Single amserver.war force to store users in LDAP

Hello everyone!
I've installed Sun Directory Server EE, and now am trying to install Access Manager 7.1u1 as a single war (Solaris 10 x86). I am following steps as described here http://developers.sun.com/identity/reference/techart/install.html . But even if I provide correct ldap connection info on /amserver/configurator.jsp , AM still stores users not in LDAP. After configuration AM login page says that "This server uses Data Store Authentication". There are no user records in ldap.
So, how can I force AM to use LDAP as primary users datastore?
This is needed by PS7.2 installer that searches specific users in ldap (amldapuser maybe), does not find them and exits.

Hi,
That's quite easy. you change the type of data store from the Sun Access Manager console.
Follow these steps:
1. Login in to Sun Access Manager Console-> under your subrealm.
2. delete the default data store.
3. configure your datastore i.e., your ldap.
4. Create a new authentication module of type LDAP from Authentication tab under your subrealmand specify your datastore in it.
5. Modify authentication chain from Authentication tab to point to newly created authentication module.
6. save the changes & Restart the Sun Access Manager.
I am sure after this configuration AM login page will says that "This server uses LDAP Authentication".
Let me know if you need more help.
Cheerio
Sunny

Similar Messages

  • Can my wife use her iPad to get access to my music via iTunes Match and still retain her iTunes store user id?

    my wife has a new iPad and iPad Store user ID.  I have a seperate iTunes store user id and subscribe to iTunes Match.  All my music is now in the "cloud".  Can my wife get access to my music via match and still retain her iTunes store user id? 
    The only way I seem to be able to get Match to work on her iPad is if she uses both my iCloud user ID and my iStore user ID.

    Essentially I have the same problem.  My spouse and I have a shared music collection on 1 computer.  We've used different id's for our various devices for years.  Currently we both use iPad minis iPhones and AppleTV.  I have iTunes Match on my account.  Recently we haven't been able to access songs bought or downloaded by the other id.  iTunes says that the computer is associated with another id.  In fact we have 1 song that didn't finish downloading when an album was bought on my spouses account while the rest of the album is there.  My suspicion is that I will need to go down to a shared id when we buy our new MacBook Pro for Boxing Day.  But, if we do that are we able to have separate calendars and passbooks and other features?  Is there another option?  I'm willing to stop using iTunes Match if necessary.

  • I'm signed in to my account on my macbook air's apple store, but when I try to update any apps, it has a locked in apple store user which is not mine, any help removing this?

    I'm signed in to my account on my macbook air's apple store, but when I try to update any apps, it has a locked in apple store user which is not mine. I have no idea where this user came from, but I need to update my apps and get this user off my computer. The users email is locked, it is grey in colour and I can not get it off. I've tried my system settings and the app store, logging in does not change the fact that there is a strange email there. I need help, please! I don't know if this is a hack or what, I brought my computer into the shop to get some work done so it may be their account, I just need the account removed.

    You installed a hacked app, originally from the Mac App Store. It contains the receipt for a different app, downloaded using an account that you don't control. You need to identify and remove the hacked app.
    Important: The app you need to remove is not necessarily the one named in the App Store alert. For example, the App Store may prompt you to update "Angry Birds" or "Twitter," but the hacked app may be something else entirely. Don't make any assumptions about which app you're looking for. To find it, you must carry out a systematic search with Spotlight.
    Triple-click anywhere in the line of text below on this page to select it:
    kMDItemAppStoreHasReceipt=1
    Copy the selected text to the Clipboard by pressing the key combination command-C.
    In the Finder, press command-F to open a search window, or select
    File ▹ Find
    from the menu bar. In the search window, select
    Search: This Mac
    from the row of tokens below the toolbar. Below that is a popup menu of search criteria, initially showing Kind. From that menu, select
    Other...
    A sheet will drop down. In that sheet, select
    Raw Query
    as the criterion, then click OK or press return.
    Now there will be a text box to the right of the menu of search criteria. That's where you enter the raw search query. Click in that box and paste the text you copied earlier by pressing command-V.
    The search window will now show all the App Store products that are installed. Compare those search results with the list of your purchases from the App Store. To see the complete list, you may need to unhide hidden purchases. If any apps were download from the App Store using other Apple ID accounts that you control, sign in to the store under each of those ID's and check the purchases.
    At least one of the apps in the Spotlight search results is not among your purchases in the App Store. Move each such item to the Trash, after quitting it if it's running. You may be prompted for your administrator password. Empty the Trash.
    Quit and relaunch the App Store. Test.

  • Where does Designer stores user defined custom colors?

    Hi,
    Everytime I restart Designer, all my custom colors are reset to white. Which is pretty annoying. So I want to export them to a file at least.
    I figured, that user defined custom colors in Windows are stored in the Registry in:
    [HKEY_CURRENT_USER\Control Panel\Custom Colors]
    or alternatively in:
    [HKEY_USERS\.DEFAULT\Control Panel\Colors]
    But apparently they are not. Changes made to the custom color palette in Designer are not stored in the registry. Those values still remain FFFFFF.
    Does anyone know, where Designer stores user defined custom colors? Is there a 'secret' undocumented .ini-file I missed?
    Regards,
    Steve

    Does anyone know where the information added by Java reside?Essentially, in the directory.
    Is there any way to query this information using VC++ dll or some other way?Yes, there are operating system APIs for it. That's how Java does it.
    Does anyone know which windows dll or classes are used by Java to add these custom attributes
    I tried lot by digging into code by decompiling java NIO classes but could not get it.I would try looking up the Windows API myself.

  • Store user preferences accessible from view layer and ADF BC

    Hi
    I'm working with JDeveloper 11.1.2.1
    We have an application with an application-level shared application module which contains VOs with bind variables to generate language dependent LOVs. From these VOs have to access the language.
    We want to store user language and other user preferences in the future and these can be accessed by the view layer and ADF BC.
    In addition, we want that application will be passivation safe and works properly in a cluster environment.
    At first we opted to save the language in the HTTP session, but we access it from ADF BC ... and we would not want to break the MVC pattern. This article
       Andrejus Baranovskis's Blog: Bad Practice for Session Scope Access in ADF BC
    says that the MVC pattern only breaks when our application module can not be executed without the UI. We differentiate when run individually and when run as a logged in user to avoid this rupture. ¿Is this acceptable solution?
    Otherwise, what is the best option to preserve the MVC pattern and also the passivation does not affect the proper execution of the application and not cause problems in the cluster (HTTP sessions are replicated, but the rest?)
    I have seen that there are 2 more possible methods :
    - Transient View Object
    - User data map
    The user data map discussed in this article seems an option,
       Andrejus Baranovskis's Blog: Solution for Sharing Global User Data in ADF BC
    but perhaps complicates the development and I don't know if shared application module would work properly. For example, we need the language of the user in the application-level shared application module VOs, but the user data map is available only in the session of the root application module no? If we have a method that gets the language within the shared application module, ¿when the method getSession.getUserData() execute, it will access the user data in the root application module or return null?
    If you could tell us if we are correct using the HTTP session or else it is better that we use the user data map, it would be a great help.
    Thanks

    Hi,
    this sounds like something that belongs in your Application Module. I would create a client method which would do your LDAP checks before calling your view object to create a new row. Have the client method return the result based on the success of your LDAP search.
    Call this AM client method from the backing bean of the JSP and return a page flow based on the outcome of your client method.
    The actual transaction with the database happens in your doDML method of the Entity Object (override the doDML method). But I would still implement this business logic in the AM.
    regards,
    Brenden

  • Regarding Can we store User Selected values in prompts

    Please help us in achieving the below requirement.
    Requirement is to store User Selected values in prompts when the report is opened by a User for the first time and make use of those values to refresh the report next time onwards.
    1.Can this be achieved in WebI ?
    2.If it is thru SDK(we use Java), any experience/help in doing this ?
    Environment : BO XI 3.1 with SAP BW Integration

    Hi ,
    If you dont want data to be displayed in this report for this two values , then exclude this two values when you restrcit your characteristic to the variable.
    If you want not to display this values when user opens help for entering the values where he can see all the possible values for selection for the variable, then it wont be possible.
    Hope this will help.
    - Jaimin

  • I want to store my EP users in LDAP

    Hello:
         Everyone!
         I want to store my EP users in LDAP
         I know the main two steps:
            1 Configuring EP UME to Use an LDAP Server as Data Source
             2 keep the consistent with users in R3 and LDAP
    Pleast someone give me a good idea!

    Hi Le Xian
    The user management engine (UME) can use an LDAP directory as its data source for user management data. You can connect the LDAP directory as a read-only data source or as a writeable data source.
    Check out this Thread..
    [Re: What is Portal Ldap Directory]
    Also Start from Basics....
    [http://help.sap.com/saphelp_nw70/helpdata/en/48/d1d13f7fb44c21e10000000a1550b0/frameset.htm]
    & [http://help.sap.com/saphelp_nw70/helpdata/en/63/14f5b51a6eff429f2d8b2063400e82/frameset.htm]
    Thanks....

  • How to assign single responsibity to all the applications user?

    how to assign single responsibity to all the applications user?
    Thanks in advance

    Use FND_USER_PKG.AddResp
    How to use FND_USER_PKG.AddResp
    Re: How to use FND_USER_PKG.AddResp
    single responsibility to all users
    Re: single responsibility to all users

  • Distribution area affected by "force run as user"?

    Hi.
    Still using ZDM 7 for the moment.
    I have an AO which:
    - Workstation associated.
    - Distributes some registry keys (Distribution Tab).
    - Copies files locally (Distribution Tab).
    - Runs the files that were copied (Run Tab, Secure System User).
    - Deletes the files (Termination Launch Script).
    There are problems!
    First of all, we are now using Microsoft file server, and the workstations do not have rights to this area (and cannot currently get rights - addressing this in another thread).
    The file copy fails if I do not enable the "force run as user if workstation associated", but this is expected since the WS doesn't have rights to copy the files from the share. However, if I enable the "force run as user", the file copy works but the registry keys fail since the user running the AO is a restricted user.
    Also, if I tick the "run in WS security space", and click apply ... the selection is cleared - the check box never remains on.
    If I associate by user, then everything works fine.
    It's as if the entire distribution section runs as user if the "force run as user" is associated. I don't really want to associate by user - I would prefer WS as this only needs to be run once per WS.
    Any advice on this?
    I presume the distribution section should not behave in this way?
    I have created new AOs to see if these problems persist and they do!
    Please let me know if you need more info.
    Thanks!

    Originally Posted by craig_wilson
    That does not sound like proper behavior.
    What agent version are you running?
    >
    > If I associate by user, then everything works fine.
    > It's as if the entire distribution section runs as user if the "force
    > run as user" is associated. I don't really want to associate by user - I
    > would prefer WS as this only needs to be run once per WS.
    Craig Wilson - MCNE, MCSE, CCNA
    Novell Knowledge Partner
    Novell does not officially monitor these forums.
    Suggestions/Opinions/Statements made by me are solely my own.
    These thoughts may not be shared by either Novell or any rational human.
    7.0.1.0 - have been running this for some time.
    I'm presuming you will say upgrade :)

  • Reset Ovi Store User Settings

    I wonder if there's a workaround to delete the Ovi Store user settings (a specific folder maybe)? I tried to uninstall and reinstall Ovi Store but my settings do not get deleted (ie. my username is still stored).
    Thanks for your help 

    @deadprincess
    Unfortunately upon N8 at least irrespective of whether device "hard reset" or firmware re-flashed the username of the first user continues to popup requesting confirmation!
    Happy to have helped forum with a Support Ratio = 42.5

  • Forced reauthentication following user change on 802.1x

    We have a test 802.1x setup for wired network using IAS and Cat3550. We are using PEAP and assign different VLAN for machine account and user account via radius server and we are having issues with VLAN switching between the two accounts. The correct VLAN is assigned depending on machine is authenticated and when users are authenticated, the problem is the timing from one account to the other.
    Let's say a Windows XP machine boots up and authenticates as machine and is assigned VLAN 100. Once a user logs on to the machine with his/her account based on radius policy he/she should be moved to VLAN 200. However, this does not happen right away. It waits for reauthentication timeout and then assigns the correct VLAN. Happens the same when user logs out. It waits for reauthentication timeout and then logs in as machine account and assigns VLAN 100 back to the port.
    I have applied MS KB826942 patch and the host seems to renew the IP as soon as it detects VLAN change. But it seems to wait around for reauthentication from the switch. Anyone know how to force reauthentication once user changes?

    802.1x is out of the way for you once 802.1x has authorized a switch port. Hence, 802.1x doesn't do anything else (until re-auth kicks is if you have it configured, as you seem to).
    Hence, when a user logs into a machine after machine-auth has been successfully completed, 802.1x on the switch isn't going to do anything, b/c as far as it knows, it's already authorized the port, and has no visibility into what's actually happening on the machine.
    Now, if you want to 802.1x-authenticate the user as well, then you need to make sure you have enabled the wired supplicant to send EAPOL-Starts. See here:
    <http://www.microsoft.com/WindowsServer2003/techinfo/overview/wififaq.mspx#EAAAA>
    p.s. The reason it seems to work after re-auth is b/c the switch is doing initializing the auth conversation on it's own, and the supplicant replies back with cached credentials (also a default of this supplicant).
    Hope this helps,

  • Amserver.war deployment issue

    My Configuration
    Sun Java System Application Server 8.2
    amserver.war (jdk1.5)
    Windows 2003
    I deployed this amserver.war previously it worked fine but i was not able to get through the configuration portion.
    Now when i m deploying amserver.war using Admin Console, it's deployment complete properly but when i launch it, it shows error's
    HTTP Status 500 -
    type Exception report
    message
    description The server encountered an internal error () that prevented it from fulfilling this request.
    exception
    javax.servlet.ServletException: AMSetupFilter.doFilter
         com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:100)
    root cause
    java.lang.IllegalArgumentException: Path \config\auth\default\Exception.jsp does not start with a "/" character
         com.iplanet.jato.view.ViewBeanBase.forward(ViewBeanBase.java:334)
         com.iplanet.jato.view.ViewBeanBase.forwardTo(ViewBeanBase.java:261)
         com.sun.identity.authentication.UI.AuthExceptionViewBean.forwardTo(AuthExceptionViewBean.java:99)
         com.sun.identity.authentication.UI.AuthenticationServletBase.onUncaughtException(AuthenticationServletBase.java:121)
         com.iplanet.jato.ApplicationServletBase.fireUncaughtException(ApplicationServletBase.java:1164)
         com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:639)
         com.iplanet.jato.ApplicationServletBase.doGet(ApplicationServletBase.java:459)
         javax.servlet.http.HttpServlet.service(HttpServlet.java:747)
         javax.servlet.http.HttpServlet.service(HttpServlet.java:860)
         sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
         sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         java.lang.reflect.Method.invoke(Method.java:585)
         org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:249)
         java.security.AccessController.doPrivileged(Native Method)
         javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
         org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:282)
         org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:165)
         java.security.AccessController.doPrivileged(Native Method)
         com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:86)
    note The full stack trace of the root cause is available in the Sun-Java-System/Application-Server logs.
    Please help me out . I have to do it on urgent basis !

    Well, your problem maybe that you need to separate EJBs from Web modules.
    WAR files are for Servlets, JSPs, JSFs, etc.
    EJB-JARs are for EJBs
    All should be packaged into an EAR...
    --olaf                                                                                                                                                                                                                                                                                                                                                                                                       

  • Trying to setup im to store user props in ldap

    I am running the im/sbin/configure script. I'm trying to setup im to store user props in ldap. Can someone tell me what bind dn, I need to specify. It will be whatever the default is. I'm not sure how to find this.

    The default bind dn is normally "cn=Directory Manager".

  • Store User specific data in Secure file in EP

    Hi
        I wanted to store User specific data into Secure file .Please help me to access JAVA Secure Storage API 's of SAP netweaver
    Regards
    Ganesan S

    sorry, wrong post

  • Amserver.war deployment error

    Hi,
    I am deploying amserver.war (for jdk1.5 ) on SUN APPLICATION SERVER 8.2 (Jdk1.5). After deployment when i am launching the application-
    type Exception report
    message
    description The server encountered an internal error () that prevented it from fulfilling this request.
    exception
    javax.servlet.ServletException: AMSetupFilter.doFilter
         com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:100)
    root cause
    javax.servlet.ServletException
         org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:300)
         org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:165)
         java.security.AccessController.doPrivileged(Native Method)
         com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:86)
    root cause
    java.lang.NoClassDefFoundError
         com.sun.identity.authentication.client.AuthClientUtils.(AuthClientUtils.java:156)
         com.sun.identity.authentication.UI.LoginServlet.initializeRequestContext(LoginServlet.java:119)
         com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:578)
         com.iplanet.jato.ApplicationServletBase.doGet(ApplicationServletBase.java:459)
         javax.servlet.http.HttpServlet.service(HttpServlet.java:747)
         javax.servlet.http.HttpServlet.service(HttpServlet.java:860)
         sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
         sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         java.lang.reflect.Method.invoke(Method.java:585)
         org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:249)
         java.security.AccessController.doPrivileged(Native Method)
         javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
         org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:282)
         org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:165)
         java.security.AccessController.doPrivileged(Native Method)
         com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:86)
    note The full stack trace of the root cause is available in the Sun-Java-System/Application-Server logs.
    Kindly guide me . Waiting for reply .

    This is not the appropriate forum for this question as we don't deal with Access Manager deployment problems. Please re-post your question to the Access Manager forum instead:
    http://forums.sun.com/forum.jspa?forumID=760
    Regards,
    Shane.

Maybe you are looking for