Sun LDAP to IDM synchronization issue

Hello friends, I am trying to synchronize all the new accounts created in sun LDAP to IDM. It runs every 10 minutes as configured but does not pick the new user from LDAP. Here is the brief configuration detail.
(1) I have switched on the "Retro Plugin" for LDAP and found the changes are getting logged. The sample entry of the change log looks like :-
dn: changenumber=665,cn=changelog
objectClass: top
objectClass: changelogentry
changeNumber: 665
targetDn: uid=zorouser7,ou=people,ou=appuser,dc=educ,dc=mde
changeTime: 20090518211551Z
changeType: modify
changes:: cmVwbGFjZTogb2JwYXNzd29yZGNoYW5nZWZsYWcKb2JwYXNzd29yZGNoYW5nZWZsYWc6IGZhbHNlCi0KcmVwbGFjZTogb2JwYXNzd29yZGNyZWF0aW9uZGF0ZQpvYnBhc3N3b3JkY3JlYXRpb25kYXRlOiAyMDA5LTA1LTE4VDIxOjE1OjUwWgotCnJlcGxhY2U6IG1vZGlmaWVyc05hbWUKbW9kaWZpZXJzTmFtZTogY249b2JsaXgKLQpyZXBsYWNlOiBtb2RpZnlUaW1lc3RhbXAKbW9kaW
Z5VGltZXN0YW1wOiAyMDA5MDUxODIxMTU1MFoKLQoA
creatorsname: cn=Retro Changelog Plugin,cn=plugins,cn=config
modifiersname: cn=Retro Changelog Plugin,cn=plugins,cn=config
createtimestamp: 20090518211551Z
modifytimestamp: 20090518211551Z
nsuniqueid: 081d2284-1dd211b2-80b380e1-7558dd15
parentid: 1
entryid: 666
entrydn: changenumber=665,cn=changelog
numsubordinates: 0
subschemasubentry: cn=schema
hassubordinates: FALSE
(2) Here is my synchronization policy for LDAP resource :-
o Object class to synchronize : inetorgperson mdeUser mdeAuthZ OblixPersonPwdPolicy OblixOrgPerson (Last four are custom object)
o Ldap Filter for account synchronize : objectClass=inetOrgPerson
o Attributes to synchronize : uid userPassword givenName sn cn mail telephoneNumber objectClass mdeApplicationId mdeRoleId
o change log block size : 100
o Change Number Attribute Name : 665
o Proxy Administrator : Configurator
o Input form : Tabbed : User Form
o Create Unmatched Accounts : yes
o Assign source resource on create events : yes
(3) The IDM log for synchronization shows the following detail for each polling :-
2009-05-18T17:20:00.069-0500: Pause completed
2009-05-18T17:20:00.131-0500: Polling
2009-05-18T17:20:00.209-0500: Start of poll - lastUpdated = {changenumber=266}
2009-05-18T17:20:00.209-0500: buildSearchParams:BEGIN
2009-05-18T17:20:00.209-0500: Block Size: 100
2009-05-18T17:20:00.209-0500: Change Number Attribute Name: 665
2009-05-18T17:20:00.209-0500: Searching for: (&(665>=267)(665<=366))
2009-05-18T17:20:00.209-0500: Search attributes: [targetdn, changetype, changes, changetime, changenumber, newrdn, deleteoldrdn, newsuperior]
2009-05-18T17:20:00.225-0500: buildSearchParams:END
2009-05-18T17:20:00.240-0500: End of poll - lastUpdated = {changenumber=266}
2009-05-18T17:20:00.240-0500: Poll complete.
2009-05-18T17:20:00.240-0500: SARunner: loop 1
2009-05-18T17:20:00.272-0500: Started, paused until Mon May 18 17:30:00 CDT 2009
Please help .....
- Kabi
Edited by: kpp on May 18, 2009 5:21 PM

Maybe something like this. Keep in mind, your LDAP may have specific rules for what really constitutes a Create, Update, or Delete.
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE Configuration PUBLIC 'waveset.dtd' 'waveset.dtd'>
<Configuration name='LDAP Active Sync Form' wstype='UserForm'>
     <Extension>
          <Form name='LDAP Active Sync Form' objectLocationID='objectType=UserForm&objectName=LDAP+Active+Sync+Form&objectPath=0&isBegin=true'>
               <Field name='IAPI.cancel'>
                    <Expansion>
                         <s>true</s>
                    </Expansion>
                    <Disable>
                         <isnull>
                              <select>
                                   <ref>activeSync.changedAttributes.accountType</ref>
                                   <ref>activeSync.accountType</ref>
                              </select>
                         </isnull>
                    </Disable>
               </Field>
               <Field name='password.password'>
                    <Expansion>
                         <s>TestPassword1</s>                              
                    </Expansion>
               </Field>
               <Field name='waveset.accountId'>
                    <Expansion>
                         <ref>activeSync.accountId</ref>
                    </Expansion>
                    <Disable>
                         <neq>
                              <upcase>
                                   <ref>feedOp</ref>
                              </upcase>
                              <upcase>
                                   <s>create</s>
                              </upcase>
                         </neq>
                    </Disable>
               </Field>
               <Field name='waveset.resources'>
                    <Expansion>
                         <list>
                              <s>LDAP_RESOURCE_NAME</s>
                         </list>
                    </Expansion>
                    <Disable>
                         <neq>
                              <upcase>
                                   <ref>feedOp</ref>
                              </upcase>
                              <upcase>
                                   <s>create</s>
                              </upcase>
                         </neq>
                    </Disable>
               </Field>
               <Field name='waveset.organization'>
                    <Expansion>
                         <s>Top:Something</s>
                    </Expansion>
                    <Disable>
                         <neq>
                              <upcase>
                                   <ref>feedOp</ref>
                              </upcase>
                              <upcase>
                                   <s>create</s>
                              </upcase>
                         </neq>
                    </Disable>
               </Field>
               <Field name='accounts[Lighthouse].email'>
                    <Expansion>
                         <ref>activeSync.mail</ref>
                    </Expansion>
               </Field>
               <Field name='global.idmManager'>
                    <Expansion>
                         <ref>activeSync.supervisor</ref>
                    </Expansion>
                    <Disable>
                         <neq>
                              <upcase>
                                   <ref>feedOp</ref>
                              </upcase>
                              <upcase>
                                   <s>create</s>
                              </upcase>
                         </neq>
                    </Disable>
               </Field>
               <Field name='waveset.idmManager'>
                    <Expansion>
                         <ref>global.idmManager</ref>
                    </Expansion>
                    <Disable>
                         <neq>
                              <upcase>
                                   <ref>feedOp</ref>
                              </upcase>
                              <upcase>
                                   <s>create</s>
                              </upcase>
                         </neq>
                    </Disable>
               </Field>
               <Field name='viewOptions.Process'>
                    <Expansion>
                         <switch>
                              <upcase>
                                   <ref>feedOp</ref>
                              </upcase>
                              <case>
                                   <s>CREATE</s>
                                   <s>Active Sync Create User Workflow</s>
                              </case>
                              <case>
                                   <s>UPDATE</s>
                                   <s>Active Sync Update User Workflow</s>
                              </case>
                              <case>
                                   <s>DELETE</s>
                                   <s>Active Sync Disable User Workflow</s>
                              </case>
                              <case default='true'>
                                   <null/>
                              </case>
                         </switch>
                    </Expansion>
               </Field>
          </Form>
     </Extension>
     <MemberObjectGroups>
          <ObjectRef type='ObjectGroup' id='#ID#Top' name='Top'/>
     </MemberObjectGroups>
</Configuration>

Similar Messages

  • Sun LDAP to SQL server provisiong

    I am a new to Sun IDM.
    I am planning to use Sun IDM for a simple provisioning requirement. We have all our external (yahoo, hotmail type) users in our sun LDAP and need to be synced (one way) to a sql server based on certain group type. So far from sun documentation I could figure out that I have to
    (1) switch on retro change log of source LDAP.
    (2) configure a active sync adapter.
    However, I am not sure where to start. I just configured the source LDAP as a resource and did a (full reconciliation) from it. Here are my questions.
    (1) should I configure the source LDAP user as "service Provider User " OR "Identity Manager User". Asking since, the users are outsider, not our employee.
    (2) After the "Load from Resource" operation I see list of accounts pulled from the LDAP. However, I don't see any other attributes other than userId (account Id) in the "List Account" page. do I have to customize the ../accout/List.jsp page ?
    (3) what are the next high level tasks to sync the changes to a sql server ?
    Thanks!

    Thank You Roman, Looks like I need some more spoon feedings to overcome the initial learning curve.
    I did what you suggested. Created two resources (Ldap & SQL Server). I could load the accounts from the LDAP resources. Now I wanted to do the followings:-
    (A) Load users from Ldap to Sql server based on the filter say "userAssociation=Finance", where 'userAssociatation' is custom attributes in the LDAP for the user object.
    (B) Continue the above said provisioning for all new users from Ldap.
    I tried to Edit "Synchronization Policy" for SQLServer resource. My question is,
    (1) Where in the "Edit synchronization policy" screen I can mention the rule "userAssociation=Finance" ?
    (2) I have enabled the "Retro Changelog Plugin" for the LDAP. Do I have to mention this somewhere for this Ldap to SQLServer provisioning ?
    Thanks!
    Kabi

  • IDsync 1.0 and DS5.2, deletion from AD not wrking in SUN LDAP

    Good day all,
    we were doing test on account creation account lock, so on and so forth, everything is working except the deletion from AD are not getting deleted in SUN LDAP.
    Anyone has the answer for that.
    Thank you in advance

    What happens when you set "block internet access" to always? I have also had weird experiences with this feature.
    For example, as I am typing this message, I have instructed the router to block all internet access on this computer (using parental controls), yet I am still able to visit this forum; although, other websites are blocked. I'll also try your rules and see what effect they have on my computer.
    I also agree with you about the annoying "network device" issue that happens when the router isn't able to identify the devices' hostnames. There are also devices that appear in that list, which haven't seen in my DHCP table for awhile.
    I don't work for Cisco. I'm just here to help.

  • Regarding Sun Java System Application Server Issue with JVM

    Regarding Sun Java System Application Server Issue with JVM
    Hi
    I have installed SJSAS9.1 on solaris system. I m trying to deploy war file which i compiled in windows enviorment by jdk1.5.0_05. Every time i got the following error :
    type Exception report
    message
    descriptionThe server encountered an internal error () that prevented it from fulfilling this request.
    exception
    org.apache.jasper.JasperException: PWC6033: Unable to compile class for JSP
    PWC6199: Generated servlet error:
    [javac] javac: invalid target release: 1.5
    [javac] Usage: javac
    [javac] where possible options include:
    [javac] -g Generate all debugging info
    [javac] -g:none Generate no debugging info
    [javac] -g:{lines,vars,source} Generate only some debugging info
    [javac] -nowarn Generate no warnings
    [javac] -verbose Output messages about what the compiler is doing
    [javac] -deprecation Output source locations where deprecated APIs are used
    [javac] -classpath Specify where to find user class files
    [javac] -sourcepath Specify where to find input source files
    [javac] -bootclasspath Override location of bootstrap class files
    [javac] -extdirs Override location of installed extensions
    [javac] -d Specify where to place generated class files
    [javac] -encoding Specify character encoding used by source files
    [javac] -source Provide source compatibility with specified release
    [javac] -target Generate class files for specific VM version
    [javac] -help Print a synopsis of standard options
    note The full stack traces of the exception and its root causes are available in the Sun Java System Application Server 9.1 logs.
    I have cheked jvm version on both system the only difference is :
    Solaris points to jdk 1.5.0_09
    Windows point to jdk1.5.0_05
    Even i tried to run blank jsp also but again i got the same error.
    Can any help me to sort out the problem or give me any idea so i can do something by my own.
    Thanks in Advance
    Gagan

    Do you have ANT installed and available?
    Thanks,
    Kedar

  • Unable to download Sun Java System Identity Synchronization for Windows

    Please any one can help me How can i download Sun Java System Identity Synchronization for Windows
    * Sun Java System Directory Server ---------------------able to download
    * Sun Java System Directory Proxy Server --------------able to download
    * Sun Java System Identity Synchronization for Windows-------------Not able to download
    * Sun Java System Directory Editor------------------------able to download
    * Sun Java System Directory Server Resource Kit------able to download
    Regards
    kamal

    ISW is already present in the 5.2p4 and 5.2p6 archives.
    dn: cn=pswsync,cn=plugins,cn=config
    objectClass: top
    objectClass: nsSlapdPlugin
    objectClass: ds-signedPlugin
    objectClass: extensibleObject
    cn: pswsync
    nsslapd-pluginPath: /export/home/abc/local/ds52p6/lib/psw-plugin.so
    nsslapd-pluginInitfunc: pswsync_init
    nsslapd-pluginType: preoperation
    nsslapd-pluginEnabled: off
    creatorsName: cn=server,cn=plugins,cn=config
    modifiersName: cn=server,cn=plugins,cn=config
    createTimestamp: 20090121011643Z
    modifyTimestamp: 20090121011643Z
    nsslapd-pluginId: Identity Sync for Windows
    nsslapd-pluginVersion: 5.2_Patch_6
    nsslapd-pluginVendor: Sun Microsystems, Inc.
    nsslapd-pluginDescription: Identity Synchronization for Windows Plug-In

  • WLM integration with SUN ldap

    Hi everyone,
    I cant integrate SUN LDAP with the WLM, I configured it as the manual says, I can authenticate the user, but when the user tries to checkout a task, I got the following exception:
    [#|2006-10-17T11:12:11.459-0400|SEVERE|IS5.1.1|javax.enterprise.system.container.web|_ThreadID=33; ThreadName=http18001-Processor4;|StandardWrapperValve[action]: Servlet.service() for servlet action threw exception
    com.stc.bpms.wlm.TaskException
         at com.stc.bpms.wlm.TaskManager.reserveTask(TaskManager.java:668)
         at com.stc.wlm.web.worklist.CheckoutAction.executeWLMAction(CheckoutAction.java:80)
         at com.stc.wlm.web.worklist.WLMAction.execute(WLMAction.java:49)
         at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:484)
         at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:274)
         at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
         at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:507)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:748)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:861)
         at sun.reflect.GeneratedMethodAccessor454.invoke(Unknown Source)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         at java.lang.reflect.Method.invoke(Method.java:585)
         at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:289)
         at java.security.AccessController.doPrivileged(Native Method)
         at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
         at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:318)
         at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:205)
         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:283)
         at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:102)
         at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:192)
         at java.security.AccessController.doPrivileged(Native Method)
         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
         at com.stc.wlm.web.worklist.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:89)
         at sun.reflect.GeneratedMethodAccessor455.invoke(Unknown Source)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         at java.lang.reflect.Method.invoke(Method.java:585)
         at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:289)
         at java.security.AccessController.doPrivileged(Native Method)
         at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
         at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:318)
         at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:261)
         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
         at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:102)
         at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:192)
         at java.security.AccessController.doPrivileged(Native Method)
         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
         at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:263)
         at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:156)
         at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:569)
         at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:261)
         at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:215)
         at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:156)
         at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:569)
         at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:200)
         at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:156)
         at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:180)
         at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:154)
         at com.sun.enterprise.webservice.EjbWebServiceValve.invoke(EjbWebServiceValve.java:134)
         at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:154)
         at com.sun.enterprise.security.web.SingleSignOn.invoke(SingleSignOn.java:272)
         at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:154)
         at com.sun.enterprise.web.VirtualServerValve.invoke(VirtualServerValve.java:209)
         at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:154)
         at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:569)
         at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:161)
         at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:156)
         at com.sun.enterprise.web.VirtualServerMappingValve.invoke(VirtualServerMappingValve.java:173)
         at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:154)
         at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:569)
         at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:979)
         at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:211)
         at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:692)
         at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:647)
         at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:589)
         at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:691)
         at java.lang.Thread.run(Thread.java:595)
    |#]
    Any idea? The doc is not clear about the attributes Manager, Subordinate, and email, I set them to Manager=manager, Subordinate=(any valid attribute, I use "secretary") and email=mail.
    thanks in advance,
    Edgar.

    Hi TE,
    These are the only lines that the LDAP log in the access.log:
    [27/Oct/2006:11:49:15 -0400] conn=36493 op=63 msgId=64 - SRCH base="" scope=0 filter="(objectClass=*)" attrs=ALL
    [27/Oct/2006:11:49:15 -0400] conn=36493 op=63 msgId=64 - RESULT err=0 tag=101 nentries=1 etime=0
    [27/Oct/2006:11:49:15 -0400] conn=36493 op=64 msgId=65 - SRCH base="ou=people,o=qoslabs,dc=lab" scope=1 filter="(uid=csagan)" attrs="manager"
    [27/Oct/2006:11:49:15 -0400] conn=36493 op=64 msgId=65 - RESULT err=0 tag=101 nentries=1 etime=0
    Any idea?
    Regards,
    Edgar Maya

  • Urgent: Please help: Trusted recon - Sun LDAP - timeout

    Hi Experts,
    I am doing trusted reconciliation with sun ldap using oim 11.1.1.5 bp4.
    LDAP system has around 3 lakh users. so i am planned to do trusted recon in 5 or 6 intervals to get around 50K records each time.
    i tested for 1000 users - no timeout is happening and all users are created perfectly using trusted recon
    when i run for 25K users, i am getting timeout excception below,
    1. It is searching and listing the users, (please chck time)
    recon.schedule.tasks.tcTskIPlanetUserReconciliation : countRecord() : Before search time: Tue Oct 09 13:24:41 KST 2012
    recon.schedule.tasks.tcTskIPlanetUserReconciliation : countRecord() : TotalRecords from LDAP: 22882
    recon.schedule.tasks.tcTskIPlanetUserReconciliation : countRecord() : After search time: Tue Oct 09 15:54:42 KST 2012
    2. Timeout exception
    recon.schedule.tasks.tcTskIPlanetUserReconciliation : pagingBatchingReconciliation() : The searchBase is: ou=XX,ou=XX,o=XX
    pagingBatchingReconciliation() : Problem searching directory: javax.naming.TimeLimitExceededException: [LDAP: error code 3 - Timelimit Exceeded]; Remaining name: ou=XX,ou=XX,o=XX
    In iPlanet User Truseted Recon I gave,
    Abandoned connection timeout - 108000 (seconds)
    Connection pooling supported - false
    Connection wait timeout - 60 (seconds)
    LDAP Connection TimeOut - 3000 (seconds)
    Inactive connection timeout - 60 (seconds)
    Above parameters are good for more than 25K users?
    Please help me...
    Thanks..

    They look good...
    Try to use Connection pooling too if possible...
    Abandoned connection timeout - 108000 (seconds)
    Connection pooling supported - true
    Connection wait timeout - 60 (seconds) --> Increase it to say 90 (seconds)
    LDAP Connection TimeOut - 3000 (seconds) --->
    Inactive connection timeout - 60 (seconds) --> Increase it to 600 (As the default value in the LDAP Server IT Resource Type Definition)
    Alternatively You can rather break your chunks in 20000 records because you are able to fetch 22882 records successfully....

  • Synchronization issues about FMS server side language!

    My FMS applicaiton(FMS4.5) use a Array on the main.asc ,
    anyone who connect to the server will change(remove/add) item of the Array,
    i'm worry about that if there is a synchronization issues with that?
    Is there any class i can use to lock/unlock the Array when i  modify the Array?
    THX!

    You can have synchronization issues. For using lock/unlock, you can use server side Shared Objects. For more details about Shared Object, check the below link:
    http://help.adobe.com/en_US/adobemediaserver/ssaslr/WS5b3ccc516d4fbf351e63e3d11a11afc95e-7 e63SSASLR.2.3.html

  • Advantaged of SUN LDAP Server over OID

    Hi all,
    Can any body tell me the use of SUN LDAP Server instead of Oracle Directory Server......What all advantages we have to use SUN LDAP Server instead of OID....
    Regards
    Kumar

    If no one tells you can assume there is no advantage, simple.

  • Are there any rough processes for Solaris administrator to setup Sun LDAP as nameing server at Sun sparc host? like: 1st: modify /etc/nfsswitch.nfs 2nd: add LDAP server in /etc/hosts. 3rd: ......

    Besides, can we install the LDAP server in sparc hosts as nameing system? Can we use Sun LDAP server or iPlanet Directory Server? or need BIND DNS server too?

    There is a nice book from Michael Haines and Tom Bialaski: "Solaris and LDAP Naming Services" which contains all you need to configure Directory Server, LDAP, Naming Switch...
    Ludovic.

  • Sun LDAP & Password

    Hi im just wondering about how password are stored in sun ldap.
    Now when I view a users password in the console it is encrypted, when i change the password it also gets encrypted which is fine.
    Now my question is for example if I am querying or adding new entries in LDAP from a vb.net script can I
    1) Compare a password entered by the user on my homepage to the encrypted password in ldap
    2) If i had a new entry with password from a .net page does this automatically get encrypted ?
    Thanks in advance

    Hi Jeremy,
    here the answers to your questions:
    >My question is which system takes precedence over the password policy?
    Unfortunately there is no policy verification between the portal and your Sun One LDAP. So if you reset the password from the portal then only the portal password policies can be checked.
    >  If I wanted to do password resets from the Portal, does the portal then store only the password in its database?
    No, the password will be stored in the LDAP, but only if it also corresponds with the LDAP policies. If not, then you will get an error, but you will not see the real LDAP exception.
    > Also what would then happen if you tried to reset the password from the LDAP?
    The password in the LDAP does not have to fit to the Portal password policies. When you log in, the portal will only check if the password you tipped in is the new one in LDAP and will not check any policies.
    Hope this brings some light in,
    Robert

  • Audio Video synchronization issues

    Hi,
    I have a video application that I am building - and
    previously I used FMS and TCP connections for video. Now expecting
    the latency to be much lesser with UDP, I implemented UDP in my
    application and stratus as the RTMFP capable server. I used the
    sample video phone application's tutorial do a simple sendStream
    and receiveStream for video.
    However, unlike the hosted sample application itself, my
    audio and video are completely out of synchronization - about 4
    secs!! I tried to look at the sample code to see if there were any
    special settings that were made. I could not find any.
    My questions:
    1. Did Adobe make any special tweaks in their hosted sample
    application? If so, what are they?
    2. Are there any known synchronization issues with using
    RTMFP connections for video?
    3. Does anyone else also face audio video synchronization
    issues?
    4. If none of the above is true, what do you think my
    mistakes are? Please let me know if I need to add more information
    to answer this question.
    Thanks in advance.
    Rohan

    with RTMFP, video and audio can go out of sync if the data
    rate of your stream exceeds your network capacity. video is
    currently sent with 100% reliability, so once it's queued for
    transmission, it's going to be sent (eventually). video is lower
    priority than audio, though, so your audio data gets first dibs on
    your network capacity. if the video stream's data rate is higher
    than what fits in your network (after audio), the video data will
    back up until its send buffer is filled, and new camera frames will
    stop getting captured. in the steady state, this can look like a
    multi-second offset between the video and audio.
    try turning your video rate/quality down so that it fits in
    your network capacity. video and audio should stay in sync.
    with RTMP, there's one network transmission buffer (TCP's)
    for all of the parts of your stream (audio & video). when you
    have insufficient network bandwidth, the TCP buffer will eventually
    fill up and video frames will stop being captured to compensate. so
    while audio and video might remain in sync, the total end-to-end
    latency will go up. when using RTMFP, the audio and video have
    independent transmission buffers, so in cases of insufficient
    network resources, the higher-priority audio should remain more
    timely but video may fall behind.
    -mike

  • Suns LDAP Pool and Multithreading

    I used Suns built in LDAP Pool for quite a while in a multithreaded environment. JDK 1.4.2_08, OpenLdap 2.1.19, Win32.
    Suddenly I have some trouble with it. All pools connections become busy and if that state is reached none is getting free anymore, which locks up my program. I've set the pools logging level to "all" with which I was able to observe how more and more connections get busy until the max connections limit is reached.
    I had had some trouble with the pool. The solution had been to close() each and every JNDI Resource I had requested (NamingEnumerations and Contexts). But now im clueless...
    Anyone who can help with some hints? Are there any rules to observe when using the pool in a multithreaded environment?
    Thanx,
    Peter

    Some more info:
    1. The problem can be reproduced on Java 1.5 and 1.6 (I tried 1.5.0_12 and 1.6.0_01).
    2. Method query() implemented using Netscape LDAP driver works correctly (number of established TCP connections does not exceed 30).
    3. I use Sun LDAP Directory Server 5.2.
    Marek

  • Outlook contacts synchronization issues

    I cannot modify a contact in Outlook which has been created for me by Beehive - I get an 'Oracle Beehive Extensions for Outlook, Synchronization Issue, Updating Contact <name>'.
    Beehive automatically created contacts, many of whom no longer work with Oracle (they were external contractors), or that I already had in my contacts. Now I have many contacts I don't want and I can't clean this up, since when I try, the next day they are all back again.
    I click on the link in the message and it says the cause is "Cannot move, update or delete a contact that was created automatically for the workspace.".
    - but I don't want any of these contacts.
    What can I do? - this getting Kafkaesque.

    as far I remember, you need to block / delete thus users from the messenger. This is the reason for sync. (in additonal you will receive all directs and pre-set user from the messenger automatically in outlook).
    I use an iPhone. what worked for me:
    - Killing the messenger,
    - creating a Outlook sub-folder in contacts ("iPhone").
    - Moved all my valuable contacts from a backup into this folder new folder.
    - set- iTunes to sync with the contacts sub-folder "iPhone"
    no more interference of the auto created users from beehive!
    This will not work on Blackberries and iPhone that use notifylink! In notifylink the sync folders are pre-set and cannot be modified by the user.
    With Rel 2, it is expected that you may make modifications to the auto created users. Wait till Rel 2 (which is expected to be rolled out sometime this calendar year).
    Hope this helps, Daniel

  • Updating Sun LDAP Server through custom create group forms

    Hi,
    we have requirement whererin we must create a create group form (custom form) and then update the new group details to the Sun LDAP server. After defining the LDAP Resource, how do I proceed in creating the resource object and configuring the same with the 'create group form ' for updating the necessary attributes in LDAP server.

    There is no way to perfrom LDAP authentication using our product without a mapped group. I haven't used it in a while but the Sun LDAP mamagement tools were very straight forward, creating users/groups issn't much trouble
    First creat the users and groups wherever in the direcotry, then in the group properties you must make the users members of the groups. Map the groups into BO and your done.
    If you wanted someone to setup both your LDAP directory and Business Objects typically a 3rd party professional service may be used. For configuring BO you can open a case with the authentication team in support if stuck. You could get some tips as most of our engineers have set up sun a few times for internal testing.
    Regards,
    Tim

Maybe you are looking for

  • Since I installed the new FF I have been having trouble with Yahoo and now the National Weather service site. What gives?

    I keep getting a FF is not responding message when I try to go to my in box on Yahoo. And now it did it when I tried to go to my local weather forecast. Can you help?

  • APSDaemon missing msvcr80.dll

    Two problems: 1. When booting up error message indicates that APSDaemon.exe is missing msvcr80.dll 2. unable to reinstall itunes for latest update. error message: "service apple mobile device failed to start. verify you have sufficient privilges to s

  • Nokia 5800 Firmware update V20

    Hi all , can anyone advise if this works with the phone as i keep hearing about system failure notice with the new version ? who has installed it on there phone and does it make any difference ?? Message Edited by 5800uk on 19-Feb-2009 05:47 PM

  • Apple Remote Desktop 3.0 and OS 10.6.8

    I purchased Apple Remote Desktop 3 several year ago when I was running 10.4.  Last year we got new computers and we are running 10.6.8 now. I tried to load Apple Remote onto my new computer, but it did not work.  It appeared to load, though very quic

  • Adobe Techcomm Suite 3

    I am using the adobe application manager to customize the installation. There i find the robohelp, framemaker ,captivate etc but no adobe acrobat pro but when i try installing the setup.exe i get the Adobe Acrobat Pro. The license i have will work wi