Sun IDM - Ways to manage 'nisNetgroup' on LDAP through Sun IDM

Similar Messages

• Managing a query result through several web pages

  Hi,
  I wonder what's the best way to manage a query result through several web
  pages in the following context.
  The query result is large and needs to be available through several web
  pages. The user can scroll forward and backward through the pages.
  One can :
  - rerun the query at each web request and use random access
  - run the query once for the first request, keep the pm and the query
  somewhere (in a singleton class for example with a key in the HTTP
  session) and use random access for handling the other requests (the
  problems I see are to keep a connection for each user in this use case and
  to decide when to close the previously mentioned objects)
  - rerun the query at each web request, including in the filter a test on a
  field and an ordering to start the results from the last one displayed
  (being able to specify the maximum number of rows desired would be nice).
  Thanks for any advice or suggestion.
  Regards.

  I think Frank's suggestion is probably the best tradeoff between memory
  consumption (which would be high if you were to store the enire query
  result in the session) and performance (which might be hurt if you
  re-issue the query every time).
  Note that Kodo 3.0 will provide a getObjectsById(Object[] ids) method
  that should help in quickly instantiating a page of query results.
  Query result limiting is currently under discussion for inclusion in the
  JDO specification. We may have something for this in an upcoming Kodo
  release (although not for 3.0).
  In article <[email protected]>, Frank Riley wrote:
  [email protected] (Patrice) wrote in
  news:[email protected]:
  Hi,
  I wonder what's the best way to manage a query result through several
  web pages in the following context.
  The query result is large and needs to be available through several
  web pages. The user can scroll forward and backward through the pages.
  One can :
  - rerun the query at each web request and use random access
  - run the query once for the first request, keep the pm and the query
  somewhere (in a singleton class for example with a key in the HTTP
  session) and use random access for handling the other requests (the
  problems I see are to keep a connection for each user in this use case
  and to decide when to close the previously mentioned objects)
  - rerun the query at each web request, including in the filter a test
  on a field and an ordering to start the results from the last one
  displayed (being able to specify the maximum number of rows desired
  would be nice).For our paging code, we convert the query result to a list of object ids
  (using pm.getObjectId()). We store this list on the session and only
  instantiate the objects we need for a particular page (using
  pm.getObjectById()). When a user does something that could possibly
  change the query result, we rerun the query and replace the list on the
  sesssion.--
  Marc Prud'hommeaux [email protected]
  SolarMetric Inc. http://www.solarmetric.com

• Sun Java System Access Manager LDAP Exception

  Hi All,
  I am new to sun access manager. i have deployed amserver.war in my weblogic 8.1 sp5 . i have edited the weblogic.policy file to add permissions for Access Manager. I m using SUN Directory Server and it is running on port 389 .When i m trying to create a new role in Access Control > Realm - internetDomain > Subjects > Role > New Role, i am getting the following error
  "Plug-in com.sun.identity.idm.plugins.ldapv3.LDAPv3Repo encountered a ldap exception. LDAP Error 50: The client is authenticated as a user who does not have the access privileges to perform this operation. "
  I have logged in as amAdmin . Below mentioned are my DataStore configurations
  DataStore Type : Sun Directory Server with Access Manager Schema
  LDAP Server : jophissystem.corp.mycompany.com:389
  LDAP BIND NAME : cn=administrator,ou=administrator,dc=corp,dc=mycompany,dc=com
  LDAPv3 Repository Plug-in Class Name: com.sun.identity.idm.plugins.ldapv3.LDAPv3Repo
  LDAPv3 Plug-in Search Scope: SCOPE_ONE
  Please help me on this .
  Regards,
  Jophis

  Rushi-Reliance wrote:
  Kindly let us know how to proceed further as we are waiiting some reply from your team.As I already advised in your previous posting (http://forums.sun.com/thread.jspa?threadID=5359095), you are best off re-installing solaris from scratch and installing Communication Suite 6 update 1 if you cannot get Access Manager 7.1 configured.
  Regards
  Shane.

• Sun Java System Identity Manager 7.1 PasswordSync direct mode ERROR!

  Hello,i wanna use direct mode to config the Sun Java System Identity Manager PasswordSync to avoid the complex configuration of JMS, but I get the following error in logs:
  03/26/2008 10.52.34.062000 [2164] (../../../src/wps/passwordsync/lhpwic.cpp,591): EndpointURL: http://idmzone1.gmcc.net:8080/idm/servlet/rpcrouter2
  03/26/2008 10.52.34.062000 [2164] (../../../../src/wps/agent/connect/RAEncryptor.cpp,69): RAEncryptor::Decrypt3DES: input length (16) moded to 2
  03/26/2008 10.52.34.062000 [2164] (../../../src/wps/passwordsync/lhpwic.cpp,624): about to login...
  03/26/2008 10.52.34.109000 [2164] (../../../src/wps/passwordsync/lhpwic.cpp,628): Login failed error code : -1072896682. Disassembing client
  03/26/2008 10.52.34.109000 [2164] (../../../src/wps/passwordsync/lhpwic.cpp,648): Exit: GetClient
  03/26/2008 10.52.34.109000 [2164] (../../../src/wps/passwordsync/lhpwic.cpp,916): Error getting our soap, bailing out.
  It is really difficult to find the way to resolve this probblem..... PasswordSync direct mode works fine in 6.0 in my VM.. but error here in 7.1.
  Is there anyone can give me a suggestion? Thanks you very much!

  Tried Hot fix 81 also still giving me the error and re-rigisterd dotnet.dll
  Log File for Hot fix 81
  (../../../src/wps/passwordsync/lhpwic.cpp,559): Error reading dumpFileBase, no dump file generation on exception
  (../../../src/wps/passwordsync/lhpwic.cpp,567): Exit: ReadRegistrySettings
  (../../../src/wps/passwordsync/lhpwic.cpp,593): Soap client created
  (../../../src/wps/passwordsync/lhpwic.cpp,594): ClientTimeout: 18000
  (../../../src/wps/passwordsync/lhpwic.cpp,604): Proxy server not specified
  (../../../src/wps/passwordsync/lhpwic.cpp,608): EndpointURL: http://idm-dev:80/idm/servlet/rpcrouter2
  (../../../../src/wps/agent/connect/RAEncryptor.cpp,69): RAEncryptor::Decrypt3DES: input length (16) moded to 2
  (../../../src/wps/passwordsync/lhpwic.cpp,641): about to login...
  (../../../src/wps/passwordsync/lhpwic.cpp,645): Login failed error code : -2147467259. Disassembing client
  (../../../src/wps/passwordsync/lhpwic.cpp,665): Exit: GetClient
  (../../../src/wps/passwordsync/lhpwic.cpp,935): Error getting our soap, bailing out.
  even if i gave wrong username and password it giving me the same error
  Can someone help on this

• Sun Java System Access Manager 7.1 config. failed during installation

  {color:#0000ff}Hi,
  I have installed sun java communication suite 5 on a single host on sun solaris 10.
  I have installed required packages and it works fine.
  But as per organization need, I have to change domain name.
  So i have uninstalled everything and tried to install again with new domain name.
  I have made proper entries in hosts file and resolve.conf file.
  But duing the first phase of installation only , i failed in configuring access manager 7.1
  I have also cerate same scenario in my test environment, but everytime i face the same error.
  and sun java access manager 7.1 fails in first stage of installation only.
  So would like to know the proper installation procedure while i change the domain name on same hardware...
  I have checked both installation logs & summary logs.
  But no error, no failed , no severe.
  Attached is the summary of installation logs.
  Summary Logs :
  Installation Summary Report
  Install Summary
  Sun Java(TM) Communications Suite : Installed
  Sun Java(TM) System Web Server 7.0 : Installed, Configured
  Java DB : Installed, Configure After Install
  Sun Java(TM) System Message Queue 3.7 UR1 : Installed
  Sun Java(TM) System Monitoring Console 1.0 : Installed, Configure After Install
  Sun Java(TM) System Directory Preparation Tool : Installed
  Sun Java(TM) System Directory Server Enterprise Edition 6.0 : Installed, Configured
  Sun Java(TM) System Access Manager 7.1 : Installed, Configuration Failed
  Sun Java(TM) System Messaging Server 6.3 : Installed, Configure After Install
  Sun Java(TM) System Communications Express 6 : Installed, Configure After Install
  Communication Services Delegated Administrator : Installed, Configure After Install
  Configuration Data
  Sun Java(TM) System Web Server 7.0 :
  Web Server Instance installation Directory : /var/opt/SUNWwbsvr7
  Web Server installation Directory : /opt
  Web Server Administration Server Host : RADAGWMSG221.myreliancemail.com
  Web Server Admin Server Mode : true
  Web Server only CLI installation : false
  Sun Java(TM) System Directory Preparation Tool :
  Directory Preparation Tool Installation Directory : /opt/SUNWcomds
  Sun Java(TM) System Directory Server Enterprise Edition 6.0 :
  Directory Server Installation Directory : /opt/SUNWdsee
  Sun Java(TM) System Access Manager 7.1 :
  Access Manager Installation Directory : /opt
  Access Manager Protocol : http
  Access Manager Port : 80
  LDAP User ID : amldapuser
  Administrator User ID : amAdmin
  Web Container : WebServer
  Access Manager Web Server Host Name : RADAGWMSG221.myreliancemail.com
  Access Manager Web Server Instance Directory : /var/opt/SUNWwbsvr7/https-RADAGWMSG221.myreliancemail.com
  Access Manager Web Server Port : 80
  Access Manager Console Host (for Existing console) : RADAGWMSG221.myreliancemail.com
  Access Manager Console Deploy URI : amconsole
  Access Manager Password Deploy URI : ampassword
  Access Manager Host : RADAGWMSG221.myreliancemail.com
  Access Manager Console Port(for Existing console) : 80
  Access Manager Services Deploy URI : amserver
  Access Manager Cookie Domain List : .myreliancemail.com
  Access Manager Common Domain Deploy URI : amcommon
  Access Manager Directory Server Host Name : RADAGWMSG221
  Access Manager Directory Server Host : RADAGWMSG221.myreliancemail.com
  Access Manager Directory Server Port : 389
  Access Manager Directory Root Suffix : o=rmail
  Access Manager Directory Manager DN : cn=Directory Manager
  Organization Marker Object Class : sunISManagedOrganization
  User Marker Object Class : inetorgperson
  Organization Naming Attribute : o
  User Naming Attribute : uid
  Sun Java(TM) System Messaging Server 6.3 :
  Messaging Server Installation Directory : /opt/SUNWmsgsr
  Sun Java(TM) System Communications Express 6 :
  Communications Express Installation Directory : /opt/SUNWuwc
  Communication Services Delegated Administrator :
  Communication Services Delegated Administrator Installation Directory : /opt/SUNWcomm
  {color}

  Rushi-Reliance wrote:
  Kindly let us know how to proceed further as we are waiiting some reply from your team.As I already advised in your previous posting (http://forums.sun.com/thread.jspa?threadID=5359095), you are best off re-installing solaris from scratch and installing Communication Suite 6 update 1 if you cannot get Access Manager 7.1 configured.
  Regards
  Shane.

• Oracle BPM (former ALBPPM) Hybrid LDAP Support for IDM

  So far ALBPM Enterprise (now Oracle BPM) had its best (by far) setup on a hybrid setting. In this case, ALBPM Directory had its own database, but authentication (users & groups) was set against an LDAP server (Sun One or Active Directory).
  Are there any plans to extend the hybrid configuration to Oracle IDM LDAP?
  Thanks.

  Create a new user oracle and proceed with the installation
  --> useradd -g oinstall oracle
  If your are forwarding your GUI using xming or vnc you would need to copy the xauth of root user and set it to oracle
  [server1:root] xauth list
  bangvmpllE.com/unix:11 MIT-MAGIC-COOKIE-1 b23d63374fe25a3577751b6b95b2210e
  [server1:root] sudo su - oracle
  [server1:oracle] export DISPLAY=localhost:10.0
  [server1:oracle] xauth add bangvmpllE.com/unix:11 MIT-MAGIC-COOKIE-1 b23d63374fe25a3577751b6b95b2210e

• Best way to manage images in a swing app

  Hi.
  I have a swing app that uses alot of images around 100+ at around 40kb each.
  I am currently using new ImageIcon("icon\\main.png")) to create them.
  Is this the most efficient way to manage images?
  Would it be more efficeint to store then in the mysql database?
  and / or use SwingWorker (http://java.sun.com/javase/6/docs/api/javax/swing/SwingWorker.html)
  Cheers
  Bobby

  Hi Bobby,
  It depends on what you want to be more efficient:
  1) CPU cycles
  2) Reducing jar size
  3) Ease of maintenance
  4) Prevent typing errors in file names
  For me, number 3 and 4 are important. So, what I generally do, is create an enum that desribes the images that are contained in the same package as the enum. Now I'm able to change the package name with no consequence. I only have to type the filename once and know when I have to double check of what I type. Something like this:
  package org.pbjar.geom.images;
  import java.awt.image.BufferedImage;
  import java.io.IOException;
  import java.net.URL;
  import javax.imageio.ImageIO;
  import javax.swing.ImageIcon;
  public enum Images {
      AUTHOR_SMALL("TheAuthor.jpg"),
      AUTHOR_LARGE("PietKopLarge.jpg"),
      private final String filename;
      Images(String filename) {
       this.filename = filename;
      public ImageIcon getIcon() {
       return new ImageIcon(getImage());
      public BufferedImage getImage(){
       try {
           return ImageIO.read(getURL());
       } catch (IOException e) {
           throw new RuntimeException(e);
      public URL getURL() {
       return this.getClass().getResource(filename);
  }Piet

• Access Enforcer - Manager Approvers from LDAP

  Hello
  We have AE tied to LDAP, from which its gets user, requester and manager information.
  Today we use Customer Approver Determinator, to configure the approvers.
  We would like to enable 'manager approval' in AE.
  Does AE support 'Manager Approver' from LDAP.
  Thanks

  Thanks for your answer.
  Like I mentioned we have LDAP as the user data source.
  But in Custom Approver Determinator, there is no way to set up the LDAP manager as approver.
  Can you please shed more light on this?
  Thanks again.

• A better way to manage Notes?

  We are a small team in collaboration on a book-length manuscript.My editors are inserting hundred of Notes into the document that I must cycle through and resolve each one. But I find the Note icon soooo tiny. When I'm at full page I can barely see those little guys. Is there any way to make the Note indicators bigger or something? In general. I don't see this Notes tool as very robust compared to change tracking type features found in word processors.
  I just want a better way to manage the Notes flow.

  Eugene Tyson wrote:
  I find using Notes in Story Editor to be way better.
  CTRL Y or CMD Y
  Then you can Expand/Collapse notes in Story Editor.
  Far easier to read and implement there, or if you need to switch back to layout just hit the shortcut again.
  It's also useful to tile a Story Editor window and the corresponding document's window, to have both views of the content.
  HTH
  Regards,
  Peter
  Peter Gold
  KnowHow ProServices

• What is the best way to manage multiple devices with one iMac - different users with seperate itunes accounts or one mac user with different itune logons and libraries?

  Hello
  I have just purchased an imac which I am very happy with.  In our household we also have two iphones (one mine and one husbands) and one ipod (my sons). We all have individual itunes accounts set up on our previous computer (not a mac). We have sepereate apps and music, although there may be the odd occasion where we would like to share a song (if this is possible) across devices.
  I am just wondering the best way to manage these devices using the new imac.  Should I create individual accounts to logon to the imac, then from within these launch our own itunes accounts and sync our devices with these.  Or should I be using one version of itunes, logging on to this with our different itunes usernames and storing things in libraries.
  Any help would be greatly appreciated. 
  Thanks

  I am presuming that we cannot share downloaded apps and music between accounts because of the copyright issue,
  Though I'm no copyright lawyer, as long as it's within a household, you can share content among users. Such sharing is, absent specific language preventing it not present in the iTunes Store terms of use, generally considered to be "personal use". So you can share apps and music amongst your users on your computer and with their devices. You just can't give any of that content to friends or relatives who don't live with you.
  What I am not clear on, it making sure that this appears in each itunes account - is it easy to find the file storage folders that match the itunes accounts and what would these be?
  The iTunes library and files are by default in a user's Home/Music folder. But you don't have to find the folder; in fact putting a file into the folder yourself won't add the file to iTunes. Just drag the file into the iTunes window. iTunes will copy it to the correct location.
  Regards.

• What is the proper way to manage movies in iTunes?

  I've just been given a new video iPod, and am now considering importing movies into iTunes so that I can have them on my iPod. What I have is a bunch of MPGs (e.g., family movies from a camcorder, etc.); but I noticed that the iPod won't play them, presumably because they're not MP4 format. I know I can convert them all to MP4 with iSquint or a similar utility. But I want to keep the full-resolution versions in iTunes so that I can display them on a bigger screen as well. So, what is the right way to manage this - do I really need to keep and have in iTunes 2 versions of every movie - one scaled down for iPod as MP4, and one in original resolution? Or is there a better way?
  Thanks in advance,
  Mike

  I think two versions is probably the only way. At least the MP4 versions will be small so shouldn't use up much of your hard drive space.
  By the way, with the MP4 versions that go on your iPod, try hooking your iPod up to your TV set and setting the TV Out option to ON and with the proper AV cable, you should still be able to see them on the big screen. Try it out and see how it looks.
  Since you have a camcorder, you might already have an AV cable you can use. See here...
  Getting the Video out of Your New iPod--for Cheap!
  http://www.oreillynet.com/pub/a/mac/2005/11/18/video-ipod.html
  Patrick

• What's the best way to manage movie resolutions with iTunes/iPod

  I've just been given a new video iPod, and am now considering importing movies into iTunes so that I can have them on my iPod. What I have is a bunch of MPGs (e.g., family movies from a camcorder, etc.); but I noticed that the iPod won't play them, presumably because they're not MP4 format. I know I can convert them all to MP4 with iSquint or a similar utility. But I want to keep the full-resolution versions in iTunes so that I can display them on a bigger screen as well. So, what is the right way to manage this - do I really need to keep and have in iTunes 2 versions of every movie - one scaled down for iPod as MP4, and one in original resolution? Or is there a better way?
  Thanks in advance,
  Mike

  Welcome to the Apple Community.
  iTunes is straight forward, just use the same ID on all of them.
  What exactly do you want to see in messages on the Mac and iPad, messages combined from each of your phones or a different account just for both of you.
  You should think about what you want in calendars, contacts etc, on your shared devices.

• What's the best way to manage Apple IDs for multiple devices?

  Hi,
  We have
  a shared Macbook air
  a shared iPad
  my iPhone
  his iPhone
  We want to put one ID on the Macbook and iPad that we can use to have the same iMessage on both and that we can put a card on and use in the iTunes store etc.
  We also want to have our own iMessages on our iPhones, plus be able to use the account with the cards on them to purchase and share across devices...
  What's the best way to manage them all?

  Welcome to the Apple Community.
  iTunes is straight forward, just use the same ID on all of them.
  What exactly do you want to see in messages on the Mac and iPad, messages combined from each of your phones or a different account just for both of you.
  You should think about what you want in calendars, contacts etc, on your shared devices.

• Best way to manage multiple iTunes accounts (from different countries)

  Ok, wasn't sure if this was the best community to ask this question, but here goes.
  My wife and I have two iTunes accounts, one originally from the United States, the other originally from Australia. Over the years content has been purchased using both accounts.
  We currently reside in Australia and primarily view our content on Apple TV. So far we’ve had no problems logging into either account and accessing all our content.
  Now, I have a fear (perhaps an irrational one) that if we choose to permanently reside in one country (Australia, the US, somewhere else) that at some point Apple may cancel/restrict one of these accounts. Since there is no way for me to merge all our purchased digital content into the one digital library, we’re now wondering the best way to manage this?
  I see there is a new "family sharing" feature soon to be launched, so that may be half the solution (assuming it will work with family members in different continents). If so, the other half of the question is, will we be able to still purchase content on both accounts? While in Australia since April we have rented movies on both accounts, but have only purchased movies etc on the Australian account (we can still do this on the US account, but we haven't risked it in case it gets cancelled because Apple decides we're no longer in the US - in other words, we don't want to spend $$$ on movies we may not be able to access in future).
  What do others think? What is the best way for us to manage our scenario? Or am I worried about nothing and we can continue purchasing content on either account without fear of “losing” it later?
  Any advice would be greatly appreciated! I did try and ring Apple, but the guy refused to give me advice until I provided my details and I did't want to do that at this stage.
  Thanks everyone for your help!
  MM

  You may lose the ability to purchase content from the USA, but any content you've already bought will remain accessible. Back everything up.
  (112502)

• How is the best way to manage the stats table?

  Hello!
  I have the Integration 2.1 working with an Oracle 8.1.7 db. I noticed that the table
  STATS is growing pretty fast.
  How is the best way to manage this table?... I haven't found something related with
  this issue in the documentation, but at least I want to know how to safely delete
  records from this table.
  For example, if I know the minimal time I have to keep in the table, is quite simple
  to create a shell script and/or Oracle pl/sql job to trim the table.
  I hope somebody can help me!!!!
  Thank you!
  Ulises Sandoval

  Write an app people want to buy and rate highly.