Password synchronization problem

Similar Messages

• Password synchronization problem between sun DS and ADS

  Hi
  I installed the sun one indentity synchronization 1.0. I synchronize password between one DS and one AD.It is working fine. My problem is i want to synchronize between two sun one DS and one AD , but it is ignoring the one DS in Sync , anothe DS and AD is Synchronizing. It is not synchrnonizing the two DS and one AD server.
  My SUL Configuration is
  SUL Name : DS1ToADS
  Windows
  Base DN : ou=newsync,dc=esecurity,dc=com
  Filter : destinationindicator=ameer.com
  Creation Expression : cn=%cn%, ou=newsync,dc=esecurity,dc=com
  Sun One Directory Server
  Base DN : cn=authorization2,dc=ameer,dc=com
  destinationindicator=ameer.com
  SUL Name : DS2ToADS
  Windows
  Base DN : ou=newsync,dc=esecurity,dc=com
  Filter : destinationindicator=basha.com
  Creation Expression : cn=%cn%, ou=newsync,dc=esecurity,dc=com
  Sun One Directory Server
  Base DN : cn=authorization2,dc=basha,dc=com
  destinationindicator=basha.com
  I am synchronizing the existing users using the following file.
  <?xml version="1.0" encoding="UTF-8"?>
  <UserLinkingOperationList allowLinkingOutOfScope="true">
  <UserLinkingOperation parent.attr="UserLinkingOperation"
  sulid="DS1ToADS">
  <UserMatchingCriteria parent.attr="UserMatchingCriteria">
  <AttributeMap parent.attr="AttributeMap">
  <AttributeDescription parent.attr="SunAttribute" name="sn"/>
  <AttributeDescription parent.attr="WindowsAttribute" name="sn"/>
  </AttributeMap>
  <AttributeMap parent.attr="AttributeMap">
  <AttributeDescription parent.attr="SunAttribute" name="employeenumber"/>
  <AttributeDescription parent.attr="WindowsAttribute" name="employeeid"/>
  </AttributeMap>
  </UserMatchingCriteria>
  </UserLinkingOperation>
  <UserLinkingOperation parent.attr="UserLinkingOperation"
  sulid="DS2ToADS">
  <UserMatchingCriteria parent.attr="UserMatchingCriteria">
  <AttributeMap parent.attr="AttributeMap">
  <AttributeDescription parent.attr="SunAttribute" name="givenName"/>
  <AttributeDescription parent.attr="WindowsAttribute" name="givenName"/>
  </AttributeMap>
  <AttributeMap parent.attr="AttributeMap">
  <AttributeDescription parent.attr="SunAttribute" name="employeenumber"/>
  <AttributeDescription parent.attr="WindowsAttribute" name="employeeid"/>
  </AttributeMap>
  </UserMatchingCriteria>
  </UserLinkingOperation>
  </UserLinkingOperationList>
       Should not showing the any error after synchronization.
  I am giving my log files     
  resync log
  [05/Jan/2005:17:29:12.505 +0530] INFO 66 CNN101 csi2a01 "Sent remote source entry 'dn: 'CN=actusr2,OU=newsync,DC=esecurity,DC=com' [activedirectorydomainname=esecurity.com, employeeid=11112]'." (Action ID=CNN101-10142707E24-10, SN=4)
  [05/Jan/2005:17:29:12.958 +0530] INFO 66 CNN101 csi2a01 "Sent remote source entry 'dn: 'CN=actusr1,OU=newsync,DC=esecurity,DC=com' [activedirectorydomainname=esecurity.com, employeeid=11111]'." (Action ID=CNN101-10142707E24-11, SN=4)
  [05/Jan/2005:17:29:13.051 +0530] INFO 66 CNN101 csi2a01 "Sent all entries for the 'DS2TOADS' Synchronization User List." (Action ID=CNN101-10142707E24-13, SN=0)
  [05/Jan/2005:17:29:14.098 +0530] INFO 66 CNN101 csi2a01 "Sent all entries for the 'DS1TOADS' Synchronization User List." (Action ID=CNN101-10142707E24-14, SN=0)
  [05/Jan/2005:17:29:17.442 +0530] INFO 71 CNN100 csi2a01 "Received all remote entries for the 'DS1TOADS' Synchronization User List." (Action ID=CNN101-10142707E24-14, SN=5)
  [05/Jan/2005:17:29:18.567 +0530] INFO 62 CNN101 csi2a01 "Received all remote entries for the 'DS1TOADS' Synchronization User List." (Action ID=CNN101-10142707E24-14, SN=10)
  [05/Jan/2005:17:29:22.098 +0530] INFO 72 CNN102 csi2a01 "The Windows entry 'dn: 'CN=actusr1,OU=newsync,DC=esecurity,DC=com' [employeenumber=11111, givenname=ameer1] [destinationindicator=[basha.com, ameer.com]]' is already linked to the Directory Server entry 'dn: 'uid=ds1ameer1,cn=Authorization1,dc=basha,dc=com' [employeenumber=11111, destinationindicator=esecurity.com]'." (Action ID=CNN101-10142707E24-11, SN=5)
  [05/Jan/2005:17:29:22.098 +0530] INFO 71 CNN102 csi2a01 "The Windows entry 'dn: 'CN=actusr2,OU=newsync,DC=esecurity,DC=com' [employeenumber=11112, givenname=ameer2] [destinationindicator=[basha.com, ameer.com]]' is already linked to the Directory Server entry 'dn: 'uid=ds1ameer2,cn=Authorization1,dc=basha,dc=com' [employeenumber=11112, destinationindicator=esecurity.com]'." (Action ID=CNN101-10142707E24-10, SN=5)
  [05/Jan/2005:17:29:22.520 +0530] INFO 73 CNN102 csi2a01 "Received all remote entries for the 'DS2TOADS' Synchronization User List." (Action ID=CNN101-10142707E24-13, SN=5)
  [05/Jan/2005:17:29:22.629 +0530] INFO 63 CNN101 csi2a01 "Received all remote entries for the 'DS2TOADS' Synchronization User List." (Action ID=CNN101-10142707E24-13, SN=10)
  audit log
  [05/Jan/2005:17:29:15.629 +0530] FINE 16 CNN102 csi2a01 "The agent has received an outbound action from MQ: Type: REFRESH SUL: DS2TOADS {Data Attrs: [UNSPEC employeenumber: 11112] [UNSPEC activedirectorydomainname: esecurity.com]} {Other Attrs: cn: actusr2 destinationindicator: basha.com, ameer.com dn: CN=actusr2,OU=newsync,DC=esecurity,DC=com employeenumber: 11112 givenname: ameer2 objectclass: top, person, organizationalPerson, user dspswuserlink: tZeGDb7WM0SW72YcOMzfew== pwdlastset: 127493062677968750 samaccountname: 1234 sn: nagore2 usnchanged: 115104 whenchanged: 20050104100213.0Z}." (Action ID=CNN101-10142707E24-10, SN=3)
  [05/Jan/2005:17:29:15.895 +0530] FINE 16 CNN102 csi2a01 "The controller has received the following outbound action from the agent: Type: REFRESH SUL: DS2TOADS {Data Attrs: [UNSPEC employeenumber: 11112] [UNSPEC activedirectorydomainname: esecurity.com]} {Other Attrs: cn: actusr2 destinationindicator: basha.com, ameer.com dn: CN=actusr2,OU=newsync,DC=esecurity,DC=com employeenumber: 11112 givenname: ameer2 objectclass: top, person, organizationalPerson, user dspswuserlink: tZeGDb7WM0SW72YcOMzfew== pwdlastset: 127493062677968750 samaccountname: 1234 sn: nagore2 usnchanged: 115104 whenchanged: 20050104100213.0Z}." (Action ID=CNN101-10142707E24-10, SN=4)
  [05/Jan/2005:17:29:16.208 +0530] FINE 16 CNN102 csi2a01 "The agent has received an outbound action from MQ: Type: REFRESH SUL: DS2TOADS {Data Attrs: [UNSPEC employeenumber: 11111] [UNSPEC activedirectorydomainname: esecurity.com]} {Other Attrs: cn: actusr1 destinationindicator: basha.com, ameer.com dn: CN=actusr1,OU=newsync,DC=esecurity,DC=com employeenumber: 11111 givenname: ameer1 objectclass: top, person, organizationalPerson, user dspswuserlink: tfNQqDQ8VEigzgJjrfcVSg== pwdlastset: 127493178093125000 samaccountname: 123 sn: nagore1 usnchanged: 115147 whenchanged: 20050104131009.0Z}." (Action ID=CNN101-10142707E24-11, SN=3)
  [05/Jan/2005:17:29:16.926 +0530] FINE 16 CNN100 csi2a01 "The agent has received an outbound action from MQ: Type: SENTINEL SUL: DS1TOADS {Data Attrs: } {Other Attrs: }." (Action ID=CNN101-10142707E24-14, SN=3)
  [05/Jan/2005:17:29:16.926 +0530] FINE 16 CNN100 csi2a01 "The controller has received the following outbound action from the agent: Type: SENTINEL SUL: DS1TOADS {Data Attrs: } {Other Attrs: }." (Action ID=CNN101-10142707E24-14, SN=4)
  [05/Jan/2005:17:29:16.973 +0530] FINE 16 CNN102 csi2a01 "The controller has received the following outbound action from the agent: Type: REFRESH SUL: DS2TOADS {Data Attrs: [UNSPEC employeenumber: 11111] [UNSPEC activedirectorydomainname: esecurity.com]} {Other Attrs: cn: actusr1 destinationindicator: basha.com, ameer.com dn: CN=actusr1,OU=newsync,DC=esecurity,DC=com employeenumber: 11111 givenname: ameer1 objectclass: top, person, organizationalPerson, user dspswuserlink: tfNQqDQ8VEigzgJjrfcVSg== pwdlastset: 127493178093125000 samaccountname: 123 sn: nagore1 usnchanged: 115147 whenchanged: 20050104131009.0Z}." (Action ID=CNN101-10142707E24-11, SN=4)
  [05/Jan/2005:17:29:16.973 +0530] FINE 16 CNN102 csi2a01 "The agent has received an outbound action from MQ: Type: SENTINEL SUL: DS2TOADS {Data Attrs: } {Other Attrs: }." (Action ID=CNN101-10142707E24-13, SN=3)
  [05/Jan/2005:17:29:16.989 +0530] FINE 16 CNN102 csi2a01 "The controller has received the following outbound action from the agent: Type: SENTINEL SUL: DS2TOADS {Data Attrs: } {Other Attrs: }." (Action ID=CNN101-10142707E24-13, SN=4)
  [05/Jan/2005:17:29:17.442 +0530] FINER 13 SysMgr_100 csi2a01 "Sending an acknowledgement to the console for request (ID=1104926235041)."
  [05/Jan/2005:17:29:17.473 +0530] FINE 13 SysMgr_100 csi2a01 "Sent an acknowledgement to the console for request (ID=1104926235041)."
  [05/Jan/2005:17:29:17.457 +0530] FINE 71 CNN100 csi2a01 "The agent has received the following inbound action from the controller: Type: SENTINEL SUL: DS1TOADS {Data Attrs: } {Other Attrs: }." (Action ID=CNN101-10142707E24-14, SN=6)
  [05/Jan/2005:17:29:17.489 +0530] INFO 71 CNN100 csi2a01 "The agent is sending the following inbound action to MQ: Type: SENTINEL SUL: DS1TOADS {Data Attrs: } {Other Attrs: }." (Action ID=CNN101-10142707E24-14, SN=7)
  [05/Jan/2005:17:29:17.504 +0530] FINER 71 CNN100 csi2a01 "The controller has acknowledged the following outbound action to the agent: Type: SENTINEL SUL: DS1TOADS {Data Attrs: } {Other Attrs: }." (Action ID=CNN101-10142707E24-14, SN=8)
  [05/Jan/2005:17:29:18.192 +0530] FINE 16 CNN101 csi2a01 "The agent has received an outbound action from MQ: Type: SENTINEL SUL: DS1TOADS {Data Attrs: } {Other Attrs: }." (Action ID=CNN101-10142707E24-14, SN=8)
  [05/Jan/2005:17:29:18.364 +0530] FINE 16 CNN101 csi2a01 "The controller has received the following outbound action from the agent: Type: SENTINEL SUL: DS1TOADS {Data Attrs: } {Other Attrs: }." (Action ID=CNN101-10142707E24-14, SN=9)
  [05/Jan/2005:17:29:18.676 +0530] FINER 62 CNN101 csi2a01 "The controller has acknowledged the following outbound action to the agent: Type: SENTINEL SUL: DS1TOADS {Data Attrs: } {Other Attrs: }." (Action ID=CNN101-10142707E24-14, SN=11)
  Please do the needful
  Basha

  Hi Joshua,
  Does this mean that I need to install the core and sub component but no need to install the DS and AD connectors. No!!! Core must only be installed on one machine! Here is a short summary of the steps during an installation having sun ONE LDAPs in multi-master replication (taking ldap2 as the machine, whrere core is installed):
  1. Install core on ldap2
  2. start console and configure your directory sources. For the sun directory source enter ldap2 as the preferred and ldap1 as the secondary ldap. Configure the rest: attribute-mapping, modification flow, AD-source, SULs, etc. save the configuration.
  3. on ldap2 run idsync prepds untill you get the SUCCESS message in the following way (be sure to specify the secondary ldap with -j and -r options):
  idsync prepds -h <ldap2> -p <ldap2port> -j <ldap1> -r <ldap1port> -D "cn=directory manager" -w <passwort> -s  <configuration_registry_suffix>4. Run the install binaries again on ldap2. Install DS Connector on ldap2, install DS-Subcomponent (preferred) on ldap2. Install AD-Connector.
  5. Copy over install binaries to ldap1. Run the install binaries on ldap1. Give ldap2 as configuration directory URL When you are asked, what components to install, select subcomponent. Select the suffix. When you are asked, what type of ldap, select secondary.
  6. Copy over install binaries to any ldap slave in your replication topology and install the subcomponent there, choosing "other" as the ldap type.
  Good luck again...
  Jakob.

• Password synchronization between OID and AD - 10.1.2

  Hi,
  I've some questions about the following issue:
  I've tried to setup the password synchronization between OID 10.1.2 and active directory, with the intent of exporting ldap users from OID to AD..
  Well, the bootstrap gone fine, but when I tried to activate the export of password in the activexp.map configuration file,
  I've obtained this:
  *Writer Thread - 0 - [LDAP: error code 53 - 0000001F: SvcErr: DSID-031A0FC0, problem 5003  (WILL_NOT_PERFORM), data 0*
  for each entry I tried to export...
  I've opened a SR on metalink and I've received the following answer:
  _"  As shown by the synchronization profile, currently you have a mapping for the password from OID to AD._
    _userpassword: : :person:unicodepwd: :person:_ 
    _According to the documentation, password synchronization requires the directories to be configured for SSL mode:_
      _http://download-uk.oracle.com/docs/cd/B14099_12/idmanage.1012/b14085/odip_actdir003.htm#CHDEFIED_
  _18.3.2.8 Synchronizing Passwords_
    _You can synchronize Oracle Internet Directory passwords with Active Directory._
     _You can also make passwords stored in Microsoft Active Directory available in Oracle Internet Directory._  
     _Password synchronization is possible only when the directories run in SSL mode 2, that is, server-only authentication."_
  The SSL setup is the only way to achieve this, or there's another alternative?
  Thanks                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   

  Yes. It needs to be in SSL.
  http://download-uk.oracle.com/docs/cd/B14099_12/idmanage.1012/b14085/odip_actdir003.htm#CHDCJHHB
  Some excerpts:
  Active Directory Connector uses SSL to secure the synchronization process. Whether or not you synchronize in the SSL mode depends on your deployment requirements. For example, synchronizing public data does not require SSL, but synchronizing sensitive information such as passwords does. To synchronize password changes between Oracle Internet Directory and Microsoft Active Directory, you must use SSL mode with server-only authentication, that is, SSL Mode 2.
  -shetty2k

• Password changes in AD - Password Synchronization Connector Issue

  Hey all,
  Newbie question/problem... I have the 9.1.1.0 version of the AD Password Synchronization Connector installed on all domain controllers in my AD. My OIM system is IDM 9.1.0.1 running with JBoss.
  When a password is changed on the target machine that OIM is connected to, the password synchronizes across to OIM fine.
  When I change a password on another DC, the password does not synchronize. I check the logs and instead get an error saying... User not found. This shows in the AD eventlog as well saying... user not found in AD, please verify the configuration parameters.
  The weird thing is... if I change my OIM host to point to the 2nd DC that threw that error and change the Password Synchronization Connector to point to itself as the host, the password change will now work and synchronize back to OIM. The password change on the original DC will now throw the same error, user not found.
  I am totally stumped on this one... any help would be greatly appreciated.
  Thanks in advance.
  -B

  Well finally figured it out... each password synchronization connector on each domain controller must:
  for the host entry: use the IP of the current Domain controller box you are installing on
  for the OIM host: enter the OIM server's hostname (not ip)
  Just wanted to share my pains and struggles so others wouldn't have to.

• Password Synchronization Connector Error in SSL secure mode (636)

  Hello friends,
  I tell them my case:
  I have an Oracle Identity Manager environment BP15 9.1.0.2 and I installed an Active Directory Password Synchronization plug. The connector works properly in unsafe mode (389), then you have configured the SSL connector in safe mode (636) the log shows the following:
  Inside *********** **************** sgslldpcopenLDAPConnection
  Debug [10/28/2011 2:21:00 PM] Inside sgsladac c-tor
  Debug [10/28/2011 2:21:00 PM] AD Host
  Debug [10/28/2011 2:21:00 PM] 192.168.1.10
  Debug [10/28/2011 2:21:00 PM]
  Debug [10/28/2011 2:21:00 PM] AD Port
  Debug [10/28/2011 2:21:00 PM] 636
  Debug [10/28/2011 2:21:00 PM]
  Debug [10/28/2011 2:21:00 PM] AD Base DN
  Debug [10/28/2011 2:21:00 PM] DC = domain1, DC = com
  Debug [10/28/2011 2:21:00 PM]
  Debug [10/28/2011 2:21:00 PM]
  Debugging the code
  Debug [10/28/2011 2:21:00 PM] Inside ConnectToADSI
  Debug [10/28/2011 2:21:00 PM]
  ldap_connect failed with
  Debug [10/28/2011 2:21:00 PM] Server Down
  Debug [10/28/2011 2:21:00 PM]
  Debug [10/28/2011 2:21:00 PM]
  Connection to AD failed
  Debug [10/28/2011 2:21:00 PM]
  Out of openLDAPConnection ********** *****************
  Debug [10/28/2011 2:21:00 PM] Inside sgsladac destroyer
  Debug [10/28/2011 2:21:01 PM] Datastore --- Connect to AD
  Debug [10/28/2011 2:21:01 PM]
  Inside *********** **************** sgslldpcopenLDAPConnection
  Any suggestions to solve this problem.
  thank you very much

  1. Check your ports, make sure they are open.
  2. For password sync you'll need to have SSL certificates configured so AD, OIM and the connector can talk securely. Make sure the proper keystore is used and certificate is present on all 3 (the connector includes the guide to install them)
  With the above I got my connector working to this point. Hope that helps.
  - JP

• Issue with GPO "WSE Group Policy Password Synchronization"

  When I started my migration of SBS2011 to  2012r2 with essentials service I noticed this GPO appear which I assume is for passwords to be synced to the cloud however when I implemented group policy from essentials the dashboard crashed and the typical
  GPO's that it creates weren't there and only the folder-redirection was present it was also blank so I deleted it (I didnt delete the GPO "WSE Group Policy Password Synchronization" )
  I then re-launched the dashboard and ran through the process again, it worked what a treat! except the GPO for "WSE Group Policy Password Synchronization"
  appears to be blank, I remember it pointing to a ps file but I dont know what ps file and how to recreate it, along with to confirm what it does. Sadly I have no GPO backup to go back to.
  any help on this would be much appreciated 
  Cheers 

  Hi,
  à
  however when I implemented group policy from essentials the dashboard crashed
  Based on your description, I understand that Dashboard crashed when implemented group policies (some WSE Group
  Policy).
  àthe typical
  GPO's that it creates weren't there and only the folder-redirection was present it was also blank so I deleted it (I didnt delete the GPO "WSE Group Policy Password Synchronization")
  Did you mean that deleted the ‘WSE Group Policy Folder Redirection’? Would you please let me know whether do
  any operation for the ‘WSE Group Policy Password Synchronization’? Meanwhile, please check if other WSE Group Policy also was
  No Settings defined in Settings tab (as your ‘WSE Group Policy Password Synchronization’ picture showed).
  àSadly I have
  no GPO backup to go back to.
  Please start a BPA scan and check if find relevant issue. If no GPO backup, it seems that not be able to help
  us to restore group policy objects. By the way, did you have a Full server backup?
  If anything I misunderstand or any update, please feel free to let me know.
  Hope this helps.
  Best regards,
  Justin Gu

• Has anyone not working with .dv files had synchronization problems?

  Has anyone not working with .dv files had sound synchronization problems? I'm not exactly sure what the alternatives to DV are, but I think one of them is HD.
  The reason for asking this question is to help isolate the nature and cause of a very serious flaw in iMovie '11. In the original release of iMovie '11 (version 9.0) there was a small--but serious--synchronization problem. In the 9.01 there is a large synchronization problem. We know of one person who has not experienced the problem, and he is not working with DV files (media). So we want to find out if anyone who is using something other than .dv files is experiencing a lack of synchronization between sound and picture. Knowing the answer to this will help with figuring out where the cause lies. For the initial iMovie '11 release (9.0), you probably would not notice a problem unless you had very long event-clips, e.g., two hours long. Events get this long if you are transferring from analog 8 mm tapes. Even then, it would have to be in scenes in which the connection between event and sound is obvious, e.g., close ups of people talking. It isn't until the 9.01 release that most people would notice anything. All we need to do is establish one case of a synchronization problem in which the person is using something other than DV.
  Message was edited by: Paul Bullen

  Hopefully, the 9.0.2 release will make my question moot. Zyfert must have posted the announcement of the release just as I was formulating my question. Still, if you have information on the subject, it would be interesting to hear.

• How to avoid synchronization problem in a  JSP webpage

  HI,
  In my web page im facing a problem like if two user are workin, by that time one's page is getting reflected in other's page.
  Can anyone tell me how to avoid this synchronization problem?
  Thanx a lot

  Hi Rajesh,
  we Have Configured LDAP tree Successfully....the Problem is the Role Assignment iview under Portal Admin is not appearing....if we check the Test Connection with the  users Configured with LDAP in Authentication server TAB under user configuration,it is showing success message...but at the same time we are unable to login with the same user in to the Portal..we are working with EP 5.0....any help can be appreciated
  Regards
  Sudhir

• SAP ECC 6.0 / Active Directory Password synchronization

  Hello,
  We have a need to synchronize our users Windows passwords (AD) to our SAP systems (ECC 6.0, BW 3.5, and SCM 5.0).  We do not use CUA and currently do not use a Portal and are not looking at doing SSO.  We simply want to have one repository (AD) that will manage passwords for our Windows apps as well as our SAP systems.  So far, we have not found a way to do this.  SAP Note 603208 says this kind of synchronizing is not possible due to encryptions, among other things.  However, we did find a white paper that stated the following:
  ~snip
  <i>The Management Agents delivered with MIIS generally support password management: <b>they can take a password from some source (either from a user password change from the Windows interface, or from a self-service web-based password reset interface) and can set the same password in the various connected systems</b>. The Management Agent developed by Oxford is no exception. To change a password in an R/3 System the Susr_User_Change_Password_Rfc function can be used, but this is only possible if the old password is known and the SAP system allows the password change for this user. In cases where the old password is not known (for example the setting of an initial password) the password can be reset using the BAPI_User_change function.</i>~snip
  Does anyone have any information on how we can achieve the password synchronization between Active Directory and Abap-based SAP Systems?
  I very much appreciate your time and help.
  Paul

  Paul,
  You can achieve this using "common authentication". Since Active Directory uses Kerberos, if you allow your SAP systems to support Kerberos authentication as well, then you will be able to logon to Windows workstation, and use the Kerberos credentials issued by Active Directory during this logon to log the user onto SAP.
  This is common, and easy to acheive. You need to use the SNC capability which is provided in SAP GUI and also in SAP ABAP engine, and you also need a GSS-API library for both workstations and for the SAP servers that implements the Kerberos protocol. If your SAP server is running on Windows Servers then you can get this GSS-API library from SAP, but if (like many companies) you are running SAP ECC, BW, SCM etc. on UNIX or Linux servers then you need to license a third-party product which provides the GSS-API library etc. I represent a vendor (CyberSafe) that provides this exact product, but you can also find other vendors by looking on SAP partner website, under SNC certified products list. If you want to find out more about our product, please ask me offline by getting my email address from my business card.
  I hope this helps. Of course, if there are any questions for me related to this which are appropriate for public viewing then please ask them via this forum instead of via email.
  Regards,
  Tim

• Password Synchronization from OIM to target systems

  Hi All,
  Is there any OOTB functionality in OIM9.1.0.1 for password synchronization.
  I have a user with multiple IT resources provisioned into his account. Now whenever user changes his password in OIM, I want that to be updated on particular target system which user selects. For ex. If a user has 5 IT resources configured and whenever he changes his password that has to be updated on only 3 IT resources and not all.
  As per my understanding each IT resource configured will have some process task for updating the password on target system(Password Update in case of iPlanet resource) which will be triggered if an entry for this is present in USR_TRIGGERS. If I use this kind of approach it will update on all IT resources.
  How can I make this dynamic so that the changes are done only to a list of specific IT resources selected by user.
  Thanks & Regards,
  Mahantesh

  There is no OOTB functionality for the end user to decide which resources get their password changed and when. The OOTB functionality lets you use the Lookup.USR_PROCESS_TRIGGER to define which USR table fields have triggers configured for modification. Then you can create the task associated with the field in any provisioning process definition to insert that task when the field changes.
  If you want the user to be able to pick and choose which fields get propagated to which targets, it becomes custom coding.
  Off hand, to be able to decide which passwords get propagated to which targets, i might suggest some way for the end user to set the targets before hand because when a user changes their password, it's only the password that is being changed. You are going to need a field somewhere that says "yes this resource will propagate the password". You have 2 locations i can think of to do this, on the USR form as a UDF, or a field no the user's resource profile. Next you need a way to fill in these values. If it's on the USR form, you could put these on the user's self modification page to be able to check and uncheck these per resource. Or you can create a self requestable resource, or organization type requestable that has the list of targets, and the user can choose which ones they want to propagate the password to. You cannot have a dynamic list of targets though of the resource form. It has to be a set defined list. You could however create a child table with a list of all available objects and have them just add them in. Once the selection is done, you will either have these checked, or the provisioning side will update the values.
  Now, when the password is changed, and you have your "Change User Password" task running, your adapter will have an input that maps to the UDF field to check if it should pass the new password to the Password Field on the form to trigger the Password Updated task, or return the existing password.
  Or you create a custom page that lets you do whatever you want :)
  -Kevin

• AD password synchronization connector error

  Hi,
  I have installed the AD password synchronization connector 9.1.1. to Windows 2003 SP2 server successfully.
  When I tried to reset the users password I can see from the 20120518OIMMain.log file the following errors:
  Debug [5/18/2012 8:20:19 PM] The SOAP start element is
  Debug [5/18/2012 8:20:19 PM] <SPMLv2Document xmlns="http://xmlns.oracle.com/OIM/provisioning">
  Debug [5/18/2012 8:20:19 PM] The SOAP end element is
  Debug [5/18/2012 8:20:19 PM] </SPMLv2Document>
  Debug [5/18/2012 8:20:19 PM] The path is
  Debug [5/18/2012 8:20:19 PM] /spmlws/HttpSoap11
  Debug [5/18/2012 8:20:19 PM] End of sgsloidi::setParameters
  Debug [5/18/2012 8:20:19 PM] <?xml version="1.0" encoding="UTF-8"?>
  <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ns0="http://xmlns.oracle.com/OIM/provisioning"><env:Body><env:Fault><faultcode>env:Server</faultcode><faultstring>Internal Server Error (Caught exception while handling request: java.rmi.RemoteException: null; nested exception is:
  *     java.lang.NullPointerException)*</faultstring></env:Fault></env:Body></env:Envelope>
  Debug [5/18/2012 8:20:19 PM] Inside sgsloidiOIMGeneralErrorHandler
  Debug [5/18/2012 8:20:19 PM] Unable to update USR_NAME. There are error messages in the searchReponse. Please check log for details
  Debug [5/18/2012 8:20:19 PM] Password updation failed in child process
  Can anyone tell me what's wrong with it? please..
  What's I should check?
  Thank a lot.

  1. Check your ports, make sure they are open.
  2. For password sync you'll need to have SSL certificates configured so AD, OIM and the connector can talk securely. Make sure the proper keystore is used and certificate is present on all 3 (the connector includes the guide to install them)
  With the above I got my connector working to this point. Hope that helps.
  - JP

• AD-OIM password synchronization connector error

  Hi,
  I have installed the AD password synchronization connector 9.1.1. to Windows 2003 SP2 server successfully. When I reset the users password I can see from the 20091217OIMMain.log file the following errors:
  Debug [12/17/2009 2:08:31 PM] The SOAP start element is
  Debug [12/17/2009 2:08:31 PM] <SPMLv2Document xmlns="http://xmlns.oracle.com/OIM/provisioning">
  Debug [12/17/2009 2:08:31 PM] The SOAP end element is
  Debug [12/17/2009 2:08:31 PM] </SPMLv2Document>
  Debug [12/17/2009 2:08:31 PM] The path is
  Debug [12/17/2009 2:08:31 PM] /spmlws/HttpSoap11
  Debug [12/17/2009 2:08:31 PM] End of sgsloidi::setParameters
  Debug [12/17/2009 2:08:31 PM] <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><env:Header/><env:Body><env:Fault xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><faultcode xmlns="">env:Server</faultcode><faultstring
  xmlns="">Internal Server Error</faultstring><faultactor xmlns=""></faultactor></env:Fault></env:Body></env:Envelope>
  Debug [12/17/2009 2:08:31 PM] Inside sgsloidiOIMGeneralErrorHandler
  Debug [12/17/2009 2:08:31 PM] Unable to update USR_NAME. There are error messages in the searchReponse. Please check log for details
  Debug [12/17/2009 2:08:32 PM] Password updation failed in child process
  Where is this searchResponce log file? I tried to see all the Windows log files, which has been updated after my password reset, but none of them has any errors which makes sense or the time would match. Also in 20091216043_PasswordChange.log everthing seems to go okay.
  SPML web service is deployed and up and I can hit that URL from my machine. I don't get any printouts to the OIM log file.
  Any ideas...? Thanks a bunch!
  -J-

  1. Check your ports, make sure they are open.
  2. For password sync you'll need to have SSL certificates configured so AD, OIM and the connector can talk securely. Make sure the proper keystore is used and certificate is present on all 3 (the connector includes the guide to install them)
  With the above I got my connector working to this point. Hope that helps.
  - JP

• Please can anyone help with the continuing password rejection problem with email.Ipad and other systems work fine but despite reloading my password on imac it bounces back.Apple store has been visited and I have tried everything they suggest.

  Please can anyone help with the continuing password rejection problem with email on my imac.My Ipad and other systems work fine but despite reloading my password on imac it bounces back.Apple store has been visited and I have tried everything they suggest.

  I use free Yahoo mail webMail access because folders I created in webmail access doesn't get set up in Apple Mail. While I was searching for post about password and keychain issues, I stumbled on several threads that complain about Mail folder issues, so I'm holding off on Apple Mail.
  On the password and keychain issue that your post is all about.  I've been using login keychain to save and automatical fill my login screens for a year or so successfully, with Safari and Chrome. Automatic form fill also works for Facebook login. Unfortunately, about 4 to 6 months ago, automatic password form fill stopped working with Yahoo webmail, while still worked for GMail (Safari and Chrome). I tried deleting the password entry for my two Yahoo email accounts to start fresh, but neither Safari not Chrome will even ask me if I want to save the password. I was so frustrated that I eventually installed the keypassX 0.43 (password manager) that is quite primitive sompare to OS X's keychain (when it works). Probably no surprise to you yet.
  The surprise, to me at least, is that, for whatever reason, password auto form-fill from keychain started working again for Yahoo webmail login on Safari about 5-7 days ago. Still doesn't work on Chrome!
  Two tips I can share, at least with webmail access:
  1. Password is save only for one of my yahoo mail accounts. When I login in with my other yahoo account, I get no prompt to save the password, and form fill doesn't work when I try to log in a second time with my other Yahoo mail account.
  2. On inspection of my login keychain, I see a webform password item saved for my Yahoo account that works with keychain. The name of the password is: login.yahoo.com(MyAccountName1#). When I open the password item and look in the Access Control tab, I see Safari and Chome are listed as allowed to access this password item..
       I also an "Internet password" item with a name of just login.yahoo.com. When I open the the password item, it looks just like the password item created for MyAccountName#1, but the MyAccountName#2 is listed in the Account field. Inside the Access Control tab, no apps are listed in access permission. I added Safari and Chrome to the lists of allowed app, saved the password item.
  Now when I bring up the Yahoo login page(by bookmark) on Safari, form fill fills in MyAccountname#1 for name and the proper password and I can login in. When I change the name to MyAccountName#2, the correct password is retrieved and I can log in! Alas, it still doesn't work on Chrome.
  BTW, I changed the password item type from "Internet password" to "Web Form password" and saw no difference! I also edited the name to be "login.yahoo.com (MyAccountName#2)" to look like the web form password item that works, but it has no effect either.
  From my experimentation, here's my observation:
  1. A Web Form password item is created for the first account name(MyAccountName#1) for login.yahoo.com and typed as Web Form password. When I log in using MyAccountName#2, an Internet Password is created, but no applications are listed as allowed to access the password item, even when the password item was created after just logged in and logged out to yahoo with the account name and password for MyAccountName#2.
  2. Manually adding Safari as an app that is allowed to use the password item works. Doesn't work with Chrome!
  The version of Safari I'm using is Version 5.1.7 (6534.57.2). My installed version of Chrome is Version 21.0.1180.79 beta.

• Password Synchronization Connector in HA

  Hello friends,
  As I can configure the Password Synchronization plug idm Oracle Identity Manager on Oracle WebLogic Server deployed in Cluster (2 nodes)
  Thanks.

  Yes, you can configure it for 2 nodes in clustered environment. Refer http://docs.oracle.com/cd/E11223_01/doc.904/e10450.pdf 2.3 4. You need to install connector on one node and configure it on both, if it is 11g.
  regards,
  GP

• Client Synchronization Problem

  Hi All,
  When I am synchronizing for the first time to get deviceid from mobile client
  getting the following error.
  • Synchronization started 
  • Proxy http://xyz:port/meSync/servlet/meSync?~sysid=ABC& 
  • Connection to server failed. 
  • Synchronization problems: Transport-layer (http) sync exception raised (root cause: Exception while synchronizing (java.io.IOException: Not in GZIP format)) 
  Could anybody tell what  I have to do please.
  Regards,
  Ameer Baba

  Hi Abhijit,
  Here it is.
  Trace   
  [20070219 08:57:53:791] I [MI/API/Logging ] ***** LOG / TRACE SWITCHED ON 
  [20070219 08:57:53:791] I [MI/API/Logging ] ***** Mobile Engine version: MI 70 SP 9 Patch 5 Build 200612061055 
  [20070219 08:57:53:791] I [MI/API/Logging ] ***** Current timezone: Indian/Reunion 
  [20070219 08:57:53:791] I [MI ] Trace severity: All (1000) 
  [20070219 08:57:53:791] D [MI/PIOS ] No implementations found. Error Code:(3) 
  [20070219 08:57:53:791] D [MI/API/Runtime/JSP ] AbstractMEHttpServlet:dispatch request to '/jsp/trace/trace.jsp' 
  [20070219 08:57:59:808] D [MI/Core ] Set current application to 'MOBILEENGINE_JSP' 
  [20070219 08:57:59:808] D [MI/API/Runtime/JSP ] AbstractMEHttpServlet:doGet(...) called 
  [20070219 08:57:59:808] D [MI/API/Runtime/JSP ] AbstractMEHttpServlet:getEvent() done with event name = '' 
  [20070219 08:57:59:808] I [MI/API/Sync ] Terminate connection feature is not configured 
  [20070219 08:57:59:808] D [MI/API/Runtime/JSP ] AbstractMEHttpServlet:dispatch request to '/jsp/home/home.jsp' 
  [20070219 08:58:01:569] D [MI/Core ] Set current application to 'MOBILEENGINE_JSP' 
  [20070219 08:58:01:569] D [MI/API/Runtime/JSP ] AbstractMEHttpServlet:doGet(...) called 
  [20070219 08:58:01:569] D [MI/API/Runtime/JSP ] AbstractMEHttpServlet:getEvent() done with event name = '' 
  [20070219 08:58:01:569] D [MI/API/Runtime/JSP ] AbstractMEHttpServlet:dispatch request to '/jsp/home/syncpassword.jsp' 
  [20070219 08:58:06:432] D [MI/Core ] Set current application to 'MOBILEENGINE_JSP' 
  [20070219 08:58:06:432] D [MI/API/Runtime/JSP ] AbstractMEHttpServlet:doGet(...) called 
  [20070219 08:58:06:432] D [MI/API/Runtime/JSP ] AbstractMEHttpServlet:getEvent() done with event name = '' 
  [20070219 08:58:06:432] P [MI/Sync ] Notify R3 called 
  [20070219 08:58:06:432] D [MI/Sync ] There is already a container for method WAF_REGISTRY and user AMEERB in the outbound queue 
  [20070219 08:58:06:432] I [MI/API/Sync ] Terminate connection feature is not configured 
  [20070219 08:58:06:432] D [MI/API/Runtime/JSP ] AbstractMEHttpServlet:dispatch request to '/jsp/home/home.jsp' 
  [20070219 08:58:06:447] D [MI/API/Services ] MEResourceBundle:Constructor: Create MEResourceBundle(com/sap/ip/me/awtapps/home/mobile_engine, en_IN, (null)) 
  [20070219 08:58:06:447] D [MI/API/Services ] MEResourceBundle:Constructor: Use classloader com.sap.ip.me.core.Startup@18fe7c3 
  [20070219 08:58:06:447] D [MI/API/Services ] CREATED MEPropertyResourceBundle com.sap.ip.me.api.services.MEResourceBundle$MEPropertyResourceBundle@d24e3f for bundleName: com/sap/ip/me/awtapps/home/mobile_engine with Locale: _en 
  [20070219 08:58:06:463] D [MI/API/Services ] CREATED parent MEPropertyResourceBundle for child bundle: com.sap.ip.me.api.services.MEResourceBundle$MEPropertyResourceBundle@d24e3f using bundle name: com/sap/ip/me/awtapps/home/mobile_engine 
  [20070219 08:58:06:463] I [MI/Sync ] Synchronize with backend called, Thread=Thread-27 
  [20070219 08:58:06:463] I [MI/Sync ] Thread=Thread-27 took lock for synchronization. 
  [20070219 08:58:06:463] P [MI/Sync ] Use following gateway for synchronization: http://cymobile:8001 
  [20070219 08:58:06:588] D [MI/SyncMonitor ] New synchronization process has been started 
  [20070219 08:58:06:588] D [MI/Sync ] Synchronisation: Fire SyncEvent 0 
  [20070219 08:58:06:588] D [MI/API/Services ] MEResourceBundle:Constructor: Create MEResourceBundle(com/sap/ip/me/awtapps/home/mobile_engine, en_IN, (null)) 
  [20070219 08:58:06:588] D [MI/API/Services ] MEResourceBundle:Constructor: Use classloader com.sap.ip.me.core.Startup@18fe7c3 
  [20070219 08:58:06:588] D [MI/API/Services ] CREATED MEPropertyResourceBundle com.sap.ip.me.api.services.MEResourceBundle$MEPropertyResourceBundle@10f41e9 for bundleName: com/sap/ip/me/awtapps/home/mobile_engine with Locale: _en 
  [20070219 08:58:06:603] D [MI/API/Services ] CREATED parent MEPropertyResourceBundle for child bundle: com.sap.ip.me.api.services.MEResourceBundle$MEPropertyResourceBundle@10f41e9 using bundle name: com/sap/ip/me/awtapps/home/mobile_engine 
  [20070219 08:58:06:603] D [MI/API/Sync ] SyncEvent com.sap.ip.me.api.sync.SyncEvent[source=com.sap.ip.me.sync.SyncManagerMerger@5bb966] skipped for User because he has not been installed on MW. 
  [20070219 08:58:06:603] D [MI/API/Sync ] SyncEvent com.sap.ip.me.api.sync.SyncEvent[source=com.sap.ip.me.sync.SyncManagerMerger@5bb966] skipped for User because he has not been installed on MW. 
  [20070219 08:58:06:603] D [MI/API/Sync ] SyncEvent com.sap.ip.me.api.sync.SyncEvent[source=com.sap.ip.me.sync.SyncManagerMerger@5bb966] skipped for User because he has not been installed on MW. 
  [20070219 08:58:06:603] D [MI/API/Sync ] SyncEvent com.sap.ip.me.api.sync.SyncEvent[source=com.sap.ip.me.sync.SyncManagerMerger@5bb966] skipped for User because he has not been installed on MW. 
  [20070219 08:58:06:603] D [MI/API/Sync ] SyncEvent com.sap.ip.me.api.sync.SyncEvent[source=com.sap.ip.me.sync.SyncManagerMerger@5bb966] skipped for User because he has not been installed on MW. 
  [20070219 08:58:06:603] D [MI/API/Sync ] SyncEvent com.sap.ip.me.api.sync.SyncEvent[source=com.sap.ip.me.sync.SyncManagerMerger@5bb966] skipped for User because he has not been installed on MW. 
  [20070219 08:58:06:603] D [MI/API/Sync ] SyncEvent com.sap.ip.me.api.sync.SyncEvent[source=com.sap.ip.me.sync.SyncManagerMerger@5bb966] skipped for User because he has not been installed on MW. 
  [20070219 08:58:06:603] D [MI/API/Sync ] SyncEvent com.sap.ip.me.api.sync.SyncEvent[source=com.sap.ip.me.sync.SyncManagerMerger@5bb966] skipped for User because he has not been installed on MW. 
  [20070219 08:58:06:603] D [MI/API/Sync ] SyncEvent com.sap.ip.me.api.sync.SyncEvent[source=com.sap.ip.me.sync.SyncManagerMerger@5bb966] skipped for User because he has not been installed on MW. 
  [20070219 08:58:06:603] P [MI/Sync ] Start updating data completeness flag for user all sync relevant users 
  [20070219 08:58:06:634] P [MI/Sync ] Update data completeness flag for user AMEERB 
  [20070219 08:58:06:634] P [MI/Sync ] Update data completeness flag for user (SHARED) 
  [20070219 08:58:06:634] P [MI/Sync ] Finished updating data completeness flag for user all sync relevant users 
  [20070219 08:58:06:634] P [MI/Sync ] Repetitive sync is turned off 
  [20070219 08:58:06:634] P [MI/Sync ] Synchronization started for user (SHARED) 
  [20070219 08:58:06:634] D [MI/API/Services ] MEResourceBundle:Constructor: Create MEResourceBundle(com/sap/ip/me/awtapps/home/mobile_engine, en_IN, (null)) 
  [20070219 08:58:06:634] D [MI/API/Services ] MEResourceBundle:Constructor: Use classloader com.sap.ip.me.core.Startup@18fe7c3 
  [20070219 08:58:06:634] D [MI/API/Services ] CREATED MEPropertyResourceBundle com.sap.ip.me.api.services.MEResourceBundle$MEPropertyResourceBundle@b05acd for bundleName: com/sap/ip/me/awtapps/home/mobile_engine with Locale: _en 
  [20070219 08:58:06:634] D [MI/API/Services ] CREATED parent MEPropertyResourceBundle for child bundle: com.sap.ip.me.api.services.MEResourceBundle$MEPropertyResourceBundle@b05acd using bundle name: com/sap/ip/me/awtapps/home/mobile_engine 
  [20070219 08:58:06:634] D [MI/SyncMonitor ] Sync monitor data file does not exist; use default values 
  [20070219 08:58:06:634] D [MI/SyncMonitor ] Start sync cycle at 20070219085806 (1171875486634) 
  [20070219 08:58:06:634] D [MI/Sync ] PackageManager: old package file C:\Program Files\SAP Mobile Infrastructure\sync\(SHARED)\out\package.out was successfully deleted 
  [20070219 08:58:06:634] D [MI/Sync ] PackageManager: create package with maximum 2147483647 items 
  [20070219 08:58:06:650] D [MI/API/Services ] MEResourceBundle:Constructor: Create MEResourceBundle(com/sap/ip/me/awtapps/home/mobile_engine, en_IN, (null)) 
  [20070219 08:58:06:650] D [MI/API/Services ] MEResourceBundle:Constructor: Use classloader com.sap.ip.me.core.Startup@18fe7c3 
  [20070219 08:58:06:650] D [MI/API/Services ] CREATED MEPropertyResourceBundle com.sap.ip.me.api.services.MEResourceBundle$MEPropertyResourceBundle@1989b5 for bundleName: com/sap/ip/me/awtapps/home/mobile_engine with Locale: _en 
  [20070219 08:58:06:650] D [MI/API/Services ] CREATED parent MEPropertyResourceBundle for child bundle: com.sap.ip.me.api.services.MEResourceBundle$MEPropertyResourceBundle@1989b5 using bundle name: com/sap/ip/me/awtapps/home/mobile_engine 
  [20070219 08:58:06:650] D [MI/Sync ] PackageManager: filled package with 0 acknowledge received container(s) 
  [20070219 08:58:06:650] D [MI/API/Services ] MEResourceBundle:Constructor: Create MEResourceBundle(com/sap/ip/me/awtapps/home/mobile_engine, en_IN, (null)) 
  [20070219 08:58:06:650] D [MI/API/Services ] MEResourceBundle:Constructor: Use classloader com.sap.ip.me.core.Startup@18fe7c3 
  [20070219 08:58:06:650] D [MI/API/Services ] CREATED MEPropertyResourceBundle com.sap.ip.me.api.services.MEResourceBundle$MEPropertyResourceBundle@a00185 for bundleName: com/sap/ip/me/awtapps/home/mobile_engine with Locale: _en 
  [20070219 08:58:06:666] D [MI/API/Services ] CREATED parent MEPropertyResourceBundle for child bundle: com.sap.ip.me.api.services.MEResourceBundle$MEPropertyResourceBundle@a00185 using bundle name: com/sap/ip/me/awtapps/home/mobile_engine 
  [20070219 08:58:06:666] D [MI/Sync ] PackageManager: filled package with 0 acknowledge container(s) 
  [20070219 08:58:06:666] D [MI/API/Services ] MEResourceBundle:Constructor: Create MEResourceBundle(com/sap/ip/me/awtapps/home/mobile_engine, en_IN, (null)) 
  [20070219 08:58:06:666] D [MI/API/Services ] MEResourceBundle:Constructor: Use classloader com.sap.ip.me.core.Startup@18fe7c3 
  [20070219 08:58:06:666] D [MI/API/Services ] CREATED MEPropertyResourceBundle com.sap.ip.me.api.services.MEResourceBundle$MEPropertyResourceBundle@c3c315 for bundleName: com/sap/ip/me/awtapps/home/mobile_engine with Locale: _en 
  [20070219 08:58:06:666] D [MI/API/Services ] CREATED parent MEPropertyResourceBundle for child bundle: com.sap.ip.me.api.services.MEResourceBundle$MEPropertyResourceBundle@c3c315 using bundle name: com/sap/ip/me/awtapps/home/mobile_engine 
  [20070219 08:58:06:666] D [MI/Sync ] PackageManager: filled package with 0 container items or headers 
  [20070219 08:58:06:666] D [MI/Sync ] PackageManager: filled package with 1 notify container(s) 
  [20070219 08:58:06:666] D [MI/SyncMonitor ] Finished outbound preparation at 20070219085806 (1171875486666) 
  [20070219 08:58:06:666] D [MI/Sync ] Package file C:\Program Files\SAP Mobile Infrastructure\sync\(SHARED)\out\package.out exists and can be read 
  [20070219 08:58:06:666] P [MI/Sync ] Synchronisation started 
  [20070219 08:58:06:666] D [MI/Sync ] Begin: Dumping file C:\Program Files\SAP Mobile Infrastructure\sync\(SHARED)\out\package.out 
  <ID>MISYNC</ID><FLAGS>0x1</FLAGS><VERSION>251500</VERSION> 
  <CONTAINER> 
  <HEADER> 
  <CONTAINER_ID>0110d938dbcae8b4c559</CONTAINER_ID> 
  <OWNER></OWNER> 
  <CONTAINER_TYPE>N</CONTAINER_TYPE> 
  <METHOD></METHOD> 
  <CONVERSATION_ID></CONVERSATION_ID> 
  <PARENT_CONTAINER_ID></PARENT_CONTAINER_ID> 
  <MESSAGE_INDEX>-1</MESSAGE_INDEX> 
  <MESSAGE_TYPE> </MESSAGE_TYPE> 
  <SERVER_ID>NEW_PROTOCOL</SERVER_ID> 
  <BODY_TYPE></BODY_TYPE> 
  <BODY_LENGTH>0</BODY_LENGTH> 
  <SUB_CONTAINER_ID>-1</SUB_CONTAINER_ID> 
  <SUB_CONT_MAX>0</SUB_CONT_MAX> 
  <ITEM_FROM>-1</ITEM_FROM> 
  <ITEM_TO>-1</ITEM_TO> 
  </HEADER> 
  </CONTAINER> 
  <SYNC_MONITOR> 
  <NEW_SYNC_FLAG>1</NEW_SYNC_FLAG> 
  <OUTBOUND_PREPARATION_TIME>0</OUTBOUND_PREPARATION_TIME> 
  <OUTBOUND_PREPARATION_FINISHED>20070219085806</OUTBOUND_PREPARATION_FINISHED> 
  <LAST_SERVER2CLIENT_NETWORK_TIME>-2147483648</LAST_SERVER2CLIENT_NETWORK_TIME> 
  <LAST_INBOUND_PROCESSING_TIME>-2147483648</LAST_INBOUND_PROCESSING_TIME> 
  <LAST_SYNC_CYCLE_TIME>-2147483648</LAST_SYNC_CYCLE_TIME> 
  <LAST_SYNC_GUID></LAST_SYNC_GUID> 
  </SYNC_MONITOR> 
  [20070219 08:58:06:681] D [MI/Sync ] End: Dumping file C:\Program Files\SAP Mobile Infrastructure\sync\(SHARED)\out\package.out 
  [20070219 08:58:06:681] I [MI/Sync ] Outbound file size for user (SHARED) is 131 
  [20070219 08:58:06:681] P [MI/Sync ] Do not use http proxy (system properties update) 
  [20070219 08:58:06:681] P [MI/Sync ] Use following gateway for synchronization: http://cymobile:8001 
  [20070219 08:58:06:681] I [MI/Sync ] GzipDataCompression: Gzip data compression is switched on 
  [20070219 08:58:06:681] P [MI/Sync ] Sending outbound file compressed to server. 
  [20070219 08:58:06:681] P [MI/Sync ] Outbound file was compressedly sent. 
  [20070219 08:58:06:697] I [MI/Sync ] HttpSynchronizer caught exception java.io.FileNotFoundException: http://name:port/sap/bc/MJC/mi_host?sysid=XYZ&client=100&~language=EN&ACKNOWLEDGE=& 
  java.io.FileNotFoundException: http://name:port/sap/bc/MJC/mi_host?sysid=XYZ&client=100&~language=EN&ACKNOWLEDGE=& 
  at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:812) 
  at com.sap.ip.me.sync.HTTPSynchronizer.getInputStreamViaTimeOutOrNot(HTTPSynchronizer.java:351) 
  at com.sap.ip.me.sync.HTTPSynchronizer.synchronize(HTTPSynchronizer.java:258) 
  at com.sap.ip.me.sync.HTTPSynchronizer.synchronize(HTTPSynchronizer.java:484) 
  at com.sap.ip.me.sync.HTTPSynchronizer.exchangeData(HTTPSynchronizer.java:73) 
  at com.sap.ip.me.sync.SyncManagerImpl.processSyncCycle(SyncManagerImpl.java:847) 
  at com.sap.ip.me.sync.SyncManagerImpl.syncForUser(SyncManagerImpl.java:1304) 
  at com.sap.ip.me.sync.SyncManagerImpl.processSynchronization(SyncManagerImpl.java:935) 
  at com.sap.ip.me.sync.SyncManagerImpl.synchronizeWithBackend(SyncManagerImpl.java:440) 
  at com.sap.ip.me.sync.SyncManagerImpl.synchronizeWithBackend(SyncManagerImpl.java:303) 
  at com.sap.ip.me.api.sync.SyncManager.synchronizeWithBackend(SyncManager.java:79) 
  at com.sap.ip.me.apps.jsp.Home$SyncRunnable.run(Home.java:568) 
  at java.lang.Thread.run(Thread.java:534) 
  [20070219 08:58:06:697] E [MI/Sync ] Exception while synchronizing via http 
  com.sap.ip.me.api.services.HttpConnectionException: Exception while synchronizing (java.io.FileNotFoundException: http://name:port/sap/bc/MJC/mi_host?sysid=XYZ&client=100&~language=EN&ACKNOWLEDGE=&) 
  at com.sap.ip.me.sync.HTTPSynchronizer.synchronize(HTTPSynchronizer.java:334) 
  at com.sap.ip.me.sync.HTTPSynchronizer.synchronize(HTTPSynchronizer.java:484) 
  at com.sap.ip.me.sync.HTTPSynchronizer.exchangeData(HTTPSynchronizer.java:73) 
  at com.sap.ip.me.sync.SyncManagerImpl.processSyncCycle(SyncManagerImpl.java:847) 
  at com.sap.ip.me.sync.SyncManagerImpl.syncForUser(SyncManagerImpl.java:1304) 
  at com.sap.ip.me.sync.SyncManagerImpl.processSynchronization(SyncManagerImpl.java:935) 
  at com.sap.ip.me.sync.SyncManagerImpl.synchronizeWithBackend(SyncManagerImpl.java:440) 
  at com.sap.ip.me.sync.SyncManagerImpl.synchronizeWithBackend(SyncManagerImpl.java:303) 
  at com.sap.ip.me.api.sync.SyncManager.synchronizeWithBackend(SyncManager.java:79) 
  at com.sap.ip.me.apps.jsp.Home$SyncRunnable.run(Home.java:568) 
  at java.lang.Thread.run(Thread.java:534) 
  [20070219 08:58:06:697] P [MI/Core ] original context restored 
  [20070219 08:58:06:697] W [MI/Sync ] Synchronisation problems 
  com.sap.ip.me.api.sync.SyncException: Transport-layer (http) sync exception raised (root cause: Exception while synchronizing (java.io.FileNotFoundException: http://name:port/sap/bc/MJC/mi_host?sysid=XYZ&client=100&~language=EN&ACKNOWLEDGE=&)) 
  at com.sap.ip.me.sync.HTTPSynchronizer.exchangeData(HTTPSynchronizer.java:82) 
  at com.sap.ip.me.sync.SyncManagerImpl.processSyncCycle(SyncManagerImpl.java:847) 
  at com.sap.ip.me.sync.SyncManagerImpl.syncForUser(SyncManagerImpl.java:1304) 
  at com.sap.ip.me.sync.SyncManagerImpl.processSynchronization(SyncManagerImpl.java:935) 
  at com.sap.ip.me.sync.SyncManagerImpl.synchronizeWithBackend(SyncManagerImpl.java:440) 
  at com.sap.ip.me.sync.SyncManagerImpl.synchronizeWithBackend(SyncManagerImpl.java:303) 
  at com.sap.ip.me.api.sync.SyncManager.synchronizeWithBackend(SyncManager.java:79) 
  at com.sap.ip.me.apps.jsp.Home$SyncRunnable.run(Home.java:568) 
  at java.lang.Thread.run(Thread.java:534) 
  [20070219 08:58:06:697] D [MI/Sync ] Synchronisation: Fire SyncEvent 1 
  [20070219 08:58:06:697] D [MI/API/Services ] MEResourceBundle:Constructor: Create MEResourceBundle(com/sap/ip/me/awtapps/home/mobile_engine, en_IN, (null)) 
  [20070219 08:58:06:697] D [MI/API/Services ] MEResourceBundle:Constructor: Use classloader com.sap.ip.me.core.Startup@18fe7c3 
  [20070219 08:58:06:697] D [MI/API/Services ] CREATED MEPropertyResourceBundle com.sap.ip.me.api.services.MEResourceBundle$MEPropertyResourceBundle@1328c7a for bundleName: com/sap/ip/me/awtapps/home/mobile_engine with Locale: _en 
  [20070219 08:58:06:697] D [MI/API/Services ] CREATED parent MEPropertyResourceBundle for child bundle: com.sap.ip.me.api.services.MEResourceBundle$MEPropertyResourceBundle@1328c7a using bundle name: com/sap/ip/me/awtapps/home/mobile_engine 
  [20070219 08:58:06:697] P [MI/Core ] Thread Thread-27 switched context to MI414d45455242 / MI414d45455242 (User: AMEERB, MSD: Name: / MOBILEENGINE_JSP (V. 7095), Target=, Type=com.sap.ip.me.core.FrameworkApplicationType) (stack level 1) 
  [20070219 08:58:06:697] I [MI/API/Sync ] SyncEvent Performing com.sap.ip.mi.systemnews.SyncListener on ConversationId MI414d45455242 
  [20070219 08:58:06:697] P [MI/Core ] original context restored 
  [20070219 08:58:06:697] P [MI/Core ] Thread Thread-27 switched context to MI2853484152454429 / MI2853484152454429 (User: (SHARED), MSD: Name: / MOBILEENGINE_JSP (V. 7095), Target=, Type=com.sap.ip.me.core.FrameworkApplicationType) (stack level 1) 
  [20070219 08:58:06:697] I [MI/API/Sync ] SyncEvent Performing com.sap.ip.me.ccms.remotetracing.RemoteTracingListener on ConversationId MI2853484152454429 
  [20070219 08:58:06:697] P [MI/Core ] original context restored 
  [20070219 08:58:06:697] P [MI/Core ] Thread Thread-27 switched context to MI2853484152454429 / MI2853484152454429 (User: (SHARED), MSD: Name: / MOBILEENGINE_JSP (V. 7095), Target=, Type=com.sap.ip.me.core.FrameworkApplicationType) (stack level 1) 
  [20070219 08:58:06:697] I [MI/API/Sync ] SyncEvent Performing com.sap.ip.me.ccms.LastSuccessfulSyncAlert on ConversationId MI2853484152454429 
  [20070219 08:58:06:697] P [MI/Core ] original context restored 
  [20070219 08:58:06:697] P [MI/Core ] Thread Thread-27 switched context to MI2853484152454429 / MI2853484152454429 (User: (SHARED), MSD: Name: / MOBILEENGINE_JSP (V. 7095), Target=, Type=com.sap.ip.me.core.FrameworkApplicationType) (stack level 1) 
  [20070219 08:58:06:697] I [MI/API/Sync ] SyncEvent Performing com.sap.ip.me.ccms.AlertManagerImpl on ConversationId MI2853484152454429 
  [20070219 08:58:06:697] P [MI/Core ] original context restored 
  [20070219 08:58:06:697] P [MI/Core ] Thread Thread-27 switched context to MI2853484152454429 / MI2853484152454429 (User: (SHARED), MSD: Name: / MOBILEENGINE_JSP (V. 7095), Target=, Type=com.sap.ip.me.core.FrameworkApplicationType) (stack level 1) 
  [20070219 08:58:06:697] I [MI/API/Sync ] SyncEvent Performing com.sap.ip.me.sync.LogSender on ConversationId MI2853484152454429 
  [20070219 08:58:06:712] P [MI/Core ] original context restored 
  [20070219 08:58:06:712] P [MI/Core ] Thread Thread-27 switched context to MI2853484152454429 / MI2853484152454429 (User: (SHARED), MSD: Name: / MOBILEENGINE_JSP (V. 7095), Target=, Type=com.sap.ip.me.core.FrameworkApplicationType) (stack level 1) 
  [20070219 08:58:06:712] I [MI/API/Sync ] SyncEvent Performing com.sap.ip.me.services.os.AgentManager$AgentSyncEventListener on ConversationId MI2853484152454429 
  [20070219 08:58:06:712] P [MI/Core ] original context restored 
  [20070219 08:58:06:712] P [MI/Core ] Thread Thread-27 switched context to MI414d45455242 / MI414d45455242 (User: AMEERB, MSD: Name: / MOBILEENGINE_JSP (V. 7095), Target=, Type=com.sap.ip.me.core.FrameworkApplicationType) (stack level 1) 
  [20070219 08:58:06:712] I [MI/API/Sync ] SyncEvent Performing com.sap.ip.me.core.StatusUpdater on ConversationId MI414d45455242 
  [20070219 08:58:06:712] P [MI/Core ] original context restored 
  [20070219 08:58:06:712] P [MI/Core ] Thread Thread-27 switched context to MI2853484152454429 / MI2853484152454429 (User: (SHARED), MSD: Name: / MOBILEENGINE_JSP (V. 7095), Target=, Type=com.sap.ip.me.core.FrameworkApplicationType) (stack level 1) 
  [20070219 08:58:06:712] I [MI/API/Sync ] SyncEvent Performing com.sap.ip.me.ccms.configinfo.ConfigInfoListener on ConversationId MI2853484152454429 
  [20070219 08:58:06:712] P [MI/Core ] original context restored 
  [20070219 08:58:06:712] P [MI/Core ] Thread Thread-27 switched context to MI2853484152454429 / MI2853484152454429 (User: (SHARED), MSD: Name: / MOBILEENGINE_JSP (V. 7095), Target=, Type=com.sap.ip.me.core.FrameworkApplicationType) (stack level 1) 
  [20070219 08:58:06:712] I [MI/API/Sync ] SyncEvent Performing com.sap.ip.me.services.os.ScriptManager on ConversationId MI2853484152454429 
  [20070219 08:58:06:712] P [MI/Core ] original context restored 
  [20070219 08:58:06:712] I [MI/Sync ] Synchronization finished, Thread=Thread-27 
  [20070219 08:58:16:703] D [MI/Core ] Set current application to 'MOBILEENGINE_JSP' 
  [20070219 08:58:16:703] D [MI/API/Runtime/JSP ] AbstractMEHttpServlet:doGet(...) called 
  [20070219 08:58:16:703] D [MI/API/Runtime/JSP ] AbstractMEHttpServlet:getEvent() done with event name = '' 
  [20070219 08:58:16:703] I [MI/API/Sync ] Terminate connection feature is not configured 
  [20070219 08:58:16:703] D [MI/API/Runtime/JSP ] AbstractMEHttpServlet:dispatch request to '/jsp/home/synclog.jsp' 
  [20070219 08:58:21:317] D [MI/Core ] Set current application to 'MOBILEENGINE_JSP' 
  [20070219 08:58:21:317] D [MI/API/Runtime/JSP ] AbstractMEHttpServlet:doGet(...) called 
  [20070219 08:58:21:317] D [MI/API/Runtime/JSP ] AbstractMEHttpServlet:getEvent() done with event name = '' 
  [20070219 08:58:21:317] I [MI/API/Sync ] Terminate connection feature is not configured 
  [20070219 08:58:21:317] D [MI/API/Runtime/JSP ] AbstractMEHttpServlet:dispatch request to '/jsp/home/home.jsp' 
  [20070219 08:58:22:579] D [MI/Core ] Set current application to 'MOBILEENGINE_JSP' 
  [20070219 08:58:22:579] D [MI/API/Runtime/JSP ] AbstractMEHttpServlet:doGet(...) called 
  [20070219 08:58:22:579] D [MI/API/Runtime/JSP ] AbstractMEHttpServlet:getEvent() done with event name = '' 
  [20070219 08:58:22:579] D [MI/API/Runtime/JSP ] AbstractMEHttpServlet:dispatch request to '/jsp/trace/trace.jsp' 
  [20070219 08:58:24:684] D [MI/Core ] Set current application to 'MOBILEENGINE_JSP' 
  [20070219 08:58:24:684] D [MI/API/Runtime/JSP ] AbstractMEHttpServlet:doGet(...) called 
  [20070219 08:58:24:684] D [MI/API/Runtime/JSP ] AbstractMEHttpServlet:getEvent() done with event name = '' 
  Regards,
  Ameer Baba.