Mod_ntlm/AD/LDAP How is the users password recovered and used.

I have an application that currently uses LDAP authenticationand authorisation based on a username and password derived from the page 101 login screen. I am trying to convert it to a SSO solution using mod_ntlm to retrieve authenticate the users windows login against Active Directory. I authenticate fine with a standard mod_ntlm page sentry letting me access the application and I can use the owa_util.get_cgi_env('remote_user') to get the username. What I haven't established is how to retrieve the users password to pass as a parameter into the existing LDAP authorisation functions.
I've based a lot of the ground work on the following article
http://withasmiletomeltathousandhearts.wordpress.com/2009/01/29/apex-windows-integrated-authentication/
However, this relies on a prestored LDAP_user and LDAP_Passwrd to retrieve data from AD. Rather than doing that I am trying to use the currently logged on user, whose login name I can retrieve but I have not found a way to retrieve and use their password?
What am I missing?
Thanks in advance
FunkyMonky

My question is regarding how to use LDAP to retrieve the users AD group information. mod_ntlm has successfully authenticated the windows user to get into the application without having to login. I now want to implement the applications functionality based on that user's Active Directory groups. Prior to the ntlm solution this was done with using LDAP with the authorisation and the credentials were available from the user manually logging on.
The LDAP group determining method I referred to in my original post relies on a stored user to access the LDAP information rather than the actual logged in user as we had originally done it. Is this the only way we can implement our group based authorisation requirement?
Cheers
FunkyMonkey

Similar Messages

  • How can I change the User Password expiry date

    Hi,
    I want to know how can I change the password expiration date of my user without changing his password. For eg:-
    User password expires on 12th May 2007. I want to extend to 12th Jun 2007. Is there any option in Oracle.
    Alter User <USERNAME> password expire .....<to new date>;

    The command is not alter user set expire...
    You should modify the user's profile, and set a timeframe:
    ALTER PROFILE DEFAULT LIMIT
    PASSWORD_LIFE_TIME = num_of_days;
    This way your password will be valid from the last time it was changed and for the time frame previously defined.
    ~ Madrid.

  • How to get the user password?

    I want to get the user password.
    How to do ?
    Thank you.

    Hi Zhang,
    You cannot see the password of an Authenticated User. You can retrieve the Password of the User in encrypted from using JNDI - by connecting to the OID & getting it. You can even change the password of the user with the necessary permissions - but, you cannot get the unencrpted password.
    Regards,
    Sandeep

  • Sychronisation AD - OID: Is it possible to read the user password from AD?

    Hi.
    We are using the Oracle Internet Directory shipped with the Oracle 9i Database Rel. 2 (9.2.0.1).
    I try to synchronise the user accounts from AD to OID using JAVA JNDI. I'm able to read all necessary user information except the user password (MD5 value). Even if I connect to the AD using SSL, it's not possible to read the attribute userPassword.
    Is anybody out there who got this work or knows a way (may also be by the use of another programming language or tool) to get the user password out of AD? Is this possible? How does the Oracle Integration Agents accomplish this?
    Thanks in advance.
    Hermann S.

    Hermann,
    I am working with this as well, though from AS10g, not RDBMS. According to the OID Administrator Guide chapter 43, page 43-52:
    <snip>
    Synchronizing passwords from Microsoft Active Directory to Oracle Internet Directory is not possible in the Oracle Application Server 10g release because passwords in Microsoft Active Directory are not accessible by LDAP clients. However, if a deployment requires passwords to be available in Oracle Internet Directory, then the following two methods are recommended:
    Build a custom plug-in for Microsoft Active Directory that captures a password change and synchronizes it with Oracle Internet Directory
    Manage Active Directory passwords from the Oracle environment. This enables passwords to be available in both Oracle Internet Directory and Microsoft Active Directory because the Active Directory connector can synchronize passwords from Oracle Internet Directory to Microsoft Active Directory.
    </snip>
    As10g can however look up the password in AD using the "Active Directory External Authentication Plug-In". This is documented in the same chapter.
    Hope this helps,
    Jens

  • Error while trying to change the user password on OSX Lion

    Hello,
    I am trying to change the user password ( no admin user ) using the webinterface. I enabled the functionality in webservices on the server.
    I can loginto the three line password changing form. After I enter the old and two times the new password, I get the information
    "Your request could not be completed. The password server may be unavailable."
    How can I fix this problem?  I also tried https://discussions.apple.com/thread/2485167?start=0&tstart=0.
    Thanks in advance for help.

    I currently have this error on my 10.6.8 ML server when trying to change password.
    In my situation, the message definitely comes from the password policies. As soon as I use a new password that respects minimum complexity (e.g. 8 characters min, 1 lowercase letter, 1 uppercase letter, 1 number), the password changes flawlessly.
    It would be nice to change this horrible message to something more meaningful... If someone has any ideas on how to do this, thanks for sharing!

  • How to get the user created at and modified at properties for a site collection using powershell

    Hi guys, I Know how to get the list of users of a site collection by Get-SPUser cmdlet but hte problem is that this cmdlet doesnt give me the user Created at and modifed at properties 
    can any one tell me how to get these values via powershell???? 
    ps: ignore the 2013 screenshot.. i just want a way to get those values .. if you provide me solution in either 2010 or 2013 , i will crack the other..
    plz guys help me ...

    Get the User Information list and then get the user from that list
    $web = Get-SPWeb "siteUrl"
    $userInfoList = $web.SiteUserInfoList
    $userItem = $userInfoList.Items[0]; #0 here is just for demonstration. You take the user you want here or loop through all users.
    $created = $userItem["Created"]
    $modified = $userItem["Modified"]

  • How to know where the user exits or enhancement used in standard sap code?

    Hi
    I m pretty new to abap.
    How can I know where the user exits or enhancement used in standard sap code?
    As i have to add some functionality to the standard sap code. I m looking to search the enhancement or user exits used in this standard code wher i can add my functionality.
    thanks in advance.
    Moderator message : Search for available information, thread locked.
    Edited by: Vinod Kumar on Oct 19, 2011 2:38 PM

    Hi Henry,
    I don't think this is the easiest way to look at the code around a particular field on the screen. Debugging standard programs also can be very tedious, if not impossbile. So, instead of this question, I would like to find out exactly what you want to do if you know the code.
    If you are in a transaction and you want to know where the code of a particular field is, the fastest way to get to it is by pressing the F1 key on the field and then press the Technical info button on the help screen. In here you will typically see the same kind of information but it is very specific to the field you selected.
    PROGRAM(SCREEN) tells you which program is manipulating the main screen, in which your field is embedded. Remember your field may be included in a sub-screen and that subscreen may be the one included in the main screen.
    PROGRAM(SUB SCREEN) tells you which program is directly responsible for the field on the subscreen it is included in. This is where you should find the code most appropriate for the field, but not necessarily.
    PROGRAM(GUI) controls how your push buttons and the menu options in the screen behave and controlled.
    Srinivas

  • I have recently transferred data from my old Mac to my new one. The result was good, but I have 2 users now, whose data I want to merge into 1 single user, so to avoid having to switch from one user to the other to view and use certain files. How to do it

    I have recently transferred data from my old Mac to my new one. The result was good, but I have 2 users now, whose data I want to merge into 1 single user, so to avoid having to switch from one user to the other to view and use certain files. How to do it?

    Here's an easy way:
    Pick the user that you want to eliminate (making sure that the remaining user has administrator privileges) and move all of the data that you want to keep into the Shared folder. Reboot or log out and login to the user you want to keep. Copy all the data from the Shared folder into your account - placing it neatly in folders (Documents, Music, Movies, etc.).
    Once the data is moved, log into the account you want to delete just once more to make certain that you've grabbed all the data you want to keep. Log out and log back into your admin account and go to System Preferences>Users & Groups and delete the 'old' user.
    That should do it.
    Clinton

  • Acrobat 7 freezes after cancelling the user password prompt

    I'm having a problem with Acrobat 7.1 when downloading a password-protected PDF from a website.  The problem occurs at the "please enter a document open password" dialog box.  If I enter the user password, the PDF opens successfully.  However, if I click Cancel instead of entering the password, Acrobat hangs/freezes in the background (visible in the Task Manager) and the CPU spikes to 50%.  At that point, opening another PDF freezes Internet Explorer since it's still waiting on the Acrobat process hanging in the background.  I've tested on both Windows XP and Windows Server 2003 with the same result.  The problem appears to be resolved in Acrobat 9, but unfortunately my users are stuck on Acrobat 7.1 for the time being.  Any help would be greatly appreciated!

    As Baltwo said, you should have a password set on your computer for secutity reasons. You can set it to automatically log you on if you are the only user when starting up and you don't need to input the password.
    What Baltwo was getting to was to make sure nothing was in the field such as a space. Apparantly, it won't let you log into it without a password.
    I seem to remember a default password in past systems. I think it was computer. Try typing that in. If it doesn't work, then follow the steps in this article and set a password for your user account.
    http://osxdaily.com/2011/08/24/reset-mac-os-x-10-7-lion-password/

  • My dad got me a MacBook Air for my birthday but he used it a few times before he gave it to me. He doesnt remember the user password that he kept and now i cant download adobe flash player in it. Please help me!

    My dad got me a MacBook Air for my birthday but he used it a few times before he gave it to me. He doesnt remember the user password that he kept and now i cant download adobe flash player in it. Please help me!

    Reset Password using Recovery HD
    OS X 10.7 Lion /10.8 Mountain Lion
    Follow the instructions in the first and third boxes.
    http://pondini.org/OSX/Password.html
    Note
    Keychain
    I don't remember my original (former) account password
    https://support.apple.com/kb/HT1631

  • After recording text using the dragon dictation app, it is converted, it can be copied to the iOS system clipboard for use in any app, how does the user access the clipboard to retrive this information if it is no longer on the screen?

    after recording text using the Dragon dictation app, it can be copied to the iOS systme clipboard for use in any app, how does the user access the clipboard to retrive this information if it is no longer on the screen?

    You need to do a long-press in any data entry field, then select Paste.

  • How to monitor user password changes for users in a database.

    hi All,
    can someone please help me.
    I need to audit the user password changes in a database. Ive check the auditing but audit " alter user " doesnt audit the changes in password and ive also checked the select * from sys.user_history$; view but didnt find anything useful. So is there a way to trace who changed the password and when ?
    Thanks for the help.

    You need something along the lines of http://www.morganslibrary.org/reference/ddl_trigger.html
    or you need to disallow ALTER USER to everyone and write your own PL/SQL and instrument logging the changes.
    Sybrand Bakker
    Senior Oracle DBA

  • How get the user initiador in gp?

    hi all
    How get the user initiator of a process GP with a Web Dynpro Callable Object?
    because with this code I get the current user...
    IWDClientUser wdUser = WDClientUser.getCurrentUser();
    IUser user = wdUser.getSAPUser();
    String userid = user.getUniqueID();
    thanks!

    Hi,
    processId is the design time template id of the process. This you can find in the instantiation tab while designing the process.
    Code for getting user context:
    IWDClientUser wdUser = WDClientUser.getCurrentUser();
                   IUser user = wdUser.getSAPUser();
                   IGPUserContext userContext = GPContextFactory.getContextManager()
                             .createUserContext(user);
                   IGPRuntimeManager rtm = GPProcessFactory.getRuntimeManager();
    Hope it helps.
    Regards,
    Srinivasan Subbiah

  • Why the mac claim that the user password that i enter in the smb file sharing settings is incorrect although it is correct?

    why the mac claim that the user password that i enter in the smb file sharing settings is incorrect although it is correct?

    Maybe the Caps Lock key is lighted?
    Is your Apple ID password the same as your user password?

  • Report: How long the user has not logged into SSHR

    Hi experts,
    I am looking for a report, which showing me, how long the user has not been logged into SSHR?. Because some poeple dosn't work any more in the company, and the list should enable use to deactivate their accounts.
    Thanks in advance
    Mehdi

    The AOL signon capabilities are good and you'll find useful stuff in those links.
    If you're after something quick in SQL try this:
    SELECT last_logon_date, user_name
    FROM fnd_user
    WHERE trunc(last_logon_date) < trunc(sysdate) - 90;
    That will get you everyone who hasn't logged in for 90 days.
    Edited by: Duncan Casemore on Jan 20, 2011 9:26 AM

Maybe you are looking for

  • How to Stop Dreamweaver CC Obtrusive Dialogs

    Issue: Dreamweaver dialogs (e.g. search, background activity, search) always remain on top of the GUI stack on Mac. Description: While I'm waiting for files to upload/download, I often wish to browse the Internet or work in another application. Unfor

  • PO related question

    Hi All, i have a problem to use CDPOS table and you may be knowing y. please let me know if the in the EDI tech. if the RFCUSER changes the details in the PO the confirmation no ie(sequential no.) gets incremented and the data is updated. but i want

  • Custom Tag - how to use tag value= %=jsp% / ?

    Hello friends, I am new to custom tags. I have written simple tags that handle value="some hard-coded stuff">. But cannot not implement jsp-supplied values? Could you please help with advice? Basically, how to implement a custom tag that would allow:

  • Nudge a copy broken in cs3?

    I've got a shape that I'm trying to copy and nudge around using the keyboard. In CS2, I could hold down command+option (or command+shift+option) and use the arrow keys to make a copy and move it without moving the original. Is there some new feature

  • Drow dot-style table border in JEditorPane (editing HTML)

    Hi, I want to extend JEditorPane to display table border in dot style when displaying tables with border="0". (like most HTML editors) I extended HTMLEditor and it's ViewFactory and now maybe I have to write extended TableView class for rendering my