Trying to setup a LDAP Realm

Similar Messages

• LDAP Servers not listed when trying to setup new LDAP connection

  Using SQL Developer: 1.5.1
  Oracle Database 10g Enterprise Edition Release 10.2.0.2.0
  Windows XP client environment
  Can anyone clarify how to setup LDAP connections in SQL Developer. We use LDAP for our connections with all the other Oracle tools like SQL*Plus and other developer tools like forms. LDAP is working fine for all of those tools. However, when I try to setup an LDAP connection for SQL*Developer no servers are found for the drop down box. Do we need to put the sqlnet.ora and ldap.ora files somehwere so that SQL Developer can find them? Does SQL Developer even need them? How does the LDAP server get populated in SQL Developer? Thanks. I have tried looking at other posts on this issue and nothing really jumped out at how to do this. I do have some older version Oracle homes setup also. For example we have a Oracle 6i home setup on our machines for the old versions of forms and reports.

  I set it to C:\Oracle10g_DevSuiteHome_1\NETWORK\ADMIN. This is under one of my Oracle Homes on this machine that contains the sqlnet.ora and the LDAP.ora files. This didn't appear to make any difference. Still no LDAP servers listed when you try to add or build a new connection. I tried some of my other Oracle Homes and still no effect. I have also tried copying the sqlnet.or and the ldap.ora files to other directories. I have switched my default Oracle Home to point to the 9i and above homes and this made no difference.
  I have never had to do anything with an environment variable called TNS_ADMIN before. I almost remember a variable called TNS_ADMIN years ago in the registery that had to be modified and it was TNS_ADMIN if I remember correclty. When you said to set an environment variable you did mean to just set or create a new environment variable using the My Computer > Properties > Advanced Tab > Environment Variables on the client machine. I just want to make sure I set the right variable. Thanks for you help and suggestons.
  By the way I can connect just fine using basic or advanced connections. I just would like to use LDAP so I don't have to maintain connections when port, server or SID change. For example we just failed over and the fail over database is on a different server. We do this as a test or when needed for failover purposes. If you are using the basic and advanced connections you need to go in a update connection information. If we use LDAP this is all maintained by the DBAs and individual clients shouldn't have to maintain any connection information as long as the have the right SID. The documentation for SQL Developer doesn't really seem to address how to setup LDAP connections it just mentions that you can do it and it sounds simple.

• LDAP realm with Active Directory

  Hello,
  In the sun one app server admin console i have set the security role to LDAP.
  I have set up security roles in my web.xml such as this:
  <security-role>
  <description>This role represents administrators of the system, see actor administrators</description>
  <role-name>administrators</role-name>
  </security-role>
  ..and mapped the roles to groups in sun-application as follows:
  <security-role-mapping>
  <role-name>administrators</role-name>
  <group-name>CMS_PM</group-name>
  <principal-name>rlancett</principal-name>
  </security-role-mapping>
  My user and group information is stored in Active Directory so I have tried to configure the ldap realm in the admin console to get it working. These are the settings i have put in:
  directory: ldap://earth.tier2consulting.com:389
  base-dn: cn=Users,dc=tier2consulting,dc=com
  jaas-context: ldapRealm
  search-bind-dn: cn=administrator,cn=Users,dc=domain,dc=com
  search-bind-password: ******
  search-filter: sAMAccountName=%s
  I get the error message :javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data 525, v893
  WARNING: va:850)
  FINEST: JAAS authentication aborted.
  INFO: SEC5046: Audit: Authentication refused for [administrator].
  I am pretty stuck on this having looked arounds all the forums:
  Has anyone got sun one app server using Active Directory to get user/group information for security roles?
  Thanks.

  Howdy,
  I don't have a solution to your problem, but maybe this tid-bit will help in debugging with Active Directory error messages. I'm new to AD, so excuse me if everyone already knows this, but...
  The error message you get back from the directory contains an error code in hexidecimal:
  LDAP: error code 49 - 80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data 525, v893
  If you translate '525' from hex to decimal you get '1317' which is the error message you can look up here:
  http://msdn.microsoft.com/library/default.asp?url=/library/en-us/debug/base/system_error_codes.asp
  1317 - ERROR_NO_SUCH_USER - The specified user does not exist.
  It took me a while to find this tip, so I thought I'd share it. Oh, and the easy way to get decimal from hexidecimal is:
  System.out.println( "Here is 525 in decimal: " + Integer.parseInt("525", 16));
  Okay, hope this helps somebody.
  Now it's up to you to find out why it can't find the administrator!
  Craig

• Trying to setup im to store user props in ldap

  I am running the im/sbin/configure script. I'm trying to setup im to store user props in ldap. Can someone tell me what bind dn, I need to specify. It will be whatever the default is. I'm not sure how to find this.

  The default bind dn is normally "cn=Directory Manager".

• BASIC/LDAP Realm Authentication

  I am trying to protect access to my Web Application using BASIC
  Authentication based on an LDAPRealm that I have configured. I want all
  users that try to access anything in my Web App to have to log in first,
  based on their information in the LDAP server.
  My web.xml file looks as such.
  <web-app>
  <display-name>LDAPSpike</display-name>
  <servlet>
  <servlet-name>TestServlet</servlet-name>
  <servlet-class>test.TestServlet</servlet-class>
  </servlet>
  <servlet-mapping>
  <servlet-name>TestServlet</servlet-name>
  <url-pattern>/test</url-pattern>
  </servlet-mapping>
  <login-config>
  <auth-method>BASIC</auth-method>
  <realm-name>ActiveDirectoryCachingRealm</realm-name>
  </login-config>
  </web-app>
  Do I need to setup a <security-constraint> tag or a <security-role> tag? if
  so what role do I use? I just want ANY user the be authenticated by using
  the LDAP Realm (in this case ActiveDirectory as an LDAP Server)
  Thanks in advance for the help...
  Frank
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  Frank Febbraro
  Senior Software Engineer

  Plamen Petrov wrote:
  I am having similar problem. I managed to grant access
  to individual users and groups in the LDAP server, but
  what I want to do is to give access to everyone in
  the LDAP directory without explicitly specifiyng his
  name or group membership.Create a group "everyone" in LDAP as a workaround.
  Cheers,
  Alexander Petrushko
  mailto:[email protected]
  Consulting Services available
  Freemarker vs JSP:
  http://javaworld.com/javaworld/jw-01-2001/jw-0119-freemarker.html

• LDAP realm in Weblogic

  I am using Netscape Directory Service 4.2. I want to use LDAP realm for authentication from Weblogic 5.1. I have created a principal(kevink - username and cambridge - group) in NDS. I have created a servlet and registered in Weblogic giving permission to execute the servlet to the above username and group. I have the following entry in my weblogic properties file weblogic.allow.execute.weblogic.servlet.helloWorld=\ kevink, cambridge
  I have also created the LDAPRealm.properties file in my weblogic home directory.
  When I start weblogic with the LDAP debug mode on, I get the following messages
  Mon May 01 14:38:52 EDT 2000:<W> <CachingRealm> ACL "weblogic.servlet.helloWorld" contains non existent principal "kevink" - ignoring principal ******** Error: ACL "weblogic.servlet.helloWorld" contains non-existent principal "kevink" - i noring principal
  Mon May 01 14:38:52 EDT 2000:<W> <CachingRealm> ACL "weblogic.servlet.helloWorld" contains non- existent principal "cambridge" - ignoring principal ******** Error: ACL "weblogic.servlet.helloWorld" contains non-existent principal "cambridge" - ignoring principal
  Any ideas to solve this problem are welcome Ram

  Yep. And if your LDAP realm is hooked up correctly, you'll see groups from your ldap realm
  in the weblogic console, under the Security->Groups tab on the frame to the left.
  Keep in mind that you will not see users from your LDAP server under the Security->Users
  tab. This is expected behavior. But if you see the groups, then you've most likely hooked
  up the LDAP realm the right way ...
  Joe Jerry
  Vishwanath Kumar wrote:
  Hello Kumar,
  I am attaching a small portion of config.xml which contains LDAP settings . Please change
  this according to your LDAP server configuration and test it . I hope this should help
  you out.
  You also need to create a caching realm and then hook up that caching realm to this LDAP
  realm .
  For more information this URL should be helpful:
  http://e-docs.bea.com/wls/docs61/adminguide/cnfgsec.html#1071872
  here is portion of config.xml
  <LDAPRealm AuthProtocol="simple" Credential="dropdead"
  GroupDN="o=beasys.com,ou=Groups" GroupIsContext="false"
  GroupNameAttribute="cn" GroupUsernameAttribute="uniquemember"
  LDAPURL="ldap://mmanson:389"
  Name="defaultLDAPRealmForNetscapeDirectoryServer"
  Notes="This is provided as an example. Before enabling this Realm, you must edit
  the configuration parameters as appropriate for your environment."
  Principal="uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot"
  UserAuthentication="bind" UserDN="o=beasys.com,ou=People"
  UserNameAttribute="uid" UserPasswordAttribute="userpassword"/>
  kumar wrote:
  Hi,
  I have tried to configure LDAP realm in weblogic, but I think it is not configured
  correctly. And I don't know how to test it. Can anybody send me the sample config.xml
  having LDAP realm configured correctly. Please send me a sample program to access
  LDAP realm via weblogic.
  Thx--
  Vishwanath Kumar
  Developer Relations Engineer
  BEA Systems, Inc.

• LDAP realm for authentication and ACL in Database

  We are thinking of using LDAP realm for authentication and we want to use ACL from a Database. But the documentation says: "WebLogic Server defers to the LDAP realm for authentication, but not for authorization. Authorization is accomplished with access control lists (ACLs), which are defined in the weblogic.properties file"
  Can we use LDAP realm for authentication and manage our ACL from a Database? or do we have to use the weblogic.properties file? Do the weblogic security API help in the above scenario? Thanks Ram

  Unfortunately, there is no easy way to do this in wls 6.0.
  The only way to handle it is to write your own custom realm
  that uses ldap for users and groups and a database for acls -
  probably not a viable alternative.
  -Tom
  "kevin doherty" <[email protected]> wrote:
  >
  Jeffrey Hirsch <[email protected]> wrote:
  You should be able to use the DelegatedRealm interface to utilize the authentication methods from LDAP and the authorization methods from RDBMSRealm...
  I'm trying to do this too, but we are using WL6 and I see that the DelegatedRealm interface has been deprecated in this version. I'd greatly appreciate more information on doing this in WL6.
  Thanks!
  -kd

• I have this error trying to setup the environment : ORA-32101

  i have this error trying to setup the environment :
  the execution :
  []-pedro:/home/pedro/modelo_v4>./occiteste
  inicio do programa
  antes do env _environment
  Can’t set the environment: Error while trying to retrieve text for error ORA-32101
  []-pedro:/home/pedro/modelo_v4>
  here is a piece of the code :
  Model.h
  #pragma once
  #include <iostream>
  #include <stdlib.h>
  #include <stdio.h>
  #include <ctype.h>
  #include <string>
  #include <occi.h>
  using namespace oracle::occi;
  using namespace std;
  private:
  int ret;
  Environment* env;
  Model .cpp
  Modelo::Modelo(void)
  try
  env = Environment::createEnvironment(Environment::DEFAULT);
  catch (SQLException ea)
  cerr << "Error : " << ea.what();
  ret = 1;
  []-pedro:/home/pedro/modelo_v3>ldd occiteste
  libocci.so.10.1 => /opt/users/ora10g/lib/libocci.so.10.1
  libclntsh.so.10.1 => /opt/users/ora10g/lib/libclntsh.so.10.1
  librt.so.1 => /usr/lib/hpux64/librt.so.1
  libnss_dns.so.1 => /usr/lib/hpux64/libnss_dns.so.1
  libdl.so.1 => /usr/lib/hpux64/libdl.so.1
  libm.so.1 => /usr/lib/hpux64/libm.so.1
  libpthread.so.1 => /usr/lib/hpux64/libpthread.so.1
  libunwind.so.1 => /usr/lib/hpux64/libunwind.so.1
  libstd_v2.so.1 => /usr/lib/hpux64/libstd_v2.so.1
  libCsup.so.1 => /usr/lib/hpux64/libCsup.so.1
  libc.so.1 => /usr/lib/hpux64/libc.so.1
  libnnz10.so => /opt/users/ora10g/lib/libnnz10.so
  librt.so.1 => /usr/lib/hpux64/librt.so.1
  libnss_dns.so.1 => /usr/lib/hpux64/libnss_dns.so.1
  libdl.so.1 => /usr/lib/hpux64/libdl.so.1
  libm.so.1 => /usr/lib/hpux64/libm.so.1
  libpthread.so.1 => /usr/lib/hpux64/libpthread.so.1
  libunwind.so.1 => /usr/lib/hpux64/libunwind.so.1
  libdl.so.1 => /usr/lib/hpux64/libdl.so.1
  libuca.so.1 => /usr/lib/hpux64/libuca.so.1
  []-pedro:/home/pedro/modelo_v3>
  thanks

  yes , the OBJECT gives the same result
  the platform is HP-UX 64 bits :
  /opt/aCC/bin/aCC DD64    -AA -DOCCI_NO_WSTRING=1 DD64 -D_RWSTD_MULTI_THREAD -I/opt/users/ora10g/rdbms/demo -I/opt/users/ora10g/rdbms/public -I/opt/users/ora10g/plsql/public -I/opt/users/ora10g/network/public -DHPUX -D_REENTRANT -DHPUX_KTHREAD -DSLXMX_ENABLE -DSLTS_ENABLE -DSS_64BIT_SERVER -DBIT64 -DMACHINE64 -DORAIA64 -DHPUX_IA64 -c Main_Program.cpp
  /opt/aCC/bin/aCC DD64    -AA -DOCCI_NO_WSTRING=1 DD64 -D_RWSTD_MULTI_THREAD -I/opt/users/ora10g/rdbms/demo -I/opt/users/ora10g/rdbms/public -I/opt/users/ora10g/plsql/public -I/opt/users/ora10g/network/public -DHPUX -D_REENTRANT -DHPUX_KTHREAD -DSLXMX_ENABLE -DSLTS_ENABLE -DSS_64BIT_SERVER -DBIT64 -DMACHINE64 -DORAIA64 -DHPUX_IA64 -c Modelo.cpp
  /opt/aCC/bin/aCC +DD64 -o  occiteste Main_Program.o Modelo.o -L/opt/users/ora10g/lib -locci -lclntsh   `cat /opt/users/ora10g/lib/sysliblist`  -lm  
  []-pedro:/home/pedro/modelo_v4>ls -la
  DEFAULT is used for creating an Environment object; it has no thread safety or object support.
  OBJECT is for creating an Environment object; it uses object features.
  SHARED is for creating an Environment object.
  NO_USERCALLBACKS is for creating an Environment object; it does not support user callbacks.
  THREADED_MUTEXED is a thread safe mode for creating an Environment object, mutexed internally by OCCI.
  THREADED_UNMUTEXED is a thread safe mode for creating an Environment object; the client is responsible for mutexing.
  EVENTS supports registration for event notification used in Oracle Streams Advanced Queuing.
  USE_LDAP supports registration with LDAP.

• WL6.0 LDAP Realm problems

  I'm trying out WL6.0 (eval version) LDAP realm support and having trouble
  getting it to work - basic auth just keeps popping the window up 3 times and
  then giving up. Only pertinent message in the log is:
  ####<Mar 16, 2001 12:03:21 PM EST> <Info> <Security> <FOOBAR>
  <examplesServer> <ExecuteThread: '11' for queue: 'default'> <> <> <090021>
  <Locking account, user jdoe.>
  No obvious LDAP info or errors in the log, despite adding the following two
  to the startup script cmd line and restarting the server:
  -Dweblogic.security.realm.debug=true -Dweblogic.security.ldaprealm.verbose=t
  rue
  The HTTP basic-auth dialog box is correctly showing me that I'm trying to
  authenticate to: MyLDAPRealm
  Here's the config info for MyLDAPRealm
  <LDAPRealm AuthProtocol="simple"
  Credential="myserverpasswd"
  GroupDN="o=mycompany,c=us" GroupIsContext="false" GroupNameAttribute="cn"
  GroupUsernameAttribute="uniquemember"
  LDAPURL="ldap://tug:390"
  Name="MyLDAPRealm"
  Principal="cn=myserver,ou=myserverstuff,o=mycompany,c=US"
  UserAuthentication="local"
  UserDN="o=mycompany,c=us" UserNameAttribute="uid"/>
  It's a Netscape 4.1 Directory server, and I've verified that the above
  server account exists AND can authenticate and retrieve account
  userpasswords (yes, the server account is "cn=" while the user accounts are
  "uid=" - don't ask :-)....
  I've tried both "bind" and "local" and get the same results both ways.
  Any ideas???

  Did you use the most recent ldap patch? I could not get it to work fine
  with the default wls6.0sp1, but with the ldap-patch it works fine.
  AND probably even more important... change
  <Realm FileRealm="..." Name=".....">
  to
  <Realm CachingRealm"MyCachingRealm" FileRealm="..." Name=".....">
  Hope this helps...
  Ronald
  Sushil Pulikkal wrote:
  Hi Tom,
  I am using iPlanet Directory server with WL6.0 (which I presume is supported as
  Netscape's is) and facing the same problem as Mike was i.e account locking after
  three attempts(bottom of the message). I have created my own caching realm with
  the basic realm being MyLDAPRealm.
  The log gives no info other than the one about account locking.
  My config.xml looks something like this -
  <CachingRealm BasicRealm="MyLDAPRealm" CacheCaseSensitive="true" Name="MyCachingRealm"/>
  <PasswordPolicy Name="wl_default_password_policy"/>
  <LDAPRealm AuthProtocol="simple" Credential="enslaved"
  GroupDN="ou=Aussies,dc=timerasolutions,dc=com"
  GroupUsernameAttribute="uniquemember"
  LDAPURL="ldap://DJ-SUSHILP.timerasolutions.com:389"
  Name="MyLDAPRealm"
  Principal="uid=admin, ou=Administrators,
  ou=TopologyManagement, o=NetscapeRoot"
  UserAuthentication="bind"
  UserDN="ou=Aussies,dc=timerasolutions,dc=com"
  UserNameAttribute="uid"/>
  The browser window does pop up, but the user id doesn't get authenticated. Is
  there a way to know whether WLS is actually going to the LDAP server for authentication?
  Any insight into this?
  Thanks in advance,
  Sushil
  "Tom Moreau" <[email protected]> wrote:
  Mike,
  I haven't had any trouble getting the LDAPRealm to work
  in WLS 6.0. Could it be that while you've created the LDAPRealmMBean,
  you haven't told WLS to use it?
  In other words, you can create many realm configurations then
  you need to activate the one you want. If you haven't, the
  we just use the file realm. The file realm won't be able
  to authenticate you (since you put the info in LDAP!) and
  after 3 failures, will lock out the account.
  The instructions for selecting the realm are at:
  http://e-docs.bea.com/wls/docs60/adminguide/index.html
  See:
  12. Managing Security
  Specifying a Security Realm
  Configuring the Caching Realm
  The basic idea is:
  1) create your LDAP Realm (you've already done this)
  2) create a CachingRealm
  3) set the CachingRealm's BasicRealm to your LDAP Realm
  4) set the Security Realm's CachingRealm to your Caching Realm
  5) reboot
  It's pretty easy to do this through the admin console.
  Otherwise, you can edit config.xml by hand.
  Here's how:
  <Domain>
  <Security
  Name="mydomain"
  Realm="myRealm"
  />
  <Realm
  Name="myRealm"
  FileRealm="myFileRealm"
  CachingRealm="myCachingRealm"
  />
  <FileRealm
  Name="myFileRealm"
  />
  <CachingRealm
  Name="myCachingRealm"
  BasicRealm="myLDAPRealm"
  />
  <LDAPRealm
  Name="myLDAPRealm"
  />
  -Tom
  "Mike" <[email protected]> wrote:
  BTW, before someone suggests it, I found Tom Moreau's
  suggestion to use:
  <ServerDebug Name="examplesServer" DebugSecurityRealm="true"
  />
  under the <Server> element in config.xml and restarted
  with this and still
  no additional
  info from the LDAP realm printed about why it's not working
  (nothing but the
  same
  locking account message mentioend below).
  Is the source for the LDAP realm available so I can debug
  it myself or has
  anybody
  written their own LDAP realm that they'd be willing to
  share with the group?
  Thanks again,
  ...Mike
  "Mike" <[email protected]> wrote in message
  news:[email protected]...
  Ok I've verified that the -Dweblogic.security.ldaprealm.verbose
  probably
  won't
  work with 6.0 (old 5.x and previous style property),
  but I can't figure
  out
  what
  replaced it, to figure out why the LDAP realm isn't
  working for me...
  The property mapping guide at:
  http://e-docs.bea.com/wls/docs60///////config_xml/properties.html
  shows that things like weblogic.security.ldaprealm.url
  changed to LDAPURL in config.xml (without telling
  you that this resides as an XML attribute of
  <Domain><LDAPRealm ... /></Domain> although that's
  easy enough to find by looking through the example
  LDAP realm.
  It then says that weblogic.security.ldaprealm.verbose
  has changed to "Debug" in config.xml, but doesn't
  say whether that's a "Debug" XML attribute on one
  of the XML elements in there, or whether it's an
  XML node itself, or where in the config.xml doc
  it goes... It doesn't work as an attribute of
  <LDAPRealm ...> (server won't start with it there)
  and it doesn't show up at all in the DTD for config.xml
  so I'm assuming the mapping doc at the above url is
  wrong. Anybody know what this really became in 6.0?
  I've tried setting StdoutDebugEnabled="true" in config.xml
  and turning the logging level all the way up to see
  everything, but even
  then all I
  get is the account locked message, not why it's failing
  to authenticate
  via
  LDAP...
  Any other ideas?
  "Mike" <[email protected]> wrote in message
  news:[email protected]...
  I'm trying out WL6.0 (eval version) LDAP realm support
  and having
  trouble
  getting it to work - basic auth just keeps popping
  the window up 3 times
  and
  then giving up. Only pertinent message in the log
  is:
  ####<Mar 16, 2001 12:03:21 PM EST> <Info> <Security>
  <FOOBAR>
  <examplesServer> <ExecuteThread: '11' for queue: 'default'>
  <> <>
  <090021>
  <Locking account, user jdoe.>
  No obvious LDAP info or errors in the log, despite
  adding the following
  two
  to the startup script cmd line and restarting the
  server:
  -Dweblogic.security.realm.debug=true -Dweblogic.security.ldaprealm.verbose
  =t
  rue
  The HTTP basic-auth dialog box is correctly showing
  me that I'm trying
  to
  authenticate to: MyLDAPRealm
  Here's the config info for MyLDAPRealm
  <LDAPRealm AuthProtocol="simple"
  Credential="myserverpasswd"
  GroupDN="o=mycompany,c=us" GroupIsContext="false"
  GroupNameAttribute="cn"
  GroupUsernameAttribute="uniquemember"
  LDAPURL="ldap://tug:390"
  Name="MyLDAPRealm"
  Principal="cn=myserver,ou=myserverstuff,o=mycompany,c=US"
  UserAuthentication="local"
  UserDN="o=mycompany,c=us" UserNameAttribute="uid"/>
  It's a Netscape 4.1 Directory server, and I've verified
  that the above
  server account exists AND can authenticate and retrieve
  account
  userpasswords (yes, the server account is "cn=" while
  the user accounts
  are
  "uid=" - don't ask :-)....
  I've tried both "bind" and "local" and get the same
  results both ways.
  Any ideas???

• LDAP Realm

  "Hi , I was able to connect to LDAP Netscape Directory Server 4.1 successfully,i was able to see the users

  Yep. And if your LDAP realm is hooked up correctly, you'll see groups from your ldap realm
  in the weblogic console, under the Security->Groups tab on the frame to the left.
  Keep in mind that you will not see users from your LDAP server under the Security->Users
  tab. This is expected behavior. But if you see the groups, then you've most likely hooked
  up the LDAP realm the right way ...
  Joe Jerry
  Vishwanath Kumar wrote:
  Hello Kumar,
  I am attaching a small portion of config.xml which contains LDAP settings . Please change
  this according to your LDAP server configuration and test it . I hope this should help
  you out.
  You also need to create a caching realm and then hook up that caching realm to this LDAP
  realm .
  For more information this URL should be helpful:
  http://e-docs.bea.com/wls/docs61/adminguide/cnfgsec.html#1071872
  here is portion of config.xml
  <LDAPRealm AuthProtocol="simple" Credential="dropdead"
  GroupDN="o=beasys.com,ou=Groups" GroupIsContext="false"
  GroupNameAttribute="cn" GroupUsernameAttribute="uniquemember"
  LDAPURL="ldap://mmanson:389"
  Name="defaultLDAPRealmForNetscapeDirectoryServer"
  Notes="This is provided as an example. Before enabling this Realm, you must edit
  the configuration parameters as appropriate for your environment."
  Principal="uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot"
  UserAuthentication="bind" UserDN="o=beasys.com,ou=People"
  UserNameAttribute="uid" UserPasswordAttribute="userpassword"/>
  kumar wrote:
  Hi,
  I have tried to configure LDAP realm in weblogic, but I think it is not configured
  correctly. And I don't know how to test it. Can anybody send me the sample config.xml
  having LDAP realm configured correctly. Please send me a sample program to access
  LDAP realm via weblogic.
  Thx--
  Vishwanath Kumar
  Developer Relations Engineer
  BEA Systems, Inc.

• I am trying to setup VPN with QuickVPN

  Hi I am trying to setup VPN with WRVS4400N and Quick VPN on client side. I am fairly new to VPN and did some research and looked through the manual but can't seem to get it to work so far and from what I noticed many people are having this problem. So hopefully someone can tell what the problem is or at least point to right direction on solving this.
  Basically it gives the "Failed to establish connection" generic error, shows it almost instantly..
  It also showed the certificate error before but then I read about putting it in the installation directory and it stopped showing it, and whats strange is later I removed it but it doesnt show the error any longer, so don't know if its caching it somewhere or what can be going on...
  In effort to look for answer and test things out I tried to connect to another location and setup a WRV200 router, I also get the same error but not instantly, it even shows "Activating Policy" but then doesn't go farther and shows the generic error...
  Also with this setup strangly it always shows the certificate error, no matter if I put one in directory or not... Even tried to name it as the WRVS4400N certificate name...
  Anyway VPN IPSec is disabled, and Client Accounts are configured and changed password several times to make sure its correct, VPN Passthrough enabled on all 3 options.
  I tried to disable Windows Router, I also have a router in place do I possibly need to open some type of ports for the QuickVPN client?
  Don't know yet whats going on if I am missing something or if there is some problem that needs work-around but if you know the answer or guesses of answer please let me know.

  Hi Aleksandr,
  since this question is about a product in the Cisco Small Business / Linksys range, I suggest you move it to the community, where you will have a better chance of getting expert advice.
  best regards,
  Herbert
  Cisco Moderator

• Issues when trying to setup alternate sync location of OneDrive for Business / SharePoint 2013 Libraries

  Hello,
  I have an issue that prevents me from choosing the alternate location of sync'ed OneDrive for Business folders. I'm trying to setup an alternate location for synchronization, using the guidelines found in the Office support web site.
  The option to replace the default sync location appears the first time a SharePoint 2013 Library or OneDrive for Business is setup for synchronization.
  Here would be a link to a snapshot (since my account has not been verified): /Forums/getfile/443247
  At this point, the Library or personal OneDrive folder syncs correctly and the files are stored in the alternate choosen location.
  However, on when trying to setup an additionnal Library for synchronization, the alternate sync location has not been saved and reverts to the default sync location. Furthermore, the option to replace the default sync location does no longer appear
  on the dialog box.
  Here would be a link to a snapshot (since my account has not been verified): /Forums/getfile/443249
  I have tried by first sync'ing a SharePoint 2013 Library (instead of the personal OneDrive for Business folder) with the same result. Meaning that the first SharePoint 2013 Library correctly sync's in the alternate location of my choosing. However,
  any subsequent attempts to sync either a SharePoint 2013 Library or the OneDrive for Business folder results in them being sync'ed to the original default location in a folder under the user's profile directory.
  I'm using Office Professional Plus 2013 (64bits). The version of Groove.exe is 15.0.4605.1000 (12th March 2014 - 13 383 360 bytes).
  Is there something I'm missing ?
  Thanks for any help on this issue.

  Hi SpringComp,
  You can change the root path for libraries you sync to your computer, though you can do this only if you’re not currently syncing any libraries. If you’re already syncing at least one library and you want to change the path, you must first
  stop syncing all libraries. Then, the first time you run the OneDrive for Business wizard to sync a library to your computer, you’ll see an option to change the location.
  More information, please refer to the link:
  http://office.microsoft.com/en-001/support/change-the-location-where-you-sync-sharepoint-libraries-on-your-computer-HA102893480.aspx
  I hope this helps.
  Thanks,
  Wendy
  Wendy Li
  TechNet Community Support

• Trying to setup systemd user instance

  Hi guys!
  For the past few days I have been trying to setup systemd to run a user instance (user is 'hans'). Sadly, I have been unable to find a lot of detail in doing this, so much of my work has been trial and error. Just recently I learned about the [email protected] and also about loginctl enable-linger. However to what degree they are related to setting up a user instance, I do not know. I set the user 'hans' to 'linger' using the loginctl enable-linger hans command, however I think I might have misunderstood the significance of the command in relation to what I am trying to do.
  What I want to for user 'hans' to have his own service file, i.e. irssi.service, and start/stop/enable/disable/etc that service independently of the system. I realize that I could use sudo and configure it to only allow certain commands, and more than that have individual 'system' services for each user, i.e. hansirssi.service, janeirssi.service, joeirssi.service, etc., but I don't want to have to do that unless there is no other option.
  So Question 1:
  Is it possible to setup up systemd user instances as I envision it? Or have I misunderstood something?
  My system:
  [root@ru ~]# uname -a
  Linux ru 3.5.4-1-ARCH #1 SMP PREEMPT Sat Sep 15 08:12:04 CEST 2012 x86_64 GNU/Linux
  The system is installed in a Proxmox virtual machine with a virtio virtual HDD and standard setup. It is a headless system. I have a complete systemd conversion as per the wiki plus polkit 0.107-2 for use with 'loginctl'.
  I tried:
  [root@ru ~]$ systemctl enable [email protected]
  The unit files have no [Install] section. They are not meant to be enabled using systemctl.
  [root@ru ~]$ systemctl start [email protected]
  [root@ru ~]# systemctl status [email protected]
  [email protected] - User Manager for hans
  Loaded: loaded (/usr/lib/systemd/system/[email protected]; static)
  Active: active (running) since Fri, 21 Sep 2012 18:33:07 +0100; 42min ago
  Main PID: 23189 (systemd)
  Status: "Startup finished in 822us."
  CGroup: name=systemd:/user/hans/shared
  â 23190 (sd-pam)
  â systemd-23189
  â 23189 /usr/lib/systemd/systemd --user
  And on the user account hans I confirm that the service is running:
  [hans@ru ~]$ systemctl status [email protected]
  [email protected] - User Manager for hans
  Loaded: loaded (/usr/lib/systemd/system/[email protected]; static)
  Active: active (running) since Fri, 21 Sep 2012 18:33:07 +0100; 13s ago
  Main PID: 23189 (systemd)
  Status: "Startup finished in 822us."
  CGroup: name=systemd:/user/hans/shared
  â 23190 (sd-pam)
  â systemd-23189
  â 23189 /usr/lib/systemd/systemd --user
  But in regard to actually starting/stopping/enabling a user specific service, I keep getting this error:
  [hans@ru ~]$ systemctl start dummyservice.service
  Failed to issue method call: Access denied
  and when I try by accessing the 'user' instance, I get the following error:
  [hans@ru ~]$ systemctl --user
  Failed to get D-Bus connection: Unable to autolaunch a dbus-daemon without a $DISPLAY for X11
  The thing is that dbus is running:
  [root@ru ~]# systemctl status dbus
  dbus.service - D-Bus System Message Bus
  Loaded: loaded (/usr/lib/systemd/system/dbus.service; static)
  Active: active (running) since Thu, 20 Sep 2012 18:19:18 +0100; 24h ago
  Main PID: 248 (dbus-daemon)
  CGroup: name=systemd:/system/dbus.service
  â 248 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation
  Sep 21 18:12:40 ru dbus-daemon[248]: dbus[248]: [system] Successfully activated service 'org.freedesktop.PolicyKit1'
  Sep 21 18:12:40 ru dbus[248]: [system] Successfully activated service 'org.freedesktop.PolicyKit1'
  Sep 21 18:17:50 ru dbus-daemon[248]: dbus[248]: [system] Rejected send message, 2 matched rules; type="method_call", sender=":1.26" (uid.../init ")
  Sep 21 18:17:50 ru dbus[248]: [system] Rejected send message, 2 matched rules; type="method_call", sender=":1.26" (uid=1000 pid=23167 c...n/init ")
  Sep 21 18:32:46 ru dbus-daemon[248]: dbus[248]: [system] Rejected send message, 2 matched rules; type="method_call", sender=":1.31" (uid.../init ")
  Sep 21 18:32:46 ru dbus[248]: [system] Rejected send message, 2 matched rules; type="method_call", sender=":1.31" (uid=1000 pid=23185 c...n/init ")
  Sep 21 18:35:45 ru dbus-daemon[248]: dbus[248]: [system] Rejected send message, 2 matched rules; type="method_call", sender=":1.34" (uid.../init ")
  Sep 21 18:35:45 ru dbus[248]: [system] Rejected send message, 2 matched rules; type="method_call", sender=":1.34" (uid=1000 pid=23195 c...n/init ")
  Sep 21 18:36:06 ru dbus-daemon[248]: dbus[248]: [system] Rejected send message, 2 matched rules; type="method_call", sender=":1.35" (uid.../init ")
  Sep 21 18:36:06 ru dbus[248]: [system] Rejected send message, 2 matched rules; type="method_call", sender=":1.35" (uid=1000 pid=23197 c...n/init ")
  Here is the full output from 'journalctl':
  Sep 21 18:17:50 ru dbus-daemon[248]: dbus[248]: [system] Rejected send message, 2 matched rules; type="method_call", sender=":1.26" (uid=1000 pid=23167 comm="systemctl enable [email protected] ") interface="org.freedesktop.systemd1.Manager" member="EnableUnitFiles" error name="(unset)" requested_reply="0" destination="org.freedesktop.systemd1" (uid=0 pid=1 comm="/sbin/init ")
  Sep 21 18:17:50 ru dbus[248]: [system] Rejected send message, 2 matched rules; type="method_call", sender=":1.26" (uid=1000 pid=23167 comm="systemctl enable [email protected] ") interface="org.freedesktop.systemd1.Manager" member="EnableUnitFiles" error name="(unset)" requested_reply="0" destination="org.freedesktop.systemd1" (uid=0 pid=1 comm="/sbin/init ")
  Sep 21 18:32:46 ru dbus-daemon[248]: dbus[248]: [system] Rejected send message, 2 matched rules; type="method_call", sender=":1.31" (uid=1000 pid=23185 comm="systemctl start [email protected] ") interface="org.freedesktop.systemd1.Manager" member="StartUnit" error name="(unset)" requested_reply="0" destination="org.freedesktop.systemd1" (uid=0 pid=1 comm="/sbin/init ")
  Sep 21 18:32:46 ru dbus[248]: [system] Rejected send message, 2 matched rules; type="method_call", sender=":1.31" (uid=1000 pid=23185 comm="systemctl start [email protected] ") interface="org.freedesktop.systemd1.Manager" member="StartUnit" error name="(unset)" requested_reply="0" destination="org.freedesktop.systemd1" (uid=0 pid=1 comm="/sbin/init ")
  Sep 21 18:33:07 ru systemd[23189]: Failed to open private bus connection: Failed to connect to socket /run/user/hans/dbus/user_bus_socket: No such file or directory
  Sep 21 18:35:45 ru dbus-daemon[248]: dbus[248]: [system] Rejected send message, 2 matched rules; type="method_call", sender=":1.34" (uid=1000 pid=23195 comm="systemctl start userservice ") interface="org.freedesktop.systemd1.Manager" member="StartUnit" error name="(unset)" requested_reply="0" destination="org.freedesktop.systemd1" (uid=0 pid=1 comm="/sbin/init ")
  Sep 21 18:35:45 ru dbus[248]: [system] Rejected send message, 2 matched rules; type="method_call", sender=":1.34" (uid=1000 pid=23195 comm="systemctl start userservice ") interface="org.freedesktop.systemd1.Manager" member="StartUnit" error name="(unset)" requested_reply="0" destination="org.freedesktop.systemd1" (uid=0 pid=1 comm="/sbin/init ")
  Sep 21 18:36:06 ru dbus-daemon[248]: dbus[248]: [system] Rejected send message, 2 matched rules; type="method_call", sender=":1.35" (uid=1000 pid=23197 comm="systemctl start userservice.service ") interface="org.freedesktop.systemd1.Manager" member="StartUnit" error name="(unset)" requested_reply="0" destination="org.freedesktop.systemd1" (uid=0 pid=1 comm="/sbin/init ")
  Sep 21 18:36:06 ru dbus[248]: [system] Rejected send message, 2 matched rules; type="method_call", sender=":1.35" (uid=1000 pid=23197 comm="systemctl start userservice.service ") interface="org.freedesktop.systemd1.Manager" member="StartUnit" error name="(unset)" requested_reply="0" destination="org.freedesktop.systemd1" (uid=0 pid=1 comm="/sbin/init ")
  Question 2:
  Why would dbus reject the 'messages', is there something I need to configure (permissions,...?) in order to get this to work?
  I suspect that it is my lacking knowledge to blame for this problem, which is why I have sought help here.
  EDIT#1:
  I forgot to show you what 'loginctl' was doing:
  [root@ru ~]# loginctl user-status hans
  hans (1000)
  Since: Thu, 20 Sep 2012 18:19:18 +0100; 24h ago
  State: lingering
  CGroup: name=systemd:/user/hans
  â shared
  â 23190 (sd-pam)
  â systemd-23189
  â 23189 /usr/lib/systemd/systemd --user
  Last edited by sunite (2012-09-21 18:17:35)

  I just went through the install process, read through the user-session-units doc, I was finally able to get the user instance working, no Dbus errors . However I decided to make sure and run 'dbus-monitor' within the user 'hans' and I got the following error message:
  Failed to open private bus connection: Failed to connect to socket /run/user/1000/dbus/user_bus_socket: No such file or directory
  I checked and there is no such file, however I checked the dbus.socket:
  [root@ru user]# cat /usr/lib/systemd/user/dbus.socket
  [Unit]
  Description=D-Bus System Message Bus Socket
  [Socket]
  ListenStream=%t/dbus/user_bus_socket
  And dbus.service:
  [root@ru user]# dbus-monitor
  Failed to open connection to session bus: Unable to autolaunch a dbus-daemon without a $DISPLAY for X11
  [root@ru user]# cat /usr/lib/systemd/user/dbus.service
  [Unit]
  Description=D-Bus System Message Bus
  Requires=dbus.socket
  [Service]
  ExecStart=/usr/bin/dbus-daemon --session --address=systemd: --nofork --systemd-activation
  ExecReload=/usr/bin/dbus-send --print-reply --session --type=method_call --dest=org.freedesktop.DBus / org.freedesktop.DBus.ReloadConfig
  and as far as I can tell everything see alright there.
  EDIT#1:
  I just restarted the system to see if my symlink worked for the user-session service. It did, sort of, however the following error occured during boot:
  Sep 21 22:15:14 ru systemd[307]: Failed to open private bus connection: Failed to connect to socket /run/user/1000/dbus/user_bus_socket: No such file or directory
  Last edited by sunite (2012-09-21 21:22:11)

• HT1175 I am trying to setup my Time capsule via a ethernet cable as a back up for a new iMac. The on button on the time capsule set up window keeps failing to stay on. Any ideas what to do?

  I am trying to setup my Time capsule via a ethernet cable as a back up for a new iMac. The on button on the time capsule set up window keeps failing to stay on. Any ideas what to do?

  A PC can have more issues connecting than a Mac.
  But it really should not matter.. so just try it in situ.. press and hold the reset.. once it starts up, it will return to default IP, 10.0.1.1 the PC should then be able to find it via the airport utility.
  If not drag it over to the Mac and plug in there by ethernet.. or since it is a laptop, really should not be that difficult to drag the Laptop and plug it into the TC.
  Important thing is to get access to the TC.
  The Mac if it is running lion, then you MUST download and install 5.6 airport utility to do anything useful.
  http://support.apple.com/kb/DL1482

• I am trying to setup bootcamp on my MacBook Air.  Network diagnostics doesn't believe I'm connected to the internet... but I am!!???

  I am trying to setup bootcamp on my MacBook Air.  I have a wifi internet connection which works fine in Safari etc. However, when I get to the point of downloading the windows install files I am told the network is not connected, but it is!
  I have a simple automatic connection set up to a wifi router which works fine for all standard internet functions - mail, safari, downloads in safari etc. Where it falls down is that the system doesn't recognise it in network diagnostics.  When I reach the point of downloading win installation files for my air from the internet it says I am not connected to the internet and runs network diagnostics which proceeds to break my internet connection.  If I stop network diagnostics, close the windows and simply switch my wifi off and on then I'm back up and running, but the network diagnostics still doesn't believe it.
  Any ideas?  Seems completely illogical to me...

  This is the message I get if that helps anyone...