OID config question

Experts for OID, need your help with following:
OID will be used to store accounts from a local Active Directory. (sync between AD and OID user accounts)
Question: When installing OID, need your suggestions for following entries during OID installation
1. LDAP v3 Name Space: ?? (Is dc=localdomain fine??)
2. OID information Realm: ?? (Is dc=localdomain fine??)
Following is the information about AD, whose users will be inside OID or synched with.
The AD domain is adauth.local
so user accounts are [email protected]
These users are in a AD OU called as "internal"

Hi,
Keep both the entries(LDAP v3 Name Space and OID information Realm) as dc=localdomain,dc=adauth,dc=local at OID end.
Regards,
Kishore

Similar Messages

A few post config questions on new setup

Hi Group,
Just a few post config questions.
First, how can I confirm my controller is in fact associating properly with an NTP server? On a typically cisco product, I could just do a 'show ntp associations' or a 'show ntp status'. I cannot see a way to confirm this on the gui or command line.
Second, on my guest network with web-auth, if one were to choose to not use https for web-auth and instead use unsecure http, would that be possible and if so where in the gui?
Thanks.

The third field is from a WLC running v7.4 not v7.2. I usually would install a 3rd party certificate, but what eles you can try is issue this command on from the CLI. It had issues working with certain code versions, but you might as well give it a try.
config network web-auth secureweb disable
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"

Workshop Weblogic config questions

I'm using Oracle Workshop for WebLogic 10.3 and I'm hoping someone can answer some setup/config questions.
When I double click on the server (WebLogic Server v10.3 at localhost) a window opens with various settings that manage how workshop and weblogic work together.
Under "Startup & Deployment" I have the following turned on:
Launch WebLogic server in Eclipse console
Always start WebLogic Server in debug mode
Ignore project compilation errors when publishing (I have this turned on because of errors in a portal project, the errors aren't inmportant, and don't prevent the project form running)
Run stand-alone web module directly from workspace
So, first question, with these settings I was able to quickly switch to debug mode, with out restarting the server, now the server restarts whenever I turn debugging on. What have I done that has stopped this working correctly? How can I get it to start debugging without a full restart?
next question, what happens if I turn on "Start WebLogic Server in Express Mode"? As far as I can tell nothing happens.
Lastly, under "Automatic Publishing" I have it set to "Never publish automatically", if I choose another setting workshop essentially freezes because it's constantly publishing. So whenever I make a change, even in a jsp, I need to remove the project, then re-add it to see my changes in the browser. This is frustrating, not just because it takes 8 or 9 minutes (8 or 9 MINUTES!!!), but because the project doesn't run properly until it is redeployed. You'd think that if it needs to be re-deployed, then none of my changes should matter on the server until it is re-deployed.
So, my question is, Is there any way to get this re-deployment to happen faster?
Thanks for any and all help

Well, in my experience performance is not bad as you experienced. Is it locally connected server or remotely connected server? If it is a remote server, network issue could cause this latency issue.
Is performance better if you run the server without enabling debug mode? If yes, probably you can also review any break points set.
You could also try out the following options
1) Run workshop with -clean option, by opening command prompt and navigating to workshop_home\'workshop.exe -clean'
2) Untick the option 'Launch WebLogic server in Eclipse console' and start server which would enable server to start on command prompt
3) This would enable you to take multiple thread dumps (cutl +Break) on the server console output, while performance is very bad, to see where threads are halt.

Re: PLM4P v6003 Config Question: Any way to configure UGM Notifications?

After reading:
PLM4P v6003 Config Question: Any way to configure UGM Notifications?
This is one of the requirements from me as well. We always wanted to customize emails sent not only for UGM but also for other modules. We wanted to conveysome message to approvers. But it seems this is still not possible. Is this functionality on road-map of AgielP4P product management?

Currently, the subject and body of emails can be customized to an extent, as they are translations that can be overridden. The translations have some placeholder fields that get populated by the system, but you are limited to those placeholder fields. The upcoming release will give you full control of the email body and subject lines, for GSM and SCRM emails, as well as Supplier Rep emails.

Redundant FWSM Config Question

Hello All,
I'm going to be configuring failover with FWSMs for our 6500 at my job and I have a config question. There is one current 6500 chassis with 2 FWSMs installed. They are both online but currently since failover isn't setup, only one FWSM is actually active. My question is since we are using mutiple contexts where do I setup the failover interface, and do I need to configure failover on every single vlan on the FWSM? We have over 10 contexts each with 2-3 interfaces on them, so do I need a failover IP for every vlan that exists on every context? Also, does the failover config get setup on the admin or system context? Any help would be greatly appreciated, and thank you so much in advance!

Hi John.
Failover config goes in the system context. For the data interfaces in each context, you will need a primary and a standby IP i.e. 2 IP's per VLAN. Once failover happens, the secondary FWSM will assume the active role and the secondary FWSM will take over the Primary IP address thus making the failover process transparent to end users.
HTH.
Regards
Zubair

SCCM 2012 application portal: config questions

Hi,
We have setup SCCM 2012 application portal correctly and it's working fine.
However some config questions:
-can we change the name of the configuration portal? Now its servername/CMApplicationCatalog ... what's not userfriendly.
We'd like it to be applicationportal.ourcompany.com. Howto achieve that?
-can we customize layout in a supported way (we could change html pages but after an upgrade of SCCM they would/could be erased)?
-how does flexera (adminstudio?) plugs in into this. I've read this entry
http://helpnet.installshield.com/appportal2014/Content/helplibrary/AP_CreatingCatItemSCCM.htm but what's the big picture here? Anybody using this? What are the advantages?
J.
Jan Hoedt

We want to offer software center for overview of mandatory installs, application catalog for optional software.
On our companies portal, we can then set a link which directs to the application portal. User can then install optional software from there.
My current config works http://applicationportal.ourcompany.com/ goes to the sccm-server but not to the url below.
That would be http://applicationportal.ourcompany.com/CMApplicationCatalog/#/SoftwareLibrary/AppListPageView.xaml
how can I make sure the application portal shows up when this link is opened?
It sounds like you want to perform a URL rewrite?
http://www.iis.net/learn/extensions/url-rewrite-module/creating-rewrite-rules-for-the-url-rewrite-module
You should test this to see if it's what you want - I may have misunderstood your question.
Also, I wouldn't host this module on your AppCatalog server, I'd host the rewrite module elsewhere.
Don
(Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
This helps the community, keeps the forums tidy, and recognises useful contributions. Thanks!)

OID 9.2 general config questions

I am just re-installing Oracle Internet Directory after I corrupted the configuration. Arghh! Please comment on the following questions based on feasibility in a development environment -- that's often different than best practices.
1) May the Database Server (9.2) and Internet Directory (9.2) be installed using the same Oracle Home?
2) Can OID register itself for Enterprise User Security (eg. the OID repository is in 'iasdb' and the enterprise user logs into 'iasdb')?
3) Do Thawte certificates work for OID 9.2? (I read an earlier post that Thawte had an algorithm bug.)
4) Does registering the database with Enterprise Security Manager work or is it required to register the database with the Database Configuration Assistant?
Thanks for your time,
Barth

HTML is recognized by more users at this point. I posted a
problem with getting a registry error with flash 9. This didn't
happen with 8 and they need to address it. If they don't, go with
HTML.

SSL VPN Full and Split Tunnel Config Question

I am Beta testing SSLVPN on an IOS router. The question I have is this:
Is it possiable to have slit and full tunnel configs. It seems that once you create your context and default profile that is all you have either split or full. The books say you can use Radius and assign different profiles but, I would like to give the users a choice (like in the VPN3000 .pcf) of either split or full depending on where they are working from.

The below is an example using the ASA - but the principle remains the same:-
http://www.cisco.com/en/US/customer/products/ps6120/products_configuration_example09186a0080975e83.shtml
HTH>

J2EE Policy agent - login page config questions

Hi,
I'm trying to configure a customized login page for an application that is protected by a AM Policy Agent 2.2-01 on SJSAS 8.2.
I am aware of this link:
http://docs.sun.com/app/docs/doc/820-2539/gatai?l=en&a=view .
This describes configuring the custom login for an app. Based on the doc, I have configured the following:
1. I have the agent and my app on one instance on myhost.mydomain.com
2. A url policy is protecting my app, configured in Access Manager 7.1. The url is http://myhost.mydomain.com:38080/myapp/*
3. In my app's web.xml I have the following:
<login-config>
        <auth-method>FORM</auth-method>
        <form-login-config>
            <form-login-page>/login.jsp</form-login-page>
            <form-error-page>/loginerror.jsp</form-error-page>
        </form-login-config> 4. In AMAgent.properties:
com.sun.identity.agents.config.login.form[0] = /myapp/login.jsp
com.sun.identity.agents.config.login.error.uri[0] = /myapp/loginerror.jsp
com.sun.identity.agents.config.login.use.internal = false
com.sun.identity.agents.config.login.content.file = FormLoginContent.txtThere doesnt seem to be any change in login page when I go to my app. It just redirects to the Access Manager login page, and when I login it redirects back to the app. The security behavior is correct but I would like the login page to be unique for the app.
So my questions are:
1. Am I using com.sun.identity.agents.config.login.use.internal correctly? I dont want it to use internal login, but my login file, right?
2. My login page is protected by my url policy. Is that a problem? Should I be using com.sun.identity.agents.config.notenforced.uri[0] on the login page?
3. Can anyone clarify to me exactly how and where the contents of FormLoginContent.txt is used?
I'm kind of new to AM and Policy Agents, so i apologize if my questions seem very newb. Any help is appreciated. Thanks!
-Matt

Changing com.sun.identity.agents.config.filter.mode to URL_POLICY seemed to help. I am now seeing /myapp/login.jsp as the login page for my app. The logins themselves are failing, however. I am confused as to how to set up the jsp to work with the agent to log in.
-Matt

OID Licensing Question (with ODS EE)

Hello. I am currently using OID (11.1.1.6) for my naming service (instead of tnsnames). According to Oracle you are granted a restricted-use license for using OID "... if users use the Directory Naming feature to configure Oracle Net Services." Since this is what I am doing, I I am under the impression that I do not have to license Oracle on the server with OID as long as it is the only thing on that server (which it is).
My company is looking at purchasing "Employee" Oracle Directory Services Enterprise Edition licenses (environment is all Oracle DB Enterpirse Edition, 10gR2 and 11gR2) so that we can setup chaining between OID and Microsoft AD so that user roles/permissions can be assigned through AD via AD groups.
My question is: since I will no longer be using OID strictly for connection resolution, and even though we will purchase ODS EE, will I be forced to license my server that is only running OID? I would think that this wouldn't be the case, but I always prefer to know ahead of time when it comes to Oracle and licensing.
Any help would be greatly appreciated.
Thanks,
DC

Hi Saad;
I belive you can get the bestest answer from oracle support only. By the way you can also og a SR and confirm your issue wiht oracle support too.
Regard
Helios

11gR2 em install / config question.

We just loaded 11gR2 onto a virtual server running Win 2008 Server R2. During the installation of the database,
I received 5 or 6 missing file messages and I told the installer to ignore and continue. One of those files was
dbhome_1\...\em.jar.
Will this preclude me from getting em up? Should I deinstall/reinstall the 11gR2?
When I ran emctl start dbconsole I received this message:
can't locate CompEMdbconsole.pm in @inc <@inc contains ..(list of files).......emctlCommon.pm line 598
From this question you'll probably surmise that I'm relatively inexperienced.
Suggested reading info is always appreciated.
Thanks,
Ron
Edited by: RonW on Oct 9, 2012 6:27 AM

Thanks for the reply. I used dbca to create a database which I had thought was done
during the original install. It ran forever and eventually gave me an error message
'Error Instantiating OC4J files'. When I looked in the emconfig.log file, there were
several missing xml files in E:\app\Administrator\product\11.2.0\dbhome_1\oc4j\j2ee\
OC4J_DBConsole\config\
jms.xml
rm1.xml
http-web-site.xml
server.xml
In fact, the 'config' folder was empty. Going back to my original question regarding
those missing files, why would they be missing? Is the oem a separate install
process or is it done when the 11g database is installed?
Thanks, Ron

ACE: design/config question: trans.slb + slb + mngt

Hi,
Could this ACE setup/design work?
I want PROXIED sessions (to VIP proxy 10.0.0.10) to be loadbalanced
All other sessions (eg. Some public ip's) will have to transparent loadbalanced to proxy servers. Thus not destinations NAT
ACE is inline between firewalls and proxy servers.
Vip definitions:
class-map match-all P_PXYVIP_VS_LB
2 match virtual-address 10.0.0.10 255.255.255.255 tcp 8080
class-map match-all P_PXYTRANS_VS_LB
2 match virtual-address 0.0.0.0 0.0.0.0 tcp any
Question in this case: would it still be possible to have management sessions towards proxy servers routed by the ACE ? (physical ip addresses of proxy)
Probably the classmap PXYTRANS is catching those sessies also.
Are there other design/config solutions to solve this one?
Thank you!
Wim

Let me repose the question:
How could one still be able to access the realserver IP (which is directly connected
to the ACE) for manangement.
Knowing that there is 1 VIP which (normal) loadbalance to the realservers
and
there is 1 VIP 0.0.0.0 tcp any which is configure to catch all other traffic to be
transparant loadbalanced.
The VIP 0.0.0.0 is always catching the sessions which need only to be routed
to the real servers ip.

Voice GW Config Question

Hi Everyone
Yesterday I posted a question about redesigning the way our voice network looks, I'm removing 6 CUCM 4.3 boxes and I'm going to have those sites register with our Sub which is 10.5.1 in our data center across the WAN. Jaime answered my question and gave me some good insight on what to do for each site.
1.Create DP,CSS,PT on the Pub
2.Enable SRST on the GW
3.Make necessary changes on GW
4.Create LRG to have the site use their local GW
I've been reading on how to get these task done and I have a question about #3, I'm looking at the config from the GW for the test sight and the VoIP dial peer is referencing the CUCM node currently on site. Would modifying the IPV4 address to reflect the new CUCM node at the data center be the only change that I would have to make to the config?
I also want to say thanks for all the help that everyone has given me with really quick responses to my questions. I just changed jobs and I went from doing primarily MACD to now I'm actually the person who is doing the implementation. I've never done implementation before but I know if I stick with it and help from this board I'll be a super star yet.
Eric

Correct, need to change the IP address on the DP to reflect the new one. Also, need to look at SCCP resources (conference bridge or transcoders if any) and those need to be changed.

OID audit question

Hello, people!
I have question about auditing in Oracle Internet Directory.
1. I turn audit on in my OID.
2. Restart OID.
3. Searching for Audit Log Entries by Using ldapsearch. The DN for the audit log container is cn=auditlog. To search for audit log entries, perform a subtree or one-level search, with the container object cn=auditlog as the base of the search. Work fine.
4. But when i add some user to some group, i get record like:
orclSequence=348,cn=auditlog
objectclass=top
objectclass=orclauditoc
orcluserdn=cn=orcladmin
orcleventtype=Modify
orclauditmessage=Modifying entry cn=XMLP_ADMIN,cn=Groups,dc=rd,dc=local
orclsequence=348
orclopresult=Success
orcleventtime=20091125141137z
Did any one knows, how determine what changes done?
Thanks,
Jeff.

it will be good if you are adding HR as OU , in case if you have IT or someother Organization Unit it will can be easily added and identified.
Once you add it as OU autimatically all required class will be added automatically , further if you have any custom attribute you can add your own custom class

SSPR config question

Hi,
Assume we have 2 different user types: staff and students.
Student accounts reside in their own forest
Staff accounts reside in 2 different and separate forests
FIM resides in another separate forest (a resource forest)
We are about to deploy SSPR in the resource forest, and need the following functionality:
When resetting the password, Staff will type in "domain\username"; Staff will use the question & answer SSPR approach
however Students will use the OTP approach and only type in their "username" since many won't know the domain name (we will set the 'defaultdomainName' attribute in the config file)
My question is this:
Because we need 2 different SSPR approaches and for Students we need the 'defaultdomainName' prepopulated - will we need 2 separate instances of the SSPR Portal deployed on 2 separate servers?
Thanks,
dw

Going strictly by the book, you would need two separate instances of the SSPR Portal if it's critical to vary the behavior of the default domain name. If folks in the non-default domain will always enter DOMAIN\user or UPN, then one instance of the
portal should suffice.
That aside, Sameera_man's links are relevant for creating the necessary resources to support more than one Password Reset Authn workflow.
Steve Kradel, Zetetic LLC

OID config question

Similar Messages

Maybe you are looking for