Security - Hackers Getting Usernames from Open Directory

Similar Messages

• How did my pdf files get converted from 'open with Adobe Reader' to open with Adobe Acobat'?  And if I have a ''free'' Acrobat account why does it not open?  When I do click on the account it ask me to pay $89.99.  I never wanted Acrobat.  How can I get -

  How did my stored files get converted from 'open with Adobe READER' to 'open with Adobe ACROBAT'? How can I get them re-set to open with 'Adobe Reader'?
  Please reply to my e-mail:   [email protected]

  It sounds as if you downloaded Adobe Acrobat Pro. If you did, uninstall it. Then repair Adobe Reader.
  The free Acrobat account has no connection to any of this.

• How to get username from customer email id.

  Hi experts,
  How to get username from customer email id.I am using transaction XD02.
  I would be thankful for your kind replies .
  Regards,
  Sachin Hada

  Hi sachin,
  Re: Email id field
  Regards,
  Sravanthi

• How do I get info from Active Directory and use it in my web-applications?

  I borrowed a nice piece of code for JNDI hits against Active Directory from this website: http://www.sbfsbo.com/mike/JndiTutorial/
  I have altered it and am trying to use it to retrieve info from our Active Directory Server.
  I altered it to point to my domain, and I want to retrieve a person's full name(CN), e-mail address and their work location.
  I've looked at lots of examples, I've tried lots of things, but I'm really missing something. I'm new to Java, new to JNDI, new to LDAP, new to AD and new to Tomcat. Any help would be so appreciated.
  Thanks,
  To show you the code, and the error message, I've changed the actual names I used for connection.
  What am I not coding right? I get an error message like this:
  javax.naming.NameNotFoundException[LDAP error code 32 - 0000208D: nameErr DSID:03101c9 problem 2001 (no Object), data 0,best match of DC=mycomp, DC=isd, remaining name dc=mycomp, dc=isd
  [code]
  import java.util.Hashtable;
  import java.util.Enumeration;
  import javax.naming.*;
  import javax.naming.directory.*;
  public class JNDISearch2 {
  // initial context implementation
  public static String INITCTX = "com.sun.jndi.ldap.LdapCtxFactory";
  public static String MY_HOST = "ldap://99.999.9.9:389/dc=mycomp,dc=isd";
  public static String MGR_DN = "CN=connectionID,OU=CO,dc=mycomp,dc=isd";
  public static String MGR_PW = "connectionPassword";
  public static String MY_SEARCHBASE = "dc=mycomp,dc=isd";
  public static String MY_FILTER =
  "(&(objectClass=user)(sAMAccountName=usersignonname))";
  // Specify which attributes we are looking for
  public static String MY_ATTRS[] =
  { "cn", "telephoneNumber", "postalAddress", "mail" };
  public static void main(String args[]) {
  try { //----------------------------------------------------------        
  // Binding
  // Hashtable for environmental information
  Hashtable env = new Hashtable();
  // Specify which class to use for our JNDI Provider
  env.put(Context.INITIAL_CONTEXT_FACTORY, INITCTX);
  // Specify the host and port to use for directory service
  env.put(Context.PROVIDER_URL, MY_HOST);
  // Security Information
  env.put(Context.SECURITY_AUTHENTICATION, "simple");
  env.put(Context.SECURITY_PRINCIPAL, MGR_DN);
  env.put(Context.SECURITY_CREDENTIALS, MGR_PW);
  // Get a reference toa directory context
  DirContext ctx = new InitialDirContext(env);
  // Begin search
  // Specify the scope of the search
  SearchControls constraints = new SearchControls();
  constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
  // Perform the actual search
  // We give it a searchbase, a filter and the constraints
  // containing the scope of the search
  NamingEnumeration results = ctx.search(MY_SEARCHBASE, MY_FILTER, constraints);
  // Now step through the search results
  while (results != null && results.hasMore()) {
  SearchResult sr = (SearchResult) results.next();
  String dn = sr.getName() + ", " + MY_SEARCHBASE;
  System.out.println("Distinguished Name is " + dn);
  // Code for displaying attribute list
  Attributes ar = ctx.getAttributes(dn, MY_ATTRS);
  if (ar == null)
  // Has no attributes
  System.out.println("Entry " + dn);
  System.out.println(" has none of the specified attributes\n");
  else // Has some attributes
  // Determine the attributes in this record.
  for (int i = 0; i < MY_ATTRS.length; i++) {
  Attribute attr = ar.get(MY_ATTRS);
  if (attr != null) {
  System.out.println(MY_ATTRS[i] + ":");
  // Gather all values for the specified attribute.
  for (Enumeration vals = attr.getAll(); vals.hasMoreElements();) {
  System.out.println("\t" + vals.nextElement());
  // System.out.println ("\n");
  // End search
  } // end try
  catch (Exception e) {
  e.printStackTrace();
  System.exit(1);
  My JNDIRealm in Tomcat which actually does the initial authentication looks like this:(again, for security purposes, I've changed the access names and passwords, etc.)
  <Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"
  connectionURL="ldap://99.999.9.9:389"
  connectionName="CN=connectionId,OU=CO,dc=mycomp,dc=isd"
  connectionPassword="connectionPassword"
  referrals="follow"
  userBase="dc=mycomp,dc=isd"
  userSearch="(&(sAMAccountName={0})(objectClass=user))"
  userSubtree="true"
  roleBase="dc=mycomp, dc=isd"
  roleSearch="(uniqueMember={0})"
  rolename="cn"
  />
  I'd be so grateful for any help.
  Any suggestions about using the data from Active directory in web-application.
  Thanks.
  R.Vaughn

  By this time you probably have already solved this, but I think the problem is that the Search Base is relative to the attachment point specified with the PROVIDER_URL. Since you already specified "DC=mycomp,DC=isd" in that location, you merely want to set the search base to "". The error message is trying to tell you that it could only find half of the "DC=mycomp, DC=isd, DC=mycomp, DC=isd" that you specified for the search base.
  Hope that helps someone.
  Ken Gartner
  Quadrasis, Inc (We Unify Security, www -dot- quadrasis -dot- com)

• Error in getting Username from UserPrincipal in WSRP Producer

  Hi,
  In WSRP Producer,we are trying to get the the username from the UserPrincipal which was sent by the consumer.
  String userID = this.getRequest().getUserPrincipal().getName();
  I'm getting an Null pointer exception in one of the Producer but the same kind of code is working in other producer.
  The two producers are in different domains. And the Consumer is same for the both Producers.
  Could anybody help me to find out what went wrong. ?
  Thanks,
  Mohan

  Hello,
  It is likely that your two producers are configured differently for security (SAML). For the producer that isn't working, it is likely that you just need the proper entries in your key store to get it to work. Look at the key store for the producer that is working, and try to ensure the other producer is similarly configured.
  Kevin

• Web-Calendar component in Wiki get lost after Open Directory installation

  if I change my Lion Server to use opendirectory and not work in standalone mode, I lose the ability of the server for web-calendar for example at the wiki-webpage.
  servername/webcal
  The error-message tells me, the service calendar is deaktivated and I should activate it at Server App.
  But at Server App:
  a) iCal Service IS ACTIVE
  b) I find NO OPTION for activating the Web-Calender function under iCal like at the Mail-Service (one above) -> activate Webmail
  So, HOW I can BRING the web calendar component BACK TO MY WIKI?
  I wanted to use it in company, but now I not touch this "open directory activation" anymore, because I will lose. Without opendirectory the webcalendar working!
  I tried to find that function with Server - Admin, but this programm is much limited to what it was at the Snow Leopard Server and there I cannot select the iCal Service anymore. It's same with the new Airport Utility 6.0. Terrible reduced and I just installed back 5.6 and this is good working for my needs.

  I found the solution: Like with the PPTP-VPN problem it depends on the certificate. If you BUY an official public certificate (yes spend money for your Server more than the server price!), at once the Webcalender and the PPTP-VPN working!
  If in other way you fight through your selfsigned certificate problems and rebuild it, at once you will get all your problems again. So, not wonder why Apple at once mention in the help-line, that you need to buy a certificate. This, they mean true! You should support the certificate system of the new IPv6 and vanishing IPv4 world (I mean the IBM VeriSystem) for the new TRANSACTION orientated usage-fee-world. And not forget in this new Internet 2 world: E-Mail will become a service that get paid per transaction and 19% VAT tax (Germany) on top of it and 1 Cent communication tax (like the energy cent we pay today for each unit of energy source) for the EU. This, they realy plan to realize next years. So, why we wonder about this strange certificate issue it such transactions need be identified unique? In April in greater region Hannover-Braunschweig they will change the bankingcards for the new cashfree-system (GiroGo). And who wonders: cash-transfers will get transaction fees. They tell: Only 1 Cent / 5 Euro, only 2 Cent for 10 Euro, only 15 cent for 15 Euro. So, you understand what this new transaction and veriSigned world in real means? It is a change from a pocessing-free-world into a usage-fee-world. And you realy think that 2013 we still will speak from a banking crisis under such new conditions? They will get billions each day cash-transaction-fees. With NFC-iPhone 5 no problem (NCF -> look at Near field communications). The people will say: Oh, it's only 1, 2, 3 Cent but so practical not change money coins anymore. You will see how good this transaction usage-fee money-machine will work. And the EU will get billions transaction-communication-tax each day from the emails, there will be no discussion about Greek, Irland, Portugal, Spain (PIGS) ... economic-crisis anymore. You will see, such will happen! No banking crisis with Internet 2, no economic crisis with Internet 2. All will be solved by us, the people. Oh, our Merkel, when she come back from a G20 meeting already said: "We decided that each economic member and part need be 100% in focus in future and not uncontrolled anymore."
  If somebody more interested at this plan, you can watch this docu movie "one mainframe to rule the world" that describes deeper the issue of certification, identification, verification of people or things. The near world we drive directly into. And this certification system is ruled by whom?
  http://www.youtube.com/watch?v=uXTwS_T-CvM
  When I at least go to the Apple-Center I found the teacher with a Microsoft-T-Shirt of certification and wonderd very much. Than he told me, that the only groupware that is true for a good usage together with Apple is Exchange Server. And the more he told the more I wonder because he is Apple-Highgraded. But I not so much wonder anymore. Understand the game this companies play with us. It's a licence crisis and it can be described as: Microsoft is a the one end of the coordination system with x = price and y = pieces sold. Apple is exaclty at the opposite. Look what MS does, look what Apple does and at the end it's not difficult to see, that they moving to eachother to meet. And the missing 3d coordinate z in this new room is IBM with it's VeriSystem.
  So, a perfect xyz-combination for all giants.
  How Google, Linux ... matches inside this "new computer world order"?
  I will mention that much IT-professionals at the moment going to such new curses and explain that 2013 they will change all hardware to "certified hardware" that NEED BE used in businesses and for example Linux will not be part of this new "certified world".

• Getting username from an applet

  I'm writing a program (an applet) that needs to get the username from a windows 2000 platform. Is that possible? I guess I need to set a security policy-file... Can someone leed me on the right way?

  It would be possible in an application to just do this:
  String userName = System.getProperty("user.name");But for security reasons it can't be done like this in an applet.
  Some info about signing applets from here:
  http://forum.java.sun.com/thread.jsp?forum=63&thread=152882
  And if that doesn't help, you can search for some more resources at the forums and java.sun.com

• Get username from session and retrieve records from database wit tat userna

  hello..
  i got a ChangePassword.jsp which i retrieve the username from session using bean to display on e page..
  <jsp:getProperty name="UsernamePassword" property = "username"/>
  but in my servlet, i wan to retrieve records from database with tat username..
  i tot of coding
  String username = (String)request.getSession().getAttribute("UsernamePassword");
  and then use tat username to retrieve records.. but is that e right way? The page did not display and i got a CastingException..
  Please help.

  If you are using the session inside a jsp, you can say "session" without having to declare it.String usernamePassword = (String) session.getAttribute("usernamePassword");However, right after you get this value, check if it is null:
  if(usernamePassword==null)
  // do sth like forward to error page
  else
  // continue processing
  If it is null, then you are probably not setting it right in the first place. Make sure that in your servlet A you create a session, and before you return or forward to a jsp, that you actually set this value in the session like saying
  session.setAttribute("usernamePassword", usernamePassword);
  and it is case sensitive for the key.

• Wrong UID from open directory server

  I have a problem with a mac OSX server
  I have an open directory server A, that shares all users to every other server i have.
  I then have 2 mac OSX servers B and C, that it set up to allow network users. I can easily login with a open directory user, on both servers, but I have a problem. on server B it says the users user id is 1050, which is correct. On server C it says that the same users user id is 1000, which is wrong. Both server set ups are identical, as far as I know. On the Open Directory server A the users id for the user is also 1050, in case that is relevant.
  I have checked if server C has a local user with the same name, but htat is not the case.
  Any idea what might have caused this problem?

  bump

• How to get filename from selected directory

  Helle experts,
  I've a string variable from a directory with following content:
  G:\SAP_R3_MRSS\SAP_MRS\FAVORIT.PDF
  now I just want to select the filename, in this case FAVORIT.TXT
  How can I do this ? The directory/filename may vary.
  Some ideas ?
  Thanks
  Gerd

  Eric's split is probably the best way, but if you need a way to break the path into drive, path, and file, you could use a standard, well-used regular expression:
  PROGRAM zzfile.
  DATA:
     g_regex     TYPE string VALUE '\b((?#drive)[a-z]):\\((?#folder)[^/:*?"<>|\r\n]*\\)?((?#file)[^\\/:*?"<>|\r\n]*)',
     g_path_file TYPE string VALUE 'G:\SAP_R3_MRSS\SAP_MRS\FAVORIT.PDF',
     g_drive     TYPE string,
     g_path      TYPE string,
     g_file      TYPE string.
  FIND FIRST OCCURRENCE OF REGEX g_regex IN g_path_file SUBMATCHES g_drive g_path g_file IGNORING CASE.
  IF sy-subrc = 0.
  *  WRITE g_drive.
  *  WRITE g_path.
    WRITE g_file.
  ENDIF.

• Web application security. Getting username and password from database

  Hi!
  I need to write the following web application (I write it using java server faces):
  1) User enters his username/password on the login page
  2) Program goes to database where there are tens of thousands of usernames/passwords, and verifies it.
  3) If user and password exist in DB, user gets access to the other pages of the application
  Maybe I don't understand some point. I tried to use j_security_check(it's very easy to configure secured pages in web.xmp). The problem is that it works(as far as I understand) only with roles defined on server before the application runs. I can't add ALL these usernames to the roles on server. The best way, as I see it, is to go to DB, check username/password, create new role for the time of session, go to j_security_check where the j_username and j_password get the values from db and get the access to secured pages(as far as the roles have been dinamically added).
  Am I right and this should be the algorithm?
  How can I implement it?
  I've read about JAAS. How can it help to solve the problem? Do I need j_security_check if I use JAAS? How should I configure my application if I use it?
  Could you please give me some code example?
  All this must work on IIS (for now, I develope it in Netbeans and run it on Java Application Server)
  Please help.
  Edited by: nemaria on Jul 7, 2008 2:39 AM

  Hi,
  Any security constrained url pattern which calls the action j_security_check passes the parameter to the realm mentioned in the server.xml.If the realm is set as JAAS,then the authenticate method of the jaasrealm does the basic validation like non empty field value from the input form.The appname set as the realm parameter points to the one or more loginmodules which has the life cycle methods like initialize(...),login(),commit(),abort() and logout().Once the basic validation is done in the JaasRealm class of the webcontainer,the LoginContext is created and user is autheticated (against DB username/password) via the login().Then the user is authourised in the commit().Then Jaasrealm takes care of creating the LoginContext,calling login(),creating Subject with principals,credentials added and setting that in the session.
  I have a big trouble in accessing the HttpServletRequest object in the LoginModules.i.e getting the j_username and j_password in the LoginModules or in the CallBackHandlers.PolicyContext doesn't work for me.Is there any other way?
  Regards,
  Ganesh

• When I try to open the downloaded file, a security warning restricts me from opening the file.

  I have the new Motorola Bravo which is on the Android 2.1 system. When I try to open the downloaded file, a warning appears saying "This application comes from an unknown source, and for your security only applications from trusted sources can be installed". Is the download corrupt? I would think not, but I am very confused.

  Unfortunately, AT&T disables the ability for its Android phones to install applications that aren't distributed through the Android Market.
  If this phone is not AT&T-branded, then you might be able to enable "Non-Market sources" in the "Applications" section of the Settings app.
  If it is, then you might be able to use the Android developer tool "adb" to install Firefox on your phone (search the web for instructions), or you can wait for our next beta release which should be available through the Market later this month.

• How to get username from Form-based login

  I am using form-based login in my web.xml file.
  When I attempt to access a protected .jsp page, I get sent to my login page as expected.
  When I enter my username/password successfully it forwards me to the .jsp page I was trying to go to, as expected.
  From that .jsp page, how do I get the username/password info from the login form? I looked at the session attributes, request attributes, and request parameters, but I don't see anything. Does the form-based authentication remove these variables?
  I need the username that is filled out in the login form, so that I can do custom work with it. I cannot ask the user for it again after they login, as that is inefficient and sloppy.

  Found it.
  request.getUserPrincipal().getName()

• How to get username from AssignedTo item using Powershell with CSOM?

  Hi all:
  I have a Powershel script with CSOM to extract some information from a list in SP2010, however I can’t get the user name associated to the field ‘AssignedTo’. It seems that in order to extract information from this field you need to use ‘Microsoft.SharePoint.Client.FieldLookupValue’
  however I don’t know how to do that with Powershell.
  Thank you very much for your help
  Regards

  Hi Jaydeep:
  The sentence "New-Object Microsoft.SharePoint.SPFieldUserValue" failed, however, I just added this to get the User Name:
  $item["AssignedTo"].lookupvalue
  I don't know if it is the best solution but it shows the UserName.
  Thank you very much
  Regards
  Carlos Negroni

• How to get username from audible account if one is associated with the store account

  So, I noticed, while de-authorizing a previous computer of an itunes store account, that an audible account was available for deauthorization as well.  I never authorized an audible account, and I'm not getting any help from apple about retaining a username if you never created one.  shady

  Have you ever had an account with audible.com ? If not then you won't have one to deauthorise - the option to deauthorise one shows in the Advanced menu on my iTunes, even though I haven't currently got one authorised on it. If you have got an audible account and you have authorised it on that computer then Apple won't know what it is, as the account would be with audible.com, not Apple.