Tacacs user authentication not working

Similar Messages

• J2EE and user authentication not working

  Hi,
  has anyone gotten the basic/form based authentication to
  work in the latest version of the 9iAS?
  Oracle9iAS (9.0.2.0.0)
  I've read all the posts and articles from orionsupport.com
  BUT it still does not work.
  Support Folks from ORacle: Where is the latest documentation
  for the Server ???? Everything seems outdated??
  cheers,
  Vijay

  Hi,
  You can change User and password through SU01 through UME. and also read SNote:  Note 891614 - Login problems / Expired password
  Regards
  Thomas

• [svn] 1720: Bugs: LCDS-304 - Authentication not working in all cases when using security constraint with NIO endpoints .

  Revision: 1720
  Author: [email protected]
  Date: 2008-05-14 14:50:06 -0700 (Wed, 14 May 2008)
  Log Message:
  Bugs: LCDS-304 - Authentication not working in all cases when using security constraint with NIO endpoints.
  QA: Yes
  Doc: No
  Details:
  Update to the TomcatLoginCommand to work correctly with NIO endpoints.
  Ticket Links:
  http://bugs.adobe.com/jira/browse/LCDS-304
  Modified Paths:
  blazeds/branches/3.0.x/modules/opt/src/tomcat/flex/messaging/security/TomcatLoginCommand. java

  Revision: 1720
  Author: [email protected]
  Date: 2008-05-14 14:50:06 -0700 (Wed, 14 May 2008)
  Log Message:
  Bugs: LCDS-304 - Authentication not working in all cases when using security constraint with NIO endpoints.
  QA: Yes
  Doc: No
  Details:
  Update to the TomcatLoginCommand to work correctly with NIO endpoints.
  Ticket Links:
  http://bugs.adobe.com/jira/browse/LCDS-304
  Modified Paths:
  blazeds/branches/3.0.x/modules/opt/src/tomcat/flex/messaging/security/TomcatLoginCommand. java

• The Notification Center Yosemite primary user does not work in my Macbook pro and the other users if it works.

  The Notification Center Yosemite primary user does not work in my Macbook pro and the other users if it works. How can I fix it?

  The Notification Center Yosemite primary user does not work in my Macbook pro and the other users if it works. How can I fix it?

• SLD connection user/password not working.

  Hello friends,
  I am new bee in SAP Netweaver.
  I installed SAP Netweaver for java.
  Now I want to connect it with BAPI from SAP.
  so, some where i am sucked with SLD. I opened Visula Administrator and nothing there to connect.
  I also tried http://localhost:50000/sld but my user/password not working.
  1. What to do to see/get username/password for SLD?
  2. How to connect netweaver to access SAP ZBAPI?
  Regards,
  RH

  Hello friends,
  I am new bee in SAP Netweaver.
  I installed SAP Netweaver for java.
  Now I want to connect it with BAPI from SAP.
  so, some where i am sucked with SLD. I opened Visula Administrator and nothing there to connect.
  I also tried http://localhost:50000/sld but my user/password not working.
  1. What to do to see/get username/password for SLD?
  2. How to connect netweaver to access SAP ZBAPI?
  Regards,
  RH
  Hi Ronny.
  Where is your UME running? On the java engine, on an ABAP system or at a LDAP?
  What i want to say is that your user has to gain the rights to connect to the SLD. Easiest way is to give you admin rights - to do that you have to know where your userstore is running....
  I am not sure if this is correct http://localhost:50000/sld
  Normally it should look like http://my.sap.com/56600/sld where my.sap.com is a fqdn and 56600 is the port of the java engine. 66 ist the system number of the as java.
  ZBAPI? I do not really know but i think you have to use a jco to connect...
  regards,
  Martin

• TACACS Authentication not working with ASA

  I have an ACS 4.1 Windows server running TACACS. It si working on all devices within the enterprise except for one new ASA at a remote site. There is no NAT going on or anything and the ASA can ping the ACS box and the ACS box can ping the ASA.
  I added the configuration below but the authentication fails and no requests come to the ACS server
  aaa-server TACACS+ protocol tacacs+
  aaa-server TACACS+ host 10.x.x.x
  key password
  aaa authentication ssh console TACACS+ LOCAL
  aaa authentication enable console TACACS+ LOCAL
  aaa authentication http console TACACS+ LOCAL
  Any help would be greatly appreciated

  Please check shared secret key. Remember NDG key overwrites aaa client key.
  Make sure acs should have correct ip address of asa in network configuration.
  Do you see any hits on acs failed or passed attempts ? Also try increasing the tacacs timeout to 15 sec.

• Ldap authentication not working for Solaris 8 host - Help!

  Greetings folks,
  I just recently migrated a host to use LDAP authentication. The only difference between this host and the rest of the hosts in the environment that I've converted to use LDAP is that this one is running Solaris 8.
  Here's the steps I took to migrate it (though, I used the same steps for another Sol8 host in another environment and it works fine):
  ldapclient -P stg -d mydomain.com -D cn=proxyagent,ou=profile,dc=mydomain,dc=com -w secret 192.168.1.69
  My /etc/nsswitch.conf looks like this:
  passwd: files ldap
  group: files ldap
  My /etc/pam.conf looks like this:
  login auth requisite pam_authtok_get.so.1
  login auth required pam_dhkeys.so.1
  login auth sufficient pam_unix_auth.so.1
  login auth required pam_ldap.so.1
  sshd auth requisite pam_authtok_get.so.1
  sshd auth sufficient pam_unix_auth.so.1
  sshd auth required pam_ldap.so.1
  other auth requisite pam_authtok_get.so.1
  other auth required pam_dhkeys.so.1
  other auth sufficient pam_unix_auth.so.1
  other auth required pam_ldap.so.1
  passwd auth sufficient pam_passwd_auth.so.1
  passwd auth required pam_ldap.so.1
  I've also cleared out the local user accounts for my human users, so there aren't any more passwd or shadow entries (yes, I ran pwconv). I also cleaned out the /etc/group entries for the same users. The machine appears to be configured properly, because I can run various DS commands that indicate this:
  hostname# getent passwd user1
  user1::1001:1001:User 1:/opt/home/user1:/bin/bash
  hostname# ldaplist -l passwd user1
  dn: uid=user1,ou=people,dc=mydomain,dc=com
  shadowFlag: 0
  userPassword: {crypt}(removed)
  uid: user1
  objectClass: posixAccount
  objectClass: shadowAccount
  objectClass: account
  objectClass: top
  cn: user1
  uidNumber: 1001
  gidNumber: 1001
  gecos: User 1
  homeDirectory: /opt/home/user1
  loginShell: /bin/bash
  However, in the end, actual logins to this host fail via ssh. Snooping the traffic reveals that all the right info is being handed back to the client, including the crypt'ed password hash, uid, etc. just like I see with other hosts that work.
  Any ideas?
  Thanks!
  Patrick

  I assume you have applied lastest kernel patch and 108993 to this Solaris8 machine, and its nss_ldap.so.1 and pam_ldap.so.1 are the same as the other Solaris8 LDAP clients that are working for ssh via LDAP auth.
  1) Please replace "objectClass: account" with "objectClass: person", I know SUN ONE DS5.2 likes "person".
  2) Did you test and verify telnet/ftp/su working? but SSH not working?
  3) If telnet/ftp/su all worked, and SSH (SUN-SSH or OpenSSH), make sure you have "UsePAM yes" in sshd_config and restart sshd.
  4) It is not a must I think but normally I will add "shadow: files ldap" to /etc/nsswitch.conf, restart nscd after that.
  5) Whenever ldapclient command is run and ldap_cachemgr is restarted, I usually also restart nscd and sshd after that, if not testing result may not be accurate as nscd is still remembering OLD stuffs cached which could be very misleading.
  6) You may use "ssh -v userid@localhost" to watch the SSH communications, on top of your usual "snoop"ing of network packets.
  7) Use the sample pam.conf that is meant for pam_ldap from Solaris 10 system admin guide with all the pam_unix_cred.so.1 lines commented out. This works for me, there is no sshd defintions as it will follow "other".
  http://docs.sun.com/app/docs/doc/816-4556/6maort2te?a=view
  Gary

• Webserver 7 - Keyfile DB authentication - NOT working

  Hello All,
  I have installed Webserver 7.0 on a windows 2000 server machine.
  Everything works fine except the keyfile / user authentication.
  I want to restrict web access of specific folders (URI) to specific users.
  here's what I did;
  1- removed the already created keyfile DB.
  2- created another db (called it authdb). It is a basic keyfile DB, not digest.
  3- created a user, called it user1 and specified a password.
  4- created an ACI below the default and es-internal to Allow all access rights to 'user1' on the URI /folder1 ... from anyplace and continue is enabled.
  when I try to access a file inside that folder xx.xx.xx.xx/folder1/file.zip; I am being asked to authenticate (as expected), and when I do (using user1 and the password I already set), the authentication fails...
  Any ideas?
  Here's all I can see the logs:
  =====
       security      
  [NSACL4340] HTTP5096: ACL_GetAttribute: All attribute getters declined for attr "user" [NSACL4340] HTTP5096: ACL_GetAttribute: All attribute getters declined for attr "isvalid-password" [NSACL6000] HTTP5239: default is not a registered database [NSACL6000] HTTP5239: default is not a registered database
  28/Jun/2007:15:36:09      security      for host 192.168.x.x trying to GET /folder1/, acl-state reports: HTTP5187: access of c:/program files/sun/webserver7/https-vault/docs/folder1/ denied because evaluation of ACL default directive 2 failed
  =====
  Second paragraph looks normal since I could not authenticate.
  Thanks in advance for any help.

  Assuming "authdb" is the name of auth-db you just created and you have created a file of the name "myauthdb" in config directory. server.xml should look like :
  <default-auth-db-name>authdb</default-auth-db-name>
    <auth-db>
      <name>authdb</name>
      <url>file</url>
      <property>
        <name>syntax</name>
        <value>keyfile</value>
      </property>
      <property>
        <name>keyfile</name>
        <value>myauthdb</value>
      </property>
    </auth-db>default.acl should look like:
  version 3.0;
  acl "default";
  authenticate (user, group) {
    prompt = "Sun Java System Web Server";
  allow (read, execute, info) user = "anyone";
  allow (list, write, delete) user = "all";
  acl "es-internal";
  allow (read, execute, info) user = "anyone";
  deny (list, write, delete) user = "anyone";
  acl "uri=/folder1";
  deny (all) user="anyone";
  allow (all) user="user1";Instead of making authdb the default authdb, you can also (optionally) add ACL in the following way :
  acl "uri=/folder1";
  authenticate (user, group) {
    prompt = "Sun Java System Web Server";
    database = "authdb";
  deny (all) user="anyone";
  allow (all) user="user1";

• Kerberos Authentication Not Working on OS X 10.6

  Using FF version 20.0, on OS X 10.6.8, I can not get it to use Kerberos authentication to allow SSO to a SharePoint web site.
  On OS X 10.8, with the same configuration in the about:config, everything works fine - the user is not prompted for credentials.
  I have put the necessary entires in network.negotiate-auth.delegation-uris and network.automatic-ntlm-auth.trusted-uris, network.negotiate-auth.gsslib is set to true.
  When I have setup to log the errors from the authentication module, I find in the log file "Fail to load gssapi library".
  Interestingly on 10.8, when I start Firefox from the command line the Kerberos authentication does not work. When I start it via the icon, it does. What is the difference? Are the preferences not being loaded when launching via the command line?
  Thanks for any help,
  Richard

  Found the solution:
  Was a combination of kinit being run on login (apparently a known 10.6 bug). Our Mac team were able to alter the appropriate plist file so that this does happen on login.
  We also had to add an extra SPN for the actual server, as well as the DNS name of the SharePoint site we were trying to access with Kerberos authentication - although this may have something to do with using host-named site collections at the SharePoint end.
  Main problem was the kinit thing though.

• Kerberos / GSSAPI authentication not working in Mail.app

  I am using Kerberos with a Debian server on which is running the MIT KDC, Cyrus imapd, and sendmail. I have been using Kerberos authentication with Mail.app in this environment for some time, under Tiger. I just upgraded to Leopard, and it no longer works. The problem is simple: the Mail.app IMAP conversation goes like this:
  OK sequoia Cyrus IMAP4 v2.1.18-IPv6-Debian-2.1.18-5.1 server ready
  1.11 CAPABILITY
  * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDP LUS ID NOATOMICRENAME UNSELECT CHILDREN MULTIAPPEND SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS AUTH=GSSAPI AUTH=CRAM-MD5 AUTH=DIGEST-MD5 AUTH=NTLM ANNOTATEMORE
  1.11 OK Completed
  2.11 AUTHENTICATE GSSAPI
  +
  2.11 NO authentication failure
  Mail.app simply sends an empty GSSAPI message. This problem does not appear to be in the Kerberos libraries or endemic to Apple's apps in general, since Kerberos authentication still works in both SSH and WebDAV. This appears to be a Mail.app bug.
  - Richard Silverman

  Have you found any work around? I'm having exactly the same problem.
  As you say, kerberos in general seems okay -- not only does GSSAPI work fine for other programs, it even works correctly for ThunderBird running under 10.5. Meanwhile Mail.app doesn't even try to fetch service tickets, nor does it use them if something else already has.
  I've tried everything I can think of -- using the real A/PTR hostname instead of the CNAME, adding a user with a principal name that matches my username, hard-coding kerberos settings into the config file rather than relying on DNS -- but nothing makes Mail.app even try to use GSSAPI for IMAP or SMTP.

• RTSP using authentication not working in Quicktime 7 Pro

  Hello I upgraded Quicktime 7 to Quicktime Pro in order to stream a video camera feed using RTSP string.  If I use rtsp://ip_number/cam/realmonitor?channel=0&subtype=0 it will prompt me for the password.  I then enter the password and see the video in a couple of seconds.  But if I use the string with user authentication rtsp://user:password@ip_number/cam/realmonitor?channel=0&subtype=0 Quicktime says that it cannot connect to the server.  I need to get this to work in order to use another program in a project I am doing, but I can't get past this step.  Any suggestions?  The rtsp string with the password works in VLC player, but the program I am using needs Quicktime 7 because I save the video as a reference file.

  Anybody from Apple support thier own product?
  This is a peer-to-peer forum. Have you brought this problem to Apple's attention? If not, then use the QT Product Feedback form provided: QuickTime
  To provide product feedback for other Apple products, use this page to select specific products: Product Feedback

• Wireless with PEAP Authentication not working using new NPS server

  All,
  We are planning to migrate from our old IAS server to new NPS server. We are testing the new NPS server with our wireless infrastructure using WISM. We are using PEAP with server Cert for authentication. For testing purpose we are doing user authentication but our goal is to do machine authentication. On client side we are using Windows XP, Windows 7 & iPAD’s
  I believe I have configured the NPS & CA server as per the documents I found on Cisco support forum & Microsoft’s site.
  But it is not working for me. I am getting the following error message on the NPS server.
  Error # 1
  =======
  Cryptographic operation.
  Subject:
              Security ID:                 SYSTEM
              Account Name:                       MADXXX
              Account Domain:                    AD
              Logon ID:                    0x3e7
  Cryptographic Parameters:
              Provider Name:          Microsoft Software Key Storage Provider
              Algorithm Name:         RSA
              Key Name:      XXX-Wireless-NPS
              Key Type:       Machine key.
  Cryptographic Operation:
              Operation:       Decrypt.
              Return Code:  0x80090010
  Error # 2
  ======
  An error occurred during the Network Policy Server use of the Extensible Authentication Protocol (EAP). Check EAP log files for EAP errors.
  I was wondering if anyone has any insight on what is going on.
  Thanks, Ds

  Scott,
  I have disabled MS-CHAP v1 & only MS-CHAP v2 is enabled on Network Policies > Constraints.
  I  disabled validate Certificate on Windows 7 and tried to authenticate, it is still failing. Here is the output from the event viewer:
  Cryptographic operation.
  Subject:
  Security ID: SYSTEM
  Account Name: MADHFSVNPSPI01$
  Account Domain: AD
  Logon ID: 0x3e7
  Cryptographic Parameters:
  Provider Name: Microsoft Software Key Storage Provider
  Algorithm Name: RSA
  Key Name: DOT-Wireless-NPS
  Key Type: Machine key.
  Cryptographic Operation:
  Operation: Decrypt.
  Return Code: 0x80090010
  Network Policy Server denied access to a user.
  Contact the Network Policy Server administrator for more information.
  User:
  Security ID: AD\mscdzs
  Account Name: AD\mscdzs
  Account Domain: AD
  Fully Qualified Account Name: AD\mscdzs
  Client Machine:
  Security ID: NULL SID
  Account Name: -
  Fully Qualified Account Name: -
  OS-Version: -
  Called Station Identifier: 64-ae-0c-00-de-f0:DOT
  Calling Station Identifier: a0-88-b4-e2-79-cc
  NAS:
  NAS IPv4 Address: 130.47.128.7
  NAS IPv6 Address: -
  NAS Identifier: WISM2B
  NAS Port-Type: Wireless - IEEE 802.11
  NAS Port: 29
  RADIUS Client:
  Client Friendly Name: WISM2B
  Client IP Address: 130.47.128.7
  Authentication Details:
  Connection Request Policy Name: Secure Wireless Connections
  Network Policy Name: Secure Wireless Connections
  Authentication Provider: Windows
  Authentication Server: MADHFSVNPSPI01.AD.DOT.STATE.WI.US
  Authentication Type: PEAP
  EAP Type: -
  Account Session Identifier: -
  Logging Results: Accounting information was written to the local log file.
  Reason Code: 23
  Reason: An error occurred during the Network Policy Server use of the Extensible Authentication Protocol (EAP). Check EAP log files for EAP errors.
  Attached are EAP logs & debug logs from the controller.
  Thanks for all the help. I really appreciate.

• Change User password not working in SAP ME 6.0

  Hi,
  In SAP ME 6.0 SP01 6.0.1.0 Counter 40, the activity "Change User Password" does not work for me or any other user.
  The activity window (Netweaver) shows, but in the top it says "An error occurred - contact system administrator".
  This is the output from the default trace file. Seems my user is not authorized, but where do I set this authorization?
  Br,
  Johan
  #2.0 #2011 09 06 11:15:11:064#+0200#Error#com.sap.security.core.wd.jmxmodel.JmxModelComp#
  #BC-JAS-SEC-UME#sap.com/tcsecumewduimodel#C0000AD3034800820000000100000450#9934850000000004#sap.com/tcsecumewdkit#com.sap.security.core.wd.jmxmodel.JmxModelComp#JONORD#16##380199ECD86811E088C3000000979802#ae0e9d52d86811e08e7a000000979802#ae0e9d52d86811e08e7a000000979802#0#Thread[HTTP Worker [@312363456],5,Dedicated_Application_Thread]#Plain##
  public void supplyCompany(IPrivateJmxModelCompInterface.ICompanyNode node, IPrivateJmxModelCompInterface.IContextElement parentElement)
  [EXCEPTION]
  com.sap.engine.services.jmx.exception.JmxSecurityException: Caller JONORD not authorized, required permission missing (javax.management.MBeanPermission -\#getCompanyConceptEnabled[:SAP_J2EECluster="",j2eeType=UmeJmxServer,name=IJmxServer] invoke)
       at com.sap.engine.services.jmx.auth.UmeAuthorization.checkMBeanPermission(UmeAuthorization.java:100)
       at com.sap.engine.services.jmx.JmxServerFrame.checkMBeanPermission(JmxServerFrame.java:101)
       at com.sap.engine.services.jmx.MBeanServerSecurityWrapper.checkMBeanPermission(MBeanServerSecurityWrapper.java:438)
       at com.sap.engine.services.jmx.MBeanServerSecurityWrapper.invoke(MBeanServerSecurityWrapper.java:288)
       at com.sap.engine.services.jmx.ClusterInterceptor.invoke(ClusterInterceptor.java:813)
       at com.sap.pj.jmx.server.interceptor.MBeanServerInterceptorChain.invoke(MBeanServerInterceptorChain.java:367)
       at com.sap.security.core.jmx._gen.IJmxServer$Impl.getCompanyConceptEnabled(IJmxServer.java:1415)
       at com.sap.security.core.wd.jmxmodel.JmxModelCompInterface.supplyCompany(JmxModelCompInterface.java:1498)
       at com.sap.security.core.wd.jmxmodel.wdp.InternalJmxModelCompInterface.supplyCompany(InternalJmxModelCompInterface.java:710)
       at com.sap.security.core.wd.jmxmodel.wdp.IPublicJmxModelCompInterface$ICompanyNode.doSupplyElements(IPublicJmxModelCompInterface.java:4301)
       at com.sap.tc.webdynpro.progmodel.context.DataNode.supplyElements(DataNode.java:110)
       at com.sap.tc.webdynpro.progmodel.context.Node.getElementListAsObject(Node.java:263)
       at com.sap.tc.webdynpro.progmodel.context.MappedNode.createMappedElementList(MappedNode.java:78)
       at com.sap.tc.webdynpro.progmodel.context.MappedNode.supplyElements(MappedNode.java:71)
       at com.sap.tc.webdynpro.progmodel.context.Node.getElementListAsObject(Node.java:263)
       at com.sap.tc.webdynpro.progmodel.context.MappedNode.createMappedElementList(MappedNode.java:78)
       at com.sap.tc.webdynpro.progmodel.context.MappedNode.supplyElements(MappedNode.java:71)
       at com.sap.tc.webdynpro.progmodel.context.Node.getElementListAsObject(Node.java:263)
       at com.sap.tc.webdynpro.progmodel.context.Node.getElements(Node.java:270)

  Hi,
  Change User Password screen is in fact user self services screen of NW UME and to access it, user must have Manage_My_Password action. Installation and Security Guide ask to assign this action to all roles.

• OOTB create user is not working for AD

  Hi,
  While creating the user am getting the following error.
  [6/1/11 0:33:28:153 EDT] 00000037 SystemOut O DEBUG,01 Jun 2011 00:33:28,153,[XELLERATE.ADAPTERS],Class/Method: tcAdpEvent/getRunTimeVariableMappings - Data: adv name - Value: PasswordNeverExpires
  [6/1/11 0:33:28:153 EDT] 00000037 SystemOut O DEBUG,01 Jun 2011 00:33:28,153,[XELLERATE.ADAPTERS],Class/Method: tcAdpEvent/getRunTimeVariableMappings left.
  [6/1/11 0:33:28:153 EDT] 00000037 SystemOut O DEBUG,01 Jun 2011 00:33:28,153,[XELLERATE.ADAPTERS],Class/Method: tcAdpEvent/getRunTimeValue - Data: Variable Name - Value: PasswordNeverExpires
  [6/1/11 0:33:28:153 EDT] 00000037 SystemOut O DEBUG,01 Jun 2011 00:33:28,153,[XELLERATE.ADAPTERS],Class/Method: tcAdpEvent/getRunTimeValue - Data: MapTo - Value: Process Data
  [6/1/11 0:33:28:153 EDT] 00000037 SystemOut O DEBUG,01 Jun 2011 00:33:28,153,[XELLERATE.ADAPTERS],Class/Method: tcAdpEvent/getRunTimeValue - Data: sMapQualifier - Value: Password never expires
  [6/1/11 0:33:28:153 EDT] 00000037 SystemOut O DEBUG,01 Jun 2011 00:33:28,153,[XELLERATE.ADAPTERS],Class/Method: tcAdpEvent/getRunTimeValue - Data: sMapValue - Value: UD_ADBURG_NEVER
  [6/1/11 0:33:28:153 EDT] 00000037 SystemOut O DEBUG,01 Jun 2011 00:33:28,153,[XELLERATE.ADAPTERS],Class/Method: tcAdpEvent/getRunTimeValue - Data: sVarDataType - Value: Boolean
  [6/1/11 0:33:28:153 EDT] 00000037 SystemOut O DEBUG,01 Jun 2011 00:33:28,153,[XELLERATE.ADAPTERS],Class/Method: tcAdpEvent/getRunTimeValue - Data: sMapOldValue - Value: 0
  [6/1/11 0:33:28:153 EDT] 00000037 SystemOut O DEBUG,01 Jun 2011 00:33:28,153,[XELLERATE.ADAPTERS],Class/Method: tcAdpEvent/getRunTimeValue - Data: sMapChildTableName - Value:
  [6/1/11 0:33:28:153 EDT] 00000037 SystemOut O DEBUG,01 Jun 2011 00:33:28,153,[XELLERATE.ADAPTERS],Class/Method: tcAdpEvent/getDataSetFieldValue entered.
  [6/1/11 0:33:28:153 EDT] 00000037 SystemOut O DEBUG,01 Jun 2011 00:33:28,153,[XELLERATE.ADAPTERS],Class/Method: tcAdpEvent/getDataSetFieldValue - Data: psFieldName - Value: UD_ADBURG_NEVER
  [6/1/11 0:33:28:153 EDT] 00000037 SystemOut O DEBUG,01 Jun 2011 00:33:28,153,[XELLERATE.ADAPTERS],Class/Method: tcAdpEvent/getDataSetFieldValue - Data: psMapSourceDataType - Value: Boolean
  [6/1/11 0:33:28:153 EDT] 00000037 SystemOut O DEBUG,01 Jun 2011 00:33:28,153,[XELLERATE.ADAPTERS],tcAdpEvent/getDataSetFieldValue poDataSet is null
  [6/1/11 0:33:28:157 EDT] 00000037 SystemOut O DEBUG,01 Jun 2011 00:33:28,157,[XELLERATE.ADAPTERS],Class/Method: tcAdpEvent/updateSchItem entered.
  [6/1/11 0:33:28:157 EDT] 00000037 SystemOut O DEBUG,01 Jun 2011 00:33:28,157,[XELLERATE.ADAPTERS],Class/Method: tcAdpEvent/updateSchItem - Data: event - Value: adpADCSCREATEUSER
  [6/1/11 0:33:28:157 EDT] 00000037 SystemOut O DEBUG,01 Jun 2011 00:33:28,157,[XELLERATE.ADAPTERS],Class/Method: tcAdpEvent/updateSchItem - Data: New Status - Value: R
  [6/1/11 0:33:28:157 EDT] 00000037 SystemOut O DEBUG,01 Jun 2011 00:33:28,157,[XELLERATE.ADAPTERS],Class/Method: tcAdpEvent/updateSchItem - Data: SchData - Value: {2}
  *[6/1/11 0:33:28:157 EDT] 00000037 SystemOut O DEBUG,01 Jun 2011 00:33:28,157,[XELLERATE.ADAPTERS],Class/Method: tcAdpEvent/updateSchItem - Data: Reason - Value: Exception java.lang.NullPointerException was thrown in adapter "ADCS Create User". The Adapter Response was "null"*
  NOTE:
  Am creating user through the access policy, it throwing the above error for auto provisioning…
  IF open (edit) process form of AD and click on save (w/o changing the process data) and retrying the crate user task it working .
  Advance Thanks..

  This is typically the result of the checkboxes on the form. You need to give a default value of 0 or 1 either using the Default option, or prepopulate. If you do not fill this in, when the form is completed through auto-save, it will have a null value.
  -Kevin

• User presets not working after LR5 upgrade

  Just updated from LR3 to LR5 and my user presets are not working. They are visible, but do not do anything when clicked. How do I fix this?

  We have found the same thing. Patch 5 and 7 did not fix the problem. We even got a preliminary patch 8 that did not fix the problem.
  We're still hoping for an EBF.