Trouble with ACIs and dynamic groups

Similar Messages

• ACI and dynamic groups

  I can't seem to get dynamic groups working. Here's my dynamic group setup:
  ldapsearch -D "cn=directory manager" -w "passwd01" -b "ou=internal,dc=example,dc=com" "objectclass=groupOfUrls"
  version: 1
  dn: cn=istest,ou=Groups,ou=internal,dc=example,dc=com
  cn: istest
  objectClass: top
  objectClass: groupOfUrls
  ou: Groups
  memberURL: ldap:///ou=people,ou=internal,dc=example,dc=com??sub?(uid=user1)
  I know for sure user1 exists:
  ldapsearch -D "cn=directory manager" -w "passwd01" -b "ou=internal,dc=example,dc=com" "uid=user1"
  version: 1
  dn: uid=user1,ou=people,ou=internal,dc=example,dc=com
  objectClass: shadowAccount
  objectClass: posixAccount
  objectClass: account
  objectClass: top
  loginShell: /bin/bash
  uidNumber: 3000
  homeDirectory: /home/user1
  gecos: User1
  cn: User1
  gidNumber: 500
  uid: user1
  When I run a search, I get nothing:
  ldapsearch -D "cn=Directory Manager" -w passwd01 -b "ou=internal,dc=example,dc=com" "(isMemberOf=cn=istest,ou=Groups,ou=internal,dc=example,dc=com)"
  Directory Server version: 6.3
  Using /usr/bin/ldapsearch on solaris 10.
  My main objective so to use dynamic groups to setup some ACI. eg: allow user w/ attribute gidNumber=400 full read/write.
  mike

  ismemberof only works for static groups.
  My main objective so to use dynamic groups to setup some ACI.
  eg: allow user w/ attribute gidNumber=400 full read/write.Have you considered using filtered roles ?

• Trouble with Mail and Maverick

  Trouble with Maverick and Mail - contacts (groups) will not load into address bar in mail.

  Check that the mac's preferences for icloud is still connected to the proper account.  Be sure photo stream is turned on. 
  You haven't described what "trouble" your mail account has.

• Trouble with export and import

  I am having trouble with export and import
  here is what I did...
  exp "'/ as sysdba'" PARFILE=parfile.txt
  PAFILE
  TABLES=user1.Table1
  file=Table1_1006.dmp
  LOG=Table1_1006.log
  query="where to_char(processeddate,'YYYYMMDDHHMISS') between to_char(to_timestamp('1911-01-01 00:00:00','YYYY-MM-DD HH24:MI:SS'),'YYYYMMDDHHMISS') and to_char(to_timestamp('2011-10-06 16:46:26','YYYY-MM-DD HH24:MI:SS'),'YYYYMMDDHHMISS')"here is my log from export
  set and AL16UTF16 NCHAR character set
  About to export specified tables via Conventional Path ...
  Current user changed to user1
  . . exporting table               Table1   16019049 rows exported
  EXP-00091: Exporting questionable statistics.
  EXP-00091: Exporting questionable statistics.
  EXP-00091: Exporting questionable statistics.
  EXP-00091: Exporting questionable statistics.
  EXP-00091: Exporting questionable statistics.
  EXP-00091: Exporting questionable statistics.
  EXP-00091: Exporting questionable statistics.
  EXP-00091: Exporting questionable statistics.
  Export terminated successfully with warnings.Then I started importing
  /database2/rdbm15> imp "'/ as sysdba'" file=Table1_1006.dmp fromuser=user1 touser=user1 tables=Table1 log=imp_Table1_1006.log
  Import: Release 10.2.0.5.0 - Production on Thu Oct 6 19:57:01 2011
  Copyright (c) 1982, 2007, Oracle.  All rights reserved.
  Connected to: Oracle Database 10g Enterprise Edition Release 10.2.0.5.0 - 64bit Production
  With the Partitioning, OLAP, Data Mining and Real Application Testing options
  Export file created by EXPORT:V10.02.01 via conventional path
  import done in US7ASCII character set and AL16UTF16 NCHAR character set
  . importing user1's objects into user1
  IMP-00015: following statement failed because the object already exists:
  "CREATE TABLE "Table1" ("APPROVALTRACEID" VARCHAR2(64), "REQUESTOR"
  "EID" VARCHAR2(9), "EID" VARCHAR2(9), "FIRSTNAME" VARCHAR2(32), "LASTNAME" V"
  "ARCHAR2(32), "MIDDLEINITIAL" VARCHAR2(8), "TIER" VARCHAR2(3), "JOBTITLE" VA"
  "RCHAR2(64), "JOBCODE" VARCHAR2(10), "EMPLOYEETYPE" VARCHAR2(2), "CONTRACTOR"
  "TYPE" VARCHAR2(2), "EMPLOYEESTATUS" VARCHAR2(2), "COSTCENTER" VARCHAR2(10),"
  " "COSTCENTERDESCRIPTION" VARCHAR2(50), "CONTRACTENDINGDATE" VARCHAR2(8), "A"
  "CCOUNTSTATUS" VARCHAR2(2), "LOGINID" VARCHAR2(70), "APPLICATIONGROUP" VARCH"
  "AR2(50), "APPLICATIONNAME" VARCHAR2(50), "APPLICATIONID" VARCHAR2(12), "LEV"
  "EL1" VARCHAR2(512), "LEVEL2" VARCHAR2(512), "LEVEL3" VARCHAR2(512), "LEVEL4"
  "" VARCHAR2(512), "LEVEL5" VARCHAR2(512), "PROFILECODE" VARCHAR2(50), "PROCE"
  "SSEDDATE" DATE, "APPROVERMANAGEREID" VARCHAR2(9), "APPROVERMANAGERDELEGATEE"
  "ID" VARCHAR2(9), "APPROVERT4MANAGEREEID" VARCHAR2(9), "APPROVERT4MANAGERDEL"
  "EGATEEID" VARCHAR2(9), "APPROVERAPPOWNEREID" VARCHAR2(9), "APPROVERAPPOWNER"
  "DELEGATEEID" VARCHAR2(9), "PERFORMEREID" VARCHAR2(9), "NATIONALID" VARCHAR2"
  "(30), "COUNTRYCODE" VARCHAR2(9), "PASSPORTID" VARCHAR2(20), "DATEOFBIRTH" V"
  "ARCHAR2(15), "CITYOFBIRTH" VARCHAR2(15), "VENDORNAME" VARCHAR2(50), "VENDOR"
  "MANAGERNAME" VARCHAR2(50), "VENDORMANAGERID" VARCHAR2(9), "VENDORADDRESS1" "
  "VARCHAR2(100), "VENDORADDRESS2" VARCHAR2(100), "VENDORSTATEPROVINCE" VARCHA"
  "R2(15), "VENDORCOUNTRYCODE" VARCHAR2(9), "VENDORZIPPOSTALCODE" VARCHAR2(9))"
  "  PCTFREE 10 PCTUSED 40 INITRANS 1 MAXTRANS 255 STORAGE(INITIAL 4076863488 "
  "NEXT 1048576 FREELISTS 1 FREELIST GROUPS 1 BUFFER_POOL DEFAULT)            "
  "                   LOGGING NOCOMPRESS"
  Import terminated successfully with warnings.but I did not get rows to database2
  [server1]database2
  /database2/rdbm15> sqlplus / as sysdba
  SQL*Plus: Release 10.2.0.5.0 - Production on Thu Oct 6 19:59:17 2011
  Copyright (c) 1982, 2010, Oracle.  All Rights Reserved.
  Connected to:
  Oracle Database 10g Enterprise Edition Release 10.2.0.5.0 - 64bit Production
  With the Partitioning, OLAP, Data Mining and Real Application Testing options
  SQL> select count(*) from user1.Table1;
    COUNT(*)
           0
  SQL> exit
  SQL> select * from v$version;
  BANNER
  Oracle Database 10g Enterprise Edition Release 10.2.0.5.0 - 64bi
  PL/SQL Release 10.2.0.5.0 - Production
  CORE    10.2.0.5.0      Production
  TNS for HPUX: Version 10.2.0.5.0 - Production
  NLSRTL Version 10.2.0.5.0 - ProductionEdited by: user3636719 on Oct 6, 2011 5:23 PM

  user3636719 wrote:
  Thanks for the reply...
  Old EXP IMP doesnt have capability to append the row, since you're using 10g use datapump instead. use option TABLE_EXISTS_ACTION=APPENDso my import should be like this
  imp "'/ as sysdba'" file=Table1_1006.dmp fromuser=user1 touser=user1 tables=Table1 log=imp_Table1_1006.log TABLE_EXISTS_ACTION=APPEND
  Did you look up the command line syntax and control options for imp?
  You should make it a habit that whenever anyone - especially a stranger on the web - gives you a bit of code or references a command or init parm or any some such, the VERY FIRST thin you should ALWAYS do is look it up for yourself and see exactly where and how it is used and what it means. That is how you grow beyond having to be spoon fed every little thing and become more self-sufficient.
  If you had, you would have seen that there is no TABLE_EXISTS_ACTION option for imp and seen that it is an option for impdp. And realized that exp and imp are NOT the same thing as expdp and impdp.
  =================================================
  Learning how to look things up in the documentation is time well spent investing in your career. To that end, you should drop everything else you are doing and do the following:
  Go to tahiti.oracle.com.
  Drill down to your product and version.
  <b><i><u>BOOKMARK THAT LOCATION</u></i></b>
  Spend a few minutes just getting familiar with what is available here. Take special note of the "books" and "search" tabs. Under the "books" tab you will find the complete documentation library.
  Spend a few minutes just getting familiar with what <b><i><u>kind</u></i></b> of documentation is available there by simply browsing the titles under the "Books" tab.
  Open the Reference Manual and spend a few minutes looking through the table of contents to get familiar with what <b><i><u>kind</u></i></b> of information is available there.
  Do the same with the SQL Reference Manual.
  Do the same with the Utilities manual.
  You don't have to read the above in depth. They are <b><i><u>reference</b></i></u> manuals. Just get familiar with <b><i><u>what</b></i></u> is there to <b><i><u>be</b></i></u> referenced. Ninety percent of the questions asked on this forum can be answered in less than 5 minutes by simply searching one of the above manuals.
  Then set yourself a plan to dig deeper.
  - Read a chapter a day from the Concepts Manual.
  - Take a look in your alert log. One of the first things listed at startup is the initialization parms with non-default values. Read up on each one of them (listed in your alert log) in the Reference Manual.
  - Take a look at your listener.ora, tnsnames.ora, and sqlnet.ora files. Go to the Network Administrators manual and read up on everything you see in those files.
  - When you have finished reading the Concepts Manual, do it again.
  Give a man a fish and he eats for a day. Teach a man to fish and he eats for a lifetime.
  =================================

• I am having all kinds of trouble with itunes and updating my ipad. when I open up itunes, it seems to just sit there, never going to itunes store. when I connect my ipad, I check update and it starts, but then I get this message:backup can't be saved on

  I am having all kinds of trouble with itunes and updating my ipad. I open itunes up but it doesn't do anything except open to a blank screen. I try to access the itunes store but it won't go there. When I connect my ipad, and try to update it, it starts and then I get a message that says backup cannot be saved on this computer. I have tried everything suggested to no avail. This is the 2nd or 3rd time I have had problems with itunes. Sometimes I even get a message that I am not connected to the internet.
  I have uninstalled and re-installed. Any help?

  You might not have enough space left on your hardrive.

• Just bought a new iPhone and am having trouble with iTunes and App Store. I can log in to Cloud, iTunes, and app store but once I try to download, it says "Youe apple id has been disabled". I've reset my password three times and have no issue on my Pad.

  Just bought a new iPhone and am having trouble with iTunes and App Store. I can log in to Cloud, iTunes, and app store but once I try to download, it says "Youe apple id has been disabled". I've reset my password three times and have no issue on my Pad.

  Hi FuzzyDunlopIsMe,
  Welcome to the Support Communities!
  It's possible that resetting your password multiple times has triggered this security.  Click on the link below for assistance with your Apple ID Account:
  Apple ID: Contacting Apple for help with Apple ID account security
  http://support.apple.com/kb/HT5699
  Here is some additional information regarding your Apple ID:
  Apple ID: 'This Apple ID has been disabled for security reasons' alert appears
  http://support.apple.com/kb/ts2446
  Frequently asked questions about Apple ID
  http://support.apple.com/kb/HT5622
  Click on My Apple ID to access and edit your account.
  Cheers,
  - Judy

• I downloaded Firefox 4.0 and it says to re-install the toolbar but I have not been successful in doing so. Can I go back to the older version? I had no trouble with that and I do not like this new version at all.

  I downloaded Firefox 4.0 and it says to re-install the toolbar but I have not been successful in doing so. I went to the forums and tried all the suggested fixes but none worked. Can I go back to the older version? I had no trouble with that and I do not like this new version at all. I tried a system restore twice and it did not fix the problem.

  I would imagine it's the MyWay Searchbar which is classified by most anti-malware scanners as adware, or even worse as spyware. I say that because I see "SmileyCentral" in your list of plugins and that's an add-on for that particular toolbar. You can disable that via Tools | Add-ons | Plugins.
  There are a number of toolbars which won't work with Firefox 4 anymore due to the enhanced protection mechanisms in the browser.
  Mozilla recommends that you only install add-ons from its own security site @ https://addons.mozilla.org/en-US/firefox/?browse=featured Generally speaking, those have all been tested and approved. The exceptions are those currently under review which are marked with a yellow banner to warn users that they haven't passed Mozilla's labs yet.

• Several of us have a iPhone 6s and are having trouble with hearing and speaking at the same time when using the phone. ? The speakers seem to be too far apart? Are others having this issue? Solutions?

  Several of us have a iPhone 6plus and are having trouble with hearing and speaking at the same time when using the phone. ? The speakers seem to be too far apart? Are others having this issue? Solutions?

  Not having the problem, don't personally know anyone who is.

• TO ALL THOSE HAVING TROUBLE WITH ICHAT AND AIM ON MACBOOKS

  I've had a lot of trouble with AIM and iChat on my new Macbook, but I believe I've figured out the answers to all the problems I and others have encountered.
  Firstly, for those who's AIM continually crashes and displays the message "The application AIM unexpectedly shut down," my answer to your problem is too many sent messages. Watch the bar in the bottom left of your chat window, when it reaches red, your application will probably shut down.
  Secondly, for those experiencing difficulties with iChat, it's most likely a problem with communitcation between your wireless router and your computer. Try these steps:
  1. From the Apple menu, choose System Preferences.
  2. From the View, choose Sharing.
  3. Click the Firewall tab.
  4. Click New.
  5. From the Port Name pop-up menu, choose Other.
  If you have a Macbook, you'll probably have a TCP Port Number Bar and a UDP Port Number Bar. Try these steps:
  1. In the TCP Port Number(s) Bar, type: 5190, 5298
  2. In the UDP Port Number(s) Bar, type: 1024-5219, 5221, 5223-65535
  3. In the Description Bar, type: iChat AV
  4. Click OK
  5. Click Start above the window with your firewall settings, and make sure the box next to iChat AV is checked
  6. Relaunch iChat
  Good Luck! I hope this solves some of the problems that people have been encountering.

  Rob
  My Linksys is the WAG54G, which might be different from your WRT54G. Currently, UPnP is disabled and the Router ports are a bit of a mystery, because they're forwarded to an IP address that's outside of the current DHCP Address Range! Once I got it working, I was reluctant to change it even though it looked anomalous.
  The Firewall is on, with the iChat ports open that I listed in the previous post.
  My two regular buddies are my sons, who both use Trillian Pro on a Windows machine. Works pretty well despite occasional freezes or garbled sound.
  Hope you get sorted soon.
  Dave

• I am having trouble with safari and most apps shutting down when I'm in the middle of stuff what do I need to do to resolve this?

  I am havering trouble with safari and apps shutting down on me all the time what can I do to resolve this problem. Thanks :-)

  Make sure you have enough free space on your iPad. With iOS 7 it is recommended that you have 15-20% of the storage space on the device free.  For a 16 GB device that is 2.4-3.2 GB free. For a 32 GB device that is 4.8-6.4 GB free. For a 64 GB device that is 9.6-12.8 GB free.
  Also try a reset. Press and hold the Home and Sleep buttons simultaneously until the Apple logo appears. Let go of the buttons and let the device restart. See if that fixes your problem.

• I'm Having trouble with OWA and Certs after the Rollup 7 for SP3 installation. any idea? update 2961522-

  Hi, everyone.
  I'm Having trouble with OWA and Certs after the Rollup 7 for SP3 installation. any idea? update 2961522-
  after running get-OWAVirtualDirectory or test-OWAConnectivity i'm getting a message that says "OWA it's Orphan, No Metadata information can be found."
  I only have the OWA users impacted.- anywhere users, and ActiveSync are working well.-
  Thanks,
  Fabian Alberto Campo
  MCT-MCSA 2012-MCITP365-MCTS
  Fabián A. Campo H. Consultor tecnico @ IXO Ltda. MCT MCP MCTS MCSA HP-APS Cra. 67 No. 167 – 61 of 303 Bogotá, Colombia

  Hi Fabian,
  Is there any error code when user access their mailbox on OWA. Please confirm if there is no results returned in EMS when you run Get-OWAVirtualDirectory cmdlet. Also check whether there is any Event Logs related to OWA in Exchange.
  In IIS manager, make sure the OWA virtual directory is listed in the Default Web Site. In EMC, we can navigate to Server Configuration > Client Access, select server and turn to Outlook Web App tab. Then we can click Reset Virtual Directory in the right
  Actions pane to reset OWA virtual directory.
  Additionally, please restart IIS service by running iisreset /noforce from a Command Prompt window.
  Regards,
  Winnie Liang
  TechNet Community Support

• Trouble with edit and develop after november 2013 release?

  Hi,
  I can not use edit and develop after release November 2013.
  I am a user from Sweden and wonder if it only hit European data center?
  The language has also changed from Swedish to English in the modules.
  I can not access the following in Site Settings:
  Admin users
  Mobile support
  Secure Domain redirect
  Beta features
  Does anyone have the same problem?
  Regards André

  Hi Florin
  There is no errors in the browser. I tested Chrome, Safari, Firefox.
  I sent a video to your colleague Silviu Ghimposanu (Adobe Business Catalyst Support)
  He can give you more information. I submit tickets. Ticketsnr 60092, 60085
  Maybe you can solve this together.
  Regards André
  20 nov 2013 kl. 12.17 skrev Florin Carlig:
  Re: Trouble with edit and develop after november 2013 release?
  created by Florin Carlig in Business Catalyst - View the full discussion
  Hi Andre,
  Can you please record a quick video with the errors you might have in your browser, in the browser's console?
  Here's what I want (a video I did in Chrome): http://screencasteu.worldsecuresystems.com/Florin/2013-11-20_1306.swf
  You can use Jing to record this kind of videos: http://www.techsmith.com/jing.html
  Thanks and regards,
  Florin
  Please note that the Adobe Forums do not accept email attachments. If you want to embed a screen image in your message please visit the thread in the forum to embed the image at http://forums.adobe.com/message/5857868#5857868
  Replies to this message go to everyone subscribed to this thread, not directly to the person who posted the message. To post a reply, either reply to this email or visit the message page: Re: Trouble with edit and develop after november 2013 release?
  To unsubscribe from this thread, please visit the message page at Re: Trouble with edit and develop after november 2013 release?. In the Actions box on the right, click the Stop Email Notifications link.
  Start a new discussion in Business Catalyst at Adobe Community
  For more information about maintaining your forum email notifications please go to http://forums.adobe.com/thread/416458?tstart=0.

• I have an iPhone and just goy I pad but no computer I'm trying to synch them together but having trouble with iCloud and I can't seem to subscribe for iTunes match from either devise

  I have an iPhone and just goy I pad but no computer I'm trying to synch them together but having trouble with iCloud and I can't seem to subscribe for iTunes match from either devise

  You first have to subscribe to iTunes Match through iTunes on your computer and have your music library in iTunes uploaded/matched before you can enable it on your iOS devices (see http://www.apple.com/itunes/itunes-match/).  Without a computer you won't be able to use iTunes Match.

• ACI and embedded groups

  I'm wondering how the "embedded group" feature works from an ACI point of view.
  I've defined an ACI bades on groupdn = "ldap:///cn=group_A,ou=groups,dc....
  If group_A is a static group containing group_B, it works fine if group_B it a static group that uses objectclass=groupofuniquenames and RDN = cn (I mean using uniquemember attribute is not enough).
  If group_A is a static group containing group_B and group_B is dynamic - filter = (&(objeclass=person)(uid=testuser)) - it works fine too.
  But - maybe I mis use the feature - : if group_A is a dynamic group containg - through filter = (&(objectclass=groupofuniquename)(cn=group_B)) - and group_B is either dynamic or static, it doesn't work.
  Does it mean that dynamic groups used within ACI can only contain users and not groups or that the "embedded group" feature doesn't work with dynamic group concept unless the dynamic group is the last one of the chain and therefore contains users ?
  I'm sure I don't understand something but I can't figure what.
  Regards,
  Christian

  ismemberof only works for static groups.
  My main objective so to use dynamic groups to setup some ACI.
  eg: allow user w/ attribute gidNumber=400 full read/write.Have you considered using filtered roles ?

• Trouble with WebDAV and One Client

  We publish our ical calendars to a WebDAV folder on our Xserve. So I set the owner of the directory "ical" to www and the group to www. I then set up a realm called "ical" with prufrockstaff (a group with certain user accounts) as the assigned group (Can Browse and Can Author).
  However, one of my staff (a member of prufrockstaff) keeps failing to authenticate "Authenticating using checkpw failed, trying legacy method" then failure to publish in ical (Actually, she can publish a new calendar on a first attempt, but all other Refresh attempts fail to authenticate). All other staff (members of prufrockstaff) can publish their calendars fine.
  As an experiment, I published a calender using this staff member's account name and password from my client machine and everything worked fine.
  It seems to be related to something on the client machine. All other authentication from that machine using the account name and password works find (webmail, file services, etc.).
  Any ideas where to start trouble shooting?

  The trouble was unrelated to web services.
  It turned out to be a problem was with the account name/passwords saved in the user's keychain for iCal and WebDAV.
  I deleted all of the user's keychains for iCal and WevDAV, republished the calendars from the user's account, and everything works perfectly.