Manage users

Hi,
I've Flex as front-ent, with Java over MySQL DB as back-end (DB access through hibernate).
I'm trying to figure out what is the best-practice to:
1. Manage users records?
I currently have my own users table (with user name, password and all the info I need). Should I use MuSQL.user table?
I've to came to his point because I wanted to hold my user's password encrypted, and following the following link I understood that passwords in my own users table are not protected for different reasons - logs, backup scripts, etc. (http://dev.mysql.com/doc/mysql-security-excerpt/5.1/en/password-security-admin.html)
2. Do I need to log-in the DB using the user's crednetials? if yes, why?
Currently I only check for the un/pwd validity, but for all users - I connect using a single root UN...
Thanks, Haim

Hi Haim
I think you are mixing things together.
The MySQL.user table, are for the DBMS to handle users of the database, not of a custom application, so unless you are trying to create a DBMS manager, you shouldn't access any of MySQL's own tables.
If you wanna store you passwords in the database encrypted, you simply encrypt them in your code, and then they will also be encrypted in the DBMS logs and in the DB.
But as the docs state, you show NEVER allow access to the DB logs, to other then an administrator and the DBMS itself.
Best Regards
Martin Andersen

Similar Messages

  • How can I use Windows IAS to validate WLC management users?

    I am having a problem using my Windows IAS radius server to validate management users for my 2112 Wireless Lan Controller.
    I have defined the radius server and it works ok with the policy for validating wireless clients but not for WLC management users.
    The Remote access policy seems to be set up correctly as the event viewer on the server shows:-
    Event Type: Information
    Event Source: IAS
    Event Category: None
    Event ID: 1
    Date:  09/02/2011
    Time:  11:06:06
    User:  N/A
    Computer: UK01DC07
    Description:
    User xxxxxx was granted access.
    Fully-Qualified-User-Name = TRAVEL.OAG.com/Dunstable Admins/xxxxxx
    NAS-IP-Address = 10.10.45.210
    NAS-Identifier = UK03NM01
    Client-Friendly-Name = UK03NM01
    Client-IP-Address = 10.10.45.210
    Calling-Station-Identifier = <not present>
    NAS-Port-Type = <not present>
    NAS-Port = <not present>
    Proxy-Policy-Name = Use Windows authentication for all users
    Authentication-Provider = Windows
    Authentication-Server = <undetermined>
    Policy-Name = UK03NM01 - login
    Authentication-Type = PAP
    EAP-Type = <undetermined>
    But, the WLC log shows:
    *Feb 09 11:06:06.612: %EMWEB-1-LOGIN_FAILED: ews_auth.c:2104 Login failed. User:xxxxxx. Service-Type is not present or it doesn't allow READ/WRITE permission..
    The WLC just returns the login screen
    Any thoughts?
    Thanks in advance
    Richard

    Event viewer shows :
    Event Type: Information
    Event Source: IAS
    Event Category: None
    Event ID: 1
    Date:  10/02/2011
    Time:  08:49:39
    User:  N/A
    Computer: UK01DC07
    Description:
    User xxxxxxxx was granted access.
    Fully-Qualified-User-Name = TRAVEL.OAG.com/Dunstable Admins/xxxxxxxx
    NAS-IP-Address = 10.10.45.210
    NAS-Identifier = UK03NM01
    Client-Friendly-Name = UK03NM01
    Client-IP-Address = 10.10.45.210
    Calling-Station-Identifier =
    NAS-Port-Type =
    NAS-Port =
    Proxy-Policy-Name = Use Windows authentication for all users
    Authentication-Provider = Windows
    Authentication-Server =
    Policy-Name = UK03NM01 - login
    Authentication-Type = PAP
    EAP-Type =
    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 00 00 00 00               ....   
    and IAS log shows:
    "UK01DC07","IAS",02/10/2011,08:49:39,1,"xxxxxxxx","TRAVEL.OAG.com/Dunstable Admins/xxxxxxxx",,,,,"UK03NM01","10.10.45.210",,0,"10.10.45.210","UK03NM01",,,,,,7,1,"UK03NM01 - login",0,"311 1 10.10.45.254 12/04/2010 23:56:59 1987",,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,"Use Windows authentication for all users",1,,,,
    "UK01DC07","IAS",02/10/2011,08:49:39,2,,"TRAVEL.OAG.com/Dunstable Admins/xxxxxxxx",,,,,,,,0,"10.10.45.210","UK03NM01",,,,,,2,1,"UK03NM01 - login",0,"311 1 10.10.45.254 12/04/2010 23:56:59 1987",,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,"Use Windows authentication for all users",1,,,,
    It appears to me that IAS checks and passes the username/password as being valid but this response is ignored by the WLC
    Richard

  • How can HelpDesk manage users in multiple Organizations in OIM R2

    Hi All,
    I looking to satisfy a requirement for OIM 11g R2 where a helpdesk administrator can only manage users that belong to a particular institution. However, there are approximately 50% of users that belong to more than one institution, where helpdesk staff from each institution should be able to manage the user. Customer is currently
    doing this in Waveset by assigning users to orgs dynamically through rules which allows multiple virtual orgs. OIM unfortunately has no way to assign a user to multiple orgs, making OOTB authorization management very difficult.
    How can a administrators from different org manage same User. If that user belongs to different org?
    How to achieve this in OIM R2?
    Thanks
    Akshat

    Hi Adr,
    I know the OIM Authorization is around the Organization, and a user can present in only one org in OIM.
    I wanted to know, can we force the authorization based on Department/Institutions rather than Org. I am thinking in reagards of OES Authorization policies.
    OIM unfortunately has no way to assign a user to multiple orgs, making OOTB authorization management slightly difficult.
    I am looking to determine the best approach to accommodate this requirement. Due to the high number of users that reside within multiple institutions, leveraging organizations will not work. Asa far i know OES APM should be able to accommodate this, but could not find any solid guidance in the Oracle training or Oracle by Example documentation.
    Any thoughts?
    -Ak

  • Error when trying to Manage 'User Profile Service Application'

    Hello,
    I'm recently facing an issue two issues
    1. User Profile Service Application: when I goto manage user profile service application I get an error windows and when I look into the logs following is the error with given correlation id "ef9fb09c-ae28-1072-b404-c887d61ed915"
    08/21/2014 09:07:27.53  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Logging Correlation Data       xmnv Medium   Name=Request (GET:http://gcdwinamzanl002:8081/_layouts/15/ManageUserProfileServiceApplication.aspx?ApplicationID=9826b245%2D1d65%2D408f%2Db252%2D058b3809225f) ef9fb09c-ae28-1072-b404-c887d61ed915
    08/21/2014 09:07:27.75  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     General                        6t8h High     [Forced due to logging gap, cached @ 08/21/2014 09:07:27.50, Original
    Level: Verbose] {0} ef9fb09c-ae28-1072-b404-c887d61ed915
    08/21/2014 09:07:27.75  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Database                       8acb High     [Forced due to logging gap, Original Level: VerboseEx] Reverting to process
    identity ef9fb09c-ae28-1072-b404-c887d61ed915
    08/21/2014 09:07:27.75  w3wp.exe (0x2BB8)                        0x2448 Web Content Management       
     Publishing Cache               f6s5 Medium   ObjectCache size is set to 100 megs. ef9fb09c-ae28-1072-b404-c887d61ed915
    08/21/2014 09:07:27.75  w3wp.exe (0x2BB8)                        0x2448 Web Content Management       
     Publishing                     8zug Medium   PublishingHttpModule.Init() calling AppDomainUnloadListener.Register() ef9fb09c-ae28-1072-b404-c887d61ed915
    08/21/2014 09:07:27.75  w3wp.exe (0x2BB8)                        0x2448 Web Content Management       
     Publishing                     8x0a Medium   AppDomainUnloadListener.RegisterSelf() entered lock(this=38386177) ef9fb09c-ae28-1072-b404-c887d61ed915
    08/21/2014 09:07:27.75  w3wp.exe (0x2BB8)                        0x2448 Web Content Management       
     Publishing                     8x0b Medium   AppDomainUnloadListener.RegisterSelf() about to call HostingEnvironment.RegisterObject(this=38386177) ef9fb09c-ae28-1072-b404-c887d61ed915
    08/21/2014 09:07:27.82  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Asp Runtime                    aj1kp High     [Forced due to logging gap, Original Level: Verbose] SPRequestModule.PreSendRequestHeaders ef9fb09c-ae28-1072-b404-c887d61ed915
    08/21/2014 09:07:27.88  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     General                        6t8h High     [Forced due to logging gap, cached @ 08/21/2014 09:07:27.83, Original
    Level: Verbose] {0} ef9fb09c-ae28-1072-b404-c887d61ed915
    08/21/2014 09:07:27.88  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Database                       8acb High     [Forced due to logging gap, Original Level: VerboseEx] Reverting to process
    identity ef9fb09c-ae28-1072-b404-c887d61ed915
    08/21/2014 09:07:27.91  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Monitoring                     b4ly Medium   Leaving Monitored Scope (Request (GET:http://gcdwinamzanl002:8081/_layouts/15/ManageUserProfileServiceApplication.aspx?ApplicationID=9826b245%2D1d65%2D408f%2Db252%2D058b3809225f)).
    Execution Time=427.452048 ef9fb09c-ae28-1072-b404-c887d61ed915
    08/21/2014 09:07:27.98  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Monitoring                     nasq Medium   Entering monitored scope (Request (GET:http://gcdwinamzanl002:8081/_layouts/15/ManageUserProfileServiceApplication.aspx?ApplicationID=9826b245%2D1d65%2D408f%2Db252%2D058b3809225f)).
    Parent No 
    08/21/2014 09:07:27.98  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Logging Correlation Data       xmnv Medium   Name=Request (GET:http://gcdwinamzanl002:8081/_layouts/15/ManageUserProfileServiceApplication.aspx?ApplicationID=9826b245%2D1d65%2D408f%2Db252%2D058b3809225f) ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:28.35  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     General                        6t8h High     [Forced due to logging gap, cached @ 08/21/2014 09:07:27.98, Original
    Level: Verbose] {0} ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:28.35  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Authentication Authorization   agb9s Medium   Non-OAuth request. IsAuthenticated=True, UserIdentityName=, ClaimsCount=0 ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:28.39  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Monitoring                     b4ly High     Leaving Monitored Scope (PostAuthenticateRequestHandler). Execution Time=27.712976 ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:28.49  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Monitoring                     nass High     [Forced due to logging gap, cached @ 08/21/2014 09:07:28.39, Original Level: Verbose]
    ____{0}={1} ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:28.49  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Asp Runtime                    aj1kr High     [Forced due to logging gap, Original Level: Verbose] SPRequestModule.PostAuthorizeRequestHandler ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:28.68  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Monitoring                     b4ly High     Leaving Monitored Scope (PublishingHttpModule: PostAuthorizeRequestHandler). Execution
    Time=178.76496 ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:28.85  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Asp Runtime                    aj1km High     [Forced due to logging gap, cached @ 08/21/2014 09:07:28.72, Original Level: Verbose]
    SPRequestModule.PostResolveRequestCacheHandler ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:28.85  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Asp Runtime                    aj1kn High     [Forced due to logging gap, Original Level: Verbose] SPRequestModule.AcquireRequestStateHandler ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:28.88  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Logging Correlation Data       xmnv Medium   Site=/ ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:28.94  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Database                       ahjqp High     [Forced due to logging gap, cached @ 08/21/2014 09:07:28.90, Original
    Level: Verbose] SQL connection time: 0.050592 ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:28.94  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Database                       8acb High     [Forced due to logging gap, Original Level: VerboseEx] Reverting to process
    identity ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:29.22  OWSTIMER.EXE (0x0968)                    0x3744 SharePoint Foundation          Monitoring                   
     aeh57 Medium   Sql Ring buffer status eventsPerSec = ,processingTime=0,totalEventsProcessed=0,eventCount=0,droppedCount=0,memoryUsed=0 
    08/21/2014 09:07:29.53  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Database                       ahjqp High     [Forced due to logging gap, cached @ 08/21/2014 09:07:28.95, Original
    Level: Verbose] SQL connection time: 0.027536 ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:29.53  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     General                        6t8b High     [Forced due to logging gap, Original Level: Verbose] Looking up {0}
    site {1} in the farm {2} ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:29.59  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Topology                       umbj High     [Forced due to logging gap, cached @ 08/21/2014 09:07:29.54, Original
    Level: Verbose] Deserializing the type named {0} and with id {1}. ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:29.59  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Topology                       ahg9p High     [Forced due to logging gap, Original Level: Verbose] Completed deserializing
    the type named {0} and with id {1}. ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:29.65  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Topology                       ahg9p High     [Forced due to logging gap, cached @ 08/21/2014 09:07:29.64, Original
    Level: Verbose] Completed deserializing the type named {0} and with id {1}. ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:29.65  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Topology                       umbj High     [Forced due to logging gap, Original Level: Verbose] Deserializing the
    type named {0} and with id {1}. ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:29.71  w3wp.exe (0x2BB8)                        0x2448                              
     0x6FB700D                      ahg9p High     [Forced due to logging gap, cached @ 08/21/2014 09:07:29.68, Original Level:
    Verbose] Completed deserializing the type named {0} and with id {1}. ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:29.71  w3wp.exe (0x2BB8)                        0x2448 Access Services              
     Administration                 ackn7 High     [Forced due to logging gap, Original Level: Verbose] Tried to obtain setting {0} from Conversion Service
    Application, but it didn't exist. ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:29.80  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Topology                       umbj High     [Forced due to logging gap, cached @ 08/21/2014 09:07:29.76, Original
    Level: Verbose] Deserializing the type named {0} and with id {1}. ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:29.80  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Topology                       ahg9p High     [Forced due to logging gap, Original Level: Verbose] Completed deserializing
    the type named {0} and with id {1}. ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:29.86  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Topology                       ahg9p High     [Forced due to logging gap, cached @ 08/21/2014 09:07:29.85, Original
    Level: Verbose] Completed deserializing the type named {0} and with id {1}. ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:29.86  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Topology                       umbj High     [Forced due to logging gap, Original Level: Verbose] Deserializing the
    type named {0} and with id {1}. ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:29.91  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Topology                       ahg9p High     [Forced due to logging gap, Original Level: Verbose] Completed deserializing
    the type named {0} and with id {1}. ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:29.96  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Topology                       umbj High     [Forced due to logging gap, cached @ 08/21/2014 09:07:29.91, Original
    Level: Verbose] Deserializing the type named {0} and with id {1}. ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:29.96  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Topology                       ahg9p High     [Forced due to logging gap, Original Level: Verbose] Completed deserializing
    the type named {0} and with id {1}. ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:30.06  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Topology                       umbj High     [Forced due to logging gap, cached @ 08/21/2014 09:07:30.01, Original
    Level: Verbose] Deserializing the type named {0} and with id {1}. ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:30.06  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Topology                       ahg9p High     [Forced due to logging gap, Original Level: Verbose] Completed deserializing
    the type named {0} and with id {1}. ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:30.12  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Topology                       ahg9p High     [Forced due to logging gap, cached @ 08/21/2014 09:07:30.11, Original
    Level: Verbose] Completed deserializing the type named {0} and with id {1}. ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:30.12  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Configuration                  a16e High     SPAce PrincipalName found  account renamed to NULL SID. Using new name. ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:30.12  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Configuration                  a16e High     SPAce PrincipalName found  account renamed to NULL SID. Using new name. ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:30.14  w3wp.exe (0x2BB8)                        0x2448 SharePoint Server            
     General                        ahjnd Medium   Constructed a new async cache named Profile Property Cache ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:30.15  w3wp.exe (0x2BB8)                        0x2448 SharePoint Portal Server       User
    Profiles                  ajk4d Medium   UserProfileProperty_WCFLogging::Begin ProfilePropertyServiceClient.ExecuteOnChannel ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:30.15  w3wp.exe (0x2BB8)                        0x2448 SharePoint Portal Server       User
    Profiles                  ajk35 Medium   MossClientBase_WCFLogging::Begin MossClientBase.ExecuteOnChannel ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:30.18  w3wp.exe (0x2BB8)                        0x2448 SharePoint Portal Server       User
    Profiles                  ajk36 Medium   MossClientBase_WCFLogging:: MossClientBase.ExecuteOnChannel -  Executing codeblock on channel ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:31.27  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Claims Authentication          aeax6 High     [Forced due to logging gap, Original Level: Verbose] SPSecurityContext: The SecurityTokenServiceBehavior is attached to the AsymmetricTrustChannel. ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:31.94  w3wp.exe (0x2BB8)                        0x2448 SharePoint Foundation        
     Topology                       aeayb Medium   SecurityTokenServiceSendRequest: RemoteAddress: 'http://localhost:32843/SecurityTokenServiceApplication/securitytoken.svc/actas'
    Channel: 'Microsoft.IdentityModel.Protocols.WSTrust.IWSTrustChannelContract' Action: 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue' MessageId: 'urn:uuid:3c1f10be-67f6-4335-9245-0af94c65f814' ef9fb09c-fe46-1072-b404-c5bccdc9dc59
    08/21/2014 09:07:34.09  NodeRunnerContent1-ac7a63c6-80a (0x1A00) 0x32DC Search                         Search Platform Services     
     ajhlg Medium   NerioCluster : Got valid (Primary) lease until 2014-08-21T09:10:11.0915676Z/0 for net.tcp://gcdwinamzanl002/C62BA9/AdminComponent1/Services/InvokerService  
    08/21/2014 09:07:34.29  OWSTIMER.EXE (0x0968)                    0x3744 SharePoint Foundation          Monitoring                   
     aeh57 Medium   Sql Ring buffer status eventsPerSec = ,processingTime=0,totalEventsProcessed=0,eventCount=0,droppedCount=0,memoryUsed=0 
    08/21/2014 09:07:35.72  w3wp.exe (0x0C0C)                        0x18F0 SharePoint Foundation        
     Unified Logging Service        b8fx High     ULS Init Completed (w3wp.exe, onetnative.dll) 
    08/21/2014 09:07:35.86  w3wp.exe (0x0C0C)                        0x18F0 SharePoint Foundation        
     Topology                       2myf Medium   Disabling the configuration filesystem and memory caches.
    Abhishek Madan

    Hi Abhishek,
    According to your description, my understanding is that the User Profile Synchronization service stuck on ‘Starting’ or ‘Stopping’.
    Please check whether you installed SQL 2012 Native Client (Pre-requisites) on SharePoint server. If yes, download and install SQL 2008 R2 Native Client from the below location:
    http://download.microsoft.com/download/9/1/3/9138773A-505D-43E2-AC08-9A77E1E0490B/1033/x64/sqlncli.msi
    From the SharePoint server ->control panel -> add/Remove programs , please confirm that the SQL 2008 Native Client is listed.
    Make sure that the farm account is a member of the Administrators group on the server on which you are trying to start the User Profile Synchronization service, then restart the SharePoint Timer Service.
    Set the FIM services to "Local System" before starting the service.
    There is a troubleshooting for User Profile Synchronization Service start issues, please have a look at:
    http://technet.microsoft.com/en-us/library/gg750257(v=office.14).aspx
    Here are some similar posts for you to take a look at:
    http://www.codeproject.com/Articles/358855/user-profile-synchronization-service-not-starting
    http://www.sharepointdiary.com/2012/09/user-profile-synchronization-service-stuck-at-starting.html#ixzz2aX7Wz4GQ
    Best Regards,
    Wendy
    Forum Support
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
    [email protected]
    Wendy Li
    TechNet Community Support

  • Sap UM connector 9.1.2 trouble with "SAP User Management User Recon" task

    Hello All,
    i have a problem with Sap UM Connector version 9.1.2.
    OIM version 11.1.1.5
    Windows 2008 R2
    Problem is:
    Then accounts in Sap are created through direct provisioning feature of connector everything works ok (subsequent update or delete an account).
    But if a user account is created in Sap using Sap GUI, scheduled task "SAP User Management User Recon" of connector doesn't create reconciliation event to link user.
    Sometimes it does though, but for one user account created using Sap GUI in OIM created two reconciliation events, so corrsponding user in oim have two records for resource SAP.
    In this reconciliation events, one have full set of attributes (Login, First Name, Last Name, E Mail, etc), another one - just these 3 attributes: IT Resource, User ID, Lock.
    "SAP User Management Delete Recon" scheduled task works ok then user account has been deleted using Sap Gui.
    How one can troubleshoot such behavior?
    Can anyone advise please?

    resolved the issue by updating sap um connector to version 9.1.2.5

  • JES Access Manager User Creation for Messanger

    Hi Everyone
    I installed JES 2005 Q4 on Solaris 10 x86 with schema 2 and Access Manager 7. The Directory Tree is as follows:
    Sol1.nucleussoftware.com:389
    dc=nucleussoftware,dc=com (34 acis)
    DSAME Users
    Internet
    People
    Groups
    Client Data
    services
    nucleussoftware.com
    People
    Groups
    o=Netscape Root (3 acis)
    cn=Schema (6 acis)
    cn=monitor (5 acis)
    cn=config (4 acis)
    Organization DN when I ran "configutil" after running comm_dssetup.pl, was specified o=nucleussoftware,dc=nucleussoftware,dc=com
    This is fresh installation and not any migration.
    Now I create user from Access Manager, http://sol1.nucleussoftware.com/amserver
    There are two organizations 1. Nucleussoftware and 2. Nucleussoftware->nucleussoftware.com
    So I have two locations to create users in People.
    When I create user from Access Manager and try to login into WebMail, I get Login Failed.
    But when I open "startconsole" or "mpsconsole" and open Messaging Server Console and in new user's property, Account Attribute, I mark the check box, and now try to login into WebMail, I get error message, "Mailbox is on a different server".
    I am missing one attribute that I used to get with schema 1 on iPlanet 5.2 for any user, Mail Server Address.
    Please tell me the exact method of creating a user for Messaging.
    Regards
    Amit Bist

    Access Manager was never intended to create working mail users. The Delegated Admin package is provided as part of JES, and that's what it is for, to manage users and groups. There's both a web interface, and a command-line interface, "commadmin"
    Or, you can examine the ldap entries for the automatically created accounts, and duplicate that. Messaging doesn't really care how the ldap entries get done, just so that they are done correctly.

  • Manage users and privleges is missing in security tab in rep admin 9.5

    hi not able to see  Manage users and privleges in security tab in rep admin is manage users and privleges in infa 9.5 is shifted to admin console or is it available with both the tools admin console.

    Thanks Neil - Problem solved and I´ve saved a couple of new Applescripts for checking and reset in case (and when) this happens again.
    Lets hope Apple discover the reason for random changes to file flagging and apply to a future update.
    Again, thanks for your quick response.

  • How to uninstall a Greasemonkey userscript in Firefox 3.6.16? Manage User Scripts box doesn't appear as before.

    I need to uninstall an old userscript installed through Greasemonkey. Usually I go via Tools-->Greasemonkey-->Manage User Scripts or right-click on the monkey icon on the bottom left and choose Manage User Scripts and get this large window where I can manage whatever userscripts I have on here, but now I only get the small Add-ons window with the monkey icon last in the row (after Plugins and Installation icons) and the white area below is completely empty (whereas for example under Extensions I can see and handle those). How do I do this/Why can't I get the 'usual' managing window to show??

    I also have this problem and it just started in the last week or so. It seems to be dependent on my home network and the problem only exists with firefox. I have used chrome and IE8 with no issues. I can verify tomorrow that it only exists in my network but one thing I was able to test is that the problem exists even on my linux boot. I am totally dumbfounded with this problem and I can't find anything that will allow the gmail page to load. All other pages I have tried load fine, all be it a little slower than normal but they load. If anyone knows of a difference between firefox and all other browsers on how it goes through the router I would appreciate the info cause I don't know of any differences.

  • Customizing View in Manage User Profiles page in CA

    Is there a way to add additional fields to the Manage User Profiles section in Central Administration? It is defaulted to Account Name, Preferred Name, and Email. I would like to add one of my custom columns front an center so that when I search for someone
    I see that custom field up front.
    Thanks,
    Brandon

    It is possible. Please refer to:
    http://technet.microsoft.com/en-us/library/cc262327(v=office.14).aspx#create
    Just like any other custom search property you could use for User profiles too:
    http://blogs.technet.com/b/meamcs/archive/2010/12/23/using-a-custom-user-profile-property-for-people-search-results-scopes.aspx
    If you are using Term sets:
    http://www.sharepointsteve.com/2010/10/making-custom-user-profile-properties-searchable-in-sharepoint-2010/ 

  • PeoplePicker not showing email address after i have added it in Manage User Profiles - Non AD Environment

    Hi There,
    I have added an email address to a user in the SP Manage User Profile.
    When I go to my app and search/select the user to assign against a task, no email address is shown in the peoplepicker window.
    One thing, the users Display Name as "Server\Username" rather than the Display Name of Bob Smith for example.
    This is a non Active Directory Environment on SharePoint 2010.
    Can anyone help?
    Thanks in advance!

    People picker does not query the User Profile Service when resolving a name.  You need a custom claims provider for that.  See details here:
    http://technet.microsoft.com/en-us/library/gg602078(v=office.14).aspx
    There is a timer job (user profile service quick sync) that runs every 15 minutes or maybe 10 minutes, don't remember the interval without looking, against the site collection that will sync from the UPS, but you are stuck with whatever is in site collection
    users until then, which will be nothing until the user profile service quick sync job runs.

  • Managed User cannot see blank CD

    Hi all,
    I have recently reinstalled the College Mac suite where I work as an IT Tech (and Mac noob).
    Over the last term the desktops on the macs were used as a dumping ground for student work and as such proved difficult to back up the work at the end of term.
    A sollution seemed to me to be to create a desktop alias to Documents and set that as the only area on the desktop that the Student (managed) user had read/write access and set the rest of the desktop to Read-only.
    Other than problems opening attachments from Hotmail (one for another day..), this has worked out quite well. Until yesterday...
    When the user inserts a blank CD the system promts to choose an app, when Finder is selected the screen refreshes but the blank CD does not appear on the screen.
    This does not happen for USB keys or CDs with data on.
    I have played aroud with setting the desktop to Read/Write and the blank disk appeared.
    At the moment it seems my only two options are to change the desktop to R/W or to create a new user with sufficient access to write a CD/DVD and Student Docs but lock down everything else. I'd rather not do either.
    I hope this makes sence as I know I tend to ramble, and would really appreciate any assistance!
    Cheers.

    Hi Fluke?, and a warm welcome to the forums!
    To start off I'm not quite certain what/why saving/dumping stuff on their Desktop would make it any harder to backup stuff, but perhaps the CD/DVD Pref Pane could be set to the Run a Script in it's settings, rather use Finder for Blanks, then a Sceipt to do what you want, or set it to opend a CD writing App instead of Finder, like Toast or Dragon Burn.
    You might also consider a Folder Action to watch the Desktop for new files...

  • "Manage Users" IR report displaying incorrect user types

    Home>Administration>Users
    APEX 4.0.2.00.07
    DB 11.2.0.2
    Found a couple of question-raising things:
    1) User type is showing "Workspace Administrator" for almost all users (many are only users) with a couple identified as "Developer" (who really do only have developer privs turned on). If I knew the sql for the IR report I might find the problem - checked wwv_flow_fnd_user and wwv_flow_developers and they both look OK (no recs in wwv_flow_developers for the end users and those with given admin privs are marked as admin, etc.). Did find one dup group name but removing it didn't seem to have an effect.
    2) Trying to find out what is going on I found the second: It appears that if you have assigned more than one group to a user (apex group to apex user), then add the group_name column to the Manage Users IR, you get the "single row subquery returns more than one row".
    Haven't found any other posts here on this. Any ideas?
    Thanks,
    Steve

    Thanks Richard - forgot about the builder import.
    After taking the IR sql and working it I found the following:
    In this apex installation...
    There seems to be a problem with the outer join between wwv_flow_developers and wwv_flow_fnd_user which brings non-null values for d.is_admin and d.is_developer (and for us these are 'Y' if there are no matching records in wwv_flow_developers.
    Changing the decode for DEV_TYPE to use a nvl for d.userid to set all users to end user if they are not in the wwv_flow_developers table fixes the display of user type.
    Now I am guessing this is a data anomaly rather than a bug. Anyone have any ideas on why the outer join to wwv_flow_developers shows a not-null value for is_admin and is_developer?
    Steve
    Here is a mostly-intact version of the region source (I shortened it considerably from the code below to focus on the incorrect USER TYPE display issue):
    select /* APEX4350P55a */
    USER_ID,
    u.user_name "USER",
    u.email_address "eMail",
    u.first_name,
    u.last_name,
    replace(u.default_schema,'%'||'null%',null) df,
    decode(nvl(d.is_developer,'N'),'Y', (select case
    when (wwv_flow_fnd_user_api.workspace_account_days_left(
    wwv_flow_user_api.get_username(user_id)) > 0)
    then m.password_valid
         else m.password_expired
    end expiration from dual),
    m.no_developer_priv) developer,
    decode (nvl(d.is_developer,'N'),'Y',last_login,null) last_login,
    decode (nvl(d.is_developer,'N'),'Y',last_login,null) last_login2,
    decode (nvl(d.is_developer,'N'),'Y',
    nvl(builder_login_count,0),null) builder_login_count,
    decode(nvl(u.account_locked,'N'),'Y',m.yes,m.n)ul,
    case
    when (wwv_flow_fnd_user_api.end_user_account_days_left(
    wwv_flow_user_api.get_username(user_id)) > 0)
    then m.password_valid
    else m.password_expired
    end expiration,
    u.DESCRIPTION,
    u.PASSWORD_LIFESPAN_DAYS,
    u.PASSWORD_LIFESPAN_ACCESSES,
    u.PASSWORD_ACCESSES_LEFT,
    u.LAST_AGENT,
    u.LAST_IP,
    u.ACCOUNT_EXPIRY,
    u.FAILED_ACCESS_ATTEMPTS,
    u.CHANGE_PASSWORD_ON_FIRST_USE,
    u.FIRST_PASSWORD_USE_OCCURRED,
    decode(nvl(d.is_admin,'N'),'Y',
    m.admin,decode(nvl(d.is_developer,'N'),
    'Y',m.dev,m.end_user)) dev_type,
    (select group_id from WWV_FLOW_FND_GROUP_USERS where user_id = u.user_id) group_id,
    (select GROUP_NAME from WWV_FLOW_FND_USER_GROUPS where id = (select group_id from WWV_FLOW_FND_GROUP_USERS where user_id = u.user_id)) group_name,
    LAST_UPDATE_DATE,
    LAST_UPDATED_BY,
    CREATION_DATE,
    CREATED_BY,
    nvl(d.developer_type,'END_USER') developer_type,
    decode(nvl(ALLOW_APP_BUILDING_YN,'Y'),'Y',m.yes,m.n) ALLOW_APP_BUILDING,
    decode(nvl(ALLOW_SQL_WORKSHOP_YN,'Y'),'Y',m.yes,m.n) ALLOW_SQL_WORKSHOP,
    decode(nvl(ALLOW_WEBSHEET_DEV_YN,'Y'),'Y',m.yes,m.n) ALLOW_WEBSHEET_DEV,
    decode(nvl(ALLOW_TEAM_DEVELOPMENT_YN,'Y'),'Y',m.yes,m.n) ALLOW_TEAM_DEVOPMENT
    from WWV_FLOW_FND_USER u,
    (select USERID,
    decode(instr(DEVELOPER_ROLE,'ADMIN'),0,'N','Y') is_admin,
    'Y' is_developer,
    case
    when instr(DEVELOPER_ROLE,'BASIC_DEV') > 0 then
    'BASIC_DEV'
    when instr(DEVELOPER_ROLE,'ADMIN') > 0 then
    'ADMIN'
    when instr(DEVELOPER_ROLE,'CREATE') > 0 then
    'DEVELOPER'
    else
    'UNKNOWN'
    end developer_type
    from WWV_FLOW_DEVELOPERS
    where security_group_id = :flow_security_group_id) d,
    (select wwv_flow_lang.system_message('F4000.NO') n,
    wwv_flow_lang.system_message('F4000.YES') yes,
    wwv_flow_lang.system_message('PASSWORD_VALID') password_valid,
    wwv_flow_lang.system_message('PASSWORD_EXPIRED') password_expired,
    wwv_flow_lang.system_message('NO_DEVELOPER_PRIV') no_developer_priv,
    wwv_flow_lang.system_message('DEVELOPER') dev,
    wwv_flow_lang.system_message('ADMINISTATOR') admin,
    wwv_flow_lang.system_message('END_USER') end_user,
    wwv_flow_lang.system_message('BASIC_DEVELOPER') basic_developer
    from dual) m
    where
    u.user_name = d.userid(+) and
    u.security_group_id = :flow_security_group_id
    Edited by: stevehoward on Jul 6, 2011 11:37 AM
    Edited by: stevehoward on Jul 6, 2011 11:40 AM

  • Managing User - Data Access Privileges in DRM ?

    The idea has arisen that DRM may be an option for managing user access privileges - i.e. which Accounts and/or Entities they might have access to in HFM and Planning?
    The idea being that users are created as a "dimension" in DRM with relationships being created between the User Dimension and the Entity / Account Dimension for access privileges?
    DRM woul then generate the security profiles for uploading into HFM and Planning.
    Wondering whether anyone else has entertained this idea?
    Thanks in advance for any thoughts

    Yes, we played around with the idea as well but eventually refrained from using it because the Shared Services user/role management system is more project/app specific and the admins were more well versed with that. For example, roles related to Financial Reporting priveledges etc. could be done better using Shared Services rather than DRM.
    However, metadata based user management can be done well using DRM.

  • Fund Management User Manual

    Dear All,
    Can anyone give fund management user manual?
    Regards,
    Mohan.M
    Moderator: http://help.sap.com

    http://help.sap.com/printdocu/core/Print46c/en/data/pdf/FIFM/FIFM.pdf

  • Campus Manager User Tracking Report - dot1xEnabled = False

    The Campus Manager User Tracking Report has the dot1xEnabled field that is always false.
    It was my understanding that the switch will send SNMP Trap Notifications to Cisco Works regarding the status of 802.1x authentication per port.
    We have configured per port:
    snmp trap mac-notification added
    snmp trap mac-notification removed
    and globally
    snmp-server host x.x.x.x  abababa udp-port 1431 MAC-Notification
    With no success, so we opened a TAC case, 614376387 and we were told by TAC and the Development Engineers that this "feature" does not work in LMS 3.2 and Campus Manager 5.2.1 and that this feature will be available in the next new release.
    I thought I had read on this forum that some folks have this 'feature' working, where this field shows the current status of 802.1x per access port.
    Has anyone been able to get this 'feature' to work?  And if so, what versions are you running and what were the 'tricks' to get it working?
    Much appreciated.

    The MAC address notification traps only alert Campus to the fact that a MAC address has been learned or removed from a given port.  That starts the dynamic UT process.  With no other information, you will potentially see a new record appear in UT shortly after receiving the trap.  However, that record will not have IP or username data associated with it.
    To get the IP data, Campus will poll the CISCO-DHCP-SNOOPING-MIB to pull IP data.  To get username data, Campus will poll the IEEE8021-PAE-MIB of the switch to get dot1x information.  So, your switch must be configured for dot1x, and it must support this MIB (in particular, the objects dot1xAuthSessionTime, dot1xAuthSessionUserName, and dot1xPaePortCapabilities).
    Without dot1x, hope is not lost.  If the end host is running Windows and the UTLite tool, then when the user logs in, UTLite should start from their logon script, and send a UDP update to Campus with the username and IP of the host.

  • Standard Versus Managed User Accounts

    Simple question -
    What is the difference between a Standard and a Managed user account? Essentially, I would like to set up an user account that has all the functionality but does not have the ability to install software or applications - similar to how one can set up a Limited user account in Windows.

    No worries. Figured this one on my own. Setting Parental Controls created the "Managed" user account. Also, setting the options within the Parental Controls section allowed for me to prevent installation of applications since the Application folder cannot be modified.

Maybe you are looking for

  • User Was Not Found when trying to run SSRS report!

    I'm trying to run SSRS report (Custom Reports) for Dynamics CRM 2011. However, when I try to run the report from the Reporting Manager it errors out "User Was Not Found"! Here's the complete error log:' An error has occurred during report processing.

  • Getting an error in DMS

    IN CV02n While releasing the document I am atting an error An error  ocured while creating the original attribute for

  • Problems converting pdf to Word in Acrobat X Standard

    I am not able to convert pdf docs into Word using acrobat x.  I have tried running OCR before attempting the converstion but that does not help.  It goes all the way through allowing me to save the document as a docx but then I get the message "Save

  • URGENT HELP! - Access a MISSING PERSON's account

    Hello, Someone close to me has gone missing VERY RECENTLY and we (family and friends) think that we can get important clues by checking her account (legally, of course). I couldn't find the correct way of getting in touch with Skype Support. Is there

  • Entries to be maintained in SWEHR1/2/3

    Dear all,        When a business event is firmly booked or canceled at PV12, workflow should trigger.        The business object I need to use is PDRELA_025 and events are ZFIRMLYBOOK and DELETED.        Apart from business object binding with workfl