OVD join adapter to consolidate users
I need to join two directories and consolidate the users in one OVD adapter.
According to the doc, I should use oneToMany adapter condition? if so, what is the condition I should use to get users from AD and OID to one OVD adapter?
If the two sets of users are completely different than i would say you don't need a join adapter. Join adapters will add unnecessary performance overhead to your searches. Here's what you can do
Create an adapter for OID say ou=oid,o=root
Create an adapter for AD say ou=ad,o=root
then create a local adapter say o=root
you will have all your users under o=root
Hope this helps,
Sagar
Similar Messages
-
RDN of the join Adapter in OVD 11G
Hi,
In OVD 11G for a Join view adapter, the RDN on the join Adapter is from the primary adapter by default.
Is there any way to configure the Join adapter so the RDN on the join adapter is from the RDN of the non-primary adapter.
Any helps on this is appreciated.
Thanks,
MichaelNo separate licence required..
-
OVD Database Adapter w/ JDBC Thin Driver to 10G RAC DB Resource
I'm looking for feedback as to whether anyone has successfully consumed a RAC database resource through an OVD database adapter? If so, I am interested in what your host value in the adapter ui looked like.
I am successful with this connection only if I go against one of the RAC nodes directly, thus losing redundancy.
This is OVD 10G 10.1.4.3 on RHEL4
RAC DB 10G
I have tried:
(DESCRIPTION=(ADDRESS_LIST=(LOAD_BALANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=10.26.4.203)(PORT=1540))(ADDRESS=(PROTOCOL=TCP)(HOST=10.26.4.204)(PORT=1540)))
(DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = myhost)(PORT = 1540))(ADDRESS = (PROTOCOL = TCP)(HOST = myhost2)(PORT = 1540))(LOAD_BALANCE = yes)(CONNECT_DATA = (SERVICE_NAME = SCHTESTS)(FAILOVER_MODE = (TYPE = SELECT)(METHOD = BASIC)(RETRIES = 200)(DELAY = 5))))
(DESCRIPTION=(LOAD_BALANCE=on)(ADDRESS=(PROTOCOL=TCP)(HOST=myhost)(PORT=1540)) (ADDRESS=(PROTOCOL=TCP)(HOST=myhost2)(PORT=1540))(CONNECT_DATA=(SERVICE_NAME=SCHTESTS)))
OVD Manager seems to anticipate this format because it then rejects inputs on the host and port form fields which I take as a positive indicator.
Otherwise, this feels like taking shots in the dark...
Any assistance or feedback is much appreciated.
MarkSorted this out:
Used custom URL and made sure that the OVD Manager IDE was not appending any additional information following the closing bracket of the URL.
The full successful URL was as follows with no values in any of the other fields:
jdbc:oracle:thin:@(DESCRIPTION=(LOAD_BALANCE=on)(ADDRESS = (PROTOCOL = TCP)(HOST = host1)(PORT = 1540))(ADDRESS = (PROTOCOL = TCP)(HOST = host2)(PORT = 1540))(CONNECT_DATA=(SERVICE_NAME=SNAME))) -
Code(Adapter) for Checking User's Manager in AD
I am trying to make a code to be used as an adapter and use that adapter before create user task... The process should first check the presence of manager id in Microsoft AD(target system), if present then create the user....
Can anyone help me????????Hi,
You can have code something like this. You need to choose a manager attribute for example: employee number to search for manager in any LDAP.
public static DirContext getConn(String Address, String dn, String root,
String pwd, int port, boolean SSL) throws Exception {
Hashtable<String, String> env = new Hashtable<String, String>();
String url = "ldap://" + Address + ":" + port + "/" + root;
env.put(Context.INITIAL_CONTEXT_FACTORY, com.sun.jndi.ldap.LdapCtxFactory);
env.put(Context.PROVIDER_URL, url);
env.put(Context.SECURITY_AUTHENTICATION,"simple");
env.put(Context.SECURITY_PRINCIPAL,dn);
env.put(Context.SECURITY_CREDENTIALS,pwd);
if(SSL) {
env.put(Context.SECURITY_PROTOCOL,"ssl");
DirContext dirContext = new InitialDirContext(env);
return dirContext;
public String ManagerExists (Long processInstanceKey, String managerAttribute) {
DirContext adContext = getConn(Address, uid, root, passwd, port, SSL);
String managerExists= "No";String searchBase="";
String filter = "managerAttribute="+managerAttribute;
SearchControls searchControls = new SearchControls();
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
NamingEnumeration namingEnumeration = adminDirContext.search(searchBase, filter, searchControls);
if (namingEnumeration == null) {
managerExists="No";
while (namingEnumeration.hasMoreElements()) {
managerExists="Yes";
return managerExists;
Hope this helps.
regards,
GP -
CSOM (Javascript) Inner join CAML query on 'User Information List'
I need to pull site user details like (email, display name, phone) from 'User information list' using a 'inner join' on a different list 'SiteOwners' where 'Contact' is a person or group field.
The result object is not returning the details from 'User Information List' though it returns details from 'SiteOwners' list
<script src="/_layouts/15/SP.runtime.js" type="text/javascript"></script>
<script src="/_layouts/15/SP.js" type="text/javascript"></script>
<script type='text/javascript'>
'use strict';
//$(document).ready(function() {
function abc() {
var context = SP.ClientContext.get_current();
var web =context.get_web();
var stownrlist = web.get_lists().getByTitle('SiteOwners');
var camlqry = new SP.CamlQuery();
camlqry.set_viewXml = "<View>" +
"<Query></Query>" +
"<ViewFields>" +
"<FieldRef Name='Title'/>" +
"<FieldRef Name='Contact'/>" +
"<FieldRef Name='UserName'/>" +
"<FieldRef Name='UserEMail'/>" +
"<FieldRef Name='UserMobilePhone'/>" +
"</ViewFields>" +
"<ProjectedFields>" +
"<Field Name='UserName' Type='Lookup' List='User Information List' ShowField='Name' />" +
"<Field Name='UserEMail' Type='Lookup' List='User Information List' ShowField='EMail' />" +
"<Field Name='UserMobilePhone' Type='Lookup' List='User Information List' ShowField='MobilePhone' />" +
"</ProjectedFields>" +
"<Joins>" +
"<Join Type='INNER' ListAlias='User Information List'>" +
"<Eq>" +
"<FieldRef Name='Contact' RefType='Id'/>" +
"<FieldRef List='User Information List' Name='ID'/>" +
"</Eq>" +
"</Join>" +
"</Joins>" +
"</View>";
debugger;
var stownritems = stownrlist.getItems(camlqry);
context.load(stownritems);//, 'Include(Title,Contact,UserName,UserEMail,UserMobilePhone)');
context.executeQueryAsync(
Function.createDelegate(this, function () {
debugger;
var stownenm = stownritems.getEnumerator();
while (stownenm.moveNext()) {
var userid, loginname,email,name,mobilephone;
if (stownenm.get_current().get_item('Contact') != null) {
userid = stownenm.get_current().get_item('Contact').get_lookupId();
loginname = stownenm.get_current().get_item('Contact').get_lookupValue();
email = stownenm.get_current().get_item('ows_UserEMail');
name = stownenm.get_current().get_item('UserName');
mobilephone = stownenm.get_current().get_item('UserMobilePhone');
}), function() {alert('Request failed. ' + args.get_message() + '\n' + args.get_stackTrace());});
</script>
Any suggestions / help please.
SaiI identified the issue
"camlqry.set_viewXml" is a method (camlqry.set_viewXml()) not a property (as apposed to C#).
The above should be like "camlqry.set_viewXml(querystring)" instead of "camlqry.set_viewXml =qrystring".
Sai -
OVD\OID Adapter - Not working with SSL
Hello,
We have:
OVD 11.1.1.5
OID 10.4.3
We've successfully setup an OVD adapter using non-ssl\389 to OID. However, when attempting to configure the adapter to use ssl\636, we get the following error when trying to use the adapter to browse OID from within ODSM:
LDAPException: MalformedRequest (2) Protocol Error
LDAPException: Server Message: Protocol Error
We've configured the keystore and imported in the key chain from the OID server. We've tried changing the adapter to use No Auth or Server Only\ Mutual Auth, neither makes a difference. We can LDAP bind on 636 so I don't think our firewall is a problem.
Nothing of substance (to me anyway) is logged in wls_ods1.log or diagnostic.log.
Any ideas or suggestions would be greatly appreciated.
Thanks,
ArielHi,
have you followed the steps described in the Oracle® Fusion Middleware Administrator’s Guide for Oracle Virtual Directory 11g Release 1 (11.1.1) E10046-06
If you haven't just go to the chapter 12.1.2.
I face a problem with AD adapter
can you please describe the steps to configure AD adapter to use SSL?
I have followed the steps described in Administration Guide
1) Create ldap adapter for Active Directory named "User Adapter AD"
2) In LDAP server details use port 389
3) Create changeLog adapter for Active Directory named "ChangeLog Adapter AD"
4) In LDAP server details use port 389
5)Import Acitve Directory certificate to OVD keystore: adapters.jks
6) Change both ldap server details to use ssl, port 636 ,SSL Authentication Mode: No authentication
When i click to verify host the message is "SSL communication previously confirmed" and the status is Warning: Trusted Certificates
Thanx,
Vassiliki -
OVD database adapter and WHERE clause
Hi all,
We're using OVD 11g, and have a database adapter defined against a table in an Oracle schema. The adapter correctly maps columns to LDAP attributes and creates a virtual directory.
However the table contains users we don't want to appear in the directory. We have no control over the data in the table hence we cannot remove the unwanted users from the source.
Is there any way we can specify a WHERE clause in the database adapter which limits the users pulled out of the table and created in the virtual directory? Something like WHERE organisation = 'Company A'.
Thanks
AlanYou can specify LDAP filters in Routing Include/Exclude in Adapter configuration which will eventually translate into where clause for the database adapter.
For example if you want to exclude users from organization A all you have to do is Add an LDAP filter for that organization in Routing Exclude...
Same is the case for Routing Include.
Hope this helps,
Saggu -
Hi,
I have created two database adapters and one join view adapter to combine the data from the two adapters in OVD. Now i have written a custom authentication plugin in C for OAM 10g, wherein i am doing an ldap search on the join view adapter. When i invoke the plugin the first time during the day i get an error LDAP Operations Error for the ldap search query. After this it works fine and i don't get the error again. Can anyone let me know the reason for this.
TIA.I wonder if this is possible, I also wonder why you'd want to do something like this
-
Enable and Disabling the Network Adapter with domain user (Standard User)
Hi Guys.
We setup a active directory in our organization. Added client systems(Windows 7 and Windows 8) to the Domain. Domain users are accessing the system with standard users permission. I don't want to give Administrator permissions. But user should able
to Disable and Enable network Adapter without giving the administrator permissions. Please suggest .
Thanks in advance for the help :)Hi,
According to your description, my understanding is that you want the standard user has the permission to disable/enable network adapter.
I recommend you to implement this function by group policy:
User configuration - Administrative Templates – Network - Network connections
Enable this policy:
Ability to enable/disable a LAN Connection
Besides, you may consider of joining users to Network Configuration Operators Group, detailed information you may reference:
A Description of the Network Configuration Operators Group
http://support.microsoft.com/en-us/kb/297938
Best Regards,
Eve Wang
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
DC on VM Restored after crash - Does Not allow PCs to Join Domain, or Domain Users to Log in
We currently had a RAID array crash and rebuilt our main server which housed VMs for our Web and DC.
The main server was restored from a bare-metal backup from 6 months prior to the latest backup of the VMs (not sure if pertinent)
Since the Restore, Domain computers cannot access file shares on the main server or VMs - "unspecified network error
0x80004005
Removed the main server from the Domain to re-join it due to some issues with logging in (even with a Domain Admin account) - Found that any PC removed from the domain was no longer able
to rejoin - Receive (Network path was not found error)
Domain Users cannot log in to their computers - Error reads "The trust relationship between this computer and the domain has been lost" - Domain Admin accounts can log in without
problem.
Have been working on it for two weeks and tried most of the things that I have found in others questions for related
DCDIAG results (run on DC VM) - More errors appear if run on the Server (Locator DcGetDcName(GC_Server_Required) call failed, error 1722 (same for PDC, TIME, GOOD_TIME, and KDC)
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = DC1
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DC1
Starting test: Connectivity
......................... DC1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DC1
Starting test: Advertising
......................... DC1 passed test Advertising
Starting test: FrsEvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... DC1 failed test FrsEvent
Starting test: DFSREvent
......................... DC1 passed test DFSREvent
Starting test: SysVolCheck
......................... DC1 passed test SysVolCheck
Starting test: KccEvent
......................... DC1 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... DC1 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... DC1 passed test MachineAccount
Starting test: NCSecDesc
......................... DC1 passed test NCSecDesc
Starting test: NetLogons
......................... DC1 passed test NetLogons
Starting test: ObjectsReplicated
......................... DC1 passed test ObjectsReplicated
Starting test: Replications
......................... DC1 passed test Replications
Starting test: RidManager
......................... DC1 passed test RidManager
Starting test: Services
......................... DC1 passed test Services
Starting test: SystemLog
A warning event occurred. EventID: 0x80040022
Time Generated: 01/15/2015 19:32:28
Event String:
The driver disabled the write cache on device \Device\Harddisk0\DR0.
A warning event occurred. EventID: 0x80040022
Time Generated: 01/15/2015 19:32:28
Event String:
The driver disabled the write cache on device \Device\Harddisk0\DR0.
A warning event occurred. EventID: 0x80040022
Time Generated: 01/15/2015 19:32:28
Event String:
The driver disabled the write cache on device \Device\Harddisk0\DR0.
A warning event occurred. EventID: 0x000003F6
Time Generated: 01/15/2015 19:32:52
Event String:
Name resolution for the name DC1.Home.xxx.com timed out after none of the configured DNS servers responded.
An error event occurred. EventID: 0xC00038D6
Time Generated: 01/15/2015 19:33:25
Event String:
The DFS Namespace service could not initialize cross forest trust information on this domain controller, but it will periodically retry the operation. The return code is in the record data.
A warning event occurred. EventID: 0x00000420
Time Generated: 01/15/2015 19:33:29
Event String:
The DHCP service has detected that it is running on a DC and has no credentials configured for use with Dynamic DNS registrations initiated by the DHCP service. This is not a recommended security configuration.
Credentials for Dynamic DNS registrations may be configured using the command line "netsh dhcp server set dnscredentials" or via the DHCP Administrative tool.
A warning event occurred. EventID: 0x00002724
Time Generated: 01/15/2015 19:33:33
Event String:
This computer has at least one dynamically assigned IPv6 address.For reliable DHCPv6 server operation, you should use only static IPv6 addresses.
A warning event occurred. EventID: 0x000727AA
Time Generated: 01/15/2015 19:36:34
Event String:
The WinRM service failed to create the following SPNs: WSMAN/DC1.Home.xxx.com; WSMAN/DC1.
A warning event occurred. EventID: 0x00001695
Time Generated: 01/15/2015 19:59:52
Event String:
Dynamic registration or deletion of one or more DNS records associated with DNS domain 'Home.xxx.com.' failed. These records are used by other computers to locate this server as a domain controller (if the specified
domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).
A warning event occurred. EventID: 0x00001695
Time Generated: 01/15/2015 19:59:52
Event String:
Dynamic registration or deletion of one or more DNS records associated with DNS domain 'DomainDnsZones.Home.xxx.com.' failed. These records are used by other computers to locate this server as a domain controller
(if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).
A warning event occurred. EventID: 0x00001695
Time Generated: 01/15/2015 19:59:52
Event String:
Dynamic registration or deletion of one or more DNS records associated with DNS domain 'ForestDnsZones.Home.xxx.com.' failed. These records are used by other computers to locate this server as a domain controller
(if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).
A warning event occurred. EventID: 0x00000420
Time Generated: 01/15/2015 20:20:21
Event String:
The DHCP service has detected that it is running on a DC and has no credentials configured for use with Dynamic DNS registrations initiated by the DHCP service. This is not a recommended security configuration.
Credentials for Dynamic DNS registrations may be configured using the command line "netsh dhcp server set dnscredentials" or via the DHCP Administrative tool.
A warning event occurred. EventID: 0x00002724
Time Generated: 01/15/2015 20:20:25
Event String:
This computer has at least one dynamically assigned IPv6 address.For reliable DHCPv6 server operation, you should use only static IPv6 addresses.
......................... DC1 failed test SystemLog
Starting test: VerifyReferences
......................... DC1 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : Home
Starting test: CheckSDRefDom
......................... Home passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Home passed test CrossRefValidation
Running enterprise tests on : Home.xxx.com
Starting test: LocatorCheck
......................... Home.xxx.com passed test LocatorCheck
Starting test: Intersite
......................... Home.xxx.com passed test Intersite
All PCs can ping the DC, and get name resolution. Checked IPs, DNS on both WS and DC (DC points to its own IP address with no other DNS), Forwarders for DNS appear to be working,
as normal DNS name resolution and internet access works on all PCs. Have tried disabling NIC card and installing another NIC. All searches keep pointing back at the same things that I have tried. I feel like I am missing something stupid.
Please helpThe backup you used is too old. That is why your clients are experiencing trust relationship failures: the computer passwords are no longer matching so they are failing to connect to AD. You need to disjoin and join them again.
I understand that this is the only DC you have so please make sure that the DC is not multihomed, that it points to its private IP address as primary DNS server and 127.0.0.1 as secondary one. Also, you might need to rebuild your SYSVOL folder if you keep
getting the SYSVOL errors: https://support.microsoft.com/kb/315457?wa=wsignin1.0
This posting is provided AS IS with no warranties or guarantees , and confers no rights.
Ahmed MALEK
My Website Link
My Linkedin Profile
My MVP Profile -
SAP PI Sender Mail Adapter error : Unexpected User response
Hello ,
I developed a scenario which requires Sender mail Adapter to connect a Third party system to PI, by going thro the links .
/people/michal.krawczyk2/blog/2005/12/18/xi-sender-mail-adapter--payloadswapbean--step-by-step
and PDFs in SDN.
When configured the sender mail adapter using POP Mail Server,faced the following error:gave the correct URL and Login credentials.
+" exception caught during processing mail message; java.io.IOException: unexpected user response; read -ERR Command is not valid in this state."+
Then used IMAP for the same mail server : error:
"exception caught during processing mail message; java.io.IOException: unexpected login response; read 001F BAD Command received in Invalid state."
Tried with another Mail server :
"exception caught during processing mail message; java.net.ConnectException: Connection timed out".
Can you please help, what be the cause? how to rectify it?Hi
There might be an connectivity issue from PI server to mail server. Please check with your BASIS to resolve the issue.,
Regards
Ramg -
Using eBS Adapter with DB user other than APPS
Anyone know the permissions that need to be set to get a different user from APPS to connect to the eBS adapter.
And has anyone used this successfully.
cheers
JamesAnyone know the permissions that need to be set to get a different user from APPS to connect to the eBS adapter.
And has anyone used this successfully.
cheers
James -
Multiple communication channels for file adapter based on user name
I am using this Idoc-to-File scenario, using FTP for sending the files to file server. Target directory is determined by user id which is unique for a field called ASC. Field ASC is a part of incoming Idoc. There are 40 ASC; that means I have 40 user ids/password. Is there way of creating a file communication channel where user id/password can be supplied dynamically. Or there is an alternative to creating 40 different channels, one for each ASC.
Thanks,
DehraHi,
you need to create 40 channels if you have users
as dynamically you can only create:
File Name
Directory
File Type
File Encoding
Temporary Name Scheme for Target File Name
with FTP adapter
Regards,
michal
<a href="/people/michal.krawczyk2/blog/2005/06/28/xipi-faq-frequently-asked-questions"><b>XI / PI FAQ - Frequently Asked Questions</b></a> -
How to fire the adapter to revoke users?
Currently I have written adapter for deletion of resources from target app. but for "Task Effect", I have selected "Disables process or access to application" which results in firing of my adapter when I choose to Disable a user from Web console.
There is also an option to revoke users in web console. How can I make my adapter to be called when I choose to revoke a user.
ThanksCreate a task for Revoke User and attach this task in undo/Recovery Tab of other task(generally create user task).
Now when user is revoked from web console, the Revoke User task gets called and do the operation. -
Using Oracle Apps Adapter for apps_applcon user
Hi,
We are trying to use oracle apps adapter for our BPEL flows using FM11g (Jdev11gR1). We came to know that it will work for only apps user.
We have apps_applcon user. How can we use that?
Is there any way we can tell oracle apps adapter to user apps_applcon user?
Any help would be greatly appreciated.
Thanks in advance.
Thanks & Regards,
Rama Krishna. PWe also have same requirement. We have BPEL connection using custom oracle user, xx_b2b and when we use APPS adapter, I can not see and use any business event.
If anybody across same requirement, please share your experience.
Appreciate help on this.
Thanks,
Sonartori
Maybe you are looking for
-
I can't find HP LaserJet 1100 printer driver.
I got My Mac to "see" my PC's shared folder and I'm so excited. Then I tried to print but it didn't have my print driver: the HP LaserJet 1100. Is there some way to get it or some other way to make it work? Thanks.
-
DEP error after installing itunes 10.5
I have updated my laptop running Windows XP Home Edition with all the latest Microsoft updates and then updated itunes to 10.5 so that I could update my ipad 2 to ios5. After updating itunes, I cannot open the software. It gives me the data executi
-
File Sharing with AirPort or Ethernet - Both connected, what happens?
Here's the scenario. Two Macs are connected using AirPort to the local wireless network, with an AirPort Extreme Base Station as the router. The two Macs are also connected directly, to each other, using an Ethernet cable. One Mac is set up to do +Fi
-
Hi, I have read posts on this forum about a problem with n900 screens going blank.... a few people seem to have had this problem but have seen no reports of what the problem was..... reason i want to know is mine went down last week..... switch it
-
Hi, help me please!!! I'm developing an application like the Contacts application that when you click in the grid, the details of the record apears in other panel section of the cfform. Well I already do that but I need to query other table when clic