OID and MS Active Directory LDAP information Synchronization
Do you know have to do the integration between OID and MS active Directory? How to synchronize the LDAP information between two?
Hi, I have the same question.
Thanks,
Malin
Similar Messages
-
OID and MS Active directory integration in 9ias
How to integrate OID with MS Active directory ?
We have 9ias and Portal . How to use the username/password in MS AD for Portal authentication ? As far as I know 9ias is using OID , so the question comes down to how to replicate MS AD information to OID ?Hi, I have the same question.
Thanks,
Malin -
OID and MS Active Directory Synchronization
Hi,
I've read that these 2 LDAP services can be synchronized with the "Active Directory Connector" SO does this mean that if users and groups are stored in the MS active directory it is possible to have the users and groups synchronized with the OID so that these are available directly in Oracle Portal or do they still need to be added manually somehow into portal ??
Thanks in advance,
BrandonYou can find documentation at :
- http://www.oracle.com/technology/products/oid/oidhtml/sec_idm_training/html_masters/basics01.htm
- http://www.oracle.com/technology/products/oid/oidhtml/sec_idm_training/html_masters/basics02.htm
- Note 267153.1 (How To Setup OID Synchronization with Microsoft Active Directory Quick Start Guide) with related docs
Best regards,
Nicolas Stiévenard -
MS Active Directory (LDAP) and SAP Integration
Hi all!
don't know if I'm right here in this forum, but:
I'm using MS Windows Server 2003 and installed Active Directory as LDAP-System on the one hand side, on the other I'm using a 6.20 ABAP Web AS.
I'd like to synchronize the User Storage on these two systems.
Does anyone have experience in doing this? I'm facing a tricky exception in depth of my customizing too complex to explain right now. The problem concerns the mapping of LDAP-Fields and SAP-Fields.
Thankx,
ChristophHi Christoph,
This is the mySAP ERP forum. Perhaps you can post your question in the Web AS forum (SAP NetWeaver Application Server).
For now: here is a link to a video regarding SAP Active Directory integration:
https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/documents/a1-8-4/sap active directory integration,%20SSO%20and%20User%20Management%20Webinar.wrf
I found it by searching on Active Directory here on sdn:
https://www.sdn.sap.com/sdn/search.sdn?contenttype=url&content=/irj/servlet/prt/portal/prtroot/pcd!3aportal_content!2fSDN!2fiViews!2fFramework!2fcom.sap.sdn.advsearch%3Fprttheme%3DCSIN%26QueryString=active%20directory%26searchDatasource=SDNContent
Cheers,
Noel -
User base Synchronization between SAP and MS Active Directory Server
Dear all!
I'm using Web AS 6.20 ABAP and MS Active Directory Server based on Win 2003 Server.
i successfully implemented the synchronization of user data between SAP and the ADS.
My question: Is there a way to customize the users on Active Directory Server in regard to their SAP authorization (roles auth. objects etc.)?
Currently I don't have a clue how to do this.
Regards,
ChristophHave you searched on SDN for "Active Directory"? That turns up a number of results. I think your expectation might be backwards though, it's not how ADS exposes SAP specific data but how SAP uses ADS to store SAP specific data. My understanding (from quite some time ago so I am fuzzy on this) is that SAP can use ADS in much the same way it can use LDAP as an external user store.
The Security Newsletter from November 04 [https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/documents/a1-8-4/sap security newsletter november 2004.pdf] mentions that a webinar is hosted on SDN about this exact topic, unfortunately I was unable to find a direct link.
Regards,
Marc g -
Hi all,
I'd like to confirm which Domain/Forest functional levels of Active Directory is supported for "Active Directory Resource Pool Synchronization" in Project Server 2013.
I guess that 2003 or later is supported, but my customer required reliable sources.
I googled and searched article at TechNet, but I couldn't find.
Could anyone inform me the article about that?
Thank you in advance.
Kaori.Hi Michael and all,
Anyway I solved this issue.
I couldn't find article that I desired, so I asked advice to my colleagues and they told that the functional level 2003 or later are supported in their experience.
In addition, I found these articles about SharePoint sync limitations.
Members of the domain local group cannot view a Microsoft Office SharePoint Server 2007 Web site
http://support.microsoft.com/kb/932378/en-us
SharePoint supportability of Read only Domain controllers
http://support.microsoft.com/kb/970612 -
Oracle Non-Windows DB and MS Active Directory
Question:
How can one configure a Microsoft Active Directory (LDAP-compliant directory
service) with an Oracle Database when the Database resides on a unix server
without the need of the Oracle LDAP? Is it possible ? If yes, please explain.Question: I have been looking at examples of using the LDAP packages but I am not sure if the examples are explaining the ldap_base and groups for MS AD OR an example for Oracle OID.
Can you explain is this Oracle OID
GC$ldap_user VARCHAR2(256) := 'cn=orcladmin';
GC$ldap_passwd VARCHAR2(256) := 'welcome1';
GC$ldap_base VARCHAR2(256) := 'cn=my_cn,dc=my_dc,dc=fr';
Can you give an example for MS AD? -
I need to create an SCCM report to show last logged on user on all machines and the Active Directory department attribute of that last logged on user.
You problem is here.
right
join v_R_User USR on USR.ResourceID
= CS.ResourceID
USR.ResourceID != CS.ResourceID, you need to map the username to the user logon to the PC. By using the user’s department information you will
end up with unreliable results.
Anyways you need to make these changes to your query.
left
join v_R_User USR on USR.Unique_User_Name0
= CS.UserName0
http://www.enhansoft.com/ -
Getting User Attributes from an Active Directory LDAP
Hello all.
I want to extract attributes assigned to a user in the Active Directory LDAP and make them available through the getPropertyValue property in Javascript. I know that a user's System Attributes can be accessed with getPropertyValue but I have not found a way to get specific attributes from the LDAP and make them available as specific attributes in xMII. System attributes like "EmailAddress1" seem to transfer from the LDAP but others don't. Anyone have any ideas?
Thanks.
...SparksSparks,
If you're using 11.5 or 12 actually they should all map into the system as session properties. You can use the following URL to verify your session properties:
http://<xMIIServer>/Lighthammer/PropertyAccessServlet?Mode=List
If you are not seeing the attributes you expect then your Attribute Query for User or Role is incorrect for your LDAP system and you need to change the LDAP configuration queries.
-Sam -
Integrating Active Directory LDAP in OBIEE 11g
Hi All,
I Have Configured Active Directory LDAP in OBIEE.
Steps i have Followed are,
1) configured Active Directory in providers under Scurity Releam.
2) Restarted BI Services to Load the Ldap Users.
3) login to the EM under bifoundation domain selected securitues->security configuration provider.created user.login.attr and username.attr.
4) under Credentials->oracle.bi.system map->system.user->deleted BISystemUser and Created key with the Existing name in Active Directory.
5) assigned System user to BISystem role in em.
6) in Console Roles and Polocies->Global Roles->Roles->Admin->view Role Condition (User = Active Directory User or Group=Administrators).
7) Restarted BI Server and Presentation Services.
Now I am Unable to Login to Presentation Services.
Please Reply ASAP.
Thanks and Regards
Kiran KumarKiran, Is there a specific reason for using RPD for LDAP authentication? From 11g onwards, the best practice is to use Weblogic (or external Authentication providers). Is it correct to say that for "Authentication' without proper RPD LDAP config for "USER" variable, users cannot login via presentation layer?
Cheers!
BK -
Integration of sap R/3 (4.7) and Microsoft active directory (2003)
Hi All,
I would like to know integration of sap R/3 (4.7) and Microsoft active directory (2003) and also SAP EP and Microsoft active directory. I have been working as a ep consultant with a local bank. I am new for this integration work, So please kindly provide me the steps for integrating these both directories.
Pls help me with this issue.
Thanks in advance,
Regards,
Raghav.Hi,
First You should read:
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/bc72b890-0201-0010-3a8d-e31e3e266893
Regards,
Jarek -
Oracle Discoverer 10G and mapping Active Directory to use SSO/OID
Could anybody point me please to the right direction?
1. I've setup Oracle 10gIAS but turned off SSO and my users running discoverer /portals with no SSO.
2. My goal is to turn on SSO and synchronize it with Active directory on the windows box.
Thanks you in advanceHi Randy;
As you mention all notes refer to SSO&OID for Active Directory integration.AFAIK there is no way to do it, please log a Sr and confirm this wiht oracle support
Regard
Helios -
SJSAS7 - Access to Active Directory LDAP
Hi All
Is it possible to connect SJSAS7 to Active Directory via LDAP. I know that this can be done with other app servers like WebSphere 4 & 5.
I would like to use our existing Active Directory infrastructure for authentication of Admin and Application users.
Does anyone have information how to configure this or can point me to some documents with this info.
Any help would be much appreciated.
TIA
Tony HawesAlthough I haven't tried it, I would guess that this is possible. We are using the LDAP realm with Sun's directory server and a few years ago I used the standard LDAP provider in the JDK to connect to Active Directory. The only problem I had was that I had to connect with a user that had the form "domain/user" instead of a common name. The online help in the admin console describes the properties you can use.
HTH,
Gunnar -
MS Active Directory LDAP Authentication/Locking Issue.
Dear All,
We are a software company; we have implemented feature of LDAP Authentication in our product using Java API and its working fine from our network environment.
We have used following things with LDAP feature.
1. User Authentication.
2. Locking account after exceed the maximum attempts that has configured in window server.
Main our issue is: The LDAP feature is not working properly from our client side. They are able to authenticate their LDAP user but do not able to lock user account however they have exceeded the maximum attempts from login dialog of our products but it still working in our side.
If anybody has any experienced about it then please reply with positvie solution or any other information like require do the specific configuration for different version of Windows and Active Directory Server etc.
Can any body know what are the possibilities for identifying and resolving this issue?
Please help us if anybody has any experienced about it.
Please do the needful.
Thanks,
Mehul.Hi,
Thanks for your reply.
We have used java package of javax.naming.* and javax.naming.directory.* for LDAP Authentication.
Following code for checking whether ADS User is valid or not.
* Function checks whether ADSUser is valid user or not
* @returns int value indicating result.
public int isValidADSUser() {
Hashtable env = new Hashtable(5);
Vector adsInfoVec = getADSInfo();
env.put("java.naming.referral", "ignore");
// env.put("java.naming.security.authentication", "simple");
env.put(Context.SECURITY_AUTHENTICATION,"simple");
String provider = "com.sun.jndi.ldap.LdapCtxFactory";
env.put("java.naming.factory.initial", provider);
//For handling Uncontinued reference found message of partial result exception
env.put(Context.REFERRAL, "follow");
env.put("java.naming.ldap.derefAliases", "always");
env.put("java.naming.ldap.deleteRDN", "false");
env.put("java.naming.ldap.attributes.binary", "");
env.put(Context.PROVIDER_URL,
"ldap://" + (String) adsInfoVec.elementAt(0) + ":" +
(String) adsInfoVec.elementAt(1));
// env.put("java.naming.security.principal",
// userNameStr + "@" + (String) adsInfoVec.elementAt(0));
env.put(Context.SECURITY_PRINCIPAL,
userNameStr + "@" + (String) adsInfoVec.elementAt(0));
if (userPassStr == null) {
userPassStr = "";
// env.put("java.naming.security.credentials", userPassStr);
env.put(Context.SECURITY_CREDENTIALS, userPasswordStr);
try {
DirContext ctx = new InitialDirContext(env);
ctx.lookup("");
//System.out.println(ctx.lookup(""));
ctx.close();
catch (javax.naming.AuthenticationException ex) {
//System.out.println();
ex.printStackTrace();
return AUTHENTICATION_ERROR;
catch (javax.naming.PartialResultException pex) {
pex.printStackTrace();
return COMMUNICATION_ERROR;
catch (javax.naming.CommunicationException pex) {
pex.printStackTrace();
return COMMUNICATION_ERROR;
catch (NamingException e) {
System.out.println("Failed to connect to ");
e.printStackTrace();
return COMMUNICATION_ERROR;
return SUCCESS;
Result of this code from our company: We are able to Authenticate LDAP user and also Lock User Account after exceed the Max Failure Attempt that configured from Windows Server.
Result of this code from our client side: They are able to Authenticate LDAP user but they can't User Accout Lock however exceed the Max Failure Attemp that configured from their Windows Server.
Can u please help us if any experience about it and suggest if any other configuration require from Windows Server / Active Directory Server OR also if some other implementation require for resolving this issue.
Your optimistic reply is much appreciated.
Thanks,
Mehul Garnara.
Edited by: [email protected] on Mar 6, 2008 10:24 PM
Edited by: [email protected] on Mar 6, 2008 10:25 PM
Edited by: [email protected] on Mar 6, 2008 10:25 PM -
WLS6.0 sp1 and MS Active Directory
Hi,
Is it possible to configure WLS' LDAP security realm to use MS' Active
Directory to authenticate users? A quick yes or no would be appreciated -
I'll worry about the finer details of how later!!
Regards
Laura AllenCustom realm of course with the weblogic....ldaprealmv2.LDAPRealm
implementation class.
We did not use Kerberos authentication - just the plain password
authentication in "cleartext". Our servers are inside a secure data center -
no encryption required. That's why we did not need jdk1.4.
"Marc Carrion" <[email protected]> wrote in message
news:[email protected]...
>
Are you telling that you configured the ldap realm of WL to use activedirectory?
or you used your custom realm?
To use the authentication with Kerberos you need to use GSS-API and it'snot
included in jdk1.3 neither in jaas, that's why I needed to use jdk1.4
Can you explain how did you do that?
Thanks,
Marc
"Roy Cornell" <[email protected]> wrote:
Hi Laura:
No, BEA did not confirm the compatibility. We did our own investigation
and
found that the two systems work well together. One of the highlights
of the
research was the fact that the configuration of the WLS custom realm
for
Active Directory was more similar to Netscape Directory or Open LDAP
than to
the MS Site Server.
I am attaching the sample settings for the LDAP realm:
server.host=<some-ip-or-name>
server.principal=CN=wlsadmin001,OU=WLSMEMBERS1,DC=company,DC=com
user.filter=(&(cn=%u)(objectclass=user))
user.dn=OU=WLSMEMBERS1,DC=company,DC=com
group.filter=(&(cn=%g)(objectclass=group))
group.dn=OU=WLSGROUPS1,DC=company,DC=com
membership.filter=(&(member=%M)(objectclass=group))
We used the AD for authenticating the users and for authorizing the EJB
methods. AD contained the users and their security roles and the
deployment
descriptiors of the EJB's contained the permissions for the security
roles.
We ran repeated tests and were more or less satisfied.
Regards
P.S.
we used WLS 6.1 Jdk 1.3
----- Original Message -----
Sent: Tuesday, September 18, 2001 5:40 AM
Subject: WLS6.0 and Active Directory
Forgive me contacting you directly, but did you recieve a reply fromBEA
as
to whether WLS supports interaction with Active Driectory? And wereyou
attempting to use Active Directory just for user authentication? Anyinfo
on how WLS and Active Directory interact would be appreciated!
Regards
Laura Allen
The information in this e-mail and any attached files is confidential.It
is intended solely for the use of the addressee. Any unauthorised
disclosure or use is prohibited. If you are not the intended
recipient
of
the message, please notify the sender immediately and do not disclosethe
contents to any other person, use it for any purpose, or store or copythe
information in any medium. The views of the author may not necessarily
reflect those of the Company.
"Laura Allen" <[email protected]> wrote in message
news:[email protected]...
Hi,
Is it possible to configure WLS' LDAP security realm to use MS' Active
Directory to authenticate users? A quick yes or no would be
appreciated
I'll worry about the finer details of how later!!
Regards
Laura Allen
Maybe you are looking for
-
Need to convert a AVI video to be able to see it on a MACBOOK Air. VLC doesn't work
I need to convert a video from AVI format to a other format that can be read on my MacBook Air. VLC doesn't work. any other suggestion? Free will be better Thank you
-
N95 + One Touch Access issue on Windows Vista Busi...
Hi all, I searched for a solution to this issue both in this forum and in the Nokia PC Suite help but I couldn't find any. I'm able to use Nokia PC Suite with my N95 + cable DKE-2 except for One Touch Access. When I clic on "Connect to the Internet"
-
Is there a virus with the iTunes 11 update?
A friend mentioned to me that there is a virus with the new iTunes update 11.1. Has anyone heard of this?
-
Hi! I have publish my website in swedish with my iweb and it is ok but now I would like to have the same website in another language. I would have in my first webpage (the welcome page) a link to my website in english. Is it possible with iWeb? I wan
-
Screen sequence processing when using modal dialog box
I have been struggling with a dialog program which I have written. I have a screen which has 2 radiobuttons and a check box (screen 100). If the checkbox is marked, a modal dialog screen pops up (screen 150). If I complete both input fields on s