Read Only privileges for Access Server and Identity Server - OAM 10g

Similar Messages

• Integrating Messaging Server and Identity Server

  I've got JES 2004Q2, and I'm trying to install the various components on different workstations to prove that a) the software works, and b) it's a viable alternative to Exchange (so please please help me get it working!)
  The problem I have is getting Messenger Server and Directory Server talking properly so that I can create users and then log in as those users. After days of frustrating searching for solutions to this problem (and also find people who have successfully done this), I decided to install the components onto one server.
  And it worked. Installing Messaging Server, Identity Server, Web Server (contained for Identity Server), Directory Server, and Admin Server all on the same box, configuring them all to use the same directory server for UG and preferences, running the various configuration tools that come with the software, and it all works together fine. Using "./commadmin domain modify .... -S mail", I get "OK". I can add users with the "-S mail" option, log in as those users, and send emails between those users. So this tells me that the software does work, albeit on one box.
  When I try to separate the services out to separate boxes, they don't seem to integrate properly. I thought that maybe the order in which you configured applications made a difference (ie. configuring Identity Server after Messenger Server means IS will pick up on the changes made to the directory by MS, and enable it). I also tried to see if using the same options directory server from different boxes helped, but nothing. I've even tried patching them using 116568-52 and 116585-10 but no luck.
  Therefore, I've found that installing all servers on one box works, but installing them on separate boxes doesn't (despite using the same directory servers). My conclusion in this is that one of two things must be the case:
  a) there's something in the install that has to be changed to reflect the fact that the services are running on different boxes
  b) the install of the services adds files to the system somewhere which other packages in JES pick up on (hence the reason why installing everything on one box works), and this isn't documented anywhere
  Unfortunately, the output of commadmin when it fails isn't that helpful (nothing against the developers, however it doesn't really help in the fault finding process). I do believe however that the problem is with Identity Server and its configuration, rather than Messaging Server.
  Here's some (possibly) useful info:
  kipling# ./imsimta version
  Sun Java(tm) System Messaging Server 6.1 HotFix 0.01 (built Jun 24 2004)
  libimta.so 6.1 HotFix 0.01 (built 12:52:04, Jun 24 2004)
  SunOS kipling 5.8 Generic_117350-02 sun4u sparc SUNW,Sun-Blade-1500
  kipling#
  (on UG server)
  # ./commadmin domain modify -D admin -w <password> -d uwe.ac.uk -n uwe.ac.uk -S mail -H kipling.uwe.ac.uk
  FAIL
  Unable to set attribute(s)
  (some verbose mode output)
  [Debug]: Contacting : http://bronte.uwe.ac.uk:10080/commcli/TaskManager
  [Debug]: To servlet: task=ModifyDomain&objecttype=Domain&domain=uwe.ac.uk&add_services=mail&add_preferredmailhost=kipling.uwe.ac.uk
  [Debug]: RECV: FAIL
  [Debug]: RECV: Unable to set attribute(s)
  [Debug]: CLITask: status returned =FAIL
  FAIL
  Unable to set attribute(s)
  [Debug]: DBG: doOne returned code=6
  [Debug]: Contacting : http://bronte.uwe.ac.uk:10080/commcli/logout
  [Debug]: Logout ...
  [Debug]: RECV: SSOToken id AQIC5wM2LY4SfcyW5hbVBGXqCdsYYDjVarSFRMd6HIxsGho=@AAJTSQACMDE=#
  [Debug]: RECV: destroyed
  Root suffix: dc=uwe,dc=ac,dc=uk (all "o=" references have been dropped)
  All services have their own local options directory server.
  Can anyone give me any suggestions? If I log a support call with Sun, what is the likely resolution time? My ultimate goal is to get the whole suite running together, then install Portal server. Once that's working, download the connectors for Outlook and get it all working with Outlook. As I said at the start, we're hoping to show this is a viable alternative to Exchange (certainly for the backend) so any help will be greatly appreciated!
  Iain

  slo_chewie wrote:
  Does the email recipient address change when the email is sent to gmail i.e. does an email sent to [email protected] become [email protected]?
  We've got google for domains setup, so users would retain a @domain.com address regardless if there mailbox was hosted on the internal server or hosted at google.You can make use of the mailRoutingAddress: user attribute and source routing to get the desired behaviour e.g.
  => Set the following value to the LDAP entry of the user who is hosted on the gmail server. The "[email protected]" address should match the users mail: address:
  mailRoutingAddress: @gmail.com:[email protected]=> Ensure the following option has been tcp_local channel in your imta.cnf file. This option strips off the "@gmail.com" value of the recipient address before sending the email to the gmail.com servers.
  dequeue_removerouteMake sure you run "./imsimta cnbuild;./imsimta restart" after modifying the imta.cnf file.
  Regards,
  Shane.

• WebPass communication to access server and identity server failing

  I have Identity server installed on Windows and WebPass on IIS web server. When I go to http://hostname:port/identity/oblix/ and http://hostname:port/access/oblix/the default page shows up. But when I click on the Identity System Console link, it Hangs. This behaviour has occured today although the things were working fine prior for a long time. I have checked the webpass logs but nothing specific to the problem is coming.

  Hi Colin,
  There is an activity on the server,as the processing goes on after entering credentials and there is no blank page. I have put on HTTP Headers
  and there result is
  POST /identity/oblix/apps/admin/bin/front_page_admin.cgi?pluginName=front_pageadmin&program=commonLogin&returnUrl=..%2F..%2F..%2F..%2F..%2Faccess%2Foblix%2Fapps%2Fadmin%2Fbin%2Ffront_page_admin.cgi%3FloginTry%3D1%26pluginName%3Dfrontpage_admin&backUrl=..%2F..%2F..%2F..%2F..%2Faccess%2Foblix%2Fapps%2Fadmin%2Fbin%2Ffront_page_admin.cgi HTTP/1.1
  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-powerpoint, application/vnd.ms-excel, application/msword, application/xaml+xml, application/vnd.ms-xpsdocument, application/x-ms-xbap, application/x-ms-application, */*
  Referer: http://10.1.9.4/identity/oblix/apps/admin/bin/front_page_admin.cgi?program=commonLogin&returnUrl=..%2F..%2F..%2F..%2F..%2Faccess%2Foblix%2Fapps%2Fadmin%2Fbin%2Ffront_page_admin.cgi%3FloginTry%3D1%26pluginName%3Dfrontpage_admin&backUrl=..%2F..%2F..%2F..%2F..%2Faccess%2Foblix%2Fapps%2Fadmin%2Fbin%2Ffront_page_admin.cgi
  Accept-Language: en-us
  Content-Type: application/x-www-form-urlencoded
  UA-CPU: x86
  Accept-Encoding: gzip, deflate
  User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; FDM; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
  Host: 10.1.9.4
  Content-Length: 104
  Connection: Keep-Alive
  Cache-Control: no-cache
  I have tried to access from different browsers and different machines,but the prblem remains same.

• Remove Standby/Read only mode for a database in sql server 2005

  Hi,
        I have a problem in sql sever . my database is showing standby/read-only mode. i want to remove that mode.please help me for the issue.

  HI
  Did you assign any DB read only user?
  check the administrator guide in your SAP Business one->Documntation->system setup->Administrator guide...
  but removing DB read only user is impossible.....

• I'm modifying someone else's website for the first time (noob = yes).  I only have ftp access to the site server.  Before uploading changes, is there a easy/quick/recommended/etc way to make a copy of the files I'm about to replace?

  Great, first post, sorry for the title.  But to repeat it:
  I'm modifying someone else's website for the first time (noob = yes).  I only have ftp access to the site server.  Before uploading changes, is there a easy/quick/recommended/etc way to make a copy of the files I'm about to replace?

  You can use the Dreamweaver FTP (or a different FTP client) to completely copy the original website to your development computer, then, before making changes, you can copy the whole thing to a directory called something like "website original"
  If you want to run both the old and new sites on the remote server, this is often possible. Add a folder/directory to the server and call it something like "new" and upload the new files there until you are ready to replace the old site
  All of this you can do with FTP

• This new update for the iphone has me troubled. Nowhere did I see where it was only good for 3GS,4S and or 5. Is this update also good for the 3GS? I'm reading people are haing trouble.

  This new update for the iPhone has me troubled. Nowhere did I see where it was only good for 3GS,4S and or 5 or all. Is this update also good for the 3GS? I'm reading people are having trouble.

  iOS 6 can be loaded without problem on the 3GS.  Not all features are supported however.
  With respect to your reading people are having trouble, what did you expect to see on this technical support forum?  People don't write in to state they have a trouble-free upgrade.

• Every file has staff and everyone "read only" privileges

  Just upgraded to SL with a clean install. Copied over all my documents. Now it seems like every single file has staff and everyone read only privileges (in addition to me having read & write).
  How can this be? Under System Preferences, Sharing, I have absolutely nothing checked.
  Anyone know anything about this? Thanks.

  santranyc wrote:
  Just upgraded to SL with a clean install. Copied over all my documents. Now it seems like every single file has staff and everyone read only privileges (in addition to me having read & write).
  these are standard permissions in both leopard and snow leopard. any new files you create in your home directory will have those permissions.
  How can this be? Under System Preferences, Sharing, I have absolutely nothing checked.
  this has nothing to do with sharing.
  Anyone know anything about this? Thanks.

• Read only user for Weblogic Server Console (6.1)

  Hello,
  I'd like to create a read-only user for a customer that gives him acces to the
  Console only for reading all the configuration. I don't him to modify anything
  Is there a simple way to do this ?
  Thanks in advance.
  --Seb

  "Seb" <[email protected]> wrote in message news:3f33c3e2$[email protected]..
  >
  Hello,
  I'd like to create a read-only user for a customer that gives him acces tothe
  Console only for reading all the configuration. I don't him to modifyanything
  Is there a simple way to do this ?A previous post mentioned that this is not possible in 6.1.
  Brown,
  This functionality is not available in 6.1. The newest version of wls
  8.1 has this feature depending on the role that the user is in.
  ~satya

• How to create files with read/write privileges for everyone?

  I have two iMacs 7,1 (one with Snow Leopard and the other with Mountain Lion) in a local area wireless network.
  I have shared the "documents" folder in the Snow Leopard iMac in order to have files available to the other iMac. The folder has read/write privileges for everyone.
  When I create a new file in the shared "Documents" folder (for example a new Open office document, or a Keynote presentation) this file is by default "read/write" for the Administrator but only "read" for all the other users, so when I try to open it from the other iMac, I am informed that the file is "read only".
  I can obviously change the privileges of the file in the information window, but I have to do on a file per file basis and this takes too long.
  Is it possible to change settings in order to create files which are always "read/write" for everyone?
  And, secondly, since I have several existing files whose privileges I should manually change one by one, is it possible to make global changes of their privileges?
  Thanks in advance
  Best regards

  couple of different changes - 1st, if you want to share folders, doing your whole documents folder is not the best way.  Since both your computers can handle AidDrop, that's what I would recommend - http://osxdaily.com/2011/11/14/how-to-use-airdrop-in-mac-os-x/ - as it create an instant Ad-Hoc network between the two computers and then let's it done. 
  A second possibility that may not be what you're looking for, is to use google drive or some similay cloud sharing app to sync the documents back and forth.  both of these solutions will transfer the files well, but the airdrop may be simplest

• I can't get new version of itunes to install on Windows 7 64 bit computer. Receive message that reads insufficient privileges to access c:\program files\ipod\bin. Tried to follow some suggestions found here but nothing is working. Any new suggestions?

  I can't get new version of itunes to install on Windows 7 64 bit computer. Receive message that reads insufficient privileges to access c:\program files\ipod\bin. I've followed several threads I've read here but nothing is working.

  For such situation, I'd suggest the following:
  1. Remove current installed office with the fix-it tool in
  KB2739501, and follow the "Remove Office manually" section to make sure there are no remaining files
  2. Either download a trial version of Office 2013 from
  http://office.microsoft.com/, or from
  http://technet.microsoft.com/en-us/evalcenter/jj937170
  3. Reboot your computer in clean boot mode, and run setup again
  Max Meng
  TechNet Community Support

• File transport does not have read/write privileges for receive location???

  Hi all.
  I try to read an EDI-file from a file location.
  In configured the receive location but when I enable it I get an error message in the log saying:
  File transport does not have read/write privileges for receive location "Location"  (Event ID: 7183)
  The location is correct (I used the browse option) and the folder is shared with all users (full access for everybody).
  How can I get rid of this error

  There can be many reasons for this error. First of all try the KB article http://support.microsoft.com/kb/888498 . Then try the solution on this link http://bluebiztalk.blogspot.com/2008/05/file-transport-does-not-have-readwrite.htmlAbdul Rafay
  http://abdulrafaysbiztalk.wordpress.com/
  Please mark this as answer if it helps

• Is database link only 'valid' for instances in the same server?

  Background: We have 5 servers and installed Oracle 7.3 and 8.
  Problem: I managed to create database link to other instance in same server; but not to other server. Error message received was :
  ORA-02019: connection description for remote database not found
  : TNS server name not found
  BUT: I managed it with 'copy from ' command in SQL*plus.
  Question: Is database link only 'valid' for instances in the same server?
  Thanks! ;o)

  user10127912 wrote:
  Hi,
  We are planning to install second instance of Oracle 11gR2 in Linux server 2.6.39-400.21.1.el6uek.x86_64 x86_64. This is something we never haven done before. If you have such experience, please give us some insight.
  The existing instance has all the standard ports:
  Connecting to (ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521))
  Enterprise Manager Console HTTP Port (pterpdb02) = 1158
  Enterprise Manager Agent Port (pterpdb02) = 3938
  What ports should we select for second listener and enterprise manager? Is there anything else that we need to know before we install the second instance?If you want a second database instance, no additional installation is required - as long as you want to run the second instance at the same version as the the first. Just fire up dbca and create the second database. One installation of Oracle (one ORACLE_HOME) is capable of supporting many database instances, though the same may or may not be said of the hardware it is running on.
  As already said, one listener is enough. One listener, running from one oracle home, using the default name of LISTENER, running on the defualt port of 1521, is quite capable of -- indeed, WAS DESIGNED TO, supporte multiple database instances of multiple versions running from multiple ORACLE_HOMEs.
  One instance of dbcontrol/dbconsole will support only one database. If you do not use Grid Control (extra installation, extra license) you will need to use the emca utility or one of the options in the dbca utility to configure a seperate instance of dbcontrol for each database. Don't worry about the ports, the creation utility will take care of it and report what it does.

• Read Only Display of Radio group and Text area with counter not working

  Hello,
  I am using Apex 3.2, with 10g for the database
  I have this form, with fields that will set to read only when status = 'closed'
  All of the fields display as read only except for 2. I cannot figure out why this is not working correctly.
  1st field is Issues that is a text area with character counter, with a sql query behind it, that is set to null unless the query is pulling in the data.
  2nd field is Status which is a radio group that will not display as read only when status = 'closed'
  I have other fields on the form with the same format and they change to read only when the status = 'closed', I have even copied the pl/sql expression from one field to these fields and it still doesn't work correctly. I have also tried javascript for an on load event, which works, but once I click on the save button, it disables all of the page items, which works correctly, but I purposely forget to enter information, to make sure the validations are firing correctly, which it does, but the script disables everything, not allowing me to correct the errors. The javascript is firing on the on page load event.
  Any help on this is greatly appreciated.
  Mary

  Dung,
  That API seems to have a bug, it returns true/false/null, so you could use 'return not nvl(htmldb_util.current_user_in_group(p_group_name => 'APP Admin'),false)' to get a false value.
  Unfortunately there's another problem: using the read-only attributes for checkbox or radiogroup item makes them hidden. My suggestion would be to create another item that has disabled="disabled" in the HTML Form Element attribute in the item definition and display that item or the non-disabled item alternately, using conditions based on the current_user_in_group logic.
  Scott

• How to set the read only property for dynamic ALV column

  Hi All,
  I have built one dynamiv ALV and I have one name column inside that ALV for which I have to set read only property based on two column fields that exist in the same ALV,say IS_SP and IS_CORP of type boolean.
  If any one of the flag is 'X',i have to make that name column as display only and
  If both flag are not set,it should be displayed as ediatable column.
  I have written one method as INIT_ALV which gets called when ALV is loaded.
  Code is as  follows:
    lr_column_settings ?= wd_this->alv_all_roles.
    lt_columns = lr_column_settings->get_columns( ).
  LOOP AT lt_columns INTO ls_column.
  CASE ls_column-id.
     WHEN <NAMECOLUMN>. "name column which should be editable/display
  Create Input Field
          CREATE OBJECT lr_uie_input_field_ro
            EXPORTING
              value_fieldname = ls_column-id.
       ls_column-r_column->set_cell_editor( lr_uie_input_field_ro ).
      After this,I have to set the read only property based on IS_SP and IS_CORP values,
            CALL METHOD lr_uie_input_field_ro->set_read_only_fieldname
            EXPORTING
              *value = 'IS_SP' or 'IS_CORP'
  ENDLOOP.
  I dont want to use cell variants also.
  Help me to achieve this.
  Thanks and Regards,
  Divya

  Divya - I have done it in the past following these documents. Please read it and try it it will work.
  Please read it in the following order since both are a continuation documents for the same purpose (it also contains how to change colors of row dynamically but I didnt do that part I just did the read_only part as your requirement) 
  http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/f0625002-596c-2b10-46af-91cb31b71393
  http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/d0155eb5-b6ce-2b10-3195-d9704982d69b?quicklink=index&overridelayout=true
  thanks!
  Jason PV

• Can we define users for both studio and integrator server

  Can someone please let me know how can we define users for both studio and integrator server so that the user can be used to view UI page but not modify it.I want to define user in studio which will access the Page but not modify it. And the user in integrator server should be able to view scheduled jobs.
  Thanks a lot.
  Regards,
  Amrit

  Amrit,
  Both Studio and Integrator Server support LDAP. See http://docs.oracle.com/cd/E35976_01/studio.240/eid_studio_users/toc.htm#Integrating%20with%20an%20LDAP%20System%20to%20Manage%20Users for details about implementing LDAP in Studio. For Integrator Server, see "LDAP Authentication", p. 38 (document pagination; p. 44 pdf file pagination) in the Integrator Server Guide (http://docs.oracle.com/cd/E35976_01/integrator.240/DataIntegratorServer.pdf).
  RLJII