Retrieving User Details from OID: Portal 10.1.2

Similar Messages

• Retriving user details from user rofile in portal database

  HI all,
  any one knows how to retrive user details from user rpofile in portal database. I am using webdynpro appliction.Please reply.
  Thank you
  Maruthi

  Hi maruti Rao ,
  All Gives U gud Idea..here i give u some brief procedure.First of all u need to add 2 jar file in ur project structure for proper working of "com.sap.security.api.IUser" Interface. After that for retriving Users data Stored on LDAP Server.
  If you are using an LDAP directory as a data source for your user-related data, the ‘logical’ attribute names used by the Java application programming interface (API) of SAP User Management Engine (UME) must be mapped to the ‘physical’ attribute names used in the schema of your corporate LDAP directory.
  Example Data-Source File is as Below From Where U can Get All The Information of Logged user...
  <dataSources>
  <dataSource id="CORP_LDAP"
      className="com.sap.security.core.persistence.datasource.imp.LDAPPersistence"
      isReadonly="false"
      isPrimary="true">
    <responsibleFor>
      <principal type="account">
      </principal>
      <principal type="user">
        <nameSpaces>
          <nameSpace name="com.sap.security.core.usermanagement">
            <attributes>
              <attribute name="firstname" populateInitially="true"/>
              <attribute name="displayname" populateInitially="true"/>
              <attribute name="lastname" populateInitially="true"/>
              <attribute name="fax"/>
              <attribute name="email"/>
              <attribute name="title"/>
              <attribute name="department"/>
              <attribute name="description"/>
              <attribute name="mobile"/>
              <attribute name="telephone"/>
              <attribute name="streetaddress"/>
              <attribute name="uniquename" populateInitially="true"/>
            </attributes>
          </nameSpace>
        </nameSpaces>
      </principal>
        <principal type="group">
        </principal>
    </responsibleFor>
    <attributeMapping>
      <principals>
        <principal type="account">
        </principal>
        <principal type="user">
          <nameSpaces>
            <nameSpace name="com.sap.security.core.usermanagement">
              <attributes>
                <attribute name="firstname">
                  <physicalAttribute name="givenname"/>
                </attribute>
                <attribute name="displayname">
                  <physicalAttribute name="displayname"/>
                </attribute>
                <attribute name="lastname">
                  <physicalAttribute name="sn"/>
                </attribute>
                <attribute name="fax">
                  <physicalAttribute name="facsimiletelephonenumber"/>
                </attribute>
                <attribute name="uniquename">
                  <physicalAttribute name="uid"/>
                </attribute>
                <attribute name="loginid">
                  <physicalAttribute name="null"/>
                </attribute>
                <attribute name="email">
                  <physicalAttribute name="mail"/>
                </attribute>
                <attribute name="mobile">
                  <physicalAttribute name="mobile"/>
                </attribute>
                <attribute name="telephone">
                  <physicalAttribute name="telephonenumber"/>
                </attribute>
                <attribute name="department">
                  <physicalAttribute name="ou"/>
                </attribute>
                <attribute name="description">
                  <physicalAttribute name="description"/>
                </attribute>
                <attribute name="streetadress">
                  <physicalAttribute name="postaladdress"/>
                </attribute>
                <attribute name="pobox">
                  <physicalAttribute name="postofficebox"/>
                </attribute>
                <attribute name="preferredlanguage">
                  <physicalAttribute name="preferredlanguage"/>
                </attribute>
              </attributes>
            </nameSpace>
          </nameSpaces>
        </principal>
        <principal type="group">
        </principal>
      </principals>
    </attributeMapping>
  </dataSources>
  regard's
  Dheerendra Shukla

• User details change on portal

  Hello experts, for some odd reason I have been unable to change user details on portal recently. I am getting the following error: "A problem has occurred in the persistency. The original message was: BAPI_USER_CHANGE@BWPCLNT500: ID=01, NUMBER=492, MESSAGE=You are not authorized to change users in group".
  I do have administrator roles and everything, and I used to be able to change user details (like e-mail and language). What I do not understand is why this suddenly stopped working, as it was working before (the funny thing is that even with the default administrator user from Portal it is not possible to change user details anymore). Still, how can I solve this problem? We are using EP 7.0 and another SAP system (ABAP) for user management. I am not in charge of the ABAP system, though I do have access to several transactions in there. I tried looking for the "BAPI_USER_CHANGE" thing, but I could not find it. Is that a role or something I need to assign to my user?

  Hi, thanks for the answers. I checked the roles of user SAPJSF. He has SAP_BC_FP_ICF, SAP_J2EE_ADMIN and he previously had SAP_BC_JSF_COMMUNICATION_RO, but I changed it for SAP_BC_JSF_COMMUNICTION. However, once I restarted the Web AS, there was no communication between our backend system and the portal (checking the logs, I found the error "#1#com.sap.mw.jco.JCO$Exception: (103) RFC_ERROR_LOGON_FAILURE: User SAPJSF has no RFC authorization for function group SYST." Therefore I added the role SAP_BC_JSF_COMMUNICATION_RO role, without taking out the other one, and restarted the server. There is now communication between the backend system and the portal, but I still cannot change user details from within the portal.
  Any other ideas?

• How to retrieve user name from a given Subject?

  I am in a situation where I need to retrieve user name from the Subject that is populated when user logs in. I have the active Subject and I do following to get the principals in the subject and iterate through them:
  Set principals = subject.getPrincipals();
  Iterator ite = principals.iterator();
  while (ite.hasNext()) {
  Principal prin = (Principal)ite.next();
  String name = prin.getName();
  But this contains all the principals, including user name, roles, password, etc. How do I programmatically determine which one is user name?

  Don't you have different principal types? I am making a jaas module and I have different principals for roles, groups etc. I think of principals as attributes, the type in the attribute name and the principal name is the attribute value.
  To get all the principals of the type SomePrincipal, you can use:
  Set principals = subject.getPrincipals(SomePrincipal.class)
  You can also take som principal an test wether it is an instance of som type:
  if (Principal p instanceof SomePrincipal){..}
  An other solution which might be better if you have many different attributes is to store both attribute name and value in the name of the principal.
  If "mark" is a username the principal name will be "username:mark" el.
  Then it will be easy to find the username.

• Problem with updating Passport details from ESS portal

  HI Experts,
  Some of my employees were unable to input passport details from ESS portal -own data.
  Employee who belong to south korea are getting the problem.
  Even though we fill every field,system is showing an error that "" Fill in all required entry fields ""
  In spro...we maintained country grouping as 41 and IT 0185 and subtype and we use rthe case B2 in speciy use case and activity subtypes.
  Another thing,when we update data in 0185IT by R/3 by backend it is not showing up the details in ESS.
  Could you please give me an idea to resolve the problem.
  Regards,
  Sairam.

  Hi Experts,
  No details were maintained in the table V_T588MFPROPC  for this infotype.
  Employee with other country grouping were able to up-date passport details in portal.
  Where as south korea employees are not able to update the passport details.
  For south korea employees..they have to  update  passport details with sutype 01 in ESS portal.
  Even though we fill  all the details it is showing fill in all required entries.
  In table V_T588MFPROPS..no details were maintained for version  41.
  In portal we have to maintain..ICNUM,ICOLD,AUTH1,FPDAT,EXPID,ISSPL,ISCOT,IDCOT.
  In r/3(by backend) we can maintain all these details including  ID TYPE(ictyp).We have only one subtype(passport) in 0185 for this south korea.What details shall we need to maintain for version 41.
  Please let me know,why system is showing error even we maintain all the details.
  Please advice.
  Sairam.

• Get user details from OIM User From based on Last modified time stamp

  Hi Gurus,
  I have a requirement that i want user details from OIM(11gr1) User form based on some time stamp.
  suppose my time stamp is 201401011130.
  And i changed one user in user form at 201401011200 (let sau user name is mahesh)
  now when i run the java code based on the time stamp i want mahesh details. How can i do this.
  Please let me know.
  Regards
  Mahesh

  This is how you can run sql query.
  String query="write sql query";
  Connection con=Platform.getOperationalDS().getConnection();
  Statement st=con.prepareStatement(query);    // PreparedStatement is preferable instead of Statement
  ResultSet rs=st.executeQuery();
  while(rs.next())
  String userlogin =rs.String("usr_login");

• Where does apex get user details from for login in

  sorry for this stupid question. I have been looking up in google "where does apex get user details from for login in" and nothing answers my question. Basically I wanted to know when you log in your application how does apex know you have access to this application. How does it know you are a valid user because I am creating an application which basically checks if a user exist in one database and also checks if he/she exist in the second database.
  Thanks you and sorry if this is very newbie

  In the page 101 which is the login in page in the login in process. I have this in the source its not working in term of it is not letting me login in anymore even though I exist in the user table.
  DECLARE
  v_access_level number;
  BEGIN
  SELECT count(*)INTO
  v_access_level
  FROM USER
  WHERE UPPER(USER_NAME) = UPPER(:APP_USER);
  IF NVL(v_access_level, 0) !=0 THEN
  wwv_flow_custom_auth_std.login(
      P_UNAME       => :P101_USERNAME,
      P_PASSWORD    => :P101_PASSWORD,
      P_SESSION_ID  => v('APP_SESSION'),
      P_FLOW_PAGE   => :APP_ID||':9'
  ELSE
  wwv_flow_custom_auth_std.login(
      P_UNAME       => :P101_USERNAME,
      P_PASSWORD    => 'YtYuTrFRd',
      P_SESSION_ID  => v('APP_SESSION'),
      P_FLOW_PAGE   => :APP_ID||':9'
  END IF;
  end;
  please bare in mind that my USER table DOES NOT have a password because the authentication scheme as all the details of login in to any systems. I am only trying to check if the username exist in my USER table.
  Thanks

• Retrieving User details

  Hi,
  I am using the wwsec_api.person_info function passing in a user id to retrieve a portal users details. I am able to retrieve details such as first name, last name , email address. I need to get the 'Department' that the user is in but can't seem to retrieve this. An ideas on how to do this?
  Also within portal, if i edit a users details and put entries into telephone, department, first name etc and then look in the view wwsec_person, none of these details are recorded against the specific user. Is this normal?
  Any help would be appriecated.

  These are all stored within the LDAP. You can use dbms_ldap calls to retrieve them, or select from the ODS.DS_ATTRSTORE table directly where attname is the attribute you are looking for.

• How to get the User Details inoformation in portal?

  I had defined the user informations in "Portal User Details". But i don't know how to get it and what the user table is?
  for example: How to get the email address of user i have defined in portals?
  Tank you very much!
  Ghia Liu
  Genesyslogic.com.tw

  You would use the portal API's for this, there is one named wwsec_api.person_info that returns a record with the specified user's information, such as first name, lsat name, email, telephone, etc - a pretty long list. With release 2 of portal the data is no longer stored in the wwsec_person$ table as it was in release 1 so use the API (which actually is how I would normally do it in release 1 as well).
  To get more documentation on portal API's go to: http://portalstudio.oracle.com/pls/ops/docs/FOLDER/COMMUNITY/PDK/plsql/doc/astart.htm
  Hope that this helps you - enjoy the day!
  Art

• Retrieving user data from Directory Server using java code

  Can anyone send java code to bind to directory server and retrieve the user information from server instance.

  To CRabel,
  My company have restriction on using the open sources product/code, but i will take a look on netscape ldap sdk as a reference~
  To raghu1978 ,
  i find a product call Directory Editor 1 2005Q1, I hope it is useful.
  thz all~

• Transferring user definition from one portal to other portal

  Hi,
  I defined lots of user in test portal. I want to transfer user definition to prod.portal.
  How can i do that?
  Thanks.

  Export your users/groups to a text file from your source portal and import using import tool under user admin
  in dest portal.
  Rgds

• Pull User details from Oracle Table (TSS)  to OIM

  Hi
  I am learning OIM so, please excuse if this is a silly question.
  I have created a Generic Technology Connector to connect to a user table in oracle database with correct parameters and the GTC was successful. I have done the field mapping between the source table - reconcilation staging and OIM.
  Now that I want to see the sample user details that I have stored in the oracle user table from the OIM.
  I have assumed that this oracle user table is the Trusted Source System and I have to pull the data from this table to OIM.
  So, after creating the connector, what is the next step i need to do so that I see these sample users in the OIM.
  I appreciate any help / directions.
  Thanks
  Sriram

  Hi,
  You have to do following:
  1.Run the GTC schedule task.
  2.Go to reconciliation manager and see if reconciliation event is getting generated and event is getting linked.
  3.When reconciliation is finished just go to web console.Users->Manage->Search
  Please let me know if you have any follow up questions
  Regards
  Nitesh

• Retrieving user detail, group name for all users

  Hi,
  How can I retrieve User name, email, authentication, user group name
  for all users using SDK.
  It is possible to create this report in webi or CR?
  Thank you for reply,
  Gregor

  Use the following code to retrieve this information:
  IInfoObjects users = oInfoStore.query("select * from ci_systemobjects where si_kind='user'");
  for (int i=0; i<users.size(); i++)
           IUser user = (IUser)users.get(i);
           // user.getTitle(); for user name
           // user.getFullName(); for user's full name
           //  user.getEmailAddress(); for user's email address
           //  for authentication type:
           IUserAliases alises = user.getAliases();
           for(int j=0; j<aliases.size();j++)
                     IUserAlias alias = alises.get(j);
                     // alias.getAuthentication() for authentication associated with this alias, since same user can have more than 1 authentication. e.g. Enterprise and Ldap.
           // for user group memberships:
           java.util.Set groups = user.getGroups();        
           // the groups Set object will contain SI_ID of all the user groups that this uses is member of. You need to query by the SI_ID of the usergroup to get the group names.
  //  e.g.
  //    oInfoStore.query("select si_id, si_name from ci_systemobjects where si_kind='usergroup' and si_id in (a,b,c....)");
  where a,b,c are the SI_IDs of the usergroups.
  To create a report based on the above fetched data, there are several methods such as:
  you can use Java resultset where in you create the report structure in designer and push the data at runtime using java result set objects. Another way is to push this info in Excel or Access and design your report based on that excel\access.

• CM User authentication from OID

  Folks,
  I like to authenticate users from OID.
  That being the case, when I add users from the cm admin interface, would it add the users both in the cm schema tables and also in the OID, or just in OID?
  Conversely, if add users into OID using say some ldap client, will the users show up on the cmsdk admin screen?
  In case the user entries must be duplicated in both schema and OID, what is an elegant way to sync both? Can someone give any pointers to any available literature or samples in this regard?
  Thanks in advance,
  Bala.

  Hi
  If you are using 10g then you can use the OID Credential Manager Agent. Have a look in Appendix C of the CMSDK 10g Adminstrators guide.
  Regards

• ISE and 802.1x - Retrieve User Cert from AD for Auth without it being in the Personal Store?

  Hello,
  We are implementing 802.1x EAP-TLS wired at the moment with Cisco ISE, and wireless is to come after that, along with our internal PKI.  I set up the PKI, and our network engineer is setting up the ISE.  We currently have it set to first authenticate the computers with a computer certificate (allowing access to AD, among some other things), and then further authenticate the users with user certificates.
  I don't have much knowledge of Cisco ISE, and plan to learn as we go, but I'm wondering:
  Is it possible to authenticate the computer via the computer certificate, getting access to AD, and then have the ISE check AD for the User certificate INSTEAD of the User certificate being in the local Personal store of the client computer?  We have autoenrollment going for user certificates, but it seems to be cumbersome (in thought) that once 802.1x is enabled, a new computer/employee coming on the network has to first go to an unauthenticated port to be able to download the User certificate in the Personal store, before then being able to use an 802.1x port?
  I guess that makes two questions:
  1) Can ISE pull the user cert from AD, without needing it in the local Personal store?
  2) What's the easiest way to handle new computers/users that don't already have the User cert in their local Personal store once 802.1x is enabled?

  1)No
  2)Use EAP-Chaining with EAP-TLS and PEAP
  For this scenario, i would go with Cisco AnyConnect NAM, and then use EAP-Chaining, with EAP-TLS for machine auth, and then PEAP for user authentication. This way you can make sure that both the machine and the user is authenticated, and more importantly, that a user can not get on the network with their user identity only and no machine identity. Using windows own supplicant for this, gives no garantee that the user has logged in from an authenticated machine. The feature that used to be used for this before EAP-Chaining was introduced, is called MAR, and has many problems, making it almost useless in a corporate environment. Security wise, the PEAP-MSCHAPV2 is tunneled in EAP-FAST and does not have the same security issues as regular PEAP.