Open ldap + oc4j

Does OC4j Jazn authenticate against open ldap??

Or you could also look at writing your own JAAS login module -- the security guide has details on how to use custom Login Modules.
http://download-west.oracle.com/docs/cd/B10464_04/web.904/b10325/loginmod.htm#1004903
-steve-

Similar Messages

How to create a configuration file for open ldap.

hi,
I have installed open ldap on my machine. Now I want to configure it to NetWeaver.
For this, I started configuration through configtool utility of NetWeaver. While configuring, we need to select or upload configuration file. But now as it is open ldap we need to write our own config file.
I tried it by selecting dataSourceConfiguration_ads_deep_readonly_db.xml as a configuratio file. it shows successful test connection but the user which I have created is not appearing in UME store.
Does any body having solution for this?
I am trying to solve this problem from two days. I really appriciate one who will sove this problem

Well the configuration file you chose does not allow users created in NetWeaver to be created in the LDAP. That's why it's a "readonly" configuration. I would guess that you need a custom configuration file specifically for open ldap.
This should help get you started on a custom configuration file:
http://help.sap.com/saphelp_nw2004s/helpdata/en/b7/14d43f2dd44821e10000000a1550b0/frameset.htm
Then again, if the only problem with the .XML file you chose is that you can't write to the LDAP, give the dataSourceConfiguration_ads_writeable_db.xml configuration file a shot.

Open LDAP Authenticator Configuration on WLSSP5

I have problems in the open LDAP authenticator configuration on Weblogic Server with Service Pack 5. I have users on OpenLDAP Server that do not belong to any group. My LDIF file contents are as given below.
dn: dc=my-domain,dc=com
dc: my-domain
objectClass: dcObject
objectClass: organization
o: MYABC, Inc
dn: cn=Manager, dc=my-domain,dc=com
userPassword:: c2VjcmV0
objectClass: person
sn: Manager
cn: Manager
dn: cn=myabcsystem, dc=my-domain,dc=com
userPassword:: dmVuZGF2b3N5c3RlbQ==
objectClass: person
sn: myabcsystem
cn: myabcsystem
dn: cn=Philippe, dc=my-domain,dc=com
userPassword:: UGhpbGlwcGU=
objectClass: person
sn: Philippe
cn: Philippe
dn: cn=mlrick, dc=my-domain,dc=com
userPassword:: bWxyaWNr
objectClass: person
sn: mlrick
cn: mlrick
All these users appear in the Users tab after configuration on the console only if LDAP Server is up. While I select group tab, I get errors indicating BAD SEARCH Filter.
Inspite of me not having any groups in the ldap as indicated in ldif contents.
While I try to login t the application with this LDAP configuration, I do not get any errors. LDAP authentication is not happening with just the LDAP authenticator in place. Even if I stop the LDAP server, I do nto get any exceptions while trying ot login. The config params for the Open LADP are as given below
<weblogic.security.providers.authentication.OpenLDAPAuthenticator
AllGroupsFilter="objectclass=*"
Credential="{3DES}rGCpYmhaIorI99BjZ2u6Fg=="
GroupBaseDN="dc=my-domain,dc=com"
GroupFromNameFilter="(cn=%u)"
Name="Security:Name=MYABCAuthenticationOpenLDAPAuthenticator"
Principal="cn=myabcsystem,dc=my-domain,dc=com"
Realm="Security:Name=MYABCAuthentication"
StaticGroupDNsfromMemberDNFilter=""
StaticGroupNameAttribute="" StaticGroupObjectClass=""
StaticMemberDNAttribute="" UserBaseDN="dc=my-domain, dc=com"/>
####<Mar 3, 2006 4:21:34 PM IST> <Debug> <SecurityDebug> <hemalatha> <myserver> <ExecuteThread: '49' for queue: 'default'> <<WLS Kernel>> <> <000000> <LDAP ATN LoginModule initialized>
####<Mar 3, 2006 4:21:34 PM IST> <Debug> <SecurityDebug> <hemalatha> <myserver> <ExecuteThread: '49' for queue: 'default'> <<WLS Kernel>> <> <000000> <LDAP Atn Login>
####<Mar 3, 2006 4:21:34 PM IST> <Debug> <SecurityDebug> <hemalatha> <myserver> <ExecuteThread: '49' for queue: 'default'> <<WLS Kernel>> <> <000000> <LDAP Atn Login username: bob>
####<Mar 3, 2006 4:21:34 PM IST> <Debug> <SecurityDebug> <hemalatha> <myserver> <ExecuteThread: '49' for queue: 'default'> <<WLS Kernel>> <> <000000> <getConnection return conn:LDAPConnection { ldapVersion:2 bindDN:""}>
####<Mar 3, 2006 4:21:34 PM IST> <Debug> <SecurityDebug> <hemalatha> <myserver> <ExecuteThread: '49' for queue: 'default'> <<WLS Kernel>> <> <000000> <authenticate user:bob>
####<Mar 3, 2006 4:21:34 PM IST> <Debug> <SecurityDebug> <hemalatha> <myserver> <ExecuteThread: '49' for queue: 'default'> <<WLS Kernel>> <> <000000> <getDNForUser search("ou=people,ou=MYABCAuthentication,dc=myabc", "(&(uid=bob)(objectclass=person))", base DN & below)>
####<Mar 3, 2006 4:21:34 PM IST> <Debug> <SecurityDebug> <hemalatha> <myserver> <ExecuteThread: '49' for queue: 'default'> <<WLS Kernel>> <> <000000> <returnConnection conn:LDAPConnection { ldapVersion:2 bindDN:""}>
CAN ANYONE HELP ME IDENTIFY WHAT IS THE ISSUE. Why is the authentication not happening?

Hi Amol,
I've seen this happen at least two times in 11.1.1.1 installs. You can safely restart and then add the service back again. Suggest you reboot after you re-add the service back or cycle all the Hyperion services.
I was not aware you could install the service with that command.
I used the below command instead:
sc create OpenLDAP-slapd start= auto binPath= "D:\Hyperion\...\slapd.exe service" DisplayName= "Hyperion Shared Services OpenLAP"
Regards,
-John

Where can I find an LDAP Editory for Open LDAP

where can I find an LDAP Editory for Open LDAP... i was using LDAP Editor but it does seem to work any more... where can I find a free download for the LDAP editor for windows...

I put in the following info in the connection section for the
lDAPbrowser but am not able to connect to the server. I get error
saying Failed to connect to ldap://165.252.58.78:389/
Host: 165.252.58.78
Port: 389
Version: 3
Base DN: what do I put here
and do I select SSL
or Anoymous bind
User Info
User DN: what do I put here
and
I am connecting to ldap through my app with the following criteria:
url=ldap://165.252.58.78:389/
ldapHost=165.252.58.78
ldapPort=389
ldapVersion=LDAPConnection.LDAP_V3
ldaploginDN=cn=Manager,dc=accuserverx,dc=com
ldappassword=password

Integration of CQ 5.5 with open LDAP

Hi Team,
I am trying to integrate cq 5.5 with open ldap. i am able to see ldap entry in jmx console .
But here the problem is the users in LDAP are not imported to CQ users.
Below are methods in com.adobe.granite.ldap tools section in jmx console.
[Ljava.lang.String;
listOrphanedUsers()
retrieves a list of users not present in the LDAP directory anymore
java.lang.Void
syncAllUsers()
updates all local user informations based on the LDAP directory
[Ljava.lang.String;
syncUser(java.lang.String user)
updates the local user information for a specific LDAP entry
[Ljava.lang.String;
syncUserList([Ljava.lang.String; userlist)
updates the local user information for a list of LDAP entries
[Ljava.lang.String;
purgeUsers()
removes the local user information for all users removed from the LDAP server
using these methods also am unable to import my ldap users to cq.
Please guide me on the same.
Thanks & Regards,
Prasad.

please refer to the master guide available for the SRM 5.0 --> which has got details of the R/3 system which you can use with SRM 5.0.
I have seen the guide and according to it , you can use R/3 3.1i - SAP ECC 6.0.
and also there should be no limitation as far as i know , if you are able to use R/3 4.6B , you should be able to use all the functionality.

Open Ldap problem

Hi all,
I have to use OpenLdap with weblogic.I have gown through the documents for creating the Authentication provider.
I created with one authentication provider for openLdap in the weblogic default realm and i configured it for openLdap. I am able to see the groups and users in my portal now.
I have created a new portal using the portal administration for sample portal application which comes with weblogic and set the entitlements on the portal and desktops and portlets.
When i access the portal with the Users in my openLdap i am not able to login.
I am confused, Is there any thing else i need to do in order to allow the users in the openLdap to access the portal application.
Please guide me.
Thanks,
Milind

Hi Ravin,
I am not sure which version of Portal you are using.
for version Weblogic portal 9.2 i have used these parameters for Open Ldap Provider.
Group Base DN:ou=groups, dc=example, dc=com
Group base DN values will be based on the Structure you have created in your LDAP.
User Base DN:ou=people, dc=example, dc=com
Userbase DN values will be based on the structure you have crated in your LDAP.
Host:The host where your LDAP is running
Principal: DN for LDAP Admin user say for example cn=admin,dc=somevalue,dc=com based on whatever you have used in your environment.
Credential:Admin password cridentials for LDAP
Confirm Credential:Admin password cridential for LDAP
Control Flag:SUFFICIENT, you must check control flag value and set it to sufficient for all the providers or atleast DefaultAuthenticator or SQLAuthenticator.
About weblogic users,in Weblogic 8.X there is a DefaultAnthenticator is used and i think they are picked from the database.Same will be case with Weblogic 9.2 where SQLAuthenticator is used.
All the best
Milind

Unknown attribute of the ID GTC connector (Open LDAP).

Attribute is added automatically when creating a GTC connector (for Open LDAP). Attribute with value SUCCESS is present in OIM. I cannot find anywhere what means attribute in this case.
The attribute itself is not to be deleted.
Someone please help if you know!!

Has been set up connectors Generic Technology, designed to integrate Oracle Identity Manager with the systems that support network access protocol LDAP. Connector sends the user account attributes, for example, gidNumber, uid and among them, upon the attribute ID. Apparently, this attribute contains the official record. It can not be deleted or changed. I want to understand what it means?

Discoverer against Open-LDAP

Did anyone have experience of using Discoverer against Open-Ldap? We are using discoverer in non-apps mode and dont want to create 300db user's. Our current application uses Open-Ldap and we want to make use of it for Discoverer authentication. Any ideas?
Thanks

Thanks Rod for the metalink documents.
I'd tried using eul_trigger$post_login using a similar function as indicated in the article you refer before posting my question but it didn't work - may be because i was not paying attention to upper/lower case.
But, after reading the article 372067.1 and following the exact instructions I still can't make it work. Not even with Discoverer desktop while logged in as EUL owner.
Here is the function I created:
CREATE OR REPLACE FUNCTION EUL_TRIGGER$POST_LOGIN RETURN NUMBER IS
BEGIN
insert into my_eul.test_logon values (sysdate);
commit;
RETURN 0;
END EUL_TRIGGER$POST_LOGIN;
Some values for this registered function from EUL5_FUNCTIONS metadata table are:
FUN_NAME: eul_trigger$post_login
FUN_DEVELOPE_KEY: EUL_TRIGGERPOST_LOGIN
FUN_FUNCTION_TYPE: 8
FUN_HIDDEN: 0
FUN_DATE_TYPE: 2
FUN_AVAILABLE: 1
FUN_MAXIMUM_ARGS: 0
FUN_EXT_NAME: EUL_TRIGGER$POST_LOGIN
FUN_EXT_OWNER: MY_EUL
Any thing seems missing/incorrect?
I am not 100% sure about EnableTrigger preferences. My pref.txt does not have an entry for EnableTriggers and according to Configuration Guide you should not add an entry if not present because by default triggers are enabled. But, since the trigger was not firing I also tried adding the line and applied preferences using the applypreferences.bat but it didn't work.
To make it work with Discoverer Desktop I tried updating the registry to add entry for EnableTrigger registry entry, but no successs (Finally I removed all changes to registry and preferences).
Now I am clueless why the trigger is not working. Any help would be appreciated.
Using Discoverer 10G R1 (9.0.4)
thanks
Message was edited by:
user552591

How we connect OPEN LDAP to weblogic server

Hi All,
How we connect OPEN LDAP to weblogic server

There are several blogs for how you set up Open LDAP as a security provider:
http://biemond.blogspot.com/2008/10/using-openldap-as-security-provider-in.html
http://blogs.oracle.com/jamesbayer/2007/08/using_openldap_with_weblogic_s.html

Open Ldap 2.4 is supported

Hello
We want to connect SAP ERP 6.0 to Open Ldap 2.4, I need following
information:
1.Is Opne LDAP 2.4 is supported by SAP ERP 6.0
2.Configuaration documents for same.
Many thanks in advance,

Hi there,
Are you receiving any error messages? Can you confirm that the Cisco DirSync process is started and/or reset and try the sync again. Also, you may want to check to make sure there are no firewalls/ports being blocked between CUCM and your LDAP server.
You'll also want to make sure your LDAP Directory page is mapping attributes correctly to your OpenLDAP server under System > LDAP > LDAP Directory. By default it is set to use sAMAccountName for the UserID field.
Table 16-5 Synchronized LDAP Attributes and Corresponding Unified CM Field Names
Unified CM User Field Microsoft Active Directory Active Directory Application Mode (ADAM)
or Active Directory Lightweight Directory Service (AD LDS)
Netscape, iPlanet, or Sun ONE
OpenLDAP
User ID
One of:
sAMAccountName
mail
employeeNumber
telephoneNumber
userPrincipalName
One of:
uid
mail
employeeNumber
telephoneNumber
userPrincipalName
One of:
uid
mail
employeeNumber
telephonePhone
One of:
uid
mail
employeeNumber
telephonePhone
First Name
givenName
givenName
givenname
givenname
Middle Name
One of:
middleName
initials
One of:
middleName
initials
initials
initials
Last Name
sn
sn
sn
sn
Manager ID
manager
manager
manager
manager
Department
department
department
departmentnumber
departmentnumber
Phone Number
One of:
telephoneNumber
ipPhone
One of:
telephoneNumber
ipPhone
telephonenumber
telephonenumber
Mail ID
One of:
mail
sAMAccountName
One of:
mail
uid
One of:
mail
uid
One of:
mail
uid
HTH,
Chris

Open LDAP XMA

While running OID MA(Open LDAP XMA) we are facing "Stopped-ma-timeout" error. we have arround 1400,000 user object in OID which we are trying to get those object in MA connector space.
Please provide inputs.

1.4 mill objects is a lot. I havent tried the MA myself, but I know that Kent Nordstrom has successfully used my PS MA instead of the old MA.
https://konab.com/replacing-openldap-ma-with-ps-ma/
Maybe that could be of assistance to you?
Regards, Soren Granfeldt
blog is at http://blog.goverco.com | facebook https://www.facebook.com/TheIdentityManagementExplorer | twitter at https://twitter.com/#!/MrGranfeldt

Open LDAP and OC4J

Hi there,
I am having problems setting up OC4J with LDAP. Has anyone could able to set up OC4J with LDAP (other than OID). Everything works fine if "jazn provider" is XML. But OC4J doesn't even start when I change the jazn provider to LDAP. I got the following error:
oracle.security.jazn.JAZNException: The system is unable to retreive the specified realm(s).
When I looked through forums, I could able to get some info about how to use Oracle Internet Directory (OID) and synchronize it with other LDAP. But I don't want to use OID.
Any help regarding this is greatly appreciated.
Thanks in advance.
Prasad.

Not sure if Oracle's implementation can handle that. (renaming their JAAS implementation is perhaps a hint of that?)
Anyway, did you define a realm in the other-than-OID directory?
First define the provider like:
<jazn provider="LDAP"
default-realm="realmname"
location="ldap://hostname:389" />
Then, using the JAZN administration tool (try java -jar jazn.jar):
-addrealm <realm> <admin> {<adminpwd> <adminrole> |
<adminrole> <userbase> <rolebase> <realmtype>}
Continue by adding users, roles, etc.
The above is not tested... just guessing :)
Hth,
Fredrik

FRM-92101 error while opening forms & OC4J

Hi all,
I have a customer having problem after certain number of users connecting to the application.
These are the following setup in the environment:
1. OAS 10.1.2.1
2. Windows 2003 Standard Edition SP1 32 Bit
3. Memory 2GB
They are running the application using the Oracle Form, connecting through the application using Internet Explorer.
Number of users might connect to the application are around 42 users in application server #1 and 10 users in application server #2.
Recently they reported that they experiencing the FRM-92101 in random fashion in all clients computer.
I did a check on the windows task manager and I can see that frmweb.exe process will consume around 17MB - 68MB.
This is random, not all process consuming up to 68MB, some of it will be in the avarage of 30MB to 50MB.
I checked the registry for the desktop heap setting which is in HKEY_LOCAL_MACHINE -> System -> Current Control Set -> Control -> Session Manager -> SubSystems. There is a key named Windows and inside here there is a variable called SharedSection. Currently the value is set to 2048, 3072, 2048
From what I know this setting should be enough for around 40 users.
I noticed when 42 users were connecting to app server #1, the physical memory available is only around 140MB.
This FRM-92101 error is not only happening to app server #1 but also #2 which only handles 10 users maximum.
From the information above, I have some questions:
1. What other areas that I need to check for this?
2. What other configuration I can increase so this error is not happening anymore?
3. If I check on opmnctl status, I can only see 1 OC4J home and OC4J_BI_FORMS. Does increasing the number of OC4J can suppress this error?
Please give me the enlightment.
Thank you so much,
Adhika

Hi sandeep;
I have installed vision database r12(12.0.4) on hp ux (11.31).
I am able to open the login page but when trying to access any form it gives below mention error.
FRM-92101: There was a failure in the Forms Server during startup. This could happen due to invalid configuration.
I have checked below mention log file.
/devbackup/applvis/inst/apps/VIS_reeldev/logs/ora/10.1.3/opmn/forms_default_group_1/formsstd.out
Error:
Forms session <1> aborted: runtime process failed during startup with errors /usr/lib/hpux32/dld.so: Unsatisfied code symbol 'nnftboot' in load module '/devbackup/applvis/apps/tech_st/10.1.2/lib32/libclntsh.so.10.1'.Please check below and see its helpful:
Error Dld.So: Unsatisfied Code Symbol 'Nnftboot' Signal 9 When Running Reports Concurrent Requests [ID 560287.1]
All Concurrent Requests End With Signal 9 Termination Error [ID 452714.1]
Also check Apache log files for more details
What is post installation task after installing r12?You can follow Recomended R12 patches On Metalink
Not able to execute .env file with owner and privileges, why?How you are trying to execute?
How to get r12 original media from oracle? You can log Sr for media or you can contact wiht your oracle local office
Regard
Helios

Slapd Exited with Exit code: 1 main: TLS init def ctx failed: -1 Open LDAP

After enabling the SSL in the Server Admin panel under Open Directory / LDAP My openLDAP will not start. Any help you could give me would be greatly appreciated!
Every 10 seconds the log file updates with:
Jan 31 21:48:26: --- last message repeated 4 times ---
Jan 31 21:48:26 home slapd[1338]: main: TLS init def ctx failed: -1
Jan 31 21:48:26 home slapd[1338]: slapd stopped.
Jan 31 21:48:26 home slapd[1338]: connections_destroy: nothing to destroy.
Jan 31 21:48:36 home slapd[1343]: @(#) $OpenLDAP: slapd 2.3.27 (Oct 4 2007 23:24:38) $
Jan 31 21:48:36 home slapd[1343]: overlay_config(): warning, overlay "dynid" already in list
and in the console log:
1/31/08 9:48:46 PM com.apple.launchd[1] (org.openldap.slapd[1356]) Exited with exit code: 1
I've tried to disable SSL to see if that helps, but, it seems as though even if I uncheck the use SSL box the slapd still will not start. I have also tried editing the ldap.conf and commenting out the
#TLS_REQCERT demand
My ldap.conf file is as per:
# LDAP Defaults
# See ldap.conf(5) for details
# This file should be world readable but not world writable.
#BASE dc=example, dc=com
#URI ldap://ldap.example.com ldap://ldap-master.example.com:666
#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
#TLS_REQCERT demand
and my slapd_macosxserver.conf
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
# This file is maintained by Server Admin.
allow update_anon
# config database definitions
database config
rootpw {SMD5}rddHtHIDi0mRFAo01222TvztzY0=
access to *
by set="user/uid & [cn=admin,cn=groups,dc=home,dc=ryanwilson,dc=com]/memberUid" write
by dn.exact="cn=home.ryanwilson.com$,cn=computers,dc=home,dc=ryanwilson,dc=com" write
by sockurl="ldapi://%2Fvar%2Frun%2Fldapi" write
by * read
# bdb database definitions
database bdb
suffix "dc=home,dc=ryanwilson,dc=com"
rootdn "uid=root,cn=users,dc=home,dc=ryanwilson,dc=com"
rootpw {SMD5}rddHtHIDi0mRFAo01222TvztzY0=
access to dn.onelevel="cn=users,dc=home,dc=ryanwilson,dc=com" attrs=@apple-user-info
by self write
by set="user/uid & [cn=admin,cn=groups,dc=home,dc=ryanwilson,dc=com]/memberUid" write
by dn.exact="cn=home.ryanwilson.com$,cn=computers,dc=home,dc=ryanwilson,dc=com" write
by sockurl="ldapi://%2Fvar%2Frun%2Fldapi" write
by * read
access to dn.base="cn=resources,dc=home,dc=ryanwilson,dc=com" attrs=children
by set="user/uid & [cn=admin,cn=groups,dc=home,dc=ryanwilson,dc=com]/memberUid" write
by dn.exact="cn=home.ryanwilson.com$,cn=computers,dc=home,dc=ryanwilson,dc=com" write
by sockurl="ldapi://%2Fvar%2Frun%2Fldapi" write
by dynacl/idattr/OP:ADD.exact=USERS write
by dynacl/idattr/OP:DELETE.exact=OWNER write
by * read
access to dn.onelevel="cn=resources,dc=home,dc=ryanwilson,dc=com" attrs=entry
by set="user/uid & [cn=admin,cn=groups,dc=home,dc=ryanwilson,dc=com]/memberUid" write
by dn.exact="cn=home.ryanwilson.com$,cn=computers,dc=home,dc=ryanwilson,dc=com" write
by sockurl="ldapi://%2Fvar%2Frun%2Fldapi" write
by dnattr=creatorsName write
by dynacl/idattr.exact=OWNER write
by * read
access to dn.onelevel="cn=resources,dc=home,dc=ryanwilson,dc=com" attrs=@apple-resource
by set="user/uid & [cn=admin,cn=groups,dc=home,dc=ryanwilson,dc=com]/memberUid" write
by dn.exact="cn=home.ryanwilson.com$,cn=computers,dc=home,dc=ryanwilson,dc=com" write
by sockurl="ldapi://%2Fvar%2Frun%2Fldapi" write
by dynacl/idattr.exact=OWNER write
by * read
access to dn.base="cn=places,dc=home,dc=ryanwilson,dc=com" attrs=children
by set="user/uid & [cn=admin,cn=groups,dc=home,dc=ryanwilson,dc=com]/memberUid" write
by dn.exact="cn=home.ryanwilson.com$,cn=computers,dc=home,dc=ryanwilson,dc=com" write
by sockurl="ldapi://%2Fvar%2Frun%2Fldapi" write
by dynacl/idattr/OP:ADD.exact=USERS write
by dynacl/idattr/OP:DELETE.exact=OWNER write
by * read
access to dn.onelevel="cn=places,dc=home,dc=ryanwilson,dc=com" attrs=entry
by set="user/uid & [cn=admin,cn=groups,dc=home,dc=ryanwilson,dc=com]/memberUid" write
by dn.exact="cn=home.ryanwilson.com$,cn=computers,dc=home,dc=ryanwilson,dc=com" write
by sockurl="ldapi://%2Fvar%2Frun%2Fldapi" write
by dnattr=creatorsName write
by dynacl/idattr.exact=OWNER write
by * read
access to dn.onelevel="cn=places,dc=home,dc=ryanwilson,dc=com" attrs=@apple-resource
by set="user/uid & [cn=admin,cn=groups,dc=home,dc=ryanwilson,dc=com]/memberUid" write
by dn.exact="cn=home.ryanwilson.com$,cn=computers,dc=home,dc=ryanwilson,dc=com" write
by sockurl="ldapi://%2Fvar%2Frun%2Fldapi" write
by dynacl/idattr.exact=OWNER write
by * read
access to dn.base="cn=maps,dc=home,dc=ryanwilson,dc=com" attrs=children
by set="user/uid & [cn=admin,cn=groups,dc=home,dc=ryanwilson,dc=com]/memberUid" write
by dn.exact="cn=home.ryanwilson.com$,cn=computers,dc=home,dc=ryanwilson,dc=com" write
by sockurl="ldapi://%2Fvar%2Frun%2Fldapi" write
by dynacl/idattr/OP:ADD.exact=USERS write
by dynacl/idattr/OP:DELETE.exact=OWNER write
by * read
access to dn.onelevel="cn=maps,dc=home,dc=ryanwilson,dc=com" attrs=entry
by set="user/uid & [cn=admin,cn=groups,dc=home,dc=ryanwilson,dc=com]/memberUid" write
by dn.exact="cn=home.ryanwilson.com$,cn=computers,dc=home,dc=ryanwilson,dc=com" write
by sockurl="ldapi://%2Fvar%2Frun%2Fldapi" write
by dnattr=creatorsName write
by dynacl/idattr.exact=OWNER write
by * read
access to dn.onelevel="cn=maps,dc=home,dc=ryanwilson,dc=com" attrs=@apple-resource
by set="user/uid & [cn=admin,cn=groups,dc=home,dc=ryanwilson,dc=com]/memberUid" write
by dn.exact="cn=home.ryanwilson.com$,cn=computers,dc=home,dc=ryanwilson,dc=com" write
by sockurl="ldapi://%2Fvar%2Frun%2Fldapi" write
by dynacl/idattr.exact=OWNER write
by * read
access to dn.base="cn=people,dc=home,dc=ryanwilson,dc=com" attrs=children
by set="user/uid & [cn=admin,cn=groups,dc=home,dc=ryanwilson,dc=com]/memberUid" write
by dn.exact="cn=home.ryanwilson.com$,cn=computers,dc=home,dc=ryanwilson,dc=com" write
by sockurl="ldapi://%2Fvar%2Frun%2Fldapi" write
by dynacl/idattr/OP:ADD.exact=USERS write
by dynacl/idattr/OP:DELETE.exact=OWNER write
by * read
access to dn.onelevel="cn=people,dc=home,dc=ryanwilson,dc=com" attrs=entry
by set="user/uid & [cn=admin,cn=groups,dc=home,dc=ryanwilson,dc=com]/memberUid" write
by dn.exact="cn=home.ryanwilson.com$,cn=computers,dc=home,dc=ryanwilson,dc=com" write
by sockurl="ldapi://%2Fvar%2Frun%2Fldapi" write
by dnattr=creatorsName write
by dynacl/idattr.exact=OWNER write
by * read
access to dn.onelevel="cn=people,dc=home,dc=ryanwilson,dc=com" attrs=@extensibleObject
by set="user/uid & [cn=admin,cn=groups,dc=home,dc=ryanwilson,dc=com]/memberUid" write
by dn.exact="cn=home.ryanwilson.com$,cn=computers,dc=home,dc=ryanwilson,dc=com" write
by sockurl="ldapi://%2Fvar%2Frun%2Fldapi" write
by dynacl/idattr.exact=OWNER write
by * read
access to dn.onelevel="cn=computers,dc=home,dc=ryanwilson,dc=com" attrs=apple-serviceinfo,apple-serviceslocator,apple-keyword
by self write
by set="user/uid & [cn=admin,cn=groups,dc=home,dc=ryanwilson,dc=com]/memberUid" write
by dn.exact="cn=home.ryanwilson.com$,cn=computers,dc=home,dc=ryanwilson,dc=com" write
by sockurl="ldapi://%2Fvar%2Frun%2Fldapi" write
by * read
access to dn.onelevel="cn=computers,dc=home,dc=ryanwilson,dc=com" attrs=entry,apple-realname,description,macAddress,authAuthority,userPassword
by set="user/uid & [cn=admin,cn=groups,dc=home,dc=ryanwilson,dc=com]/memberUid" write
by dn.exact="cn=home.ryanwilson.com$,cn=computers,dc=home,dc=ryanwilson,dc=com" write
by sockurl="ldapi://%2Fvar%2Frun%2Fldapi" write
by dnattr=creatorsName write
by * read
access to dn.base="cn=computers,dc=home,dc=ryanwilson,dc=com" attrs=children
by set="user/uid & [cn=admin,cn=groups,dc=home,dc=ryanwilson,dc=com]/memberUid" write
by dn.exact="cn=home.ryanwilson.com$,cn=computers,dc=home,dc=ryanwilson,dc=com" write
by sockurl="ldapi://%2Fvar%2Frun%2Fldapi" write
by dynacl/idattr/OP:ADD.exact=USERS write
by * read
access to dn.base="cn=groups,dc=home,dc=ryanwilson,dc=com" attrs=children
by set="user/uid & [cn=admin,cn=groups,dc=home,dc=ryanwilson,dc=com]/memberUid" write
by dn.exact="cn=home.ryanwilson.com$,cn=computers,dc=home,dc=ryanwilson,dc=com" write
by sockurl="ldapi://%2Fvar%2Frun%2Fldapi" write
by dynacl/idattr/OP:ADD.exact=USERS write
by dynacl/idattr/OP:DELETE.exact=OWNER write
by * read
access to dn.onelevel="cn=groups,dc=home,dc=ryanwilson,dc=com" attrs=entry
by set="user/uid & [cn=admin,cn=groups,dc=home,dc=ryanwilson,dc=com]/memberUid" write
by dn.exact="cn=home.ryanwilson.com$,cn=computers,dc=home,dc=ryanwilson,dc=com" write
by sockurl="ldapi://%2Fvar%2Frun%2Fldapi" write
by dnattr=creatorsName write
by dynacl/idattr.exact=OWNER write
by * read
access to dn.onelevel="cn=groups,dc=home,dc=ryanwilson,dc=com" attrs=apple-group-nestedgroup,apple-group-realname,description,apple-serviceslo cator,apple-user-picture,apple-group-services,apple-contactguid,apple-ownerguid, jpegPhoto,labeledURI,apple-selfwrite
by set="user/uid & [cn=admin,cn=groups,dc=home,dc=ryanwilson,dc=com]/memberUid" write
by dn.exact="cn=home.ryanwilson.com$,cn=computers,dc=home,dc=ryanwilson,dc=com" write
by sockurl="ldapi://%2Fvar%2Frun%2Fldapi" write
by dynacl/idattr.exact=OWNER write
by * read
access to dn.onelevel="cn=groups,dc=home,dc=ryanwilson,dc=com" attrs=apple-group-memberguid
by set="user/uid & [cn=admin,cn=groups,dc=home,dc=ryanwilson,dc=com]/memberUid" write
by dn.exact="cn=home.ryanwilson.com$,cn=computers,dc=home,dc=ryanwilson,dc=com" write
by sockurl="ldapi://%2Fvar%2Frun%2Fldapi" write
by dynacl/idattr.exact=OWNER write
by dynacl/idattr/BOOLATTR:apple-selfwrite;SELFATTR:apple-generateduid.exact=SELFWR ITE write
by * read
access to dn.onelevel="cn=groups,dc=home,dc=ryanwilson,dc=com" attrs=memberUid
by set="user/uid & [cn=admin,cn=groups,dc=home,dc=ryanwilson,dc=com]/memberUid" write
by dn.exact="cn=home.ryanwilson.com$,cn=computers,dc=home,dc=ryanwilson,dc=com" write
by sockurl="ldapi://%2Fvar%2Frun%2Fldapi" write
by dynacl/idattr.exact=OWNER write
by dynacl/idattr/BOOLATTR:apple-selfwrite;SELFATTR:uid.exact=SELFWRITE write
by * read
access to *
by set="user/uid & [cn=admin,cn=groups,dc=home,dc=ryanwilson,dc=com]/memberUid" write
by dn.exact="cn=home.ryanwilson.com$,cn=computers,dc=home,dc=ryanwilson,dc=com" write
by sockurl="ldapi://%2Fvar%2Frun%2Fldapi" write
by * read
sasl-regexp
uid=host/(.),cn=.,cn=gssapi,cn=auth
"uid=$1,cn=computers,dc=home,dc=ryanwilson,dc=com"
sasl-regexp
uid=(.[$]),cn=.,cn=auth
"cn=$1,cn=computers,dc=home,dc=ryanwilson,dc=com"
sasl-regexp
uid=(.),cn=.*,cn=.,cn=auth
"uid=$1,cn=users,dc=home,dc=ryanwilson,dc=com"
sasl-regexp
uid=(.),cn=.,cn=auth
"uid=$1,cn=users,dc=home,dc=ryanwilson,dc=com"
# use crypt passwords to support older clients
password-hash {CRYPT}
password-crypt-salt-format "%.2s"
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd/tools. Mode 700 recommended.
directory /var/db/openldap/openldap-data
# checkpoint the database every 10MB of logging and every 1 hour
checkpoint 10240 60
# Indices to maintain
index cn,sn,uid,apple-serviceslocator pres,eq,approx,sub
index uidNumber,gidNumber eq
index memberUid eq
index sambaSID,rid eq
index sambaPrimaryGroupSID eq
index apple-generateduid eq
index ou eq
index apple-group-realname eq
index macAddress eq
index apple-category eq
index apple-computers eq
index apple-networkview eq
index apple-group-memberguid eq
index apple-group-nestedgroup eq
index objectClass eq
timelimit 60
idletimeout 300
cachesize 20000
idlcachesize 10000

So I did a bit more work on this and came up with the following to disabled SSL and get slapd running again:
1) sudo emacs /etc/openldap/slapd_macosxserver.conf; comment out the following lines for the following parameters: TLSCertificateFile, TLSCertificateKeyFile, and TLSCertificatePassphraseTool
2) sudo emacs '/etc/openldap/slapd.d/cn=config.ldif'; comment out the lines for the following attributes: olcTLSCertificateFile, olcTLSCertificateKeyFile, olcTLSCertificatePassphraseTool
slapd started up just fine for me after this. This looks a lot like a bug. I'm not sure what the story is on the underlying issue, so I've filed a bug on ADC. I'll let you know what I hear.

Error on Opening "Embedded OC4J Server Preferences"

When I tried to open Tools-->Embedded OC4J Server Preferences, I got the following error:
java.lang.NullPointerException
     at oracle.ide.net.URLFactory.newURL(URLFactory.java:85)
     at oracle.jdevimpl.runner.oc4j.Oc4jWorkspaceConfig.transmogrifyConfigFiles(Oc4jWorkspaceConfig.java:224)
     at oracle.jdevimpl.runner.oc4j.Oc4jWorkspaceConfig.configureAll(Oc4jWorkspaceConfig.java:112)
     at oracle.jdevimpl.runner.oc4j.EmbeddedServerAdminCommand.doit(EmbeddedServerAdminCommand.java:50)
     at oracle.ide.CommandProcessor.invokeImpl(CommandProcessor.java:391)
     at oracle.ide.CommandProcessor.invoke(CommandProcessor.java:343)
     at oracle.ide.CommandProcessor.invoke(CommandProcessor.java:110)
     at oracle.ide.IdeAction.performAction(IdeAction.java:665)
     at oracle.ide.IdeAction$1.run(IdeAction.java:857)
     at java.awt.event.InvocationEvent.dispatch(InvocationEvent.java:178)
     at java.awt.EventQueue.dispatchEvent(EventQueue.java:454)
     at java.awt.EventDispatchThread.pumpOneEventForHierarchy(EventDispatchThread.java:201)
     at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:151)
     at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:145)
     at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:137)
     at java.awt.EventDispatchThread.run(EventDispatchThread.java:100)
But it works in my colleague machine. What is wrong in my environment? We use Jdev 10g 9.05.1
Dan

If you have Web project, check if HTML Root Directory has got a Null value ?
Double-click on the project to bring up project properties
Select Input Paths
See the value for HTML Root Directory.
If it is Null or invalid, edit to make sure it is valid and Click ok.
If not, create a new/empty project and see if you can launch Embedded OC4J server preferences dialog for that project.
raghu
JDev Team

Open ldap + oc4j

Similar Messages

Maybe you are looking for