Smart card logon with third party CA combined with ADFS to Office 365

Similar Messages

• Help With Third Party Wireless Cards

  Hello, I am needing some help with third party wireless cards. I have purchased and installed the Linksys WMP54G wireless PCI card into my G4. From what ive seen on the discussions page here, this card is known to work with the G4s in place of the more expensive Airport Extreme card. The only problem is that my G4 doesnt even recognize that the card is in the PCI slot. Ive tryed the other PCI slots and still nothing. Previously, i have tried using a belkin and a d-link card that have been known to work in the G4s as well, and had the same problem. I am 100% sure that the card is seated correctly, and cant think of any other reason why it shouldnt detect that something is in the slot. If anyone can inform me what im doing wrong, or has any info on how to get it working, that would be great. Thanks for your time,
  ~Jared
  Powermac G4   Mac OS X (10.3.8)   2 gb ram, 200 gb hd, dual display

  Yes, i run Digidesigns audio editing program called Protools on my Mac. It uses a PCI card to import mic/line audio signals into the program from the hardware interface. I tried moving the Digidesign card and putting the wireless card in the same slot, and still nothing, although the Digidesign card works fine in the other slots. Each time i moved the Digidesign card, it showed up in the different slots, although the ones that were open did not show up at all. Only the PCI slots that are in use show up in ASP on my machine. I have the FW-800 version of the G4, so im not sure if that makes any difference. I have never erased the PRAM before, would you be able to give me directions on how to do that? Thanks a ton for your help. =)
  Powermac G4   Mac OS X (10.3.8)  

• Third party & subcontracting combine

  Dear Experts,
  I am having the following scenarios:
  Customer C1 send  the PO for Material F1 that i am not producing.
  So i send the Raw Material M1 reqd for F1 to Vendor V1 that he directly ship to Customer C1 and invoice to me. Accordingly i bill to Customer.
  So it is a scenario of third party & subcontracting combine.
  Please tell me how to handle such scenario along with all the accounting & excise effects.
  Plz suggest
  Thanks

  Hi,
  Follow the below process;
  1. VA01 - Create Sales order for material F1 and Customer C1
  2. As a result of this a Subcontracting PR will get generated automatically. (For this take help of SD Consultant, it is controlled by Schedule Line category in VOV6, take copy of CS and change Item category to 3 i.e. Subcontracting)
  3. ME21N - Subcontracting PO w.r.t. PR (Considering BOM is in place). In PO under "Delivery Address" Tab, maintain the Customer Code as C1. As a result of this, vendor will get information that stock is to be dispatched to Customer C1.
  4. MB1B - Transfer Posting of raw materials via 541
  5. J1IF01 - Create Subcontracting Challan w.r.t. TP mat. doc.
  6. MIGO - GR w.r.t. PO (Here it will update stock of the material F1 via 101 and auto consumption of components via 543 O). Refer Subcontracting Challan.
  7. J1IFQ - Challan Reconciliation
  8. J1IF13 - Challan COmpletion
  9. MIRO - LIV w.r.t. Subcontracting PO
  10. VL01N - Create Delivery w.r.t. Sales Order to write-off the stock of material F1
  11. VF01 - Create Billing Document on Customer C1
  12. J1IIN - Outgoing Excise Invoice (I think, it is not required)

• HT4623 How to stop third party apps download with out you permission from ATT partners that cant see any connections on your account due to you not being the prchaser?

  How to stop third party apps download with out you permission from ATT partners that cant see any connections on your account due to you not being the purchaser or on account as long as someone else is paying they can not hold legal resposible there third privacy  due to legal privacy laws.

  Then you should read these.
  http://forums.macrumors.com/showthread.php?t=1804704&highlight=sonnet+tempo+pro
  http://forums.macrumors.com/showthread.php?t=1721573&highlight=sonnet+tempo+pro
  This was strange but has to do with how startup disk and nvram interact
  http://forums.macrumors.com/showthread.php?t=1795765
  I think your problems were solvable and not that the Sonnet card and 5,1 is not bootable, in fact the 5,1 is easier, there are more supported cards.
  I have the 1,1 where the Sonnet Pro is recommended but for data only and are not bootable because of the 32-bit EFI firmware. NOT the 4,1 and 5,1. The 2008's are problem child and have a mix of PCIe 1.1 slots, first implementation of EFI64 that also has problems. Also the 4,1 has two PCIe 2.x slots 3 and 4 that share a controller but that simply limits bandwidth.
  I would have left the TRIM support and NVRAM changes in Yosemite to a separate thread if you wanted to focus on the Sonnet Tempo Pro support in Mac Pro 2010-12 5,1s.
  Also the make of SSD can vary and they also have their own firmware as do bootable controllers along with the EFI of the Mac, all of which have to work together.  Meaning it might be that Samsung 840 va 840 EVO vs 840 Pro will all be slightly different but my experience is Samsungs work well (as do others like Crucial with the proper firmware - and there was/is an issue with the firmware of the Samsung 840 but not with booting).
  The PCIe card gets seen and treated as external and therefore 'eject' but of course you can't when it is the system boot drive.
  One thing I found last week and meant to mention:  After installing or changing PCIe cards, RESET SMC made all the difference in the world with the long boot delay. Some PCIe cards will add a few seconds, system has to search the device tree which now shows another controller with multiple devices - and sometimes NVRAM and SMC are what I will call "dirty" and need to be rebuilt and reset.

• Windows smart card logon and kdc certificate (2008R2)

  dear, 
  we are trying to implement a smartcard logon on 2008r2 dc and ca. Environment:
  Domain controller - windows server 2008 R2
  CA - windows server 2008 R2
  testing server - windows server 2008 R2
  when using smartcard logon, a message pops up "The system could not log you on. You cannot use a smart card to log on because smart
  card logon is not supported for your user account. Contact your system administrator to ensure that smart card logon is configured for your organization.".
  The domain controller has an error message : "Event 19: This event indicates an attempt was made to use smartcard logon, but the KDC is unable to use the PKINIT protocol because it is missing a suitable certificate",
  when using "net stop kdc && net start kdc" there is a warning : "event 29 : The Key Distribution Center (KDC) cannot find a suitable certificate to use for smart card logons, or the KDC certificate could not be verified. Smart card
  logon may not function correctly if this problem is not resolved. To correct this problem, either verify the existing KDC certificate using certutil.exe or enroll for a new KDC certificate."
  There were 2 dead CAs in the environment, we deleted them manually by following the instructions in http://support.microsoft.com/kb/555151;
  We tried to renew the domain controller certification with the instructions in http://technet.microsoft.com/en-us/library/cc734096.aspx；http://technet.microsoft.com/en-us/library/cc733944(v=ws.10).aspx,
  the result of "certutil -dcinfo verify" seemed to be correct, but the event 19 and 29 are still there. 
  How could we resolve this problem? Thanks in advance 
  The output of "certutil -dcinfo verify" is :
  0: CTXDC
  *** Testing DC[0]: CTXDC
  **  Enterprise Root Certificates for DC CTXDC 
  Certificate 0:
  Serial Number: 781902753c5627b64bd4e45c38b648df
  Issuer: CN=demo2CA, DC=demo2, DC=internal, DC=jiean-technologies, DC=lan
   NotBefore: 2013/4/11 11:57
   NotAfter: 2018/4/11 12:07
  Subject: CN=demo2CA, DC=demo2, DC=internal, DC=jiean-technologies, DC=lan
  Certificate Template Name: CA
  CA Version: V0.0
  Signature matches Public Key
  Root Certificate: Subject matches Issuer
  Template: CA, Root Certification Authority
  Cert Hash(sha1): 24 43 b0 79 33 8d f4 74 2d 52 df 75 3a 50 73 85 62 25 fb 86
  **  KDC certificate for DC
  CTXDC 
  certificate 0:
  Serial Number: 611648d2000000000030
  Issuer: CN=demo2CA, DC=demo2, DC=internal, DC=jiean-technologies, DC=lan
   NotBefore: 2013/4/21 12:05
   NotAfter: 2014/4/21 12:05
  Subject: CN=CTXDC.demo2.internal.jiean-technologies.lan
  Certificate Template Name: DomainController
  Non-root Certificate
  template: DomainController, domain controller
  Cert Hash(sha1): e5 e5 5f 80 b0 cd 7f b5 3d 86 51 3e f3 70 d0 8e 39 48 45 cd
  dwFlags = CA_VERIFY_FLAGS_NT_AUTH (0x10)
  dwFlags = CA_VERIFY_FLAGS_CONSOLE_TRACE (0x20000000)
  dwFlags = CA_VERIFY_FLAGS_DUMP_CHAIN (0x40000000)
  Application[0] = 1.3.6.1.5.5.7.3.1
  Server Authentication
  Application[1] = 1.3.6.1.5.5.7.3.2
  Client Authentication
  ChainFlags = CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT (0x40000000)
  HCCE_LOCAL_MACHINE
  CERT_CHAIN_POLICY_NT_AUTH
  -------- CERT_CHAIN_CONTEXT --------
  ChainContext.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
  ChainContext.dwRevocationFreshnessTime: 10 Hours, 36 Minutes, 16 Seconds
  SimpleChain.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
  SimpleChain.dwRevocationFreshnessTime: 10 Hours, 36 Minutes, 16 Seconds
  CertContext[0][0]: dwInfoStatus=102 dwErrorStatus=0
    Issuer: CN=demo2CA, DC=demo2, DC=internal, DC=jiean-technologies, DC=lan
    NotBefore: 2013/4/21 12:05
    NotAfter: 2014/4/21 12:05
    Subject: CN=CTXDC.demo2.internal.jiean-technologies.lan
    Serial: 611648d2000000000030
    SubjectAltName: Other Name:DS object GUID=04 10 f1 68 15 d4 e6 4a 8c 40 80 c6 15 16 1d 26 49 4d, DNS Name=CTXDC.demo2.internal.jiean-technologies.lan
    Template: DomainController
    e5 e5 5f 80 b0 cd 7f b5 3d 86 51 3e f3 70 d0 8e 39 48 45 cd
    Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
    Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
      CRL 54:
      Issuer: CN=demo2CA, DC=demo2, DC=internal, DC=jiean-technologies, DC=lan
      52 95 06 73 26 3a 6a 22 a3 6f d7 6e b2 f3 4c 3d 02 9b 7e 54
      Delta CRL 55:
      Issuer: CN=demo2CA, DC=demo2, DC=internal, DC=jiean-technologies, DC=lan
      8c c0 97 5e a3 13 9d a1 5c a2 c1 86 e8 65 ff b0 8b ea f4 a3
    Application[0] = 1.3.6.1.5.5.7.3.2
  Server Authentication
    Application[1] = 1.3.6.1.5.5.7.3.1
  Client Authentication
  CertContext[0][1]: dwInfoStatus=10c dwErrorStatus=0
    Issuer: CN=demo2CA, DC=demo2, DC=internal, DC=jiean-technologies, DC=lan
    NotBefore: 2013/4/11 11:57
    NotAfter: 2018/4/11 12:07
    Subject: CN=demo2CA, DC=demo2, DC=internal, DC=jiean-technologies, DC=lan
    Serial: 781902753c5627b64bd4e45c38b648df
    Template: CA
    24 43 b0 79 33 8d f4 74 2d 52 df 75 3a 50 73 85 62 25 fb 86
    Element.dwInfoStatus = CERT_TRUST_HAS_NAME_MATCH_ISSUER (0x4)
    Element.dwInfoStatus = CERT_TRUST_IS_SELF_SIGNED (0x8)
    Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
  Exclude leaf cert:
    33 0e 29 2d 44 b0 f9 5d a8 7d 03 26 52 e0 cf 00 4c bf 66 2d
  Full chain:
    04 60 4a 63 ea 44 36 5a 8a 3e 43 b5 23 2a ee 8e a6 05 16 3b
  Verified Issuance Policies: None
  Verified Application Policies:
      1.3.6.1.5.5.7.3.2
  Server Authentication
      1.3.6.1.5.5.7.3.1
  Client Authentication
  1 KDC certs for CTXDC
  CertUtil: -DCInfo command completed successfully.

  The KDC certificate must be good for "SmartCard logon" purpose. It is currently not.
  I you do not use smartcards, do not worry.

• Windows 7 Smart Card Logon

  Hi,
  Testing PKI with Windows 7 x64 under a (otherwise) working public key infrastructure (Windows 2008 CA) using Smart Card certificates based on V2 templates. I've enrolled an AD user successfully with a smartcard and validating the cert it looks all ok (via certutil -scinfo). For all intents and purposes the smart card appears ok but when I try to logon with the user and the smartcard inserted in the machine, I get the following error message:
  "The system could not log you on. You cannot use a smart card to log on because smart card login is not supported for your user account. Contact your system administrator to ensure that smart card logon is configured for your organization."
  Kind of weird message :-/ The smart card reader is in-built on a Dell E6400 ATG... the smart card itself is a Gemalto .NET based card. I've validated that the cert is correctly written to the card via the netsolutions site at Gemalto ... Windows 7 reads the smart card and the user ID correctly from the GUI Logon screen ... it's only when I enter the PIN and it attempts to logon do I get the above message....
  Is there anything "special" I need to do in Windows 7 or in group policy to enable smart card support?? This has worked fine in the past on XP....
  Both the smart card service and the certificate propogation service are running...
  Regards,
  Mylo

  Stigh,
  OK..... I've got it working with Windows 7 on the 6400 together with the Mobile Internet Broadband using domain-based interactive logon.... so the pressures off at least at this end :-)
  "I actually disagree."
  I can see you're healthy motivated to fix the problem.. which is good :-)
  "As long as there is a EKU in the certificate, it should work for local logon."
  Agreed (kind of).. although in your case the common name (the username) is the key identifier for logon purposes..  a UPN in this case is moot as there is no domain to speak of.... I'm assuming the Smart Card Login OID is present in your certificate template together with Client Authentication, and that the purpose is set to "Signature and Smartcard Logon".. I'm working with V2 templates at the mo...
  "In GPedit, under Computer Configuration-Windows Components-Smart Card there are policies to disable certain paramters. I need to read more on those.
  In my case I haven't tweaked any settings via GPO... to resolve the problem described earlier I ended adding the AMT HECI driver for the chipset and the Broadcom drivers from the Connection Manager packs.... I suspect it was the latter that was the problem. Again I haven't installed any Dell Connection Manager software so I'm relying purely on drivers.
  "Btw; Dell SmartCard is not available for shopping in Norway where I'm located; so I can not enroll any cards through Controlpoint/Wave manager. My Gemalto.NET card is purchased from a local store"
  The Gemalto drivers from Windows 7 RTM worked ok for me.
  "The reason for using the laptop as stand alone outside domain is that it's "never" connected locally to any wired network, and there is no reason for it to be a member of the domain.
  OK, but here's where I disagree :-) .. the machine in question will need to connect back to your Enterprise CA certificate distribution point (CDP) to check that the certificate is valid. That's part of basic PKI functionality to ensure certificates are valid. In your case, you'll need an HTTP-based CDP reachable from the local machine, i.e. reachable over a LAN or over the Internet from the "stand-alone" machine, as default LDAP CDP's are meaningless as your client is not domain-joined. Otherwise, you'll need to turn off certificate revokation on the local machine completely, which is diluting security even further. 
  "Its only connecting through RDP and for Outlook (Exchange 2007). Here I use the certificate for RDP logon and for signing/encrypting emails."
  I was slight confused here.. so you don't intend to use the smartcard for local logon? If this is the case this is a workable scenario. You can use a smartcard from a non-domain joined machine to connect for RDP logon. S/MIME is also possible from Outlook, but YMMV as you may run into trust issues when sending encrypted mails to parties that don't trust your CA. Again, bear in mind the comments made earlier about the CDP... the "stand-alone" machine will still need to "connect" back to the CA to access the CDP/AIA, plus you'll have to do certificate renewals etc.
  On a parting note, you need to be clear about why you really need to use smart cards (in this scenario). You're working outside the normal working conventions of Windows with a non-domain joined machine and the pay-off in this case is negligible. I'm not trying to dissuade you from continuing but it's likely to be an uphill struggle.
  Good luck and post back if you want to discuss further!
  Regards,
  Mylo

• Cannot do MIGO in Third Party Sales Process with shipping notification

  In the Third party sales process with Shipping notification,the item category for the material is TAS (Billing relevance=R),item category group is BANS.
  Intially sales order is created,then using me21n with reference to purchase requisation purchase order is created,then in MIGO stage i used the PO No there but i get the message no item found in PO.
  what adjustment have to be done in order to do MIGO

  Refer following SDN thread, by that you will be able to get overview on best practices about Third Party Sales & necessary configuration you need to follow for statistical GR:
  - Third party direct shipment (II)
  Further maintain Billing Relevance for Item Category as G - Order-related billing of the delivery quantity.
  Regards
  JP

• Really Apple? OSX 10.8.5 disables built-in camera functionality with third party apps such as Skype and Gmail video chat. I do not have time machine on my 2013 MB Air. How can I get back to 10.8.4?

  Really Apple?
  With the release OSX 10.8.5 Apple has once again showed its true colors, and continued its efforts to create a closed Apple system, which eliminates third party vendors, unless, one can only assume... they pay.
  Included in this OSX update is the disabling of the built-in camera to work with third party applications such as Skype and Gmail video chat. No surprise the camera works just fine with Apple apps such as Facetime and Photobooth.
  The answer I got on my call to AppleCare to ask for assistance in reinstalling 10.8.4, so that I may Skype again, was we can not do that. You can not go back unless you have a time machine bkup.
  Can anyone help me get back to to 10.8.4 on my 2013 MB Air?
  I do not have a time machine bkup as this computer is not used to store important documents.
  Thank you.

  Read this post: 10.8.5 Broke Camera Usage For 3rd Party Apps Like Skype
  Another: isight not recognized in Skype after 10.8.5 upgrade
  Don't panic. Skype simply needs to update its app.

• IPod Classic Compatibility With Third-Party Sound Dock

  I own a TEAC Micro HI-FI CD-X10i and I was wondering if it would work with an iPod classic 160GB. I was considering purchasing an iPod classic (I already own a 5.5 G 80GB iPod). Has anybody tried using third-party audio systems with docks? If you have, please respond.

  Hey Funky,
  I have a Bose SoundDock (from 2005) and my Classic-160 works like a charm with it. It also works fine with my Altec-Lansing inMotion portable speaker unit.

• How to integrate single sign on with third party system

  we are in the process of implementing istore application. we already have home grown isupport application to contact support personnal for any issues. Now we are wondering how do we integrate oracle applications single sign on with our third pary system. Is there any recommendation provided by oracle to achieve the same.

  We too are in the process of implementing iStore with SSO features.
  And if you believe me it seems to me as nightmare.
  In our scenerio we are intgrating this SSO with Third party access control too (AD and Siteminder). I would request you to please respond me on the following mail id , so we can share our experince which will help us in our implementation
  [email protected]
  regards and thanks in advance
  Vikas Deep

• SharePoint 2013 on-premises integration with third party email account

  the Email sending issue from SharePoint is causing too much time waste 
  First let me explain how our SharePoint is deployed
  Sharepoint version : 2013
  Deployment type : on-premise
  Authentication : from Domain controller also hosted locally 
  domain name ; say domain.com this domain.com is same as our website address hosted on godaddy
  SharePoint computer name on local DNS :  sharepoint.domain.com
  OS and IIS : 2008 r2 , IIS 7.5 
  Network firewall : 25 26 ports  opened for sharepoint , both incoming and outgoing.
  Server firewall : turned off
  Email configuration Attempts by IIS 6.0 
  We tried following setting on IIS 6.0 SMTP local server properties
  In General tab
  qualified name was shown as : sharepoint.dts-solution.com
  IP assigned : sharepoint server IP  , advanced putted two entries of IP with ports as 25,26
  In Access tab
  Authentication : selected as Anonymous 
  Connection : All except below list : empty list
  Relay : only the list below , one entry as 127.0.0.1 and other is local static IP of SharePoint server
  in Delivery tab
  outbound security : Basic authentication : accessed user in AD and given the right password, also checked with annonymous -not working 
  outbound connection: all default values and port = 25
  Advance : fully qualified domain name = sharepoint.domain.com , DNS test showed success, rest every check box unchecked 
  On sharepoint central management settings
  Outbound email = sharepoint.domain.com
  from and reply to address = [email protected] 
  IIS 7.5 SMTP settings 
  In IIS 7.5 sharepoint application we added SMTP settings as smtp server = godaddy out going smtp , user name as [email protected] , password = godaddy password , port : godaddy outgoing port  .
  Godaddy account 
  Our website hosted on godaddy with same name as domain.com
  open relay not possible on emails.
  Results
  After setting alerts on SharePoint sites and assigning tasks with alerts we receive email in queue folder but they never get forwarded. We just wish to use any of our email *.domain.com to send outgoing emails from SharePoint . Its been a while we have no
  success. 
  Tech Learner

  Hi,
  As I understand, you are using SharePoint 2013 integrating with third party SMTP server which provides email function.
  From SharePoint side, I'd suggest you refer to the link below to configure email integration:
  http://technet.microsoft.com/en-us/library/ee956941(v=office.15).aspx
  If you have already confirm that message is sent from SharePoint, while stuck in queue on SMTP server, then the issue might be related to relay on SMTP server. Since the issue is related to third party product, we do not have enough resource here,
  I'd recommend you contact their support engineer for more assistance:
  https://support.godaddy.com/help/category/154/email
  https://support.godaddy.com/help/article/3552/managing-your-email-account-smtp-relays
  Thanks for the understanding.
  Regards,
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
  [email protected] .
  Rebecca Tu
  TechNet Community Support

• Integration of ChaRM with third party tools

  Hi all,
  We are in the process of building the solution for Change Request Management implementation integrated with third party tool. 
  As the normal process for ChaRM is to work with the Service Desk functionality (to raise a ticket, then support message, change request, change document etc...), but what we need is create the change request, and change document directly with ChaRM without using the Service Desk functionality. 
  Did anybody come across this situation?
  Please share your experience. 
  Thanks in advance.
  Balaji

  Hi Balaji,
  there is no problem, as I understand, you want to use ChaRM without Service Desk. OK, than you create directly a Change Request in CRMD_ORDER, the transaction type you have to select is SDCR (standard transaction type), you have to approve it and then you can create a change document, it is not necessary that you start with a Service Desk ticket like SLFN.
  You need configured TMS a SolMan Project with a Maintenance Cycle, thats it (but this is enough , don't forget the customizing).
  I hope I understood you correct
  Udo

• Conflict with Third Party Apps?

  I am getting an occasional error saying there is a possible conflict with third party apps and that I need to check the drivers of my MIDI devices to see if they are up to date? Sorry but I did not record the exact wording. Does anyone know what this might mean, and how I need to go about checking drivers? I have a lot of interfaces and not sure how to see what's what. Thanks.

  Hi Midlake,
  Well, because they are known troublemakers. Search for 'takes' or 'take folder(s)' or 'comp' here on the forum and you'll find many a troubled soul crying out for help - including seasoned pro's, who thought they were beyond tears...
  O, they are fine for recording many takes - but thats' all. I'll select the best takes/phrases.
  regards, Erik.

• How to integrate DRM with third party tool for loading metadata in SQL table

  Experts,
  I am new to DRM and I have a requirement in which we want to integrate DRM with third party tool(lets say SQL table) as target and load metadata from DRM (Parent node, name , alias etc) to SQL table (same column name)
  Is there any way we can integrate DRM to export the same to table directly instead to files. If yes what are the steps we have to follow.
  Is there anyway we can customize DRM to execute queries or run batch
  Can I have a basic example please.
  Thanks in advance,
  Regards,

  1. Use DRM Export to Table option, for that create an External Connection first for the Target Database and select the respective Tables to which you wish to Export the Hierarchy information.
  2. You can perform most of the DRM Actions via the DRM_BATCH_CLIENT.exe.
      Please refer to Using the Data Relationship Management Batch Client of DRM User guide.
  let me know if you have any issues.

• How to integrate iReceivables with third party payment system?

  Hi,
  My requirement is to integrate iReceivables with third party payment system.
  Can anyone guide me to achieve this.
  Thanks & Regards,
  Sunita

  Hello Prasad,
  <b>Connection with an External Payroll System</b>
  Payroll Outsourcing functionality allows you to compile master data or payroll data in the SAP system to submit to a third-party service provider in an electronic format. The Outsourcing solution available in the United States and Canada provides a generic interface which writes data into an IDoc (Intermediate Document) for transport to a third-party system. In order to transport data into and out of the SAP system, you must set up a logical system, partner definition, and outsourcing ports.
  If you have built your own payroll interface, using the Interface Toolbox, for example, you can use the Import section of this scenario. The Export section applies only to the transport of IDocs.
  For more information regarding outsourcing, refer to the SAP Library, Human Resources  -> PY Payroll  -> PY-US United States Payroll or PY-CA Canada Payroll  -> Outsourcing.
  http://help.sap.com/saphelp_erp2005vp/helpdata/en/af/f4ea3444e9c47fe10000009b38f83b/frameset.htm
  Import Payroll Results from a Third-Party System
  http://help.sap.com/saphelp_erp2005vp/helpdata/en/0a/e62481feaf11d1a5500060087832f8/frameset.htm
  regards
  Prasad
  Message was edited by:
          prasad chintala