping cdxName="ToDoEntries" default="1" />
<LDAPCDXAttrMapping cdxName="TD_ENTRY_AGE_DAYS2" default="12" />
</LDAPCDXAttrMappings>
<LDAPEntryLinks>
<LDAPEntryLink linkedToLDAPEntity="Group" linkingLDAPAttr="memberOf" />
</LDAPEntryLinks>
</LDAPEntry>
<LDAPEntry name="Group" baseDN="OU=Groups,OU=yourgroup,DC=yourdomain,DC=com" cdxEntity="*Group*" searchFilter="(&(objectClass=group)(name=%searchParm%))">
<LDAPCDXAttrMappings>
<LDAPCDXAttrMapping ldapAttr="name" cdxName="*group*" />
<LDAPCDXAttrMapping ldapAttr="description" cdxName="Description" default="Unknown" />
</LDAPCDXAttrMappings>
<LDAPEntryLinks>
<LDAPEntryLink linkedToLDAPEntity="User" linkingSearchFilter="(&(objectClass=user)(memberOf=%distinguishedName%))" linkingSearchScope="onelevel" />
</LDAPEntryLinks>
</LDAPEntry>
</LDAPEntries>
Oracle OUAF, update your documentation, please.
Regards,
Seb -
COBRAS Import for Unity Connection 8.5 and Subscriber LDAP Integration Status
Using COBRAS Import for Unity Connection 1.1 Build 212 with Unity 4.2 Voicemail Only and Connection 8.5(1)SU1 with LDAP Directory Integration
When I run COBRAS the old alias matches the new alias and my desire is for subscribers being moved to be LDAP inegrated. However after COBRAS runs, the radio box for LDAP Integration Status on the subscriber is set to Do Not Integrate with LDAP Directory. Is there a way for COBRAS to select Integrate with LDAP Directory when the alias matches on LDAP?Hi ben,
If you are just importing from and not authenticating against LDAP, then the PIN comes
from the Connection Template you used to build the users;
Note that no passwords or PINs are copied from the LDAP directory to the Connection database. If
you want Connection users to authenticate against the LDAP directory, see the “LDAP
Authentication” section on page 9-7.
http://www.cisco.com/en/US/docs/voice_ip_comm/connection/8x/design/guide/8xcucdg040.html
Cheers!
Rob
"Show a little faith, there's magic in the night" - Springsteen -
We are doing an LDAP integration with ISE but we are getting following error. We are not able to identiry the problem when we tested the following scenirios.
1. When we check with Anonymous access we are successful and we get the message “ Bind Successful to gluetest.systems.XXXX:3269”
2. When we use the user name and password CN=GRHIIISEPOC,OU=,XXXX, DC=YYYY, DC=ADROOTTEST,DC=YYYY. We are not successful and we get the message “ Test Failed: Invalid Admin Credentials or Security Settings: Check Admin Username and Password and make the security settings are compatible with the server:”
Please confirm is the user id what i am using is not having an admin preveliages or i am entered the parameters correctly.
ThanksDid you use softerra or an ldap browser to pull the dn of this user account.
Thanks
Sent from Cisco Technical Support Android App -
Cannot start BI services after configuring LDAP integration
Hi all,
After configuring LDAP integration with OBIEE , I have stopped all BI services and started again. It throws following error:
<Nov 24, 2012 2:05:16 PM AST> <Error> <Security> <BEA-090892> <The loading of OPSS java security policy provider failed due to exception, see th
ption stack trace or the server log file for root cause. If still see no obvious cause, enable the debug flag -Djava.security.debug=jpspolicy to
ore information. Error message: oracle.security.jps.JpsException: [PolicyUtil] Exception while getting default policy Provider>
<Nov 24, 2012 2:05:16 PM AST> <Critical> <WebLogicServer> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializatio
tion: The loading of OPSS java security policy provider failed due to exception, see the exception stack trace or the server log file for root c
If still see no obvious cause, enable the debug flag -Djava.security.debug=jpspolicy to get more information. Error message: oracle.security.jps
ception: [PolicyUtil] Exception while getting default policy Provider
weblogic.security.SecurityInitializationException: The loading of OPSS java security policy provider failed due to exception, see the exception
trace or the server log file for root cause. If still see no obvious cause, enable the debug flag -Djava.security.debug=jpspolicy to get more in
ion. Error message: oracle.security.jps.JpsException: [PolicyUtil] Exception while getting default policy Provider
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadOPSSPolicy(CommonSecurityServiceManagerDelegateImpl.java:1398)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1018)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
Truncated. see log file for complete stacktrace
Caused By: oracle.security.jps.JpsRuntimeException: oracle.security.jps.JpsException: [PolicyUtil] Exception while getting default policy Provid
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:293)
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:284)
at oracle.security.jps.internal.policystore.JavaPolicyProvider.<init>(JavaPolicyProvider.java:270)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
Truncated. see log file for complete stacktrace
Caused By: oracle.security.jps.JpsException: [PolicyUtil] Exception while getting default policy Provider
at oracle.security.jps.internal.policystore.PolicyUtil.getDefaultPolicyStore(PolicyUtil.java:899)
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:291)
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:284)
at oracle.security.jps.internal.policystore.JavaPolicyProvider.<init>(JavaPolicyProvider.java:270)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
Truncated. see log file for complete stacktrace
Caused By: java.security.PrivilegedActionException: oracle.security.jps.JpsException: [PolicyUtil] Unable to obtain default JPS Context!
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.internal.policystore.PolicyUtil.getDefaultPolicyStore(PolicyUtil.java:844)
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:291)
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:284)
at oracle.security.jps.internal.policystore.JavaPolicyProvider.<init>(JavaPolicyProvider.java:270)
Truncated. see log file for complete stacktrace
Caused By: oracle.security.jps.JpsException: [PolicyUtil] Unable to obtain default JPS Context!
at oracle.security.jps.internal.policystore.PolicyUtil$1.run(PolicyUtil.java:860)
at oracle.security.jps.internal.policystore.PolicyUtil$1.run(PolicyUtil.java:844)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.internal.policystore.PolicyUtil.getDefaultPolicyStore(PolicyUtil.java:844)
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:291)
Truncated. see log file for complete stacktrace
Caused By: oracle.security.jps.service.idstore.IdentityStoreException: JPS-00056: Failed to create identity store service instance idstore.ldap.
er:idstore.ldap. Reason: oracle.security.jps.JpsRuntimeException: JPS-00027: internal error You configured a generic WLS LDAPAuthenticator.
The identity store type cannot be determined. Please choose an LDAP Authentication provider that matches your LDAP server.
at oracle.security.jps.internal.idstore.ldap.LdapIdentityStoreProvider.getIdStoreConfig(LdapIdentityStoreProvider.java:195)
at oracle.security.jps.internal.idstore.ldap.LdapIdentityStoreProvider.access$300(LdapIdentityStoreProvider.java:70)
at oracle.security.jps.internal.idstore.ldap.LdapIdentityStoreProvider$NoLibOvd.getInstance(LdapIdentityStoreProvider.java:242)
at oracle.security.jps.internal.idstore.ldap.LdapIdentityStoreProvider.getInstance(LdapIdentityStoreProvider.java:114)
at oracle.security.jps.internal.idstore.ldap.LdapIdentityStoreProvider.getInstance(LdapIdentityStoreProvider.java:70)
Truncated. see log file for complete stacktrace
>
<Nov 24, 2012 2:05:16 PM AST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FAILED>
<Nov 24, 2012 2:05:16 PM AST> <Error> <WebLogicServer> <BEA-000383> <A critical service failed. The server will shut itself down>
<Nov 24, 2012 2:05:16 PM AST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>
D:\OraHome\Middlleware>I was not able to login to console since admin server not getting started.
Kindly help me to overcome this issue.
Thanks,
HareeThanks for the reply Veeravalli.
I have stoped the services and delete the config.lok file then edited the config.xml file under *%MW_HOME%\user_projects\domains\bifoundation_domain\config* . Then started the BI services. Now its working fine.
Thanks,
Haree -
Jabber for Windows - without LDAP integrated with CUCM Jabber UDS - NO PEOPLE CAN SEARCH
Hi all Jabber Experts,
I have the CUCM, which is the versin 8.6 and the Presence Server, which is the version 8.6, that is not integrated the LDAP, but I want to deploy the Jabber for Windows.
So I would use the UDS to deploy the Jabber for Windows (modified the XML and uploaded to the CUCM TFTP server).
Finally, that can login the users, which is manually added from CUCM.
But I cannot search other users from the Bubby List. Any idea for that?First of all, either you use CUCM 8.6 with CUPS 8.6, or you use CUCM 9.1 with IM&P 9.1, what you're mentioning is just impossible as they're not compatible and that's not supported.
HTH
java
if this helps, please rate
www.cisco.com/go/pdihelpdesk -
Hi Experts,
I am new to ADF Development, and trying to implement LDAP in my application. As per some forums i am using ADF Security. I have modified my WebLogic server, myrealm with LDAP details and added below mentioned codes in JPS-Config.xml file:
<serviceProvider type="IDENTITY_STORE" name="idstore.ldap.provider"" class="oracle.security.jps.internal.idstore.ldap.LdapIdentityStoreProvider">
<description>LDAP-based IdentityStore Provider</description>
</serviceProvider>
<serviceInstance name=idstore.ldap provider=idstore.ldap.provider>
<property name=idstore.config.provider value=oracle.security.jps.wls.internal.idstore.WlsLdapIdStoreConfigProvider/>
<property name=CONNECTION_POOL_CLASS value=oracle.security.idm.providers.stdldap.JNDIPool/>
<property name="username.attr" value="userPrincipalName"/>
<property name="user.login.attr" value="userPrincipalName"/>
<property name="virtualize" value="true" />
<property name="ldap.url" value="directory.corp"/>
<property name="idstore.type" value="ACTIVE_DIRECTORY"/>
</serviceInstance>
<serviceInstanceRef ref="idstore.ldap"/>
But i am not able to see Identity store menu option in the left pane of Configure ADF Security window. Could you please help me to fix this issue. Thanks in advance
I am using jDev 11g
Please find the below link for Configure ADF Security window
http://4.bp.blogspot.com/_earSixbe3dw/SUbg7OWLCQI/AAAAAAAAB-4/Fos2I5eBxWM/s1600-h/adf_sec_6.pnghttp://mahmoudoracle.blogspot.ca/2012/02/adf-integration-with-ldap.html#.UcCxHPm1GSo
http://biemond.blogspot.ca/2008/12/using-weblogic-provider-as.html -
SLD error after LDAP integration
Hello All,
I integrated Corporate LDAP with EP 7.0 ,after that I have SLD error when I click on the ESS tab which says:
Caused by: com.sap.tc.webdynpro.services.exceptions.WDRuntimeException: Failed to resolve JCO destination name 'SAP_R3_SelfServiceGenerics' in the SLD. No such JCO destination is defined in the SLD.
When I go to content Admin->Webdynpro ,the SLD service is stopped and the 'Maintain Jco's' tab is greyed out.
This keeps on happening regularly.
When I go to the SLD log it says 'Server certificate rejected by ChainVerfier' ,I wonder if we need to implement SSL when we have the turned LDAP on.
Any help would be really appreciated
ThanksHi Subhash,
I think u didnt configure your SLD properly.
open this link
Configuring SLD in Sneak Preview SAP NetWeaver '04 Sneak
which gives the porcedure to configure SLD
for JCO destinations
http://help.sap.com/saphelp_nw04/helpdata/en/77/931440a1c32402e10000000a1550b0/frameset.htm
Administration manual->server administration->Administration/Configuration of Web Dynpro Runtime Environment ->Web Dynpro Content Administrator
rgds
srinivas
Maybe you are looking for
-
"Refresh after" insert fails for DB-View with INSTEAD OF Triggers
Hi, I have a database view with INSTEAD OF triggers defined for INSERT, UPDATE, DELETE. For some EO attributes the refresh after insert and update is defined. Posting to database fails. According to Database 9.2 Manual and a previous thread (BC4J and
-
Built in Factetime HD Camera not working after SSD upgrade
Hey guys, So I went ahead and removed my optical drive and replaced it with a 2nd drive caddy bay and an SSD. I've rechecked all my wiring and everything twice and disconnected everything and reconnected it to make sure it's all correct, and it is. H
-
Scope for data warehousing ETL Tool
Hi all can anybody explain scope for data warehousing ETL Tool for oracle developer in future this is ok or.. regards Message was edited by: 174313
-
Hi, I am running a report on reports 6i, i have to print this report on legal size paper. i have set the main section width 20 and height 20 and as well as report width 120 report height 80 i set. but when iam running its fine but when iam printing t
-
Which settings are relevant that a product is planned in SCM?
Some products should be planned in APO. Therefore a MRP type ZX is created in the ERP customizing. There is a field called planning method in the customizing for the MRP type. This field has the value 1, which means planned by external system. Are th