Link b/w orclIsEnabled on OID and portal API calls wwsec_api.activate_user
Hi Folks,
I am just curious about the account status on OID and access on portal user profiles.
Is account activation or deactivation in OAS portal (using wwsec_api.activate_portal_user/ deactivate_portal_user calls) related to the OID enable/ disable of an account using orclIsEnabled field?
i think the portal api calls control the portal access in the wwsec_person$ tables. but does it also reflect on to the orclIsEnabled field?
any guidance will be highly appreciated!
AMN
I'm not 100% positive but I do not think the portal account activation/deactivation calls change the orclIsEnabled attribute in OID since there are times when a user in OID may still be enabled for SSO purposes but that same user may be deactivated as a portal user.
Similar Messages
-
OiD and Portal Integration (WWC-41400)
Outside of the steps below what can be done to integrate Portal and OiD ?
Thanks in Advance !
This is a new install of Oid and Portal.
Portal is installed using ias10221 in a 8.1.7.2 database on Sun Solaris 2.7 w/patches.
Used Configuring Oracle 9iASPortal for LDAP Authentication. White Paper.
December 2000. To defined OID/Portal steps.
I've reviewed
Note: 133123.1 WWC-41400 trying to login to Portal using LDAP authentication
http://otn.oracle.com/products/iportal/htdocs/portal_faq.htm selecting from dba_libraries shows these items.
PORTAL30_SSO AUTH_EXT
/u01/app/oracle/product/8.1.7.2/lib/ssoxldap.so
Y VALID
SYS AUTH_EXT
/u01/app/oracle/product/8.1.7.2/lib/ssoxldap.so
Y VALID
PORTAL30 AUTH_EXT
/u01/app/oracle/product/8.1.7.2/lib/ssoxldap.so
Y VALID
The file exists:
-rw-r--r-- 1 oracle dba 8324 Dec 5 14:37
/u01/app/oracle/product/8.1.7.2/lib/ssoxldap.so
cmrapp:/ >echo $TNS_ADMIN
/u01/app/oracle/product/8.1.7.2/network/admin
cmrapp:/ >tnsping extproc_connection_data
TNS Ping Utility for Solaris: Version 8.1.7.2.0 - Production on 10-DEC-2001
(c) Copyright 1997 Oracle Corporation. All rights reserved.
Attempting to contact (ADDRESS=(PROTOCOL=IPC)(KEY=extprocO))
OK (30 msec)
Here is the listener.ora
LISTENER2 =
(DESCRIPTION_LIST =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = cmrapp.ssd.census.gov)(PORT = 1526))
(DESCRIPTION =
(ADDRESS = (PROTOCOL = IPC)(KEY = extprocO))
SID_LIST_LISTENER =
(SID_LIST =
(SID_DESC =
(PROGRAM = extprocO)
(SID_NAME = PLSExtProc)
(ORACLE_HOME = /u01/app/oracle/product/8.1.7.2)
(ENVS =
'LD_LIBRARY_PATH=/u01/app/oracle/product/8.1.7.2/ctx/lib:/u01/app/oracle/product/8.1.7.2/lib:/u01/app/oracle/product/8.1.7.2/bin:/u01/app/oracle/product/8.1.7.2/ctx/bin')
(SID_DESC =
(GLOBAL_DBNAME = oiddev)
(ORACLE_HOME = /u01/app/oracle/product/8.1.7.2)
(ENVS = 'TNS_ADMIN=/u01/app/oracle/product/8.1.7.2/network/admin')
(SID_NAME = oiddev)
TNS_ADMIN is set to /u01/app/oracle/product/8.1.7.2/network/admin in the
apachectl script and at the OS level.
Additionally
The Apache/Apache/logs and Apache/Jserv/logs are clear and no invalid database objects.
I also looked within the Portal30 schema for errors, but found none.
SQL> select * from wwv_rw_errors$;
no rows selected
SQL> select * from wwv_errors$;
no rowsHello Lorenzo,
Currently the procedure on how to do this can be found at:
http://technet.oracle.com/products/iportal/pdf/conf_ldap.pdf
9iAS v2 will be in production sometime in the next month or two.
The procedure for setting this up will be more siplified in 9iAS
v2.
Thanks,
Jay -
Users dn changes in AD, OID and portal
I have some question about dn changes...
we have a synchronized Active Directory with OID. When user's dn changes in AD, it changes in OID.
We using portal API (wwsec_api, wwsec_oid) functions for managing user... such as set his default group, add/remove to/from group and others.. After user's dn have changed these funtions not working for that user.
so.. here comes my questions:
these portal API functions uses dn from table portal.wwsec_person$ ?
if so, is there a way to update dn in this table when it changed in OID automatically? Or it can be done only manualy?
is it safe to update dn in this table?
thanks for any hints.
sharthank you for response.
as I'm new to synchronization, some questions comes because of not knowing something..
Now I see that all changes in portal are made just after the user logs in. That was the problem. -
Link from user pc to ERP and Portal
our project is using ERP 05 and Portal, ESS, MSS. I understand that Portal is the single user interface to backend ERP system. Does that means that there is no need for network link from user PC to ERP?
I've resolved these questions. Thank you.
-
Hi experts,
I am looking at the newer EhP5 and EhP6 functionality for ESS and MSS, specifically the WD ABAP portal applications. I've turned on all the business functions and services I think our team wants, however I'm confused on how to move forward in using them. For a little tech info, we are on EhP6 for the backend, but our portal is 7.02.
My first step was to assign the com.sap.pct.erp.ess.wda.Employee_Self_Service_WDA portal role to our test ESS user group in our sandbox environment. The ESS user got a new ESS tab in the portal and it's linked to the Launchpad role ESS, Instance MENU. I'm comfortable with ESS at this point, still need to learn more about customizing the menu for different employee groups without creating additional Launchpad or SAP roles.
Question 1: Correct me if I'm wrong, but is the Launchpad roll ESS, instance menu linked to the PFCG role SAP_EMPLOYEE_ESS_WDA_2?
Next, I was looking to see if there was a similar portal role for MSS, but it seems I can't find one. I implemented the MSS Addon 1.0 for ABAP and the portal and got a new MSS portal addon role, but it doesn't seem to be connected to any MSS Launchpad role.
Question 2: Is there a portal role to assign to users/groups that is linked to one of the MSS Launchpad roles? If yes, what business function or service is it a part of?
I'd like to use of the existing MSS Launchpad role to test some of the new portal functionality, but I'm not sure how to do it.
Question 3: How is a Launchpad role assigned to a SAP role in PFCG? Anyone have some documentation they can point me too?
Kind regards,
Garrett MeredithThank you Samuli, this was very helpful in connecting many of the pieces.
For now I have a very good understanding of how the new ESS is controlled and modified.
It appears that FPM_LAUNCHPAD_UIBB could be used to develop a similar component to call a custom launchpad role for MSS containing a customized list of WDA applications.
Is a MSS Launchpad a good way to pursue since we use a SAP enterprise portal?
I found a PAOC_MSS package containing other MSS embedded packages.
Could I use one of the embedded packages in there and by creating a Component configuration in the FPM_LAUNCHPAD_UIBB for one of the MSS WD applications?
Based on the documentation link above, PFCG roles are for NWBC HTML or Desktop versions.
Kind regards,
Garrett -
How to resolve Error Message WWC-41400 with OID and Portal
Hello.
I followed the guidelines to use Oracle's OID as the login
server for my 9iAS-based Portal. The login names and passwords
were successfully copied from the Portal to the users.lfif file
(visible in Oracle Directory Manager).
I tested the login/passwords and could not login to the Portal.
I received the error message WWC-41400. I check past "tars",
and the followed the steps to check the library linkage,
external library file, status of the listner, and the
environment settings for the TNS names file.
The settings are correct, yet I still can not login to the
Portal.
Any suggestions.
JoyceHello Joyce
I think you should input cn=orcladmin during "Configuring Login
Server to use LDAP using DBMS_LDAP package" step with
ssooid.sql script in "Enter value for bind_dn:" field
wbr from Russia -
When I run the sql 'c:\oracle\portal\plsql\admin\sso\ssoldap.sql',
the system reported the following error:
0/0 pls/sql:complication unit analysis termited
0/14 pls-00201 ???? wwsso_auth_external
0/14 pls-00304 ???? wwsso_auth_external.
I found that the error was cause by @@ssoxldap.pkb,how can I do about it?
Can the *.pkg file be modified?
Thank you.I'm not 100% positive but I do not think the portal account activation/deactivation calls change the orclIsEnabled attribute in OID since there are times when a user in OID may still be enabled for SSO purposes but that same user may be deactivated as a portal user.
-
Anyone know where I can find a list of portal api calls?
Thanks
Troy,
Take a look at :
http://portalstudio.oracle.com/pls/ops/docs/folder/community/pdk/
plsql/doc/astart.htm
for a full PL/SQL API lists
Chu -
i am using Oracle Application Server 10gAS 10.1.2.0.2. and have a few questions about the account status on OID and access on portal user profiles.
Does account activation (wwsec_api.activate_portal_user) or deactivation (wwsec_api.deactivate_portal_user) in portal related to the OID enable/ disable using orclIsEnabled field?
What is changed when with the plsql api call wwsec_api.activate_portal_user in portal 10.1.4.0.0?
any guidance will be highly appreciated!
thank you
AMNI'm not 100% positive but I do not think the portal account activation/deactivation calls change the orclIsEnabled attribute in OID since there are times when a user in OID may still be enabled for SSO purposes but that same user may be deactivated as a portal user.
-
Hide links "Register Now..." and "Get support" in logon portal
Hi to all.
In portal logon (PROD) appears the links "Register Now..." and "Get support" and I want hide the links.
The properties ume.logon.logon_help and ume.logon.selfreg are FALSE in config tool and in Visual administrator.
The .com.sap.portal.runtime.logon.par is standar, it hasn't modified.
In DEV the problem doesn't appear but in PROD the problem appears since last week.
Can anybody helps me to solve my problem?
Thanks a lot !Hi Shanti,
I have tested it and i have seen that there aren't roles assigned to the "Anonymous Users" group.
Thanks a lot.
Could you help me more? -
hi
whether we can link XI and portal.. is it possible means, hw can we link it..in which scenerio we will go for that...
plz answer me...thx in advance..Hey
yes,its possible to integrate XI with EP,please have a loo at the following threads
EP with XI
EP & XI...
thanx
Aamir -
SSO between Portal Application and Portal Admin Tool
Hi All,
We have a requirement for implementing SSO between a Portal application and
Portal admin tool.
We are using WL Portal 8.1 SP4.
Here is the reason for this requirement -
A user logged-into Portal Application needs to login to Portal Admin tool to
do some admin activity. We want to provide a link in the portal application
using which the user can directly login to the Portal Admin tool without
having to enter the credentials again.
If someone has any info on how to implement this, can you please point me in
the right direction.
Thanks,
~DeepakHi,
When creating PP you have 2 options
PP used for compiling and PP used for Building
You create PP with all the libraries into Developing/Compiling Other DCs
And another PP with all the libraries into can be packaged into other build results (SDAs).
Once you have these 2 PP in place you add the DC as used DC.
And this should resolve the issue.
Hope this helps.
Cheers-
Pramod -
Midtier removal of Forms and Reports and Portal failing
Hi
I am having an issue removing the midtier of a forms/Report/BI and portal midtier,
The deconfigtool.pl hang and I am recieving the following message in a deconfigportal.log.
Invoking OPCA in DEINSTALL mode with the following arguments :
Install Mode : DEINSTALL
Portal Schema : portal
Connect String : cn=orcl,cn=oraclecontext
OID Host : hresources
OID Port : 389
OID Admin DN : cn=orcladmin
Use SSL to OID : N
Drop mode : midtier
STEP 1 : Deleting Portal Partner application
Parameters passed to SSO registration tool :
param0:-oracle_home_path param1:D:\Oracle\CoreMid param2:-config_sdk_papp param3:TRUE param4:-papp_schema param5:portal param6:-old_lsn_token param7:hresources.ncirl.ie param8:-update_mode param9:DELETE param10:-papp_password param11:**** param12:-pappDBConnect param13:cn=orcl,cn=oraclecontext param14:-ssoDBConnect param15:cn=orcl,cn=oraclecontext param16:-pass param17:**** param18:-schema param19:orasso_pa
-DinstallType=
-DoldOracleHome=
-DoldOHSUser=SYSTEM
Check D:\Oracle\CoreMid\sso\log\ssoreg.log for details of this registration
SSO registration tool failed. Please check the log file D:\Oracle\CoreMid\sso\log\ssoreg.log, correct the problem and re-run the tool.
STEP 2 : Deleting Portal DAD
STEP 3 : UDDI deinstallation
STEP 4 : Ultrasearch deinstallation
Anyone know how to get around this.And what does D:\Oracle\CoreMid\sso\log\ssoreg.log say?
Thanks
Shail -
SSO and portal timeout -- other bug?
...this is very probably related to the other post talking about SSO and portal timeout...
I am having another weird issue with dotnet portlets that uses inline refresh (done automatically by dotnet accelerator) and SSO.
When you let the portal session expire, and then click on a button/link within a portlet (hence generate an inline refresh gatewayed request), the full portal window (header/footer etc...) appears within the portlet, instead of the portlet content alone.
I did some http traces (see below) and it seems the problem is due to the windows SSOLogin.aspx (we are using windows auth SSO) not taking the requested portlet gatewayed request url as a post login redirect info... but taking instead the current page url (which is wrong)
Thus, after the gatewayed portlet request is successfully authenticated by the SSOLogin.aspx component, it is automatically redirected to the wrong urll...making the full portal page refresh into the portlet.
So my question is: have anyone already seen such behavior? And has anything been done to fix this?
It really seems like a bug with the SSO servlet...but maybe i am doing something wrong...Just want to have your thoughts on this.
Thanks,
Fabien
============================================================================================
HTTP Trace:
POST 302 Redirect to /portal/sso/SSOLogin.aspx?in_hi_userid=15046&space=CommunityPage&parentid=1&cached=false&control=SetCommunity&PageID=0&CommunityID=205&parentname=Login http://your.portal.com/portal/server.pt/gateway/PTARGS_0_15046_362_205_0_43/http%3B/your.portletserver.com/yourapp/youraspx.aspx
GET 401 text/html http://your.portal.com/portal/sso/SSOLogin.aspx?in_hi_userid=15046&space=CommunityPage&parentid=1&cached=false&control=SetCommunity&PageID=0&CommunityID=205&parentname=Login
GET 401 text/html http://your.portal.com/portal/sso/SSOLogin.aspx?in_hi_userid=15046&space=CommunityPage&parentid=1&cached=false&control=SetCommunity&PageID=0&CommunityID=205&parentname=Login
GET 302 Redirect to http://your.portal.com/portal/server.pt?in_hi_userid=15046&space=CommunityPage&parentid=1&cached=false&control=SetCommunity&PageID=0&CommunityID=205&parentname=Login http://your.portal.com/portal/sso/SSOLogin.aspx?in_hi_userid=15046&space=CommunityPage&parentid=1&cached=false&control=SetCommunity&PageID=0&CommunityID=205&parentname=Login
GET 200 text/html; charset=utf-8 http://your.portal.com/portal/server.pt?in_hi_userid=15046&space=CommunityPage&parentid=1&cached=false&control=SetCommunity&PageID=0&CommunityID=205&parentname=LoginI have this happen in v6.0 sp1. We have worked around the problem with a bit of work and synchronization of settings. Below, I've outlined how we've worked around the problem (which is indeed a problem that should be fixed). Also, if you have a load balancer, you'll need to set your session timeout on the load balancer to a bit more than the refresh rate that you set for your communities and My Pages.
Resolving the Portlet Timeout / Refresh Problem in ALUI Portal_
Problem: Users occasionally receive the portal page within a portlet error
Cause: The root cause has not been determined; however it appears that the primary event that exhibits the behavior is when a teammember’s session has expired on the portal server and they then utilize a .NET form-based portlet which refreshes in place. Because we are using WIA SSO to enable automatic logins to the portal, it makes the error seem to occur randomly.
Resolution:
The workaround solution is to – 1) increase the portal session timeout on the portal web servers from the default 20min to 4 hours, and 2) set the MyPage refresh interval setting for all portal users to 3 hours. The setting name is a bit of a misnomer, as it will actually refresh the entire portal page automatically if the user is idle on either a My Page or a Community Page, as these are the only two places that portlets reside.
Increasing the portal session timeout:
The portal session timeout is controlled in two places, and both settings should match. On the portal virtual directory in IIS, edit the configuration and increase the timeout setting to 240 (minutes). Then, edit the portal application’s web.config file (d:\portal\ptportal\6.0\webapp\portal\web\) and increase the sessionState Timeout variable to 240. Editting the config file will require you to restart the services before you see the change.
Initial setting of the MyPage refresh interval:
The initial setting will need to be done by a SQL script in order to apply it to all existing users. The Default Profile should also be updated so that all new user synched from AD will have this setting applied automatically.
/* Delete refresh interval settings for all users first so that there are no conflicts on the inserts */
DELETE FROM portaldbuser.ptprefs WHERE prefname = 'intMyPageRefreshRate'
/* Insert desired page refresh setting for all users */
INSERT INTO portaldbuser.ptprefs (userid,gadgetid,prefclassid,prefobjectid,prefname,prefvaluetype,prefvalue,pagenumber) SELECT objectid,0,0,0,'intMyPageRefreshRate',3,180,0 FROM portaldbuser.ptusers
From Administration, access the Default Profiles utility. Check the Default Profile entry and click on the Edit Profile Layout link. Click on the My Account link in the Portal Settings portlet and then on the Display Options link on the next page. In the Page and Portlet Settings, update the Your My Page will be updated: setting to 4 hours. Click Finish twice to return to Administration.
Updating the MyPage refresh interval:
To update the setting just modify the insert portion of the SQL script. Change the prefvalue number (180) to the desired timeout in minutes and rerun both statements of the script.
The Default Profile should be also be modified per the instructions above.
I hope this helps...
-tom -
Creating a new context in OID and extending DIT
I am developing a portal. I need to create a new context in the OID and extend the DIT so that i can store Subscriber information in it. Please help me with the procedure, and sample schema.
thanks in advance,
udai.Hello JB-Baby
You can't create a subfolder in Sent. Mail does this automatically for each account you set up. If you wish to organise messages you send by some criteria or other, why not consider a Smart Mailbox?
I assume by your second question you mean can you change the columns in the message viewer? Yes you can. You select View -> Columns and check the ones you want. You can adjust the order of the columns by dragging the titles around in the message viewer.
If you didn't mean this, maybe you could explain what you are after in a little more detail.
Maybe you are looking for
-
HTTPS from JDK1.2.1 to JDK 1.4.1
We are trying to connect application running on JDK1.2.1 to application in JDK 1.4.1. Both applications are in Oracle 9ias application server but with different JDK and different physical machines. We are getting following error while trying to acces
-
Bug in report sorting? Sort doesn't work in last group level.
Is this a known error? Is there documentation from Oracle about it? My query is a simple select from a table. I then created three group levels. Each group contains a value for sorting (up arrow next to column). However, data is not sorted by the val
-
PHP paging between 2 recordsets
Currently I am redoing this page, Bulk Fuel, that is originally created using spry and XML and recoding it with PHP and tying it into a MySQL db. As you can see the user clicks the city name and the prices change for that city and so does the text, i
-
Hi I have an old non-BT email address which I can still receive on, but cannot send on. I've tried changing my outgoing server for that account to bt, but messages are still not being sent. (Normally I can make do without sending on that account, bu
-
What is it with PC Suit?
I've been using this with my 8800 for half an hour now, it is syncing with the phone (when I'm not clicking anything) about every 10 seconds. The Contact Browser thinks it knows better than me how I like the names in my phone book displayed so now th