To use UME with OpenLDAP
Hello everybody,
i have some problems.
My initial position:
Installed dual stack SAP NetWeaver Portal 2004s
--> Datasource for UME: ABAP-System
Installed OpenLDAP
Have anybody some guidelines for the configuration a UME with LDAP.
I had read all SAP help entries. Not so helpful.
I couldnt change DataSource, i dont know why ;-(
Please help
rene
Hi,
If you are using SAP Web AS ABAP User Management as datasource, you cannot change to any other data source configuration. For details, see SAP Note [718383|https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/oss_notes/sdn_oss_bc_jas/~form/handler].
http://help.sap.com/saphelp_nw04/helpdata/en/49/9dd53f779c4e21e10000000a1550b0/frameset.htm
Regards,
Praveen Gudapati
Similar Messages
-
Hi Experts,
I've installed Portal sneak preview which is 7.0 SP9 in my Desktop and at the moment i'm using Web AS database is the user storage for portal.
Now wanted to change the user storage to any ldap (for windows) server and wanted to look at the working scenario.
Now ..
1. Which is the recommended LDAP server for windows, to the above scenarion
2. Can i use LDAP is the user storage for sneak preview versions.
3. Any useful documents to achieve this.
4. Please remeber i'm on Windows XP.
Please leave your valuable suggestions
Thanks,
Lokesh.Hi,
Hi Experts,
I've installed Portal sneak preview which is 7.0 SP9 in my Desktop and at the moment i'm using Web AS database is the user storage for portal.
Now wanted to change the user storage to any ldap (for windows) server and wanted to look at the working scenario.
Now ..
1. Which is the recommended LDAP server for windows, to the above scenarion
I guess on Windows the best choice is ADS. If I get your requirement correctly you want to install a local LDAP Server on your machine correct? I don't know if it is possible to install ADS standalone on Win XP. In general you can use any LDAP Server so you should be able to get it working even with openLDAP if you are fimiliar with the LDAP protocol. I think openLDAP is not supported by SAP so maybe you should try something like SUN Directory Server (You can download a trial from the SUN Website). There is a version for Windows and it works without problems on WIN XP (I've tried a couple of times)
2. Can i use LDAP is the user storage for sneak preview versions.
I bet you can. You just have to choose the appropriate XML-File for UME Userstore that supports LDAP as UME and it should work.I've not tried with trial version but I think there are no limitations in the trial version regarding UME configuration.
3. Any useful documents to achieve this.
Check these out:
http://help.sap.com/saphelp_nw70/helpdata/EN/63/14f5b51a6eff429f2d8b2063400e82/frameset.htm
http://help.sap.com/saphelp_nw70/helpdata/EN/48/d1d13f7fb44c21e10000000a1550b0/frameset.htm
http://help.sap.com/saphelp_nw70/helpdata/EN/37/cfd93f130f9115e10000000a155106/frameset.htm
All you have to take care of is to choose the appropriate hierarchy supported by UME to store your user information within your directory (all this is described in the pages linked above)
4. Please remeber i'm on Windows XP.
I do
I hope this helps
Cheers -
Jabber for iPhone 9.6 Integration with OpenLDAP
Hi everyone! i just found an issue when try to integrated jabber for iphone version 9.6 with OpenLDAP that seem like not working and want to describe my environment as below.
Using BE6K 9.1 includes,
- CUCM 9.1.2
- IM&Presense 9.1
- Jabber for Window 9.6 integrate with OpenLDAP using EDI on jabber-config.xml is working properly.
- Jabber for iPhone 9.6 integrate with OpenLDAP using BDI on jabber-config.xml not working(cannot lookup)
- Jabber Voice for iPhone and Android can integrate with OpenLDAP which configure in phone configuration
- Both of Jabber can't access the photo in OpenLDAP with "jpegPhoto" attribute.
By the way im also included jabber-config.xml files for further troubleshooting. Another question, is it possible to include EDI and BDI for working together in one jabber-config.xml file
One another file is jabber for iphone log when im trying to search "anu" word in searching box
-- 2557-02-02 20:48:06.045 DEBUG [3d8d018c] - sidebar search, string is : a <------ started from this line in my log file for easier troubleshooting.
If you need more log or any files for troubleshoot just tell me. Thanks for reading!.
<Jabber-config.xml>
<?xml version="1.0" encoding="utf-8"?>
<config version="1.0">
<Directory>
<DirectoryServerType>BDI</DirectoryServerType>
<BDILDAPServerType>OpenLDAP</BDILDAPServerType>
<BDIPrimaryServerName>10.0.1.11</BDIPrimaryServerName>
<BDIServerPort1>389</BDIServerPort1>
<BDIConnectionUsername>cn=xxx,dc=xxxx,dc=xx,dc=xx</BDIConnectionUsername>
<BDIConnectionPassword>xxxxxxxBDIConnectionPassword>
<BDIUseJabberCredentials>false</BDIUseJabberCredentials>
<BDIEnableTLS>false</BDIEnableTLS>
<BDIPredictiveSearchFilter>uid</BDIPredictiveSearchFilter>
<BDIUserAccountName>uid</BDIUserAccountName>
<BDIBaseFilter>(&(objectClass=inetOrgPerson)</BDIBaseFilter>
<BDISearchBase1>ou=users, dc=xxxx,dc=xx,dc=xx</BDISearchBase1>
<BDIUseANR>false</BDIUseANR>
<ConnectionType>1</ConnectionType>
<PrimaryServerName>10.0.1.11</PrimaryServerName>
<UseWindowsCredentials>0</UseWindowsCredentials>
<UseSecureConnection>0</UseSecureConnection>
<SearchBase1>ou=users, dc=xxx,dc=xx,dc=xx</SearchBase1>
<UserAccountName>uid</UserAccountName>
<BaseFilter>(&(objectClass=inetOrgPerson)</BaseFilter>
<PredictiveSearchFilter>uid</PredictiveSearchFilter>
<ConnectionUsername>cn=xxxx,dc=xxx,dc=xx,dc=xx</ConnectionUsername>
<ConnectionPassword>xxxxxx</ConnectionPassword>
<PhotoSource>jpegPhoto</PhotoSource>
</Directory>
</config>Hi noom_ekkalak ,
Thanks for your answer!
I have specific LDAP parameter in TCT phone configuration as you say, then try to connect the "Directory" setting in Jabber Voice, but it didn't work . i just get the error “Unable to verify account” all the time. :(
Besides this ,is there anything i need to specific? How did you specific Jabber Voice "Directory" parameter?
Thank you! -
Problem with OpenLDAP and JNDI
I'm having problem working with OpenLDAP and JNDI.
First I have changed LDAP's slapd.conf file:
suffix "dc=antipodes,dc=com"
rootdn cn=Manager,dc=antipodes,dc=com
directory "C:/Program Files/OpenLDAP/data"
rootpw secret
schemacheck offthan i used code below, to create root context:
package test;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.naming.NameAlreadyBoundException;
import javax.naming.directory.*;
import java.util.*;
public class MakeRoot {
final static String ldapServerName = "localhost";
final static String rootdn = "cn=Manager,dc=antipodes,dc=com";
final static String rootpass = "secret";
final static String rootContext = "dc=antipodes,dc=com";
public static void main( String[] args ) {
// set up environment to access the server
Properties env = new Properties();
env.put( Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory" );
env.put( Context.PROVIDER_URL, "ldap://" + ldapServerName + "/" );
env.put( Context.SECURITY_PRINCIPAL, rootdn );
env.put( Context.SECURITY_CREDENTIALS, rootpass );
try {
// obtain initial directory context using the environment
DirContext ctx = new InitialDirContext( env );
// now, create the root context, which is just a subcontext
// of this initial directory context.
ctx.createSubcontext( rootContext );
} catch ( NameAlreadyBoundException nabe ) {
System.err.println( rootContext + " has already been bound!" );
} catch ( Exception e ) {
System.err.println( e );
}this worked fine, I could see that by using "LDAP Browser/Editor".
and then I tried to create group with code:
package test;
import java.util.Hashtable;
import javax.naming.*;
import javax.naming.ldap.*;
import javax.naming.directory.*;
public class MakeGroup
public static void main (String[] args)
Hashtable env = new Hashtable();
String adminName = "cn=Manager,dc=antipodes,dc=com";
String adminPassword = "secret";
String ldapURL = "ldap://127.0.0.1:389";
String groupName = "CN=Evolution,OU=Research,DC=antipodes,DC=com";
env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
//set security credentials, note using simple cleartext authentication
env.put(Context.SECURITY_AUTHENTICATION,"simple");
env.put(Context.SECURITY_PRINCIPAL,adminName);
env.put(Context.SECURITY_CREDENTIALS,adminPassword);
//connect to my domain controller
env.put(Context.PROVIDER_URL,ldapURL);
try {
// Create the initial directory context
LdapContext ctx = new InitialLdapContext(env,null);
// Create attributes to be associated with the new group
Attributes attrs = new BasicAttributes(true);
attrs.put("objectClass","group");
attrs.put("samAccountName","Evolution");
attrs.put("cn","Evolution");
attrs.put("description","Evolutionary Theorists");
//group types from IAds.h
int ADS_GROUP_TYPE_GLOBAL_GROUP = 0x0002;
int ADS_GROUP_TYPE_DOMAIN_LOCAL_GROUP = 0x0004;
int ADS_GROUP_TYPE_LOCAL_GROUP = 0x0004;
int ADS_GROUP_TYPE_UNIVERSAL_GROUP = 0x0008;
int ADS_GROUP_TYPE_SECURITY_ENABLED = 0x80000000;
attrs.put("groupType",Integer.toString(ADS_GROUP_TYPE_UNIVERSAL_GROUP + ADS_GROUP_TYPE_SECURITY_ENABLED));
// Create the context
Context result = ctx.createSubcontext(groupName, attrs);
System.out.println("Created group: " + groupName);
ctx.close();
catch (NamingException e) {
System.err.println("Problem creating group: " + e);
}got the error code: Problem creating group: javax.naming.directory.InvalidAttributeIdentifierException: [LDAP: error code 17 - groupType: attribute type undefined]; remaining name 'CN=Evolution,OU=Research,DC=antipodes,DC=com'
I tried by creating organizational unit "ou=Research" from "LDAP Browser/Editor", and then running the same code -> same error.
also I have tried code for adding users:
package test;
import java.util.Hashtable;
import javax.naming.ldap.*;
import javax.naming.directory.*;
import javax.naming.*;
import javax.net.ssl.*;
import java.io.*;
public class MakeUser
public static void main (String[] args)
Hashtable env = new Hashtable();
String adminName = "cn=Manager,dc=antipodes,dc=com";
String adminPassword = "secret";
String userName = "cn=Albert Einstein,ou=Research,dc=antipodes,dc=com";
String groupName = "cn=All Research,ou=Research,dc=antipodes,dc=com";
env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
//set security credentials, note using simple cleartext authentication
env.put(Context.SECURITY_AUTHENTICATION,"simple");
env.put(Context.SECURITY_PRINCIPAL,adminName);
env.put(Context.SECURITY_CREDENTIALS,adminPassword);
//connect to my domain controller
env.put(Context.PROVIDER_URL, "ldap://127.0.0.1:389");
try {
// Create the initial directory context
LdapContext ctx = new InitialLdapContext(env,null);
// Create attributes to be associated with the new user
Attributes attrs = new BasicAttributes(true);
//These are the mandatory attributes for a user object
//Note that Win2K3 will automagically create a random
//samAccountName if it is not present. (Win2K does not)
attrs.put("objectClass","user");
attrs.put("samAccountName","AlbertE");
attrs.put("cn","Albert Einstein");
//These are some optional (but useful) attributes
attrs.put("giveName","Albert");
attrs.put("sn","Einstein");
attrs.put("displayName","Albert Einstein");
attrs.put("description","Research Scientist");
attrs.put("userPrincipalName","[email protected]");
attrs.put("mail","[email protected]");
attrs.put("telephoneNumber","999 123 4567");
//some useful constants from lmaccess.h
int UF_ACCOUNTDISABLE = 0x0002;
int UF_PASSWD_NOTREQD = 0x0020;
int UF_PASSWD_CANT_CHANGE = 0x0040;
int UF_NORMAL_ACCOUNT = 0x0200;
int UF_DONT_EXPIRE_PASSWD = 0x10000;
int UF_PASSWORD_EXPIRED = 0x800000;
//Note that you need to create the user object before you can
//set the password. Therefore as the user is created with no
//password, user AccountControl must be set to the following
//otherwise the Win2K3 password filter will return error 53
//unwilling to perform.
attrs.put("userAccountControl",Integer.toString(UF_NORMAL_ACCOUNT + UF_PASSWD_NOTREQD + UF_PASSWORD_EXPIRED+ UF_ACCOUNTDISABLE));
// Create the context
Context result = ctx.createSubcontext(userName, attrs);
System.out.println("Created disabled account for: " + userName);
//now that we've created the user object, we can set the
//password and change the userAccountControl
//and because password can only be set using SSL/TLS
//lets use StartTLS
StartTlsResponse tls = (StartTlsResponse)ctx.extendedOperation(new StartTlsRequest());
tls.negotiate();
//set password is a ldap modfy operation
//and we'll update the userAccountControl
//enabling the acount and force the user to update ther password
//the first time they login
ModificationItem[] mods = new ModificationItem[2];
//Replace the "unicdodePwd" attribute with a new value
//Password must be both Unicode and a quoted string
String newQuotedPassword = "\"Password2000\"";
byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16LE");
mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("unicodePwd", newUnicodePassword));
mods[1] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("userAccountControl",Integer.toString(UF_NORMAL_ACCOUNT + UF_PASSWORD_EXPIRED)));
// Perform the update
ctx.modifyAttributes(userName, mods);
System.out.println("Set password & updated userccountControl");
//now add the user to a group.
try {
ModificationItem member[] = new ModificationItem[1];
member[0]= new ModificationItem(DirContext.ADD_ATTRIBUTE, new BasicAttribute("member", userName));
ctx.modifyAttributes(groupName,member);
System.out.println("Added user to group: " + groupName);
catch (NamingException e) {
System.err.println("Problem adding user to group: " + e);
//Could have put tls.close() prior to the group modification
//but it seems to screw up the connection or context ?
tls.close();
ctx.close();
System.out.println("Successfully created User: " + userName);
catch (NamingException e) {
System.err.println("Problem creating object: " + e);
catch (IOException e) {
System.err.println("Problem creating object: " + e); }
}same error.
I haven't done any chages to any schema manually.
I know I'm missing something crucial but have no idea what. I have tried many other code from tutorials from net, but they are all very similar and throwing the same error I showed above.
thanks in advance for help.I've solved this.
The problem was that all codes were using classes from Microsoft Active Directory, and they are not supported in OpenLDAP (microsoft.schema in OpenLDAP is just for info). Due to this some fields are not the same in equivalent classes ("user" and "person").
so partial code for creating user in root would be:
import java.util.Hashtable;
import javax.naming.ldap.*;
import javax.naming.directory.*;
import javax.naming.*;
import javax.net.ssl.*;
import java.io.*;
public class MakeUser
public static void main (String[] args)
Hashtable env = new Hashtable();
String adminName = "cn=Manager,dc=antipodes,dc=com";
String adminPassword = "secret";
String userName = "cn=Albert Einstein,ou=newgroup,dc=antipodes,dc=com";
env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
//set security credentials, note using simple cleartext authentication
env.put(Context.SECURITY_AUTHENTICATION,"simple");
env.put(Context.SECURITY_PRINCIPAL,adminName);
env.put(Context.SECURITY_CREDENTIALS,adminPassword);
//connect to my domain controller
env.put(Context.PROVIDER_URL, "ldap://127.0.0.1:389");
try {
// Create the initial directory context
LdapContext ctx = new InitialLdapContext(env,null);
// Create attributes to be associated with the new user
Attributes attrs = new BasicAttributes(true);
attrs.put("objectClass","user");
attrs.put("cn","Albert Einstein");
attrs.put("userPassword","Nale");
attrs.put("sn","Einstein");
attrs.put("description","Research Scientist");
attrs.put("telephoneNumber","999 123 4567");
// Create the context
Context result = ctx.createSubcontext(userName, attrs);
System.out.println("Successfully created User: " + userName);
catch (NamingException e) {
System.err.println("Problem creating object: " + e);
}hope this will help anyone. -
[OIM 11g R1] OID 11.1.1.5.0 Connector with OpenLDAP: Errors in logs
I am using the Oracle Internet Directory 11.1.1.5.0 connector with OpenLDAP as my target system.
Every time I run the "LDAP Connector User search Reconciliation", I see the following error for each user.
<Feb 21, 2013 3:54:57 PM EST> <Error> <ORACLE.IAM.CONNECTORS.ICFCOMMON.RECON.SEARCHRECONTASK> <BEA-000000> <oracle.iam.connectors.icfcommon.recon.SearchReconTask : handle : Recon event skipped>
The reconciliation events do get generated in OIM and the reconciliation engine does link the account when a user match is found.
I am wondering what is causing that error to be thrown and whether if performance of the LDAP reconciliation is affected by this error.Any updates i am facing same problem.
thanks in advance -
Automatic upload of roles from ECC to portal (UME with LDAP)
Hi experts,
This thread reopen the question asked on the following message : automatic upload of roles from BI to portal
However, it concerns this time "UME with LDAP".
Problematic :
SAP Library 04s tells us that is not yet possible to automate role replication (or role assigment replication) from ABAP Based back-end to Netweaver Portal. Only manual process for initial upload is possible.
Source = http://help.sap.com/saphelp_nw04s/helpdata/en/41/5e4d40ecf00272e10000000a155106/frameset.htm
Questions :
1 - Did anyone ever try to implement such an automatic tool ?
2 - What if I'm not able to write on the Active Directory ? I am still able, at least, to automate role assignment replication from ABAP Based back-end to Netweaver Portal (ie. UME with LDAP) ? Directly from SAP R/3 to EP through UME, without passing through Active Directory since the group field is not maintained in AD.
Many thanks for your inputs
Alexis MARTINHello,
As I did not read the previous thread I don't know what exactly you are trying to achieve, but I can tell you about what we have done - as far as it is not too late yet.
We use the portal with integration to a BI system. In the ABAP stack we have lots of roles with menu items for hundreds of reports. We want the users to see these roles in the portal.
First we have used the role migration tool of the portal to upload these roles. There is a Java API for executing role uploads from code. You need to create a webservice in the java stack to call this api, and can call the webservice from ABAP.
However it is just a question of time and role size until this will not work at all. Standard role migration is more or less crap, stability is a problem. It also creates a lot of logs in the PCD and thus fills the database with trash. (After a few OSS messages there is now a program for deleting logs + you can turn of logging.) Also upload of larger roles takes up to an hour, and you alwasy have the problem that your portal roles are not up to date during the day.
When I got completely fed up, I have implemented an own navigation connector. When you log on to the portal it will connect to the ABAP stack via RFC, load the role, and generate the portal menu from it. It uses caching, but on every logon it checks whether the role has been updated in ABAP since the last time it was loaded. It is up to date, faster then PCD navigation, and you need absoluetely no periodical synching at all. I cant even understand why this is not offered by SAP per standard!
Drawback is that it will of course only work for the menu items, and only menu items with an "URL-type" are supported. I'm prettry sure however that it would be possible to implement a few other types as well.
Let me know if you are interested in the solution, I can give you a few additional details: oliverDOTsvisztATwienerbergerDOTcom
Oliver -
How to implement logoff in Webdynpro using UME
Hi all.
I am ken from Shanghai, China.
These days I am developing WebDynpro in WebDynpro Develop Studio ver 2.0.12
When I want to put security in my webDynpro application, I use UME to wrap the security authetion.
My webdynpro requires user to input username and password to acess my webdynpro application, but there is no ' log off ' function in my webdynpro application.
How can I implement ' log off ' function ?
log off function is the function to let user log off from current session.Web Dynpro components generally are deployed and run within EP, which provides you with the log off button.
If you still require that a log off button be present in the Web Dynpro application then there are a lot solution described in this forum.
Forcing Log Off..
I think this link should serve the purpose.
Regards,
Noufal -
Localizeddirectory.asp with OpenLDAP
Hello everyone,
I want to use OpenLDAP as my LDAP Server then I'm trying to integrate my OpenLDAP server with corporate directory. I use localizeddirectory.asp script in Cisco IP Phone Service SDK and modify it with my own settings. But the problem is I get the "HTTP 500 Internal Server Error" message when I try to access the file from the web browser. The script works with microsoft AD but doesn't work with OpenLDAP.
So I really need everyone's help on this one. Is it possible to configure localizeddirectory.asp Linux version in that same way like Microsoft Active Directory? Can anyone show me how to do this?
Thanks a lot before. Sorry for my bad english.
AgaVery strange. Not sure why framework of any version would interfere with ASP application. Only suggestion I'd have is to run Process Monitor and see if it shows you something. ProcMon is here;
http://technet.microsoft.com/en-ca/sysinternals/bb896645.aspx
Ludek
Follow us on Twitter http://twitter.com/SAPCRNetSup -
Config UME with ABAP+LDAP datasource
Hi all,
We are implementing an EP installation. We want to reuse the abap role assignment for the portal roles and we require a SSO solution based on SPNego.
Now we can implement each on it's own fine. The question is how we can connect the ume to use both abap and ldap datasource. I opened an OSS about it and they said it's possible, supported but I'm on my own when it comes to implementing it (or consulting offcourse).
Anyone had experience with this configuration or can provide me with the datasource schema file?
Thank in advance,
EricTry the following:
1. Download the SPNegoWizard_645.zip (for 7.0) SPNegoWizard_640 (for 6.40)from SAP Note 994791 and unzip it.
2. Adjust the user running the SAP system in Active Directory
3. Copy the EAR and XML Files from the SPNegoWizard.ZIP file to a temporary directory on the server.
4. Open up the Visual Administrator. Logon with the admin ID.
5. SID ->Server -> Services -> Deploy
6. Open the Config Tool. (Yes to using DB settings)
7. Select UME LDAP Data
8. Browse to the XML file you copied earlier. (dataSourceConfiguration_ads_readonly_db_with_krb5.xml)
Click the upload button.
9. Select the Configuration file you just uploaded. Click OK on the Warning message.
10. Setup the Connection details as specified below:
Server Name: xxxxxx
Server Port: xxxxxxx
User: SAPService<SID>@domain.com
Password: xxxxxx
Use UME unique id with unique LDAP attribute (checked): samaccountname
User Path: dc=<domain>,dc=com
Group Path: ou=xxxxxx,ou=xxxx,dc=xxxx,dc=xxxx
11. Click the Test Connection button you should see:
Click Close when done.
12. Click the Test Authentication button, enter NT user ID and NT password, and click the authenticate button and you should get a success message:
13. Select cluster-data Global Server Configuration services com.sap.security.core.ume.service
14. Edit the ume.admin.addattrs.
Add the values: krb5principalname;kpnprefix;dn
Click the Set button.
15. Click the Save button or File -> Apply.
16. Close the Config tool and restart the JAVA engine.
17. After the engine is restarted, continue on with the Kerberos configuration.
18. Open up the SP Nego Wizard by going to the following URL: http://<server>:<port>/spnego
19. Logon with the Administrator user ID.
20. Select the check boxes for the u201CService user is created and configured in Active Directoryu201D and u201CUME configuration includes SPNego specific settingsu201D
Click the Next button
21. Click the Add Kerberos Realm button and enter your domain name (e.g. company.com)
22. For the Realm Configurationu2019s KDCs (Key Distribution Centers) put in <KDC host> and 88 for the port (the port should already be filled in.
23. In the KPN (Kerberos Principal Name) section enter the Service User Name & Password.
Service User: SAPService<SID>
Password: xxxx
Leave LDAP Host - blank
24. Click the Next button
25. Select Prefix Based for the Resolution Mode and Click Next
26. In Policy Configuration we want to create a new policy called spnego. Tick Basic password Fallback (when SSO do not work) and tick SSO with Logon Tickets. Click the Next button.
27. Click Finish on the Confirmation screen.
28. Close the browser and restart the engine.
29. After the engine has finished restarting, continue with the final steps.
30. Open up the Visual Administrator. Logon as the Administrator ID.
31. SID Server Services Security Provider
32. Go into change mode by clicking the change button.
33. On the Runtime tab Policy Configurations tab Select ticket from the Components list.
34. On the Authentication tab for the ticket component select Authentication Template: spnego
35. Now go to the useradmin service (http://<server>:<port>/useradmin) to test the Kerberos SSO. You should get signed on without entering a user name or password.
You are done! -
UME with 4.6C and connector Alias
Hello,
We have big difficulties to link Visual composer to a 4.6C...
1) We try to configure UME of portal to a 4.6C (but since SP12 and WAS 6.20 is not installed, it is not possible to use it.
Is it possible to use UME portal and map by using "user mapping for system access" ?
2) We need to create a system alias connector in the portal with SSO and everything will be ok ?
Thanks a lot for your help
Best regardsHello Srinivas,
I explain my problem in detail,
We try to use 4.6C back-end for UME (7.0) but It is not possible since SP12. We succed but we cannot connect with login and password (error). SAP says it is not possible to use this method since sp12.
So we would like to to find an another solution. So Is it possible to use UME of the portal instance (stand alone), and map user to user 4.6C ?
In addition, we would like to use visual composer with 4.6C and portal 7.0. Is it possible with UIDPW and if we need to configure SSO betwean portal and 4.6c ?
Thanks a lot,
Best regards. -
How to Integrate EBS 12 with OpenLDAP
Hi,
I have a requirement to integrate OpenLDAP with EBS 12.2, bidirectionally.
Is there a direct way of doing this, so that if a user is created in Oracle EBS (FND User) and attached to hr employee (with supervisor assigned and organization details), this information can be synchronized with OpenLDAP?
DulaPlease see
https://blogs.oracle.com/stevenChan/entry/indepth_using_thirdparty_identity_managers_with_eb
Integrating Oracle E-Business Suite Release 12.2 with Oracle Access Manager 11gr1 (11.1.1.5.0) using Oracle E-Business Suite AccessGate(Doc ID 1368292.1)
Integrating Oracle E-Business Suite Release 12.2 with Oracle Access Manager 11gr2 (11.1.2) using Oracle E-Business Suite AccessGate(Doc ID 1576425.1)
Troubleshooting Oracle Application Server 10g SSO and OID with Oracle E-Business Suite Release 12 (Doc ID 380487.1)
ApPsMaStI
sharing is Caring -
QuickCarRental permissions using UME
Hi, I am doing this tutorial:
[Protecting Access to a J2EE-Based Application using UME Permissions|http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/adcfa85d-0501-0010-a398-80a47b8e3fc2#tut2 [original link is broken]]
I'm having a problem with the definition of the permissions. There always seems to be the error "User cannot view reservations" even though I assigned the user to the ViewReservations permission.
Help? Thanks.I seem to be having problems with the EJB permissions. The Web Application permissions seem to work just fine.
Thanks. -
Hi - My daughter was using her Apple TV until recently when she got a Smart TV. Now the Apple TV is not needed so she passed it on to me. How do I get her Home Sharing account transferred over to mine so that I can use it with my PC? Thanks!
As Winston Churchill wrote, however you might want to do a factory reset on the Apple TV.
This way all information pertaining to your daughter will be removed from the device. Specifically if see was sign into any of the streaming service, Netflix, Hulu, etc. her credentials will still be associated with this Apple TV, doing a factory reset will remove all that and make it as if you purchased the device and just plugged it in.
regards -
OPEN CURSOR using a WITH clause in the select query
Hi,
I am using Oracle 9i. I have a requirement where I have a REFCURSOR as an OUT parameter for my procedure. I have declared the TYPE and created the procedure.
In the procedure, I am using OPEN <cursor_name> FOR <query>;
Ideally this works in most of the cases that I have tried earlier. However, in the current case I am using a WITH clause in my query to get the results.
I need help in understanding if the above mentioned syntax would not allow me to use the WITH clause in the query.What error do you get , seems to work ok for me on 10g
SQL> begin
2 open :cv for 'with x as (select * from emp) select * from x';
3 end;
4 /
PL/SQL procedure successfully completed.
SQL> print :cv
EMPNO
ENAME
JOB MGR HIREDATE SAL COMM DEPTNO
7521
WARD
SALESMAN 7698 22-FEB-81 1250 500 30
7566
JONES
MANAGER 7839 02-APR-81 2975 20
EMPNO -
My iPhone 4 will not sync my new voice memos from the "Voice Memos" app to my computer. This is frustrating, should not be so hard, can someone please help. I use PC with windows 7 with iPhone version 6.1.3 and iTunes most recent. Thanks.
In the Music tab of iTunes, do you have 'Include Voice Memos' checked?
Maybe you are looking for
-
Hi. I can't open OBIEE 11g. After the installation of OBI I use normally. Then restart the system, OBI url don't open. Exception Unable connection to the server. Thank you in advance
-
Hello, I have run into the following problem. When running a very long lasting bean transaction on one BEA Weblogic 6.1 SP2 application server I get no errors, but on the other one that in fact should be quite similar to the first one, I get: EJB Exc
-
the iphone cannot be restore at this time because the iphone software update server could not be contacted or temperarily unavailable.... this error has been occred
-
Hello everyone, I recently bought the new version of Photoshop (CS6 13.0) and I have encountered a serious issue with the middle eastern languages. I have switched my text engine to middle eastern, enabled middle eastern features through the type men
-
Hello, I'm designing a map in Illustrator CS5. Does anyone know of a way to merge 2 paths (roads) which have text attached, so they seamlessly blend together. I've tried using a compound path but this doesn't work with text added. I need to be able