SSL connection between Dist Auth UI Server and Access Manager

Similar Messages

• Connection between multiple domains of AD and OIM

  I am trying to integrate OIM and AD (target resource) and I have 13 domains in AD. For one domain, connection between AD and OIM is established using OOTB connector.
  Can someone provide me approach for connection between multiple domains of AD and OIM.
  Do I need to install different connector server for different domains or OIM provides with some Connector Server cloning feature.

  Hi,
  this forum is for asking and answering JDeveloper and ADF related question. Your question should be asked to the FMW security forum here on OTN
  Frank

• VPN between ASA5505 Easy VPN Server and 881G Router as Easy VPN Client

  Hello,
  I have problem in VPN between ASA5505 Easy VPN Server and 881G Router as Easy VPN Client. ASA 5505 have 7.2.3 software and 881G router have 15.1 software.
  881G is configured as hardware client in network exstention mode, and it is placed behind NAT. ASA5505 is working as server. Same VPN Group works correctly from VPN software clients.
  When I send traffic from 881G client side, in show cryto sessin detail I see encrypted packets. But with same command I dont see decrypted packet on ASA5505 side. On both devices Phase 1 and Phase 2 are UP. 
  VPN is working when I replace ASA5505 with ASA5510  correctly with have 8.4.6 software. But problem is that i need to do this VPN between ASA5505 and 881G.
  Can you help me, how can I debug or troubleshoot this problem ?
  I am unable to update software on ASA5505 side.

  Hello,
  Hire is what my config look like:
  crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
  crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
  crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
  crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
  crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
  crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
  crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
  crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
  crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
  crypto dynamic-map outside_dyn_map 20 set pfs
  crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA
  crypto dynamic-map outside_dyn_map 40 set pfs
  crypto dynamic-map outside_dyn_map 40 set transform-set ESP-3DES-SHA
  crypto dynamic-map outside_dyn_map 60 set pfs
  crypto dynamic-map outside_dyn_map 60 set transform-set ESP-3DES-SHA
  crypto dynamic-map outside_dyn_map 80 set pfs
  crypto dynamic-map outside_dyn_map 80 set transform-set ESP-3DES-SHA
  crypto dynamic-map outside_dyn_map 100 set pfs
  crypto dynamic-map outside_dyn_map 100 set transform-set ESP-3DES-SHA
  crypto dynamic-map outside_dyn_map 120 set pfs
  crypto dynamic-map outside_dyn_map 120 set transform-set ESP-3DES-SHA
  crypto dynamic-map outside_dyn_map 140 set pfs
  crypto dynamic-map outside_dyn_map 140 set transform-set ESP-AES-128-SHA
  crypto dynamic-map outside_dyn_map 160 set pfs
  crypto dynamic-map outside_dyn_map 160 set transform-set ESP-3DES-SHA
  crypto dynamic-map outside_dyn_map 180 set pfs
  crypto dynamic-map outside_dyn_map 180 set transform-set ESP-3DES-SHA
  crypto dynamic-map outside_dyn_map 200 set pfs
  crypto dynamic-map outside_dyn_map 200 set transform-set ESP-AES-256-SHA
  crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
  crypto map outside_map interface outside
  crypto isakmp enable outside
  crypto isakmp policy 1
   authentication pre-share
   encryption 3des
   hash sha
   group 2
   lifetime 86400
  crypto isakmp policy 2
   authentication pre-share
   encryption 3des
   hash sha
   group 1
   lifetime 86400
  crypto isakmp policy 3
   authentication pre-share
   encryption des
   hash sha
   group 2
   lifetime 86400
  tunnel-group HW-CLIENT-GROUPR type ipsec-ra
  tunnel-group HW-CLIENT-GROUP general-attributes
   address-pool HW-CLIENT-GROUP-POOL
   default-group-policy HW-CLIENT-GROUP
  tunnel-group HW-CLIENT-GROUP ipsec-attributes
   pre-shared-key *******
  group-policy HW-CLIENT-GROUP internal
  group-policy HW-CLIENT-GROUP attributes
   password-storage enable
   split-tunnel-policy tunnelspecified
   split-tunnel-network-list value cisco_splitTunnelAcl
   nem enable

• Network Load Balancing between SharePoint 2013 App server and WFE

  Hi,
  Can we do NLB between SharePoint 2013 App server and WFE Server ?
  Below is our Architecture,
  1. WFE Server (1) 
  2. APP Server (1)
  3. Database Server
  4. Domain Controller
  We have configured NLB but, when we stop IIS on APP server, SharePoint 2013 web app link is not working. 
  is it possible ?
  Please help us

  You can do NLB between WFE and APP server however make sure that web application service is started from central admin which host sharepoint sites.
  Why do you stop IIS on APP server, definitely it will not be able to host web app sites. rather you can just disable APP node on NLB to test it.

• SSO Connection Between Netweaver CE 7.2 and MDM 7.1

  Hi ,
  I am trying to set up SSO connection between Netweaver CE 7.2 and MDM 7.1 systems in our landscape.
  But Iam not finding the MDM template in Netweaver CE to create the MDM system in System configuration tab of CE.
  Please help me on how to go about to create the SSO connection between CE and MDM system.
  Regards,
  Anand V

  Hi Shiv,
  The MDM content business package  MDM JAVA WD FRAMEWORK 7.1 7.11 and  MDM WEB SERVICES_RT 7.1 7.11 based on Note 1471326 have been Installed on CE but the restart was not taken.
  Is the frestart necessary to get the MDM template?
  Regards,
  Anand V

• Wireless connection between D-Link WiFi router and Time capsule stopped working

  We have an ISP provided D-Link wireless router (DIR-615) to which we wirelessly connected our 2Tb Time Capsule for back up and to connect a USB printer to out network. This worked perfectly for 3 1/2 years, until about a month ago, when the time capsule suddenly decided to go "off line". ie we could no longer access it or the printer via our wireless network. We had changed nothing - just one day it stopped working.
  We tried to get it back online with no success. As the 2Tb Time Capsule was almost 7 years old and had had some HDD issues in the passed, we figured it had got old and died and that it was time to replace it; so we bought a new 3Tb Time Capsule, thinking this would get everything back to normal.
  However much as we tried, we were also unable to get the new 3Tb Time Capsule to connect wirelessly to the D-Link wireless router. The Airport Utility did not show the D-Link wireless router or its wireless network, although we were (and are) able to see it in Systems Preferences>Networks from all our multiple devises. This in itself seemed odd. No matter what we tried, the Airport Utility would not find the D-Link wireless router and hence we could not add the 3Tb Time Capsule to the existing wireless network.
  At the end of the day we got fed up with trying to add the 3Tb Time Capsule to the D-Link wireless network, and connected it via a LAN cable to the D-Link router instead. We then set it up as its own network. Worked gerat. Having done that we thought maybe the old 2Tb Time Capsule might not have been the problem after all, so we tried extending our new 3Tb Time Capsule wireless network using the 2Tb Time Capsule wirelessly. This worked perfectly! And we are now almost back to what we wanted.
  So although we have a work around, this means now have 2 separate wireless networks as opposed to the original single wireless network where everything talked to everything else.
  Can anyone shed any light on any of the following:-
  1. Why the original wireless network connection between the D-Link router and the 2Tb Time Capsule just stopped working? Was there some software change from Apple that "decided" D-Link wireless routers were no longer secure; and therefore the TCs could no longer connect to them?
  2. Why it was not possible to extend the existing D-Link wireless network using the the new 3Tb Time Capsule?
  3. Is there is anyway that we can get back to a single wireless network based around the D-Link wireless router as the primary router connecting to the modem, where the 2 Time Capsules connect as "wireless satellite base stations"?

  1. Why the original wireless network connection between the D-Link router and the 2Tb Time Capsule just stopped working? Was there some software change from Apple that "decided" D-Link wireless routers were no longer secure; and therefore the TCs could no longer connect to them?
  A firmware update to the TC came along and you agreed to it without perhaps even noticing.. it then smashed your setup because Apple do not recommend the setup you were using and it is very poor.
  2. Why it was not possible to extend the existing D-Link wireless network using the the new 3Tb Time Capsule?
  Because it is such a poor setup that Apple have taken away your ability to choose it unless you know exactly what you are doing.
  3. Is there is anyway that we can get back to a single wireless network based around the D-Link wireless router as the primary router connecting to the modem, where the 2 Time Capsules connect as "wireless satellite base stations"?
  Yes, this I can help you with.
  I have several ways around the problem.. but the first one is.. why use the DIR-615 at all.. it is not a modem.. it is a very ordinary bottom end, poor single band slow wireless router.
  Why don't you simply remove the DIR-615 from the network completely.. plug whatever it is the ISP supplies you.. an ethernet connection from whatever that modem is you mentioned into the WAN port of the Time Capsule. And use the TC in some router mode.. same as the DIR-615 was setup.. dhcp or pppoe or whatever.. I doubt the TC cannot match it.
  If you have issues please post a few screenshots from the DIR-615 to show how it is setup from the WAN side.. and as long as you are given the username and password or whatever the ISP uses to authenticate then chuck out the DIR-615.
  Tell me if that is a goer.. if not we can work out a few other methods..
  eg. Simply turn off the wireless in the DIR-615. It is poor cf the TC and there is no need for it.. with the TC in bridge only use the TC for wireless as well as wireless extend with your old TC.
  Or setup roaming network where everything uses the same SSID.
  Then you will have one wireless network. And it won't matter what as long as it connects.. although IMHO this is not right as the TC is such a superior router now you are wasting your new TC.

• Unable to connect hana with sybase replication server and i am not getting ECH plz help

  unable to connect hana with sybase replication server and i am not getting ECH plz help

  Please don't necrobump/hijack threads: https://wiki.archlinux.org/index.php/Fo … bumping.22
  https://wiki.archlinux.org/index.php/Fo … _hijacking
  Closing

• What is the differece between Apache htttp web server and tomcat

  Hi friends,
  what is the difference between Apache htttp web server and apache tomcat.
  Can i run php in tomcat

  hi
  1) different of apache and tomcat
  http://forum.java.sun.com/thread.jspa?threadID=254299
  2) different of apache tomcat and jakarta tomcat
  http://forum.java.sun.com/thread.jspa?threadID=5191004

• The connection between my iMac (8.1) and Airport express keeps dropping out all the time., The connection between my iMac (8.1) and Airport express keeps dropping out all the time.

  The connection between my iMac (8.1) and Airport express keeps dropping out all the time., The connection between my iMac (8.1) and Airport express keeps dropping out all the time.

  Hi BillCilla,
  If you are having intermittent but persistent drops in AirTunes via your AirPort Express, you may find the following article helpful:
  Apple Support: AirTunes audio stream drops or cuts out
  http://support.apple.com/kb/ta21538
  Regards,
  - Brenden

• Installing program on server and access it from mac workstation

  Hi
  How can i install a program on a mac server and access that program from mac workstation.
  On windows server you use the remote app manager application to do this. is there something similar on mac?

  Hi,
  - This isn't exactly what you are asking for but there is an App:  /System/Library/Coreservices/Screen Sharing.app on the Mac which is similar in operation to Terminal Services Client but is based on VNC. 
  - Thus it  will be a whole user's logon session which would run on the mac server .  
  I haven't used Screen Sharing.app on a large scale deployment of clients connecting to an OS X Server.
  Hope this helps

• Difference between SAP Learning Solution & Training and Event Manag

  Hi All,
  Can anyone tell me the Difference between SAP Learning Solution & Training and Event Manag.
  Which approach would be recommended for the Training and Event Management implementation..
  Pls let me know the pro's and con's of both the approaches.
  Regards
  Vijay

  Hi Vijay,
  Training and Event Management (now called <b>Training Management (TEM)</b>, sometimes referred to as PE in SAP documentation). Employees/Learners were able to book courses and view their training history via Employee Self-Service, and supported the full suite of classroom training administration functions.
  SAP’s current learning software is SAP’s Learning Solution (LSO). Companies still can use TEM to administer classroom-only training or they can choose to leverage LSO functionality to deliver classroom training as well as Web-based training, virtual classrooms, blended learning, and collaboration to their employees.
  Training Management (TEM) serves as the foundation of SAP’s Learning Solution (LSO). However, LSO includes much new functionality such as administering and delivering Web-based training, virtual classrooms, curricula, and online tests. The entire LSO consists of SAP Authoring Environment, Content Management System (CMS), Learning Management System (LMS), Learning Portal, Content Player, Offline Player, Business Intelligence (BI), and the Collaboration functionality.
  Regards,
  Dev

• Recommended configuration for Oracle VM Server and VM Manager

  Hi,
  Currently we have two dedicated DELL servers (VM server and VM Manager) for which are building an Oracle stack environment.
  We are facing a problem which we didn't find answer from Oracle docs or via Google. The problem is that the virtual machines we create in VM Manager can't be connected to the outside world, and we think it's because our host (Hetzner) does not allow ports eth1-eth3 to be connected to the servers, unless we have these servers in the same rack and connected via switch.
  Our question is, is it recommended configuration to have VM Server and VM Manager servers in the same rack and connected via switch?
  If yes, the next question is, if we need in the future to add one more dedicated DELL server to our configuration to host virtual machines, is it possible if the new third dedicated DELL server is not connected via switch to the two dedicated DELL servers we have already have?
  If no, the next question is, what could be the recommended configuration and solution to our problem in our case that ports eth1-eth3 cannot be connected to the servers?
  Please do not hesitate to ask if you need more information. I do appreciate your time and expertise. Thanks.

  The architectural environment is now done like on this graphic. For security reasons Hetzner hosting service does not allow ports eth1-eth3 to be connected, but in internal network under switch they do.

• Sizing of Oracle IdentityManager and Access Manager on same Weblogic Server

  Hi ,
  We are planning to deploy Oracle Identity Manager and Access Manager on the same weblogic server in different domains.We have user base of 25000 users.
  We can propose two different weblogic servers for OIM and OAM ?
  Please let me know the best hardware and software requirements for this installation.
  Thanks,
  RBM

  Here is sizing guide for Oracle Identity Manager
  http://www.oracle.com/technetwork/middleware/id-mgmt/oim11g-sizingguide-194346.pdf
  You can use it as a guideline, and it refers to 25000 users similar to your requirement. There are other factors also consider like, failover, performance etc. Feel free to reach out if you need more info [email protected]

• Is it possible to Run VM Server and VM Manager on a single machine

  Hi,
  I'm trying to learn VM and I downloaded both the VM Server and Manager from E-Delivery. The guide says I need two separate machines for the VM server and VM manager.
  Does this mean I've to install the VM Server first and then Install VM Manager on a different machine, create the Virtual Machines and then run the Virtual Machines on the VM Server?
  If I've got only one laptop, does that mean I've to install the Enterprise Linux first, install the VM Manager, create all the VM Machines I'll need from the Installation sources, then install the VM Server on the machine a fresh and run the created VM Machines on it?
  I'm relatively new to Virtualization and any help would be highly appreciated.
  dula

  There are other messages about running OVMM in the first VM on an OVM Server.
  Yes, Oracle supports them both being on the same physical system. They even supply a template for it.
  I tried to install it yesterday, but hit a resource snag. The testbed system I have available only has 2GB of memory and the OVMM template installation script aborts if the OVM Server does not have more than 2GB of memory. So my experiments for a faster DR process will have to wait for better hardware.

• 1 NodeManager, 1 Admin Server and 2 Managed Servers

  Hi All, I'm new in Weblogic and this is my 1st time to post a question on this forum. Would like ask for help from you all above my setup, I'm not sure whether it will work or not. Please find out the scenario below:
  Setup:
  1 Machine (RedHat Enterprise Linux 5.5)
  1 NodeManager
  1 AdminServer (Name: APP)
  2 Managed Servers (Name: APPLIVE, APPUAT)
  Currently I would like to using one NodeManager to control both Managed Servers under 1 machine. When I configure my APP Admin Server and two Managed Servers, i would like to nmEnroll both Managed Servers under one NodeManager but it will overwrite my enroll entries if i enroll 2nd Managed Server.
  Is it possible to configure NodeManager to accept both Managed Servers entries? Thanks. :)
  Edited by: user13602952 on Jan 2, 2011 9:54 PM

  Hi Hong,
  Following are the few things which you help you understand about NodeManager and nmEnroll
  - First of all a Node Manager process is not associated with a specific WebLogic domain but with a machine
  - When you run a nmEnroll then you just give "domainDir" and "nmHome" which would then gets the file called "*nm_password.properties*" which contains the encrypted username and password that is used for server authentication and "*SerializedSystemIni.dat*" file.
  Example:
  nmEnroll([domainDir], [nmHome])
  - With above files it also updates the nodemanager.domains file with the domain information which was mentioned in the above command.
  Thus when you run the nmEnroll command it would get all the details which it needs to start any managed servers in the same Machine, hence you do not need to run the same commend for each managed servers in the same Machine.
  For more information have a look at the below links:
  Topic: Search for "nmEnroll"
  http://download.oracle.com/docs/cd/E13222_01/wls/docs92/config_scripting/reference.html
  Topic: Overview of Node Manager
  http://download.oracle.com/docs/cd/E13222_01/wls/docs90/server_start/nodemgr.html#1091317
  Regards,
  Ravish Mody
  http://middlewaremagic.com/weblogic/
  Come, Join Us and Experience The Magic…