OVD - Suppress OU's in Adapter

Hello,
I have a requirement to suppress a series of OU's in an LDAP Adapter.
I am federating two separate Active Directories in which one is a subset of the other.
I want my final federated OVD LDAP to look like this:
dc=federated,dc=com
+ Root
+ + OU=Users
+ + OU=Groups
LDAP 1 (PRIMARY) - has ALL of the User Accounts
dc=primary,dc=com
+ Root
+ + OU=Active
My adapter for this one has its namespace set to a self defined Users OU (e.g OU=Users,dc=example,dc=com)
LDAP 2 (SECONDARY) - has a subset of users and the groups I am interested in
dc=secondary,dc=com
+ Root
+ + OU=Users
+ + OU=Groups
+ + OU=UnwantedOU1
+ + OU=UnwantedOU2
Essentially, I only need the Groups from this adapter and my first attempt was to set the source to the Groups OU.  However, this was unsuccessful, because the members attribute was populated with the RDN of the source (secondary.com) LDAP not the federated namespace (federated.com).  There was no conversion because the Users OU was not included in the Source.  So, I changed the secondary to pull in from the root and put the members attribute in the DN box on the general tab and the members attribute was now correct.
I then created a Join Adapter between the primary and the secondary which federated the users under the Users OU in the new federated namespace.  It all works correctly, I used the membersOf attribute from the Secondary and suppressed it on the primary and everything is mapped.
My issue now is that since I had to set up the secondary from the root, I now have OU's in the federated LDAP that have to be removed/suppressed due to security reasons.  Is there any plugin or method that can be utilized that will get rid of the UnwantedOU1 and UnwantedOU2 from either the secondary adapter or the Join Adapter.

Hey,
Did you try Shadow Joiner? The Shadow Joiner works by encoding all primary adapter DN's into a hash that can be used to locate the joined entry in the joined adapter without needing to perform a search. When the Shadow Joiner fails to locate a corresponding record in the Join View adapter, it automatically creates a new one, storing designated attributes in the joined adapter. As much as possible, the Shadow Joiner operates transparently to the application, taking care of creating and renaming entries in sync with that of the primary adapter.
I hope this helps.
Thiago Leoncio Guimaraes

Similar Messages

  • OVD and AD mapping

    I'm creating an 11g OVD setup and have an adapter to Active Directories. I am using the ObjectMapper class in the plug-in section, and have inetOrgPerson=user. I have also mapped uid=objectguid and cn=sAMAccountName. The problem I have encountered is that I wish to use cn in OVD as my RDN, but when I look at the AD branch in my OVD, cn is correct, but the DN is what it is listed as in AD. Is there a way to remap the DN to represent the cn I wish it to be in OVD?

    I'm creating an 11g OVD setup and have an adapter to Active Directories. I am using the ObjectMapper class in the plug-in section, and have inetOrgPerson=user. I have also mapped uid=objectguid and cn=sAMAccountName. The problem I have encountered is that I wish to use cn in OVD as my RDN, but when I look at the AD branch in my OVD, cn is correct, but the DN is what it is listed as in AD. Is there a way to remap the DN to represent the cn I wish it to be in OVD?

  • Filtering OVD with database field and not field which is used for mapping

    Hi,
    I have a requirement where we are using OVD and creating a dataabase adapter. In the database adapter, I want to put a condition to check whether Status = 0. This field is not used in mapping, but only for putting condition.
    Can you please guide me how to put filter condition in OVD?
    Thanking you,
    Regards,
    Prashant

    Hi,
    Use the floating field in Adobe.
    Use a  Static Text Field  and Insert the Field EMPLOYEE_DETAIL-PERIOD from your Data View
    Thanks.
    Uma

  • Error while creating DB Adapter in OVD

    when I try to create a DB adapter in OVD for Oracle Database 11g, I always get an error "java.lang.reflect.InvocationTargetException" on pressing Validate Connection.
    I have checked all the values, they are correct. I have installed the ojdbc drivers using the Manage Server libraries.
    Has anyone faced similar problem before?
    Regards,
    Monica

    What steps did you followed to create the OVD DB adapter. Check with the following documentation and it should be good to go.
    http://download.oracle.com/docs/cd/E12839_01/oid.1111/e10276/ovd_adapt.htm

  • Suppressing Field In Receiver File Adapter

    Hi
    I have a Data type with fields
    1. name
    2. No
    3. city.
    I am using File adapter @ receiver end to create a flat file using this data type. But the requirement is to have only 2 fields in the Output file( say name , no). How to suppress the city field from being populate in the target file( I dont want even separator/Delimiter or blank spaces for city field but separator is needed btwn name & no)
    Appriciate ur help
    Regards
    Kishore

    Kishore-
    Just have a look into this thread-http://help.sap.com/saphelp_nw04/helpdata/en/d2/bab440c97f3716e10000000a155106/content.htm
    <i>I also tried ur 2nd options but it's creating extra line with 0 space.this will be a problem as i am using field separator it's coming extra.</i>
    If you do City is a part of another node(e.g CityNode) in the Data structure, and then if you use this CityNode in the Content Conevrsion(Receiver) with Cut Parameters, then I don't thik so , you will get the extra field separator or space. Just check with the blog mentioned earlier.
    <i>3rd option is not possible as we don't have SP15 .</i>
    Inorder to write Adapter Java modules , it is not required to have SP15. It is there in much earlier SPs.
    For this you can check this thread-
    Creating Adapter Modules
    http://help.sap.com/saphelp_nw2004s/helpdata/en/8b/895e407aa4c44ce10000000a1550b0/frameset.htm
    Hope this helps,
    Regards,
    Moorthy

  • Howto use Converting File Content in Rec. Adapt. to suppress a xml-element

    Hi,
    we use PI/700, SP6.
    I have following structure (example):
    <MsgOut>
      <Sender>Partner1</Sender>
      <Receiver>Partner2</Receiver>
      <FlatPayload>
         blabla blabla
      </FlatPayload>
    </Msgout>
    Now I wanna use a XI-File-Adapter to write just a Flat-File with the content (of the element <FlatPayload>):
        blabla blabla
    (in other words: I wanna suppress all other xml-elements beside of FlatPayload)
    But I'm not able to configurate this with the function "Converting File Content"
    I tried different possiblities:
    e.g.
    setting yyy.fieldFixedLengths = 0 and yyy.fixedLengthTooShortHandling = Cut
    (yyy = Sender and Receiver)
    or
    just defining "MsgOut,FlatPayload" as RecordSet Structure (without Sender and Receiver)
    Result: no success.
    Now my question: is it possible to suppress some xml-elements?
    Thanks for your help!
    bye
    Wolfgang

    HI,
    You can suppress the XML Nodes/Elements over here. Not Fields ..
    For e.g if your outout xml is like this
    <MsgOut>
        <Sender>Partner1</Sender>
        <Receiver>Partner2</Receiver>
    <FlatPayload>
       <flatdata> blabla blabla</flatdatat>
    </FlatPayload>
    </Msgout>
    In this case you can suppress the <FlatPayload> node/element here.. Using Cut Parameter in the Receiver File Content COnversion.
    /people/sravya.talanki2/blog/2005/08/11/solution-to-the-problem-encountered-using-variable-substitution-with-xi-sp12
    So in your case, you can restructure your data type as you required.. I have mentioned in vice-versa here
    Hope this helps,
    Regards,
    Moorthy
    Message was edited by: Krishna Moorthy P

  • Suppress response in PI 7.0 adapter

    Sigi
    Hi Forum,
    we have following situation:
                IDOC -> SAP PI <-> WebService
    The WebService responses back technical status u201Dtrueu201D or u201Cfalseu201D. Because of we have an IDOC initially we resolved that issue with an Async u2013 Sync bridge.
    When the response is u201Cfalseu201D we set the adapter on an erroneous state, that forces it to resend the message as long as it get u201Cfalseu201D.
    Unfortunately we have to pass the response of the WebService through the PI.
    Now the question:
    Is there a way to process the response message in the adapter only and suppressing it then that it is not passed through PI?
    Thanks and best regards,
    Sigi

    Hi,
    Please go through blow below blog you have an idea to use adapter module,
    http://www.****************/Tutorials/XI/Adapter/Index.htm
    with out adapter module you can do,
    File-RFC-File scenario.
    we have three approaches,
    1. using  BPM
    Refer this blog
    http://sap-xi.com/sap-xi-scenario-file-rfc-bpm.html
    2.using RFC look up you can acheive this
    3. by using of Mpdule Beans you can achevie this scenario.
    http://wiki.sdn.sap.com/wiki/display/XI/File-RFC-File(Without+BPM)
    regards,
    ganesh.

  • OVD 11.1.1.5 Schema Change Not Appearing in Adapter

    I updated the schema in 11.1.1.5 of OVD. I need custom attributes/object classes available for database adapter mappings. The schema screen shows the attributes and object classes as does the schema.user.xml file. The schema.user.xml file is included in the schemas under Server Settings.
    The problem is that when I go to select the object class for the attribute mappings in the database adapter, the new object classes don't appear. I rebooted OVD using opmnctl and the schema changes are still not an option to select in the dropdown menu.
    Any suggestions for fixing this would be great.

    Hi Hamm,
    The fact that you are saying that "hfm text appears using hfm url" can mean that you have not configured the workspace web server after you configured the HFM. Have you done that?
    As another test, have you tried toy connect to HFM via smartview to an existing app?
    Regards,
    Thanos

  • Adapter Engine - Alert Framework - Suppress Multiple Alerts

    Hello,
    I use XI in SP14.
    I have configured the alert framework with rules for "Integration Engine" and for "Adapter Engine". I have check for the two cases the option "Suppress Multiple Alerts of This Rule".
    For the same error (for example, mapping error) the option "Suppress Multiple Alerts of This Rule" works fine for the rules based on the "Integration Engine", but for the rule based on the "Adapter Engine" the option "Suppress Multiple Alerts of This Rule" doesn't work. For example i have a sender file adapter which reads some files on a nework directory (polling every 5 secondes) and if we have a network failure, i will receive several times the same email from the Alert Framework. Is it normal or a bug ?
    Regards,
    Vincent

    Hi,
      Yes they have been faced before.
    refer this thread,
    Bunch of problems with ALERTING in SP14!
    Question6 refers to supress multiple alerts.
    Also refer oss note 913858 - XI 3.0 Alerting: Troubleshooting
    Hope this helps you, also try sp15 and if that donot work try the note.
    All the best,
    Anirban.

  • OVD\OID Adapter - Not working with SSL

    Hello,
    We have:
    OVD 11.1.1.5
    OID 10.4.3
    We've successfully setup an OVD adapter using non-ssl\389 to OID. However, when attempting to configure the adapter to use ssl\636, we get the following error when trying to use the adapter to browse OID from within ODSM:
    LDAPException: MalformedRequest (2) Protocol Error
    LDAPException: Server Message: Protocol Error
    We've configured the keystore and imported in the key chain from the OID server. We've tried changing the adapter to use No Auth or Server Only\ Mutual Auth, neither makes a difference. We can LDAP bind on 636 so I don't think our firewall is a problem.
    Nothing of substance (to me anyway) is logged in wls_ods1.log or diagnostic.log.
    Any ideas or suggestions would be greatly appreciated.
    Thanks,
    Ariel

    Hi,
    have you followed the steps described in the Oracle® Fusion Middleware Administrator’s Guide for Oracle Virtual Directory 11g Release 1 (11.1.1) E10046-06
    If you haven't just go to the chapter 12.1.2.
    I face a problem with AD adapter
    can you please describe the steps to configure AD adapter to use SSL?
    I have followed the steps described in Administration Guide
    1) Create ldap adapter for Active Directory named "User Adapter AD"
    2) In LDAP server details use port 389
    3) Create changeLog adapter for Active Directory named "ChangeLog Adapter AD"
    4) In LDAP server details use port 389
    5)Import Acitve Directory certificate to OVD keystore: adapters.jks
    6) Change both ldap server details to use ssl, port 636 ,SSL Authentication Mode: No authentication
    When i click to verify host the message is "SSL communication previously confirmed" and the status is Warning: Trusted Certificates
    Thanx,
    Vassiliki

  • OVD Database Adapter w/ JDBC Thin Driver to 10G RAC DB Resource

    I'm looking for feedback as to whether anyone has successfully consumed a RAC database resource through an OVD database adapter? If so, I am interested in what your host value in the adapter ui looked like.
    I am successful with this connection only if I go against one of the RAC nodes directly, thus losing redundancy.
    This is OVD 10G 10.1.4.3 on RHEL4
    RAC DB 10G
    I have tried:
    (DESCRIPTION=(ADDRESS_LIST=(LOAD_BALANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=10.26.4.203)(PORT=1540))(ADDRESS=(PROTOCOL=TCP)(HOST=10.26.4.204)(PORT=1540)))
    (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = myhost)(PORT = 1540))(ADDRESS = (PROTOCOL = TCP)(HOST = myhost2)(PORT = 1540))(LOAD_BALANCE = yes)(CONNECT_DATA = (SERVICE_NAME = SCHTESTS)(FAILOVER_MODE = (TYPE = SELECT)(METHOD = BASIC)(RETRIES = 200)(DELAY = 5))))
    (DESCRIPTION=(LOAD_BALANCE=on)(ADDRESS=(PROTOCOL=TCP)(HOST=myhost)(PORT=1540)) (ADDRESS=(PROTOCOL=TCP)(HOST=myhost2)(PORT=1540))(CONNECT_DATA=(SERVICE_NAME=SCHTESTS)))
    OVD Manager seems to anticipate this format because it then rejects inputs on the host and port form fields which I take as a positive indicator.
    Otherwise, this feels like taking shots in the dark...
    Any assistance or feedback is much appreciated.
    Mark

    Sorted this out:
    Used custom URL and made sure that the OVD Manager IDE was not appending any additional information following the closing bracket of the URL.
    The full successful URL was as follows with no values in any of the other fields:
    jdbc:oracle:thin:@(DESCRIPTION=(LOAD_BALANCE=on)(ADDRESS = (PROTOCOL = TCP)(HOST = host1)(PORT = 1540))(ADDRESS = (PROTOCOL = TCP)(HOST = host2)(PORT = 1540))(CONNECT_DATA=(SERVICE_NAME=SNAME)))

  • OVD 11g - How to do Join in DB Adapter?

    I must be missing something but for the life of me I cannot see where in the OVD 11g administrative user interface (i.e., ODSM) I can set a join condition between 2 tables in a single database adapter.
    In the 10g Eclipse based interface there was a panel between the selection of tables and the mapping of LDAP attributes to columns that allowed me to provide join conditions between the selected tables. For example I could add HR.EMPLOYEES and HR. JOBS to the adapter and then tell the adapter to do a join on EMPLOYEES.JOB_ID=JOBS.JOB_ID.
    I have crawled through the admin guide and stared at the new 11g based web interface for creating/updating the adapter and for the life of me I can't see where or how to specify this join condition within a single database adapter instance? Did that get dropped somehow in the conversion from Eclipse to ADF? If so am I going to have to 'backdoor' the join via the adapter.os_xml file?
    Thanks in advance

    Hi, Did you find a solution? I am looking to doing a simple join between 2 tabls too and do not see any way of specifying it in the DB adapter..
    Thanks!

  • OVD database adapter and WHERE clause

    Hi all,
    We're using OVD 11g, and have a database adapter defined against a table in an Oracle schema. The adapter correctly maps columns to LDAP attributes and creates a virtual directory.
    However the table contains users we don't want to appear in the directory. We have no control over the data in the table hence we cannot remove the unwanted users from the source.
    Is there any way we can specify a WHERE clause in the database adapter which limits the users pulled out of the table and created in the virtual directory? Something like WHERE organisation = 'Company A'.
    Thanks
    Alan

    You can specify LDAP filters in Routing Include/Exclude in Adapter configuration which will eventually translate into where clause for the database adapter.
    For example if you want to exclude users from organization A all you have to do is Add an LDAP filter for that organization in Routing Exclude...
    Same is the case for Routing Include.
    Hope this helps,
    Saggu

  • Ldapbind to database adapter users in OVD with email

    Hi!
    Can anyone tell me howto ldapbind to database adapter users in OVD with email or uid?
    Ldapbind with full DN work just fine.
    Thanks!

    >
    Also I can bind to users in database CRM OVD-DB table using
    ldapbind -h ovd.mydomain.com -p 6501 -D "cn=extcustomername,cn=customers,cn=users,dc=mydoamin,dc=com" -w %custpwd%
    But I getting "ldap_bind: Invalid credentials" error trying to bind with:
    ldapbind -h ovd.mydomain.com -p 6501 -D cn=extcustomername -w %custpwd%You can bind with UPN to AD because AD is special.
    You won't be able to bind with cn=extcustomername using out of the box adapter. If you write your own plugin that will look up the DN based on cn=extcustomername, then have the plugin do the bind with the DN for you, it'll work. Then you would have to make sure this plugin will work with the database adapter, I haven't tried it so I don't know.
    If you're trying to make this bind with cn=extcustomername work for OAM to OVD, then you don't need to do it. Leave the adapter as is (bind with full DN). External users will login to OAM-protected application with their username or whatever is the value of cn. OAM will then look up the DN based on the cn or any other attribute, this is configured in authentication scheme in credential_mapping plugin. Take a look at the OBE example: http://www.oracle.com/technology/obe/fusion_middleware/im1014/ovd-oam/index.htm

  • Suppress Acknowledgment from PI IDoc Sender Adapter

    Hi,
    i m sending IDocs from SAP ECC to PI. Sometimes (!?) the PI Idoc (Inbound) Adapter sends back an acknowledgment. This leads to red flags in ECC / WE02 as the corresponding partner profile is not there. We dont want to set that up as it would give us a not wished status change.
    How can i suppress automatic acknwoledgments from PI IDoc adapter?
    (this has nothing to do with IDX_NOALE)
    Regards,
    Udo

    Hi,
    of course you are right.
    There is only one more thing I could suggest:
    In general, acknowledgments have to be requested explicitly by the sender. However,
    this does not apply to IDocs. The following acknowledgments are sent back by default:
    u2022 System error acknowledgment.
    u2022 Application acknowledgment.
    u2022 Application error acknowledgment.
    To change the default request setting, the corresponding message type has to be
    maintained in an exception table. Prior to SAP NetWeaver '04s Exchange
    Infrastructure SPS09, the exception table has to be explicitly edited. As of SAP
    NetWeaver '04s Exchange Infrastructure SPS09, a program is provided to configure
    the acknowledgment requests (see chapter 3.4).
    (It's from this document: http://www.sdn.sap.com/irj/scn/index?rid=/library/uuid/903a0abc-e56e-2910-51a8-9dc616df56eb&overridelayout=true)
    Regards
    Patrick

Maybe you are looking for

  • Can't enroll devices with Profile Manager - invalid key

    n my case I can install profiles on devices from Profile Manager page but I cannot enroll devices. The certificate I download to enroll is reject by my MacBook Pro Lion: Says Invalid blablabla at the end: Now I have done log research and I now exactl

  • HP 2050 deskjet all in one -- will scan but won't print from this computer

    My deskjet 2050 will scan from both of my macbook computers, but will only print from one.  It gives an "on hold" message whenever I print from this computer.  Then I hit "resume" and it says "nothing is being held."  I have already downloaded and re

  • Saving a picture without the white background i just removed

    Hi there, can you please help me with saving a picture without the white background? i have removed the white background, that was a struggle in itself, and now when i save it, it just adds a white back ground again. i dont want the background. i jus

  • Will we have Custom EQ settings in Feb?

    Now I'm no developer and know little in the way of programming limitations etc but I am wondering if there is a chance that once the SDK is released in Feb we might see an improved feature on the iPod and iPhone. Does anyone know if it would be theor

  • Doing "contains" for a String in a query

    I know that JDO has the startsWith and endsWith for String fields in a Query and it does not support "contains" for searching within a String field. But does Kodo have any implementation specific additions to the JDO query language to do a "contains"