PAss thru authentication from solaris 2.9 proxy 36sp2 - iws 6 sp5

Similar Messages

• Pass thru authentication error message customization

  Dear All,
  I'm trying to customize the error messages displayed during the authentication failure.
  Users are authenticated against the AD i.e. pass thru authentication.
  I'm not able to customize the error messages.
  I have searched in WPmessgaes and RAMessages file. no success.
  following is error:
  AD (Windows Active Directory):Error: missing required authentication information: 'password'
  new error msg that I want to display:
  Error: Invalid login credential, please try again.
  Kindly share your ideas and experience on same.
  Thanks in advance.
  Cheers:
  Amar

  We've had that problem. We opened a ticket with Sun and they confirm it as bug in 7.1.

• Pass-Thru Authentication OIM 11g

  Is there any documentation on configuring pass-thru authentication in OIM to an AD or LDAP instance?
  Thanks

  Apparently, this does not exists for OIM. I need to put a OAM instance in front of OIM in order to authenticate against AD

• Pass-thru authentication against AD

  Hellos,
  When using pass-thru authentication against the AD resource, the manual suggests that the user enters the complete DN of his/her AD account as the IDM login ID!!
  Can it be arranged so that the user only needs to enter the samaccountname and not the complete DN.
  I mean, samaccountnames are as unique as DNs. A simple lookup to get DN (if samaccountname is found) is all that is needed.
  When shown to customers, they express horror when it is suggested that to login to IDM they have to type 50 odd characters!
  Does any customer willingly USE pass-thru where they have to (correctly) type in such a lengthy string.

  The answer is yes, you can use samaccountname. Your deployment may necessitate additional configuration to make this happen.
  In our case, the samaccountname is the same as the IDM accountId. When the user logs in, IDM finds the user object and then uses the password against the AD account linked to the user.
  If the accountId and samaccountname are not the same, then you could use a Login correlation rule to find the IDM user which has that samaccountname.
  As far as anyone using the full DN to login with, I've never seen anyone do it. Our users certainly wouldn't stand for it, and I think that's the case most places.
  Jason

• OIM - pass thru authentication?? Possible?

  Hi all,
  While I am intending to use OIM 9.0.3 for provisioning/de-provisioning. I am thinking of some sort of pass through authentication to the existing AD, thus, my users do not have to remember another set of username/pw.
  Is that at all possible? If not, what would be your approach? Having OID running behind (that is not in the plan right now)? Does even OID have pass through type capability like Sun Java DS?

  Thanks kevinp.
  If I understand your suggestion correctly, rather than passing the authentication responsibility to AD, it is indeed staying within OIM. The only difference is that pwd sync just saves the users from remembering two sets of username/pwd. Correct?

• Nt domain authentication from solaris

  Hello,
  Has anyone had any experience of authenticating application users (weblogic
  running on solaris) against NT domains ? Does weblogic have any inbuilt
  support for this ?
  thanks
  venkat

  Hi Venkat,
  I don't think you can do it. The weblogic documentation clearly says for
  WindowsNT Realm to work, the WLS must be running on a PDC/BDC.
  If you come across a breakthrough, please let me know.
  Ramesh
  "venkat" <[email protected]> wrote in message
  news:3b3f54bf$[email protected]..
  Hello,
  Has anyone had any experience of authenticating application users(weblogic
  running on solaris) against NT domains ? Does weblogic have any inbuilt
  support for this ?
  thanks
  venkat

• How to make udp datagram pass thru proxy server?

  I have to make a video stream system. And I found that there are a lot of user is behind the firewall or proxy server, how should i do to make the udp streaming media pass thru the firewall or proxy????
  does the https tunnel help?

  Thanks for your advise, but does http tunnel only accept for the TCP problem? since my server will broadcast a stream of udp to the user, so how should i do that?

• How to make rtp udp datagram pass thru proxy server?

  I have to make a video stream system. And I found that there are a lot of user is behind the firewall or proxy server, how should i do to make the udp streaming media pass thru the firewall or proxy????
  does the https tunnel help?

  Tunnelling with HTTP is the only way.

• When and how does the message context get removed from the message when we use pass thru send port

  Friends,
  i have a doubt regarding message context.
  Assume i have used XMLRecieve pipeline in the receive side to receive the message so that the message context is created. I.e properties are promoted/written.
  now if we use pass thru transmit pipe line at send side, how and when does the message context get removed from the message?? Since pass thru does not have any stages/components, how does the message context removed and sent out a pure message to destination???
   i mean what exactly happens here to remove the context??
  Ravindar

  Thanks for the reply.
  "The Context is created by the Adapter, regardless of any Pipeline or Pipeline Component.  It has nothing to do with PassThrough vs. XmlReceive, although XmlReceive will write Promoted Properties to the existing Context,
  as can any other Component."
  yeah yeah, adapter does create some properties in context. You are right, i am aware of it. I just missed to explain it clearly. what i meant is addition of context properties will not happen if pass thru used. Thanks its clear.
  "No.  The Context already exists on the Message when it comes from the MessageBox and
  is equally available to any Component in any Stage.  The Context that hits the Pipeline is whatever was last Persisted, either by a Receive Port or Orchestration.  It is not created by the XmlAssembler (XmlTransmit)"
  You are right , the context already exists on the message while it leaves the receive port, and once it persists
  to message box the context and message context gets stored in messages in relative tables.
  Now as you said the components get the message from the last persistence, assume i have a send port(with passthru)
  subscriber and a orchestration subsrciber for this message.
  Orchestration gets the message with context right!!
  if the send sendport(with passthru) also gets message along with context, then where is this context removed/demoted
  while sending it out?.  i guess as per SAAkhlaq said,
  here sendport(with passthru) should get a pure message without context as passthru used. 
  or is it that ultimately send adapter removes the context completely?
  or is it something like biztalk run time load the context from database into cache and both orchestration and send port gets pure message, and if needed they use context from cache???
  sorry i may be troubling you, but i am confused. i hope i am not creating any nuisance with this
  post.
  Ravindar

• Migrate accounts from solaris-8 to solaris-10

  Hi,
  first excuse my english :-p
  I have two mail servers (), the oldest (enterprise 250) runs under solaris-8, the newest (enterprise 450) runs under solaris-10.
  I am going to transfer users e-mail accounts, I use the /etc/password and /etc/shadow for authentication, so I don't know how to transfer users passwords from solaris-8 to solaris-10
  I tried to copy one user's pass from shadow file into the nes server but it doesn't work
  any idea???
  thanks

  Upgrades from either Solaris 8 or 9 are supported (see the Release Notes http://docs.sun.com/app/docs/doc/817-0552 section on "Changes in Upgrade Support for Solaris Releases").
  As for whether to upgrade or install anew, it depends. If you just want to have the system set up as much as possible like it is now except with the new OS, upgrade. If you'd like a chance for a fresh start, where you may have to do some work re-applying configuration and other changes you made, but end up leaving behind some old changes you no longer need, then an initial install might be appropriate.

• Authentication from third party product to Portal samaccountname=domain\ID

  I am working on a proof of concept at our company to pass authentication from windows ISA server to EP 7.0 Sp10. ISA server is setup as reverse proxy, both ISA and EP are connected to same LDAP.
  We are able to successfully authenticate at the ISA server, then it calls the portal server with correct URL like http://portalserver.abc.com:53000/irj, but authentication fails with error message "User authentication failed".
  After increasing the log level, I am repeatedly finding that the user name is sent by ISA server as  samaccountname=domain
  userid. But the portal UME is configured without the domain name, i.e,. samaccountname=userid
  Obviously, this can be resolved either modifying the ISA to send only the user ID or configure the portal to accept samaccountname=domain
  userid.
  Internally we do not have great ISA skills to modify this, so I am wondering if it is possible to change the portal to accept samaccountname=domain
  userid. Please advice.
  Steve

  Hello Srini,
  I know that your thread is a bit out of date, but we are facing the exact issue at the moment.
  I wonder how did you manage it to have it worked?
  Was it at the ISA level or at the Portal Config level?
  Thank you

• I would like to connect my Apple TV to my receiver using an HDMI cable and pass thru dolby digital. I do not have optical inputs on my receiver.

  I want to connect my Apple TV to my receiver using an HDMI cable. This should allow me to pass thru high definition video and simultaneously decode Dolby Digital material with an HDMI connection from my receiver to my TV without the use of an optical cable (my receiver does not have an optical input). I am unable to decode 5.1 material and don't understand why this is not working. In the audio setting I have Dolby Digital output turned on.

  Welcome to the Apple Community.
  Are you sure the content you are playing has Dolby Digital.

• Invoking Web Service with PKI Authentication from BPEL process

  Hello --
  I am trying to test calling a Web service utilizing PKI-based authentication from BPEL running under the 10.1.2.0.2 Process Manager. When I access the service from a browser I am prompted for Username and Password the first time. When I attempt to access it from BPEL I receive this error:
  javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found
  Is it possible to access this service from BPEL in 10.1.2.0.2? How can I pass the service the required credentials?
  Thank you for your time,
  Paul Camann

  I've gotten past the original error by importing the security certificate of the Web service into my keystore/truststore. I'm also running the process on SOA 10.1.3.1.0. Now when I invoke the Web service from the BPEL process I get this error:
  exception on JaxRpc invoke: HTTP transport error:
  javax.xml.soap.SOAPException: java.security.PrivilegedActionException:
  javax.xml.soap.SOAPException: Bad response: 403 Forbidden
  I've tried passing the credentials every way I can -- partner link properties, Oracle Web Services Manager, whatever -- and still get the same error. I would expect to see a 401 error for problems with credentials, not a 403.
  Any suggestions?
  Thanks for your time.
  Paul Camann

• Not authenticated from external ldap in a cluster

  I am having trouble getting authenticated from an Iplanet LDAP, when the weblogic is configured in a Cluster.
  -I can authenticate with Embedded LDAP domain wide
  -I can authenticate on the external LDAP if I send the request to Admin server
  Here is my cluster configuration (all with Weblogic 7.0 SP4)
  *Admin Server Port: 9209
  *Cluster server 1 : 7209
  *Cluster server 2 : 8209
  *Proxy server     : 9090 (configured with HttpClusteredServlet)
  http://myserver.com:9090/j_security_check fails
  http://myserver.com:9209/j_security_check works
  Please let me know what is wrong?

  "Bob" <[email protected]> wrote in message
  news:3f9fd466$[email protected]..
  I am having trouble getting authenticated from an Iplanet LDAP, when theweblogic is configured in a Cluster.
  -I can authenticate with Embedded LDAP domain wide
  -I can authenticate on the external LDAP if I send the request to Adminserver
  Here is my cluster configuration (all with Weblogic 7.0 SP4)
  *Admin Server Port: 9209
  *Cluster server 1 : 7209
  *Cluster server 2 : 8209
  *Proxy server     : 9090 (configured with HttpClusteredServlet)
  http://myserver.com:9090/j_security_check fails
  http://myserver.com:9209/j_security_check works
  Please let me know what is wrong?Are you sure that the ldap authentication is actually occuring? I would
  define the
  DebugSecurityAtn="true" attribute on the ServerDebug mbean for the cluster
  server members and then look at the log and the ldap_trace.log files to see
  what is happening with LDAP.

• Use of LEFT, MID  functions in MS Access expression evaluating a SQL pass-thru on an Oracle Backend

  As the title above suggests this is a somewhat complex problem.
  I have the following expression on a field in a MS Access Make Table query.
  Left([SYN4_View Invalid Last Candidates]![LastName],3). The table it is referring to: SYN4_View Invalid Last Candidates is a SQL Pass-thru query on an Oracle backend. So, when the expression attempts to evaluate in MS Access 2003 I get the following error msg:
  Undefined function 'left' in expression.
  I am assuming this is because LEFT function can't evaluate the output of the SQL P-T. I can't use SUBSTR as Access doesn't recognize it.
  I would appreciate suggestions

  robleh7 wrote:
  I don't have access to the Oracle dB. No pun intended here. Everything I do, I must do from the MS Access 2003 front-end
  wow .. that's kinda like sending soldiers into a war zone with a bear trap attached to their legs. O_0
  Kind of blatantly trying to hamper your ability to do your job, don't you think?