MSAD users are not able to login into the Essbase

Similar Messages

• After upgraded 9.2 DB, all users are not able to login (Except Guest).

  After completed the DB upgrade from 8.1.7.4 to 9.2.0, all users are not able to login the oraclemypage.home. This is except the Guest account.For example, I use the sysadmin account to login the oraclemypage.home. It shows "Your login is invalid. Please login again."
  Moreover, I do the following query.
  SQL> select fnd_web_sec.validate_login('SYSADMIN','SYSADMIN') from
  dual;
  FND_WEB_SEC.VALIDATE_LOGIN('SYSADMIN','SYSADMIN')
  N
  If I guery the Guest account, the result is "Y".
  Also, all users can access via dev60cgi/f60cgi to open E-business 11.5.7 application. Are there any missing script / process I need to do?
  Thanks,
  Matthew

  Hi Arun,
  What message u get on the apache logs / jserv logs when u get the error ?
  Since the log cumulate a giga byte, I clean up the log and test again. It seems no error message.Whats your platform?
  HP-UX 11.11To which version (5 digit) u upgraded DB ?
  Oracle9i Enterprise Edition Release 9.2.0.6.0 - 64bit Production
  I found a note 225074.1 that talks of a similar issue where users are ablt to login to forms but not php. this is for AIX. review the note.
  I had checked this previously. Part of this document already tried which suggested by Oracle Support.what is the end_date for all of these users in fnd_user table ? if all users for some reason is end_dated , then fnd_web_sec will show 'N"
  All users are normal. For those I tested without end_dated, I can access via f60cgi too.whats the session_cookie_domain set to in icx_parameters table? Set to NULL and try bouncing apache once.
  This set to ".mycompany.com". You mean that I set the session_cookie_domain to NULL and restart Apache, right? Why I need to set it NULL?

• Webapplication users are not able to login

  Hi
  I am having windows 2012 domain controller. One web application running in this domain controller. Users in the domain all have access to web application. After giving the username and password it will allow the user to login to application. But the thing
  is some users are not able to login to application, at the same time same users able to login to systems with user id.
  Web application is integrated with AD for authentication. Removing the user not able to login, creating again, after that particular user able to login to that application.
  Please give me some suggestion...

  That might be due to the fact that these users have too many group membership. Read that: http://support.microsoft.com/kb/327825/en-us
  You can get more details in the Security logs of the server.
  Microsoft made some improvements here by introducing KDC Resource SID Compression: http://social.technet.microsoft.com/wiki/contents/articles/20886.kdc-resource-sid-compression.aspx
  This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
  Get Active Directory User Last Logon
  Create an Active Directory test domain similar to the production one
  Management of test accounts in an Active Directory production domain - Part I
  Management of test accounts in an Active Directory production domain - Part II
  Management of test accounts in an Active Directory production domain - Part III
  Reset Active Directory user password

• New users are getting "cntl_error" whenever login into the portal

  Dear Experts,
  New users are getting "cntl_error" whenever login into the portal. They are accessing .par application. I have read so many threads, but unable to find exact solution.
  I have tried in my browser with the user login, then no error. But the user login there end then its giving "cntl_error" error.
  Problem with Internet Explore Browser? Any additional setting required for users browser?
  Could you please help me, how to resolve this error.
  Thanks in Advance.
  Regards,
  Vijay.

  Hi Vijay,
  Check this thread - "CNTL_ERROR" raised,error key: RFC_ERROR_SYSTEM_FAILURE- Show Team Calendar , this might help you on what you are looking for.
  Regards,
  Sen

• Users are not able to login to BPM worklist application from one of the AD.

  Hi ,
  We are using FMW11g ( 11.1.1.6.0) and configured 2 AD's.( AD-1 & AD-2). We are able to see users from both AD's in the weblogic admin console. Users present in AD-1 are able to login to BPM worklist application without any issue but users from AD-2 are not able to login to BPM application. Could any one please answer 1) Can we configure 2 AD's to FMW11g ? 2) If "YES" , what configuration needs to change to users login from AD-2.
  Please let me know if any more information need.
  Regard's
  Naveen

  Hi
  NO. You CANNOT use more than One Security Provider for a BPM Workspace Application. Only the top most first Security Provider will work. In your case you have 2 ADs security providers and only users from top most can login. Yes, you can see the Users from both and infact all the Security Providers that are configured. It is the limitation of the bpm workspace application and its corresponding security framework.
  Out of box, if you use default AD Configuration then there is nothing you can do. Only the first top most will work. If you really really want you need to use totally custom authentication provider where you will write your own code for authentication. Remember this development is pure weblogic security related one and you need to have good understanding of internal weblogic security. I would not recommend this.
  Here is one old post. This old post has 2 other old posts worth visiting to get more details:
  Re: Use multiple ActiveDirectory as authenticator provider
  Re: oracle soa and active directory integration (Different requirement/usecase)
  Thanks
  Ravi Jegga

• Not able to login into the systems even though providing the correct credentials

  Hi
  not able to enter into system as it is stopping me at login page.
  I am providing correct credentials still not able to login.
  thanks
  swathi

  The username and password for BAM is system/manager.
  Chris
  Adobe Enterprise Developer Support

• Users are not able to login to portal

  Hi,
  In our NWDI server, none of the users able to login. I can able to login to Visual administrator and checked the user status which is unlocked.
  It is not showing any error messages even.
  Any suggestions?
  Regards,
  Kalainila B

  Have you renewed your portal certificate recently? We had an strange issue, once you putted the user and the correct answer it simply disappeared and the screen was showing the login screen ....
  The problem was that when we recreated the ticket in the visual admin we had made a mistake and the SAPLogonTicketpair was written with one capital letter in wrong place. The result: nobody can log in, even with the SAP* user.
  The solution was simple, regenerate the portal certificate with the correct name .....

• Users are not able to login to workspace; forever authenticating

  Since last week sometimes (it seems to occur randomly) our endusers are unable to log in to workspace. The 'authenticating user" image is running but nothing happens. Only a services restart of core/interactive reporting/ WA and workspace solves this temporarely.
  As far as I know the following things have changed last week: ms patches has been applied and (some unknown)changes at proxy servers has been applied. The week before we updated from Workspace/IR 9.3.1 to 9.3.1.3 (and for wa to 9.3.1.3.3). # weeks before we upgraded HSS from 9.3.1 to 9.3.1.1
  Has anyone a lead?

  We still face the same problems. Not yet sure what causes it. it still seems to be related to a IR (BQY/OCE) report to Essbase.
  After restaring all services in right order, we have clean logs. In most cases we can process the particular IR document to essbase 20 times or more and it runs fine and show output within 2 or 3 seconds. But on the other hand,it seems always when the system is down, this document (in fact we have 4 documents with this essbase-oce/das) the last IR document which was run was the essbase one. In certain cases when it goes down and we restart, we try to run the essbase IR document and the system goed down immidiatly. So it seems a essbase related issue.
  Two things:
  A: There seems to be no error message in the essbase logs around the tie it happens.
  B: Why would essbase connection bring the IR/ Core system down?
  Does anyone know any known issues with IR to essbase?

• Users are not able to login

  HI,
  I m able to login as root and it is working fine but if i login through a normal user ,it is logging and after sometime (few seconds) displays the desktop screen and comes back to the login screen.
  I have created a new user and tried to login the same probelm exist.
  Please help me out to solve this issue.
  Thanks & Regards
  M.sundaramoorthy
  9880590534

  It's queer, how about trying these ways:
  1. Restart the CDE daemon: /etc/init.d/dtlogin stop then start;
  2. Check if there's any enviroment different between root & other users??

• Not able to login into the database on oracle 10g on vista os

  Hi,
  I have install oracle 10g on vista machine.
  I am not able to log in to the database ia have tryied with scott/tiger, system/manager, sys/changeoninstall.
  can anyone please tell me what the default username password to 10g version for vista machine.
  Oracle version 10g
  OS: Vista
  Thanks
  Amit

  sqlplus / as sysdba
  or
  sqlplus /nolog
  conn / as sysdba
  or
  sqlplus '/ as sysdba'

• How do I do this?: users are not able to change how the calendar interface looks, a central authority (admin or other) must be able to shedule events into the calendars of all users.

   

  First off my advice is not to use your Mac as an Administrator only provide Admin Password when your Mac requests and only when your "Child" is not in the room!!!
  It is all to do with Permissions:  Login as an Administrator click on Go in the menu bar, Select Computer, Select Macintosh HD, Select Users Select the User Folders you want to look at you will see a series of folders with red circles highlight each one in turn and Get Info unlock the Padlock in the Info pane then add Administrator to Read/Write
  After this I hope you and your Son stay friends for many years

• User is not able to Login from external supplier, using the WSS (ICH)

  Hi Gurus,
  The user is not able to login to the server externally from url.
  dev_icm is giving below warnings:
  [Thr 11052] IcmWatchDogThread: watchdog started
  [Thr 11309] ** WARNING => HttpPlugInInit: Parameter icm/HTTPS/trust_client_with_issuer or icm/HTTPS/trust_client_with_subject not set  => do
  not trust any intermediary*
  X.509 cert data will be removed from header [http_plg_mt. 720]
  [Thr 11309] =================================================
  [Thr 11309] = SSL Initialization  on  IBM RS/6000 with AIX
  [Thr 11309] =   (700_REL,May  3 2008,mt,ascii-uc,SAP_UC/size_t/void* = 16/64/64)
  [Thr 11309]   profile param "ssl/ssl_lib" = "/usr/sap/SCA/SYS/exe/run/libsapcrypto.o"
             resulting Filename = "/usr/sap/SCA/SYS/exe/run/libsapcrypto.o"
  [Thr 11309] =   found SAPCRYPTOLIB  5.5.5C pl16  (Jun 10 2004) MT-safe
  [Thr 11309] =   current UserID: "scaadm",  env-var USER="scaadm"
  [Thr 11309] =   using SECUDIR=/usr/sap/SCA/DVEBMGS41/sec
  [Thr 11309] =  secudessl_Create_SSL_CTX():  PSE "/usr/sap/SCA/DVEBMGS41/sec/SAPSSLA.pse" not found,
  [Thr 11309] =      using PSE "/usr/sap/SCA/DVEBMGS41/sec/SAPSSLC.pse" as fallback
  [Thr 11309] = Success -- SapCryptoLib SSL ready!
  [Thr 11309] =================================================
  HTTPS (SSL) settings are as below, i think which means that no ssl certifiacts are required.
  icm/HTTPS/verify_client        = 0
  Kindly help urgently.
  regards,
  MJ

  this is SCM system.
  SSL CA's are set.
  what should be value of the parameters?
  icm/HTTPS/trust_ client_with_ issuer or
  icm/HTTPS/trust_ client_with_ subject
  http and https ssl conections are correctly set.
  I think the SAPSSLA. pse" not found, is not the problem as the parameter icm/HTTPS/verify_ client = 0 is set, it means that no ssl certifiacts are required.
  problem is coming when the system is being accessed from externally using other secure domain name.
  the system is being accessed ok from web urs which is internal, but not external.
  for example in strust tcode  the domain name is *abc.com, which is running fine when accessing the system internally.
  but when the user is accessing this sytem from other secure login from *xyz.com, which is also the same companys domain, then the user not able to login, its showing errir.

• Two listners are running in our SRM server, we are not able to login.

  Dear all,
  In our SRM server two listeners are running as we are not able to login to the server, suddnely we got two listners ,please suggest , what could be the reason.
  Regards
  Ratnakar G.

  Hi,
  If you have only ONE listener, you can either STOP all running listener or KILL using their PID's.
  After that you can start correct listener again.
  You can also start the correct listner using below command, so if there is other listener it will not run in startup.
  # su - ora<SID>
  # lsnrctl start <LISTENER_NAME>
  If this is Windows system, you can see if there are 2 listener services... If you found 2 services, disable incorrect one...
  Regards.
  Rajesh Narkhede

• User not able to login for the role

  Hello All
  We are having 2 properties for the role assigned to user in portal. One is the "Entry Point" and the second one is "Invisible in Navigation Areas". We have customized the standard TLN par for our application. Due to which if we are setting any of the above property to "Yes" then i am not able to login into that role. As we are checking the navigation nodes only in TLN par.
  I need that role to be invisble in portal but user should be able to login into that role.
  Kindly help as i need to implement it urgently.
  Thanks & Regards
  Mandeep

  Hello Reddy,
  I have provided the code we are using to fetch te roles from navigation nodes. Navigation nodes are fetched for only visible roles not for invisible roles. Kindly refer the code and suggest some solution to fetch the heirarchy of the invisible role. In the code "My Purchases" & "Mis Compras" is our role.
  <nav:iterateInitialNavNodes currentNavNode="currNode">
                            <% String strCurrentNode = currNode.getTitle(myLoc);   
                                      if (strCurrentNode.equalsIgnoreCase("My Purchases")|| strCurrentNode.equalsIgnoreCase("Mis Compras")){                                               
                            %>
                            <%if(levels==2) { %>
                                                  <!-- Save selected node -->
                                                  <nav:storeNavNode/>
                            <% } %>
                            <% } %>                                
                            </nav:iterateInitialNavNodes>
  Regards
  Mandeep

• Multibyte users are not able to authenticate using Default Authenticator

  Hi,
  We are facing an issue with multi-byte user authentication. All chinese and french users are not able to authenticate.
  When we try to authenticate with réseau/welcome1, where réseau is a user created in embedded LDAP, authentication fails.
  Security log generated is-
  ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <com.bea.common.security.internal.service.CallbackHandlerWrapper.handle got username from callbacks[0], UserName=rseau>
  ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <LDAP Atn Login username: rseau>
  ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <getConnection return conn:LDAPConnection { ldapVersion:2 bindDN:""}>
  ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <authenticate user:rseau>
  ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <getDNForUser search("ou=people,ou=myrealm,dc=base_domain", "(&(uid=rseau)(objectclass=person))", base DN & below)>
  ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <getDNForUser search("ou=people,ou=myrealm,dc=base_domain", "(&(uid=rseau)(objectclass=person))", base DN & below)>
  ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <returnConnection conn:LDAPConnection { ldapVersion:2 bindDN:""}>
  ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <[Security:090302]Authentication Failed: User rseau denied>
  ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <com.bea.common.security.internal.service.LoginModuleWrapper.commit>
  ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <LDAP Atn Abort>
  ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <com.bea.common.security.internal.service.LoginModuleWrapper.commit delegated, returning false>
  ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <weblogic.security.service.internal.WLSJAASLoginServiceImpl$ServiceImpl.authenticate authenticate failed for user rseau>
  We are using WebLogic Server 10.3 Default Authenticator as Authentication Provider.
  I found few change requests related to multi-byte from the link: http://edocs.bea.com/wls/docs103/issues/known_resolved.html
  Am I missing some configuration? Has anyone else tried authenticate multibyte username?
  Thanks,
  Anuj

  Can you provide more information on the use case?
  1. Is this using Basic or Form authentication?
  2. If the user logs on from a web-based client, do you get the same failure with Internet Explorer as with other browsers?
  3. On which operating system is the WebLogic AdminServer running?
  With WebLogic Server 10.3, I am able to authenticate with multi-byte (French and Japanese) usernames. (My environment: form auth, Firefox 3.0.5, WLS runs on Linux RHEL 4.0.)