OSM 'oms-internal' user Security Violation errors
Hi Guys,
Have anyone ever came accross similar Exceptions in managed server logs?
om.mslv.oms.OMSException: [EJB:010160]Security Violation: User: 'oms-internal' has insufficient permission to access EJB: type=<ejb>, application=oms, module=security.jar, ejb=OMSThreadTransactionListener, method=create, methodInterface=Home, signature={}.
at com.mslv.oms.j2ee.l.a(Unknown Source)
at com.mslv.oms.j2ee.l.a(Unknown Source)
at com.mslv.oms.j2ee.l.a(Unknown Source)
at com.mslv.oms.eventengine.EventDispatcherEJB.processTimeout(Unknown Source)
at com.mslv.oms.eventengine.EventDispatcher_86q3j1_EOImpl.processTimeout(EventDispatcher_86q3j1_EOImpl.java:142)
at com.mslv.oms.poller.a.handleNotification(Unknown Source)
at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor$ListenerWrapper.handleNotification(DefaultMBeanServerInterceptor.java:1732)
at javax.management.NotificationBroadcasterSupport.handleNotification(NotificationBroadcasterSupport.java:257)
at javax.management.NotificationBroadcasterSupport$SendNotifJob.run(NotificationBroadcasterSupport.java:322)
at javax.management.NotificationBroadcasterSupport$1.execute(NotificationBroadcasterSupport.java:307)
at javax.management.NotificationBroadcasterSupport.sendNotification(NotificationBroadcasterSupport.java:229)
at javax.management.timer.Timer.sendNotification(Timer.java:1237)
at javax.management.timer.Timer.notifyAlarmClock(Timer.java:1206)
at javax.management.timer.TimerAlarmClock.run(Timer.java:1289)
at java.util.TimerThread.mainLoop(Timer.java:512)
at java.util.TimerThread.run(Timer.java:462)
Any help appreciated!
Could it be that the user should be assigned to groupd other then default
Edited by: 934200 on 07.06.2012 11:03
Similar Messages
-
Security-violation error in 3750
We Have a strange behavior with the computer of a user who connects with his laptop to the network through port replicator or docking station,Where we have a acs.When he goes to another place of the company in another City, Where we have other acs, he connects without port replicator directly to network,It works well. But when the laptop returns does not have
network and the following message of error in switch appears:
May 16 07:51:23: %DOT1X-5-SECURITY_VIOLATION: Security violation on interface FastEthernet1/0/27, New MAC address 00c0.f200.53f0 is seen on the interface in Single Host mode
May 16 07:51:23: %PM-4-ERR_DISABLE: security-violation error detected on Fa1/0/27, putting Fa1/0/27 in err-disable state
May 16 07:51:24: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1/0/27, changed state to down
May 16 07:51:25: %LINK-3-UPDOWN: Interface FastEthernet1/0/27, changed state to down
I execute the commando "shutdown" and "not shutdown" in the interface of switch, and soon the commando: "dot1x port-control auto" and soon "not dot1x port-control auto". laptop make authentication and begins to work well.
What think you about What this occurring?Hi,
Is there any port security being set on the switch?
are you able to paste your config file here?
thanks,
rgds,
ken L -
Security Violation Error while running schedule task from OIM.
Hi All,
I am getting this error while running a custom java schedule task from OIM:
*Thor.API.Exceptions.tcAPIException [EJB:010160] Security Violation: User '<anonymous>' has insufficient permission to access EJB:*
type=<ejb>,application=Xellerate,module=xlDataObjectBeans.jar,ejb=tcReconciliationoperations,method=createDeleteReconciliationEvent
at Thor.API.Operations.tcReconciliationOperationsClient.createDeleteReconciliationEvent(UnKnown Source).
I got this error as soon as my code start creating Delete Reconciliation Event.
Note: I have already protected the JNDI Namespace.
Please provide some pointers.
Regards,
SunnyHi Rajiv,
Check this:
package com.centrica.iam.scheduletask;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileFilter;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Date;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Set;
import oracle.iam.connectors.common.ConnectorLogger;
import com.thortech.xl.dataaccess.tcDataSet;
import com.thortech.xl.dataaccess.tcDataSetException;
import com.thortech.xl.dataobj.PreparedStatementUtil;
import com.thortech.xl.orb.dataaccess.tcDataAccessException;
import com.thortech.xl.scheduler.tasks.SchedulerBaseTask;
import Thor.API.tcResultSet;
import Thor.API.Exceptions.tcAPIException;
import Thor.API.Exceptions.tcInvalidValueException;
import Thor.API.Operations.tcLookupOperationsIntf;
import Thor.API.Operations.tcReconciliationOperationsIntf;
import Thor.API.Operations.tcSchedulerOperationsIntf;
public class CustomFlatFile extends SchedulerBaseTask {
private static tcSchedulerOperationsIntf schedulerIntf;
private static tcLookupOperationsIntf lookupIntf;
private static tcReconciliationOperationsIntf reconIntf;
String sObjectName;
String LookupName;
String LookupName2;
String FileDirectory;
String FileName;
String File;
String delimeter;
String isDeleteTrue;
HashMap<String, String> attrMap = new HashMap();
HashMap<String, String> delMap = new HashMap();
HashMap<String, String> finalMap = new HashMap();
ArrayList list = new ArrayList();
public boolean isReconStopped;
public CustomFlatFile()
isReconStopped = false;
public void init()
LookupName = getAttribute("Attribute Lookup Name");
FileDirectory = getAttribute("Directory Path");
FileName = getAttribute("File Name");
delimeter = getAttribute("Delimeter");
sObjectName = getAttribute("Resource Object Name");
isDeleteTrue = getAttribute("Is Delete Allowed");
public void execute(){
try {
System.out.println("Start Exceute");
//Initiate lookupIntf
lookupIntf = (tcLookupOperationsIntf)getUtility("Thor.API.Operations.tcLookupOperationsIntf");
reconIntf=(tcReconciliationOperationsIntf)getUtility("Thor.API.Operations.tcReconciliationOperationsIntf");
catch (tcAPIException tcapiexception){
tcapiexception.printStackTrace();
//logger.error(classname, s, tcapiexception.toString());
//logger.setStackTrace(tcapiexception, classname, s, tcapiexception.getMessage());
catch (Exception excep){
excep.printStackTrace();
//logger.error(classname, s, excep.toString());
//logger.setStackTrace(excep, classname, s, excep.getMessage());
attrMap = readLookup(LookupName);
System.out.println(attrMap.toString());
readFile();
if (isDeleteTrue.equalsIgnoreCase("true"))
performDelete();
System.out.println("Finish Execute");
public void performDelete()
System.out.println("Start Perform delete");
int k = list.size();
System.out.println("list size " + list.size());
try
Thread.sleep(15000);
/* Hashtable ahashtable[] = new Hashtable[k];
Hashtable hashtable = new Hashtable();
for (int i=0;i<k;i++)
hashtable.put("User Id", list.get(i));
ahashtable[i] = hashtable;
System.out.println(list.get(i));
Set set = reconIntf.provideDeletionDetectionData(sObjectName, ahashtable);
System.out.println("Set--" + set.toString());
tcResultSet tcresultset = reconIntf.getMissingAccounts(sObjectName, set);
System.out.println("tcresultset - " + tcresultset.getRowCount());
if (!(tcresultset.isEmpty()))
long l[] = reconIntf.deleteDetectedAccounts(tcresultset);
for (int i1=0;i1<l.length;i1++)
System.out.println("delete recon key " + l[i1]);
//Get the existing list of Managed users
tcDataSet tcdataset = new tcDataSet();
tcDataSet tcdataset1 = new tcDataSet();
String query = "select orf.orf_fieldname,prf.prf_columnname, sdk.sdk_name from orf, sdk, pkg, tos, prf, obj " +
"where pkg.obj_key = obj.obj_key and pkg.pkg_key = tos.pkg_key and tos.sdk_key is not null " +
"and tos.sdk_key=sdk.sdk_key and tos.tos_key=prf.tos_key and prf.prf_iskey='1' and prf.orf_key=orf.orf_key " +
"and orf.orf_parent_orf_key is null and obj.obj_name='" + sObjectName + "'";
tcdataset.setQuery(getDataBase(), query);
tcdataset.executeQuery();
String FFName = tcdataset.getString("prf_columnname");
String FName = tcdataset.getString("sdk_name");
String ROFName = tcdataset.getString("orf_fieldname");
System.out.println("form- " + FName + " Field- " + FFName);
query = "select " + FFName + " from " + FName + " udtable, oiu a, ost b " +
"where udtable.orc_key=a.orc_key and a.ost_key=b.ost_key and b.ost_status!='Revoked'";
System.out.println(query);
tcdataset1.setQuery(getDataBase(), query);
tcdataset1.executeQuery();
int i = tcdataset1.getRowCount();
ArrayList list1 = new ArrayList();
String s1 = null;
System.out.println("N. of rows--" + i);
for (int j=0;j<i;j++)
tcdataset1.goToRow(j);
s1 = tcdataset1.getString(0);
System.out.println("s1---" + s1);
if (!(list.contains(s1)))
list1.add(s1);
System.out.println("under if--" + s1);
//Getting the existing list of unmanaged users
query = "select distinct (b.rcd_value) from rce a, rcd b, orf c, obj d where a.rce_key=b.rce_key and " +
"b.orf_key=c.orf_key and c.orf_fieldname='" + ROFName + "' and a.rce_status!='Event Linked' " +
"and a.obj_key = d.obj_key and d.obj_name='" + sObjectName + "'";
tcdataset1.setQuery(getDataBase(), query);
tcdataset1.executeQuery();
i = tcdataset1.getRowCount();
System.out.println("No. Of Unmanaged Users " + i);
for (int j=0;j<i;j++)
tcdataset1.goToRow(j);
s1 = tcdataset1.getString(0);
System.out.println("s1---" + s1);
if (!(list.contains(s1)))
list1.add(s1);
System.out.println("under if--" + s1);
int k1 = list1.size();
System.out.println("list1 size--" + k1);
for (int j1=0;j1<k1;j1++)
delMap.clear();
delMap.put(ROFName, (String)list1.get(j1));
System.out.println(delMap.toString());
long l = reconIntf.createDeleteReconciliationEvent(sObjectName, delMap);
System.out.println("delete recon key--- " + l);
catch (Exception exception)
exception.printStackTrace();
public void readFile(){
String s = "readFile()";
//logger.setMethodStartLog(classname, s);
HashMap map = new HashMap();
try {
File = getFile();
BufferedReader reader = new BufferedReader(new FileReader(new
File(File)));
String line = "";
int k = attrMap.size();
String value[] = new String[k];
String Header[]= new String[k];
if (delimeter.equalsIgnoreCase("|"))
delimeter = "\\" + delimeter;
line = reader.readLine();
Header = line.split(delimeter);
while((line = reader.readLine()) != null)
value = line.split(delimeter);
k = value.length;
for (int i = 0;i<k;i++){
finalMap.put(attrMap.get(Header), value[i]);
System.out.println(finalMap.toString());
System.out.println("Start Ignoring Event");
if (!(reconIntf.ignoreEvent(sObjectName, finalMap)))
System.out.println("Not Ignored");
long l1 = reconIntf.createReconciliationEvent(sObjectName, finalMap, true);
System.out.println("Recon Key--" + l1);
else
System.out.println("ignore event ---" + finalMap.toString());
list.add(finalMap.get("User Id"));
System.out.println(list.size() + "add--" +finalMap.get("User Id") );
finalMap.clear();
catch (Exception exception)
exception.printStackTrace();
public boolean stop(){
String s = "stop()";
//logger.setMethodStartLog(classname, s);
//logger.info(classname, s, "Stopping Reconciliation........");
isReconStopped = true;
//logger.setMethodFinishLog(classname, s);
return true;
FileFilter fileFilter = new FileFilter()
public boolean accept(File file)
String sFilePath = file.getName();
if( sFilePath.startsWith(FileName) )
return true;
else
return false;
public String getFile() throws FileNotFoundException, Exception{
String s = "getFile()";
//logger.setMethodStartLog(classname, s);
String s1;
File dir = new File(FileDirectory);
File[] files = dir.listFiles(fileFilter);
if (files.length ==0)
throw new FileNotFoundException();
if (files.length>1)
throw new Exception("Multiple Matches found for this file name");
s1 = files[0].toString();
//logger.setMethodFinishLog(classname, s);
return s1;
public HashMap readLookup(String s1){
String s = "readLookup()";
//logger.setMethodStartLog(classname, s);
HashMap map = new HashMap();
try {
tcResultSet tc1= lookupIntf.getLookupValues(s1);
int i = tc1.getRowCount();
for (int j = 0;j<i;j++){
tc1.goToRow(j);
map.put(tc1.getStringValue("Lookup Definition.Lookup Code Information.Code Key"), tc1.getStringValue("Lookup Definition.Lookup Code Information.Decode"));
catch (tcAPIException tcapiexception){
tcapiexception.printStackTrace();
//logger.error(classname, s, tcapiexception.toString());
//logger.setStackTrace(tcapiexception, classname, s, tcapiexception.getMessage());
catch (Exception excep){
excep.printStackTrace();
//logger.error(classname, s, excep.toString());
//logger.setStackTrace(excep, classname, s, excep.getMessage());
return map; -
Security violation error (error code 2148532330) in Acrobat Pro XI with Windows 8
I have two certificates, physically residing on the same (Belgian) government issued smart card. One is labeled "Authentication" (Intended usage: sign transaction), and the other is labeled "Signature" (Intended usage: sign document). I have been trying to add a signature to a pdf document in Acrobat Pro XI (trial) on WIndows 8 Home (64 bit). It works perfectly with the "Authentication" certificate, but all attempts with the "Signature" certificate yield the following error:
Error encountered while signing:
The Windows Cryptographic Service Provider reported an error:
Access was denied because of a security violation.
Error Code: 2148532330
The only relevant difference between both certificates that I have been able to spot, is in the "key usage" field of the certificate ("sign transaction" versus "sign document"). Any thoughts on what might be wrong?
Thanks.I assume you are implying "biztax" application here, right?
I have contacted their program lead, with no result at all.
Past days I have been searching for a solution - reinstalls / new systems - no solution.
This issue appeared a week or two ago only.
I found http://forums.adobe.com/message/5338853 useful - but no positive results either.
http://test.eid.belgium.be/faq/faq_nl.htm obviously didnt help either.
If anyone finds a solution to this issue, please do let me know - any help is appreciated.
Biztax tells to use the "signature", not the "authentication" - but it is only Auth. that is showing up as option to sign (that works)
ps, did you fiddle with the Adobe Reader XI security settings and import that PKI etc as well? I hoped that would be the breaktrough. Sadly i'm still crying in my chair.
Oh, and dont forget: they claim nobody else got this issue. Maybe one or two people. (We got about 8 customers experiencing exactly the same symptoms at the same time )
> I noticed that when I try to open the pdf document that is 'signed' by the government it is not showing the filename in the title bar, but only " - Adobe Reader". every piece of info helps I guess.
Obviously last version of Reader 11.0.03 -
Sandbox security violation error on compiling FDS
Hi,
I am trying to compile am mxml using Remote Object locally
using Flex SDK outside FlexBuilder.
I have used the command:
mxmlc -services="path\to\my\services-config.xml"
-context-root=\ContextRoot FileName.mxml
I am getting the following error when I try to run the swf
generated:
[RPC Fault faultString="Send failed"
faultCode="Client.Error.MessageSend"
faultDetail="Channel.Security.Error error Error #2048: Security
sandbox violation:
http://localhost:9080/iReports/flexFiles/mxml/AdminServices.swf
cannot load data from
http://localhost:9080iReports/messagebroker/amf."
at mx.rpc::AbstractInvoker/
http://www.adobe.com/2006/flex/mx/internal::faultHandler()
at mx.rpc::Responder/fault()
at mx.rpc::AsyncRequest/fault()
at mx.messaging::ChannelSet/::faultPendingSends()
at mx.messaging::ChannelSet/channelFaultHandler()
at
flash.events::EventDispatcher/flash.events:EventDispatcher::dispatchEventFunction()
at flash.events::EventDispatcher/dispatchEvent()
at
mx.messaging.channels::NetConnectionChannel/::defaultErrorHandler()
at
mx.messaging.channels::NetConnectionChannel/::securityErrorHandler()
Can anybody help me?
Thanks in advance,
ChereeHi Sven,
Thank u so much for replying.
I ll definitely keep in mind what u told.
But my current issue is solved. The problem was:
[RPC Fault faultString="Send failed"
faultCode="Client.Error.MessageSend"
faultDetail="Channel.Security.Error error Error #2048: Security
sandbox violation:
http://localhost:9080/iReports/flexFiles/mxml/AdminServices.swf
cannot load data from
http://localhost:9080iReports/messagebroker/amf."
If u observe in the error message, the server was trying to
load '9080iReports', not '9080/iReports'. This is because I was
giving -context-root=\ContextRoot instead of
-context-root=/ContextRoot.
So, a silly mistake of using a back slash instead of forward
slash.
Thanks again,
Cheree -
802.1X Port Based Authentication - IP Phone- MDA - Port Security Violation
I have configured 802.1X authentication on selected ports of a Cisco Catalyst 2960S with Micorsoft NPS Radius authentication on a test LAN. I have tested the authentication with a windows XP laptop, a windows 7 laptop with 802.1X, eap-tls authentication and a Mitel 5330 IP Phone using EAP-MD5 aithentication. All the above devices work with with the MS NPS server. However in MDA mode when the 802.1x compliant windows 7 laptop is connected to the already authenticated Mitel IP Phone, the port experiences a security violation and the goes into error sdisable mode.
Feb 4 19:16:16.571: %AUTHMGR-5-START: Starting 'dot1x' for client (24b6.fdfa.749b) on Interface Gi1/0/1 AuditSessionID AC10A0FE0000002F000D3CED
Feb 4 19:16:16.645: %DOT1X-5-SUCCESS: Authentication successful for client (24b6.fdfa.749b) on Interface Gi1/0/1 AuditSessionID AC10A0FE0000002F000D3CED
Feb 4 19:16:16.645: %PM-4-ERR_DISABLE: security-violation error detected on Gi1/0/1, putting Gi1/0/1 in err-disable state
Feb 4 19:16:17.651: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/1, changed state to down
Feb 4 19:16:18.658: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/1, changed state to down
If the port config is changed to "authentication host-mode multi-auth", and the laptop is connected to the phone the port does not experience the security violation but the 802.1x authentication for the laptop fails.
The ports GI1/0./1 & Gi1/02 are configured thus:
interface GigabitEthernet1/0/1
switchport mode access
switchport voice vlan 20
authentication event fail action authorize vlan 4
authentication event no-response action authorize vlan 4
authentication event server alive action reinitialize
authentication host-mode multi-domain
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
mab
mls qos trust cos
dot1x pae authenticator
spanning-tree portfast
sh ver
Switch Ports Model SW Version SW Image
* 1 52 WS-C2960S-48FPS-L 15.2(1)E1 C2960S-UNIVERSALK9-M
Full config attached. Assistance will be grately appreciated.
DonfricoI am currently trying to get 802.1x port authentication working on a Cat3550 against Win2003 IAS but the IAS log shows a invalid message-authenticator error. The 3550 just shows failed. When I authenticate against Cisco ACS (by simply changing the radius-server) it works perfectly.
However, I am successfully using IAS to authenticate WPA users on AP1210s so RADIUS appears to be OK working OK.
Are there special attributes that need to be configured on the switch or IAS? -
802.1X Port Based Authentication Security Violation
I have configured 802.1X authentication on selected ports of a Cisco Catalyst 2960S with Micorsoft NPS Radius authentication on a test LAN. I have tested the authentication with a windows XP laptop, a windows 7 laptop with 802.1X, eap-tls authentication and a Mitel 5330 IP Phone using EAP-MD5 aithentication. All the above devices work with with the MS NPS server. However in MDA mode when the 802.1x compliant windows 7 laptop is connected to the already authenticated Mitel IP Phone, the port experiences a security violation and the goes into error sdisable mode.
Feb 4 19:16:16.571: %AUTHMGR-5-START: Starting 'dot1x' for client (24b6.fdfa.749b) on Interface Gi1/0/1 AuditSessionID AC10A0FE0000002F000D3CED
Feb 4 19:16:16.645: %DOT1X-5-SUCCESS: Authentication successful for client (24b6.fdfa.749b) on Interface Gi1/0/1 AuditSessionID AC10A0FE0000002F000D3CED
Feb 4 19:16:16.645: %PM-4-ERR_DISABLE: security-violation error detected on Gi1/0/1, putting Gi1/0/1 in err-disable state
Feb 4 19:16:17.651: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/1, changed state to down
Feb 4 19:16:18.658: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/1, changed state to down
If the port config is changed to "authentication host-mode multi-auth", and the laptop is connected to the phone the port does not experience the security violation but the 802.1x authentication for the laptop fails.
The ports GI1/0./1 & Gi1/02 are configured thus:
interface GigabitEthernet1/0/1
switchport mode access
switchport voice vlan 20
authentication event fail action authorize vlan 4
authentication event no-response action authorize vlan 4
authentication event server alive action reinitialize
authentication host-mode multi-domain
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
mab
mls qos trust cos
dot1x pae authenticator
spanning-tree portfast
sh ver
Switch Ports Model SW Version SW Image
* 1 52 WS-C2960S-48FPS-L 15.2(1)E1 C2960S-UNIVERSALK9-M
Full config attached. Assistance will be grately appreciated.
DonfricoI believe , you need to configure re-authentication on this switch port:
! Enable re-authentication
authentication periodic
! Enable re-authentication via RADIUS Session-Timeout
authentication timer reauthenticate server -
H,
Since upgrading Windows server 2008 R2 to Server 2012 Standard edition, we get this repetitious critical error in the event log:
Event 1001
Op Code NLS initialization
The NLS operation failed because the registry key Control Panel\International\User Profile cannot be opened. Error code is 2. Error message: The system cannot find the file specified.
We originally found that the regional date settings after changing them in regional settings (DD/MM/YYYY) and they did not inherit properly from the upgrade but they are ok now.
I've looked at HKCU\.Default\Control Panel\International and nothing looks obviously wrong. Country codes, time & date formats are correct.
How do we ascertain the cause of this error and the specific registry key that might be problematic?Hi,
This could be caused by firewall rules or security softwares.
http://www.tomshardware.com/forum/242579-44-hkcu-control-panel-international-opened
And in addition, the fix is worth a try.
Nothing happens when you double-click "Region" in Control Panel
http://support.microsoft.com/kb/2958845
Please Note: Since the first web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information. -
Password Violation error while creating users from Admin interface
Guys,
The Sun Identity Manager system throws policy violation error while creating users from Sun Identity Manager Admin interface.
Current System:
1. I have configured TAM Pass-Thru authentication for End User Login Application.
2. I have an admin user 'testsjimadmin1' who has admin capabilities. testsjimadmin1 user has default SJIM password policy.
3. I have custom password policies configured for different orgainizatoions
Problem:
1. The Sun Identity Manager throws a password policy violation error when 'testsjimadmin1' tries to create an user with valid or invalid password from Sun Identity Manager Admin interface.
2. If TAM Pass-thru authentication is removed for 'End User Login Application' and Sun Identity Manager default authentication is configured for 'End User Login Application' then testsjimadmin1 was able to create user successfully without any errors.
Please let me know if any configurations are required to be made on Sun Identity Manager for TAM Pass-Thru authentication so that admin users can create users successfully from admin interface.
Appreciate your help!!!
Thanks
VijayGuys,
The Sun Identity Manager system throws policy violation error while creating users from Sun Identity Manager Admin interface.
Current System:
1. I have configured TAM Pass-Thru authentication for End User Login Application.
2. I have an admin user 'testsjimadmin1' who has admin capabilities. testsjimadmin1 user has default SJIM password policy.
3. I have custom password policies configured for different orgainizatoions
Problem:
1. The Sun Identity Manager throws a password policy violation error when 'testsjimadmin1' tries to create an user with valid or invalid password from Sun Identity Manager Admin interface.
2. If TAM Pass-thru authentication is removed for 'End User Login Application' and Sun Identity Manager default authentication is configured for 'End User Login Application' then testsjimadmin1 was able to create user successfully without any errors.
Please let me know if any configurations are required to be made on Sun Identity Manager for TAM Pass-Thru authentication so that admin users can create users successfully from admin interface.
Appreciate your help!!!
Thanks
Vijay -
Last night when i tried to sign a document i received the mesage below and after that it says this document can't be signed what can i do to fix this problem.
Error encountered while signing:
The Windows Cryptographic Service Provider reported an error:
Access was denied because of a security violation.
Error Code: 2148532330I assume you are implying "biztax" application here, right?
I have contacted their program lead, with no result at all.
Past days I have been searching for a solution - reinstalls / new systems - no solution.
This issue appeared a week or two ago only.
I found http://forums.adobe.com/message/5338853 useful - but no positive results either.
http://test.eid.belgium.be/faq/faq_nl.htm obviously didnt help either.
If anyone finds a solution to this issue, please do let me know - any help is appreciated.
Biztax tells to use the "signature", not the "authentication" - but it is only Auth. that is showing up as option to sign (that works)
ps, did you fiddle with the Adobe Reader XI security settings and import that PKI etc as well? I hoped that would be the breaktrough. Sadly i'm still crying in my chair.
Oh, and dont forget: they claim nobody else got this issue. Maybe one or two people. (We got about 8 customers experiencing exactly the same symptoms at the same time )
> I noticed that when I try to open the pdf document that is 'signed' by the government it is not showing the filename in the title bar, but only " - Adobe Reader". every piece of info helps I guess.
Obviously last version of Reader 11.0.03 -
Get error while Integrating with Oracle's Enterprise User Security
Hi,
I am trying to create an Oracle Enterprise User integrating with OVD and MS Active Directory.
I am following all the steps in Integrating with Oracle's Enterprise User Security.
In the documentation section: "Configuring Oracle Virtual Directory for the Integration"
I have applied the steps successfully until:
Update and load the entries into the Local Store Adapters by performing the following steps:
I have successfully extended the Oracle Virtual Directory schema with the loadOVD.ldif
However I am getting errors in the next step: Update realmRoot.ldif to use your namespaces
The next step states the following:
Update realmRoot.ldif to use your namespaces, including the dn, dc, o, orclsubscriberfullname,
and memberurl attributes in the file. If you have a DN mapping between Active Directory and
Oracle Virtual Directory, use the DN that you see from Oracle Virtual Directory.
The realmRoot.ldif file is located in ORACLE_VIRTUAL_DIRECTORY_HOME/eus,
where ORACLE_VIRTUAL_DIRECTORY_HOME represents the location where Oracle Virtual Directory is installed.
The realmRoot.ldif file contains core entries in the directory namespace that Enterprise User Security queries. The realmRoot.ldif file also contains the dynamic group that contains the registered Enterprise User Security databases to allow secured access to sensitive Enterprise User Security related attributes, like the user's Enterprise User Security hashed password attribute.
Load your domain root information in the realmRoot.ldif file into Oracle Virtual Directory using the following command:
ldapmodify -h Oracle_Virtual_Directory_Host –p OVD_Port -D cn=admin -w Admin_Password -v -a –f realmRoot.ldif
When I run the ldapmodify command I get the following error:
add dc:
testldap
add objectclass:
top
domain
domainDNS
adding new entry DC=testldap,DC=local
ldap_add: Operations error
ldap_add: additional info: LDAP Error 1 : null
The actual realmRoot.ldif looks like this:
# Please uncomment the following one line if you are importing this
# LDIF file via OVD Manager or OVD Server's ldapmodify tool.
#version: 1
#dn: dc=com
#dc: com
#objectclass: domain
dn: DC=testldap,DC=local
changetype: add
dc: testldap
#o: subarashii
objectclass: top
objectclass: domain
objectclass: domainDNS
#objectclass: orclSubscriber
#orclsubscriberfullname: subarashii
#orclVersion: 90400
# If your domain structure has more layers than dc=subarashii,dc=com,
# for example, it's dc=us,dc=subarashii,dc=com, you will need to load
# the following ldif entry/entries too.
# Uncomment out the following, if required.
#dn: dc=us,dc=subarashii,dc=com
#orclversion: 90400
#orclsubscriberfullname: us
#objectclass: domain
#objectclass: top
#objectclass: orclSubscriber
#dc: us
# Adding EUSDBGroup entry
# Modify the memberurl attribute and replace it with your own domain name
#dn: cn=EUSDBGROUP,dc=subarashii,dc=com
#cn: EUSDBGROUP
#memberurl:ldap:///dc=subarashii,dc=com??sub?(&(objectclass=orclService)(objectclass=orclDBServer))
#objectclass:groupofuniquenames
#objectclass:groupofurls
#objectclass:topDid you ever get your questions answered about the realmRoot.ldif file? Did you manage to configure a successful integration of OVD with EUS? I am battling with trying to get Oracle Virtual Directory integrated with Enterprise User Security, but every step I take in Chapter 7 of the OVD manual fails in some way, and the instructions are often vague. I am not sure how to modify the realmRoot.ldif file. Is there any improved documentation on this? I have logged a Service Request, but not getting any help. Any resources or documentation you know of that provides better guidance would be much appreciated. I am way behind my schedule now and this is a very frustrating exercise.
Thanks. -
Hi,
1) Internal User expected exception:
Exception: Payments,apply credits,disputes and print are not supported when multiple customer/currency transactions are selected
2) External User is throwing below error instead of throwing above exception.
Error
You are trying to access a page that is no longer active.
The referring page may have come from a previous session. Please select Home
to proceed.
found this MACCHECK from fnd logs of external user payment.
MACCHECK: . Parameter failing validation is :mode. The parameter mode with value MultiPay could not be recognized as part of Server's response on the previous request. Incoming URL is : /OA_HTML/OA.jsp?page=/oracle/apps/ar/irec/endeca/webui/EndecaDummyPG . Current URL is : /OA_HTML/OA.jsp?page=/oracle/apps/ar/irec/endeca/webui/OIREndecaCustHomePG&akRegionApplicationId=222&_ti=1125493452&oapc=10&retainAM=Y&addBreadCrumb=N&oas=6-LL4ndIUFLX-2zjQAQD6A.. . Referer URL is : https://<hostname>:4443/endeca/web/ar/customer?doAsUserLanguageId=en_US&languageId=en_US . HTTP Request Method is : POST
can someone please help.
Thanks,
RRSWell, I compared my classpath between my windows batch file and the
makefile (that comes with the samples installation) on Solaris and realized
that I am using different sets of jars.
So, I removed the extra jars from the makefile to narrow down the
problem. If I remove the /opt/SUNWam/lib/servlet.jar from the makefile,
I can reproduce this problem on the Solaris box as well.
When I include this servlet.jar on my windows machine the program works!
Only jars I have in my classpath are amclientsdk.jar and servlet.jar which
I have copied from my installation (/opt/SUNWam/lib) on the Solaris box.
Just the same way, by copying the am_services.jar, saaj-api.jar, and jaxm-api.jar,
from the Solarix box to the windows machine,
I am also able to pull the assertions from the Access Manager.
I installed Sun Java Enterprise System 2005Q1 on a Solaris 10 machine.
During the installation, I configured to install the Access Manager
in Sun Application Server.
Why do I need to have different set of jars on the windows machine
for the Access Manager client SDK ?
Could you please point me to a download link where I could download
the correct Windows Access Manager Client SDK for
Sun Java System Access Manager 6.0 (Sun JES 2005Q1)?
Thanks. -
I'm a corporate user with a very large company that is using Microsoft Hosted Exchange services actually hosted by Microsoft employees at their facilities. I called Palm support and they were clueless and zero help. The lady pointed me to some Palm KB article that I had already read and only remotely had anything to do with my problem. I see nothing on this error message in the forums and google searches. Sprint has even replaced my palm pre due to other reasons and the same error occurs after I configure the exchange account. I'm also seeing the error when I configure my account on my wifes brand new pixi. Both our pre and pixi already have exchange accounts successfully configured on our phones that are hosted by sherweb. The sherweb exchange accounts work without issue. I have tried configuring this microsoft hosted exchange account 5-6 times with the same result. It accepts my configuration information and adds it to the list of available email accounts in the pre. However, it keeps popping up this message stating "Security policy error: "Exchange... Tap for details" (with a yellow exclamation mark). Then it says "Security Policy Error" The account Exchange (first part of my email address) is disabled because security policies cannot be set." "Leave it disabled" or "Remove Account". I know something is working because it enforced a Password or Pin policy on to my phone which is not required unless this account has been added. I can also see it in the "Mobile Devices" section of web outlook when I login. This is the place in web outlook where you can see the last time the device synced, where you can remote wipe the phone etc. If anyone has any idea how to resolve my issue please post. Any ideas? I'm fresh out of ideas on this problem and very frustrated with Palm Developers. Just another example of poor development and testing practices by Palm. I hope they correct this issue on subsequent releases but I am only marginally optimistic that they will ever get this exchange mail support to the level necessary to support large corporations. What I do know is that my Microsoft Hosted Exchange account works fine on a Windows Mobile phone and a iPhone 3GS (confirmed by other coworks who have configured their phones using our exchange services). As a result, I have no choice but to blame Palm for this problem instead of Microsoft. Palm please fully support microsoft exchange mail users!!!!
Post relates to: Pre p100eww (Sprint)
This question was solved.
View Solution.From my understanding of EAS and PDA devices, if the server as a policy to enforce and the device cannot provide that policy then the server will not allow the device to connect. The KB I gave you has a listing of what policies the devices supports, if your server supports more than that then it could deny the connection. As for what the iPhone does and does not do we cannot answer that due to we are not iPhone.
I did find an article that may explain a little better for PDA and exchange: http://www.infoworld.com/d/mobilize/how-avoid-smartphone-exchange-policy-lie-004 -
CMC tool raise http 404 error when viewing user security on server object.
Description of Problem or Question:
In investigating an issue promoting an LCM job, I attempted to use the CMC tool to look at the user security on a server object. When I executed the command the tool raised an error.
HTTP Status 404 - /CmcAppActions/jsp/Shared_Rights/rights.face.
type: Status Report
message: /CmcAppActions/jsp/Shared_rights/rights.face
description: The requested resource (/CmcAppActions/jsp/Shared_Rights/rights.face) is not available.
Product\Version\Service Pack\Fixpack (if applicable):
Business Objects XI 3.1 SP2
Apache Tomcat 5.5.20
Java 6.0.170
Relevant Environment Information (OS & version, java or .net & version, DB & version):
WIN Server 2003 Enterprise SP2
Sporadic or Consistent (if applicable):
Consistent error
What has already been tried (where have you searched for a solution to your question/problem):
I have done some research in service.sap.com and on the Web, but have found nothing concrete other than it appears to be an error in the install of the Tomcat server.
Edited by: Jon Russell on Jul 9, 2010 12:20 AMHi Alvaro,
Forgot this thread was open as of yet. There was a solutio but nothing concrete I can offer to th user community. The reason i that this devolved into a Note to SAP and, as I recall, the solution was for a BO consultant to remotely access our development server for BO an bsically do "brain surgery" in the SQL Server db we had supporting BO. It was a difficult issue an eventually required direct intervention from SAP-BO. -
Hi
restoring error - An error has occurred when generating user security settings
JPCHAPARRO is SAP ALL
UJBR >> Execute Restore >> Background
SM37 >> Execute
Jobs Summary >> BPC_BACKUP_PLSOLLA >> SPOOL
Error restore
security loading data ended in error.
An error has occurred when generating user security settings
SGL1
We found a note, but it appli to a previous version to which it is has
1643183 - BUI Roles are not created when copy environment
Best Regards
Juan PabloHi Ridwansyah
Thanks for de reply!!!
Yes, restore the environment on the same system (SBW), but in new environment Backup à (PLSOLLA) Restore à (PLSOLLA_NIIF)
in ST22 shows the same error that is attached to in the original message
security loading data ended in error.
An error has occurred when generating user security settings
Yes, the user JPCHAPARRO this within a team assigned to a task profile.
another test
was conducted environment backup and ENVIRONMENTSHELL I restore in a new environment. This process went successful.
Best Regards
Juan Pablo
Maybe you are looking for
-
Help! We set up family share a few weeks ago, and it was working fine with the organizer and two additional members. The three of us could see each other on app and iTunes stores and could view each other's purchased items. Then ... All of that di
-
Hello all..first time poster. So I have Office 365 installed. Running the owa Outlook and the desktop verison at the same time. Outlook 2013 servers from Microsoft. What I noticed is that changes to some don't affect others: On the owa version, I
-
HT201269 moving all music from iphone 3gs to iPhone 5
I am upgrading my 3ga phone to the 5 and before I started I synced my old phone to the cloud. I went to start up my new phone and everything was restored from my old phone except my music. Only 5 songs out of 161 songs were transfered and now they
-
Problem in installing Ultra Search
Hi all, We are facing problem while installing Ultra Search for Oracle 9i in Sun Solaris server. The Ultra Search documentation says that the middle tier component includes the following : 1. Ultra Search admininstration tool 2. Ultra Search Java que
-
Scripting help for image pop-up within a PDF
Hi, I'm creating some sample eBooks in Acrobat Professional 9 (Mac), and I am stuck on one element that needs to be present. In the text within the PDF, there might be a phrase like, "See Fig. 1". Fig. 1 might not be on that page, however. I know how