Two ssl users from same client machine
Hi all,
We are using oracle database 10.2.0.3 EE and have a ssl user set up from the app server to the database based on metalink note 736510.1. That being said I have been asked to create another ssl user but how is that possible. I tried in the database but came back with:
ORA-28026: user with same external name already exists
So I created a second wallet for the second user but is it possible to define two wallet locations in the oracle client sqlnet.ora file? I can point the location to either but is it possible for two.
Here is what is in client sqlnet.ora file:
WALLET_LOCATION =
(SOURCE =
(METHOD = FILE)
(METHOD_DATA =
(DIRECTORY = /path1/ssl)
How can I tell it to also check for the other (i.e. /path2/ssl)? Any ideas for this would be greatly appreciated.
Thanks
Troy
Hello Troy;
There is a restriction that a single SQLNET.ORA file can contain only one entry of WALLET_LOCATION or ENCRYPTION_WALLET_LOCATION.
This notes explains how to get by that restriction :
How To Maintain Multiple Wallets For A Single Database Instance [ID 759226.1]
I think you can do something like this too, so in theory you can use an alias.
ENCRYPTION_WALLET_LOCATION=
(SOURCE = (METHOD = HSM)
(METHOD_DATA =
(DIRECTORY = /etc/ORACLE/WALLETS/<$ORACLE_SID>)))Best Regards
mseberg
Similar Messages
-
I have SQL login group as "SC_NT\group_name" in server. There are multiple users using this login group to access database objects. User "A" can able to access db object(stored_procedure_1) from .net application. But when user "B"
tried to access same db object(stored_procedure_1), its showing like
Error: The EXECUTE permission was denied on the object 'stored_procedure_1', database 'test',schema 'dbo'.
Both the users are using windows authentication for access the objects. Could you suggest me the way to resolve this?
VenkatThanks for your response
Erland Sommarskog....
my stored procedure "stored_procedure_1"
does not has any granted permissions to execute. But still user A
able to execute the sp from UI, where user B not able to do it. If any permission provided for a particular object, then only it will display in the above query whatever u have given.
Any other possibilities??
Venkat G -
Users from same OD have different group memberships on each client
Hello -
I am getting the dreaded "This user can not login because an error occurred" when a network user tries to log in.
Oddly - on some clients he can log in, but not others.
I have checked the open directory settings in directory utility on each client machine and they are identical.
But typing id <username> on each of the clients gives me different results :
Server
id: bensmith: no such user
*Client machine that works (iMac)*
Office-iMac:~ apndavies$ id bensmith
uid=1040(bensmith) gid=20(staff) groups=20(staff),1027(family),103(com.apple.sharepoint.group.2),404(com.apple.s harepoint.group.7),402(com.apple.sharepoint.group.6),216(com.apple.access_loginw indow),107(com.apple.sharepoint.group.5),1033(mobileaccounts),62(netaccounts),12 (everyone),401(com.apple.sharepoint.group.3),403(com.apple.sharepoint.group.4),1 01(com.apple.sharepoint.group.1)
*Client machine that won't allow network users to login*
Study-Mac-Mini:~ apndavies$ id bensmith
uid=1040(bensmith) gid=20(staff) groups=20(staff),1027(family),1033(mobileaccounts),62(netaccounts),12(everyone) ,101(com.apple.sharepoint.group.1),216(com.apple.access_loginwindow)
Have I got a problem with Open Directory? Surely the results of the id command should be identical?
Many thanks,
AndrewHi Tim -
Yes it is. Sorry - was getting a bit desperate this morning.
Problem now solved - for those with the same / similar issues there were two problems.
Initially - the client machine that would not connect had it's DNS server set to my router - not my server (which is running DNS for the local LAN)
Once I fixed that (don't have a clue why or how this setting got changed - could have been wrongly assigned my my router (Airport Express) - not sure), I noticed that Kerberos was no longer running on the server. I could connect to it via screen sharing, but I couldn't connect to an AFP share. I checked a few things, then happened to notice that my Snow Leopard server was no longer "bound" to open directory (itself) in System Preferences>Accounts>Login options.
Fixing both of these issues resolved the problem.
Thanks again to Tim for his help and advice.
Regards,
Andrew -
Problem: Socket
connection is not creating in machine, through utility program (MFC Dll), on ListDisplay service port - 3334 (on separate machine), while we are able to telnet on same ListDisplay service port - 3334 from same issue machine on same time
Environment: -
OS:
Windows XP SP2/7
Code:
VC 6.0
Dll: MFC
Problem Description: -
We have written a utility program which create socket (Using windows standard method [MFC]), and then make connection with another service (List Display) running
on port 3334 in different machine and retrieve the required list data. This program was working fine in almost all the machines.
But, we have received a severe intermittent issue on two machines. Client is facing issue in displaying the list data from port 3334.
Attempt: -
First we tried to debug code, and we come to know that socket is not creating in utility program. So we tried to telnet on ListDisplay service port 3334 and we were surprised that we were able to telnet, then we opened some more
telnet window on same port 3334 around (6 to 8) window, and each cmd connected properly. But we were not able to create socket from utility program.
Problem is severe because issue is intermittent.
We have tried all the way, but we are not able to figure it out, that what can be the exact problem and what are the conditions, when utility program will not
connect with ListDisplay service on port 3334.
Kindly assist to resolve this issue. For any help, we would be really thankful.Hi,
According to your description, it seems that you have created an utility program which is making connection with another service port 3334, however, two clients are facing issue in display the data list from port 3334.
Port: 3334/TCP
3334/TCP - Known port assignments (1 record found)
Service
Details
Source
directv-web
Direct TV Webcasting
IANA
Since the port 3334 is used by directv-web service, I'd like to suggest check this service it is working well on the problematic clients.
1. The client can be resolved in DNS well? Please run "nslookup" in the prompt command.
2. Is there any 3rd party application interrupting? Do test in clean boot.
2. Strongly suggest you run process monitor tool to analysis it.
I am looking forward to your reply if you have any updated on your side.
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. -
How to upload file from a client machine to server machine
hei evryone!
can anyone pls help me on how i can upload file from a client machine to another machine (or server). using jsp.Then later on, i can also retrieve the names of these files to place it as values for option tag in an html form.I have a seperate screen for uploading the file and the screen for displaying all the files that were uploaded on the server...
any sample code/ ideas would be much appreciated.Thx!!!!hei evryone!
can anyone pls help me on how i can upload file from a client machine to another machine (or server). using jsp.Then later on, i can also retrieve the names of these files to place it as values for option tag in an html form.I have a seperate screen for uploading the file and the screen for displaying all the files that were uploaded on the server...
any sample code/ ideas would be much appreciated.Thx!!!! -
How to refresh XML file from my client machine
Hai All
I have temp.XML and temp.XSL template in our server machine.
when i give a print from client machine first time it gives the record,and next time it did not get refresh.Always it shows the previous records in the browser.But when i go into the server machine and click on temp.xml,it shows the current record(correct records)
How to refresh XML file from my client machine?
Regards
DhinaYou never delete a Time Machine backup by dragging it to the Trash. You are supposed to use the TM application to manage the backups. What you will need to do now is to simply erase the drive using Disk Utility.
-
How can I move particular users from one client to another client
Hi, I am trying to find a way to move few or many user from one client to another. Is there a transaction available or program to move them. e.g. there is a SCC1 available to move transport only from one client to another without going through TMS.
Is there any trick available ?
thnx in advanceclosing this one. thnx
-
How to get file input stream from the client machine by JSF Fileupload API?
Dear Friends,
How to get the file input stream from the client machine by JSF HtmlFileupload or fileupload API. At present, if i execute the file upload code in the client machine, it is able to get the local path of the file and looking for the file in server machine. So i am getting FileNotFoundException.
E.g., If a file is located at client machine at following location means "C:\Test\Test.txt",
uploadClass.getFileuploadComponent().getFilename().toString() returns "C:\Test\Test.txt". But it is looking for that file in server and throwing FileNotFoundException.
Please post your replies soon.
Thanks,
JPDepends on which version of JSF you're using. If JSF 1.2, I wouldn't even bother trying to hack this into JSF itself unless you can use something like Seam 2 or richfaces.
http://docs.jboss.org/richfaces/latest_3_3_X/en/devguide/html/rich_fileUpload.html
http://docs.jboss.org/seam/2.2.1.CR3/reference/en-US/html/controls.html#d0e29259 (look for s:fileUpload)
But if I were you, a simple non-jsf form with a servlet works best for taking file uploads.
As for JSF 2.0, there are other ways of getting it done.
http://balusc.blogspot.com/2009/12/uploading-files-with-jsf-20-and-servlet.html -
Oracle command line to connect to a database directly from a client machine
Hi,
I need to connect from a Client machine to a database present on the Database server.
Client: Windows 7 32 bit/ 64 bit
Server where DB is installed: Windows 2008, Oracle 11.xg
I need a command line option that will connect to a database say 'Test' from the command line. I want to put that command in a batch file / exe and call it from there.
I have tools like SQL Developer and dbForge but was unable to do it. Could I have some help on this.
I am a fresher with Oracle and I would appreciate detailed steps. Thanks very much in advance.
VincentVincent,
There is a few steps you want to perform, first of all tell me where is your client database server and where you want command line to use Oracle SQL command line.
Regards,
Hunain Khanani -
EJB deployment/access from the Client Machine
I want to deploy/access the EJB on the Oracle 8i server from the
Client Machine. From the Oracle 8i server machine i am able to
deploy and access the EJB
When i am trying to deploy/access the EJB i am getting the
following message
javax.naming.CommunicationException: Unknown service : sess_iopp
url
Please tell me what to do ?
Thanks in advance
nullAre you using JDeveloper? If yes then go to File|New->Snippets
and select 'Example JServer EJB Client' to create an EJB client.
: javax.naming.CommunicationException: Unknown service :
sess_iopp
It's sess_iiop not iopp ;-)
Regards,
Arun
Manish Patel (guest) wrote:
: I want to deploy/access the EJB on the Oracle 8i server from
the
: Client Machine. From the Oracle 8i server machine i am able to
: deploy and access the EJB
: When i am trying to deploy/access the EJB i am getting the
: following message
: javax.naming.CommunicationException: Unknown service :
sess_iopp
: url
: Please tell me what to do ?
: Thanks in advance
null -
Generate two xml reports from same execution
I need to generate a summary report and detail report from the same execution.
Detail report will record all the steps marked as Record result
Summary report to record only the steps that are of type Pass/Fail, Numeric Limit Test, MultiNumeric Limit Test and String test.
So far I have been able to generate two detail report from same execution and can save each report in separate folder.
How to get the data for summary versus detail report from the running sequence?
CLD,CTD
Solved!
Go to Solution.
Attachments:
ReportFolders.JPG 115 KBThanks for the approach.
I have created a sequence which recursively looks through the Parameters.MainSequenceResults and if StepType is one of the Test Types then displays in summary report.
On the summary report I also wanted to get the name of the subsequcenCall if that subsequence call contained a valid TestType for summary report. For example if subsequenceCall step has a Action and String type. I wanted it to display as shown in Image1.jpg below. Currently it displays as shown in Image2.jpg.
Attached is the recursive sequence that I am using.
CLD,CTD
Attachments:
GenerateSummaryReport.seq 8 KB
Image1.jpg 35 KB
Image2.JPG 140 KB -
How to enable multiple users logging in to the same client machine?
Hi,
We have our home directories shared from the server (using AFP) and this allows our users to log in to any machine via the normal console login.
But if you try to remotely login to a machine with ssh, and another user is already logged in at the machine, then you get the error message:
Could not chdir to home directory /Network/Servers/machinename/Users/keith: No such file or directory
I can connect (via) ssh, only if no user is logged in at the console. If I connect with ssh when no users are logged in, and then a user logs in at the console, then this unmounts the home directory for the ssh user.
I have read about the mnthome command, and if I try running this (from my ssh login whilst there is a console login) then I get the error message:
Error: Mount failed with error 1 Operation not permitted
I'm assuming that multiple ssh logins must be allowed somehow? Can you only do this if you share your home directories with NFS (in this case, I understand that all home directories always appear mounted on each client)???
Any help appreciated,
Keith
Server and all clients running 10.4.3
iBook & PowerMac G5 Mac OS X (10.4.3)Thanks for the info. I really thought that this would be a fixable problem. I also thought that it might work when two different users both logged in using ssh only (i.e. when there is no console login). But this also causes problems for the second ssh login.
What practical work-arounds have people tried? The respondent to your other post (linked to above) suggested that NFS sharing might work, only that ssh logins still don't mount the home directory. Is this the case?
Thanks for the speedy answer.
Keith -
SSL VPN message "This (client) machine does not have the web access privilege."
Hello!
I am trying to configure the SSL VPN (WebVPN) and I am almost done but when clicking on the URL's I configured in the bookmarks, I get the message "This (client) machine does not have the web access privilege. Please contact your SSLVPN provider for assistance." I looked through the many tutorials and guides in existence and none talks about such error and the fix for it. In fact, if I search the net for this error message I get only one match, in the Cisco website, where is say that "The client computer does not meet the security criteria of having web access functionality through the SSL VPN gateway." and as fix it gave this tip "Check the URL to the gateway or contact the administrator if it persists." So, nothing on the website about what this issue is and how to fix it. I will provide my IOS configuration and hopefully someone will spot the issue. Here it goes:
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname R1
boot-start-marker
boot-end-marker
logging message-counter syslog
no logging buffered
enable secret 5 $1$1LLX$u7aTc8XfNqPZhPVGwEF/J0
enable password xxxxxxxx
aaa new-model
aaa authentication login userAuthen local
aaa authentication login sdm_vpn_xauth_ml_1 local
aaa authorization network groupauthor local
aaa session-id common
crypto pki trustpoint TP-self-signed-1279712955
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1279712955
revocation-check none
rsakeypair TP-self-signed-1279712955
crypto pki certificate chain TP-self-signed-1279712955
certificate self-signed 01
3082023A 308201A3 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31323739 37313239 3535301E 170D3130 30333233 31313030
33375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 32373937
31323935 3530819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100A8EF 34E3E792 36660498 9801F934 E8A41865 3599EA35 B073AC91 D7A53AF4
A4390D2F CB3DB2DE 936B28F0 A25F3CE1 6F40FD9E E79096F2 F89620E0 B31A7B34
649BBA22 AE44CB55 9F38BF0C 2F2770CF 8380C167 C17D760C 380E28E4 FF7D6874
9EFC310A 2AA60835 F1AA384F CD1A0173 19C98192 EBFBD531 24CB9203 EA9E7D54
B2C30203 010001A3 62306030 0F060355 1D130101 FF040530 030101FF 300D0603
551D1104 06300482 02523130 1F060355 1D230418 30168014 0D9D62EC DA77EAF3
11ABF64D 933633F9 2BA362DC 301D0603 551D0E04 1604140D 9D62ECDA 77EAF311
ABF64D93 3633F92B A362DC30 0D06092A 864886F7 0D010104 05000381 81006853
48ED4E3E 5721C653 D9A2547C 36E4F0CB A6764B29 9AFFD30A 1B382C8C C6FDAA55
265BCF6C 51023F5D 4AF6E177 C76C4560 57DE5259 40DE4254 E79B3E13 ABD0A78D
7E0B623A 0F2D9C01 E72EF37D 5BAB72FF 65A176A1 E3709758 0229A66B 510F9AA2
495CBB4B 2CD721A7 D6F6EB43 65538BE6 B45550D7 A80A4504 E529D092 73CD
quit
dot11 syslog
ip source-route
ip dhcp excluded-address 192.168.0.1 192.168.0.10
ip dhcp pool myPOOL
network 192.168.0.0 255.255.255.0
default-router 192.168.0.1
dns-server 87.216.1.65 87.216.1.66
ip cef
ip name-server 87.216.1.65
ip name-server 87.216.1.66
ip ddns update method mydyndnsupdate
HTTP
add http://username:[email protected]/nic/update?system=dyndns&hostname=<h>&myip=<a>
interval maximum 1 0 0 0
no ipv6 cef
multilink bundle-name authenticated
vpdn enable
vpdn-group pppoe
request-dialin
protocol pppoe
username cisco privilege 15 password 0 xxxxxxxx
crypto isakmp policy 3
encr 3des
authentication pre-share
group 2
crypto isakmp fragmentation
crypto isakmp client configuration group vpnclient
key cisco123
domain selfip.net
pool ippool
acl 110
crypto ipsec transform-set myset esp-3des esp-md5-hmac
crypto dynamic-map dynmap 10
set transform-set myset
reverse-route
crypto map clientmap client authentication list userAuthen
crypto map clientmap isakmp authorization list groupauthor
crypto map clientmap client configuration address respond
crypto map clientmap 10 ipsec-isakmp dynamic dynmap
archive
log config
hidekeys
interface Loopback0
ip address 10.11.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly
interface Loopback2
description SSL VPN Website IP address
ip address 10.10.10.1 255.255.255.0
interface Loopback1
description SSL DHCP Pool Gateway Address
ip address 192.168.250.1 255.255.255.0
interface FastEthernet0
description $ES_LAN$
ip address 192.168.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
interface BRI0
no ip address
encapsulation hdlc
shutdown
interface FastEthernet1
interface FastEthernet2
switchport access vlan 2
interface FastEthernet3
interface FastEthernet4
interface FastEthernet5
interface FastEthernet6
interface FastEthernet7
interface FastEthernet8
interface ATM0
no ip address
no atm ilmi-keepalive
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
bundle-enable
dsl operating-mode auto
interface Vlan1
no ip address
interface Dialer1
ip ddns update hostname myserver.selfip.net
ip ddns update mydyndnsupdate host members.dyndns.org
ip address negotiated
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip policy route-map VPN-Client
dialer pool 1
ppp chap hostname xxx
ppp chap password 0 xxxx
ppp pap sent-username xxx password 0 xxxx
crypto map clientmap
ip local pool ippool 192.168.50.100 192.168.50.200
ip local pool sslvpnpool 192.168.250.2 192.168.250.100
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1
ip http server
ip http authentication local
ip http secure-server
ip nat inside source static tcp 192.168.0.2 21 interface Dialer1 790
ip nat inside source static tcp 192.168.0.15 21 interface Dialer1 789
ip nat inside source list 102 interface Dialer1 overload
ip nat inside source static tcp 10.10.10.1 443 interface Dialer1 443
ip nat inside source static tcp 10.10.10.1 80 interface Dialer1 80
access-list 102 deny ip 192.168.0.0 0.0.0.255 192.168.50.0 0.0.0.255
access-list 102 permit ip 192.168.0.0 0.0.0.255 any
access-list 110 permit ip 192.168.0.0 0.0.0.255 192.168.50.0 0.0.0.255
access-list 144 permit ip 192.168.50.0 0.0.0.255 any
route-map VPN-Client permit 10
match ip address 144
set ip next-hop 10.11.0.2
control-plane
banner motd ^C
================================================================
UNAUTHORISED ACCESS IS PROHIBITED!!!
=================================================================
^C
line con 0
line aux 0
line vty 0 4
password mypassword
transport input telnet ssh
webvpn gateway MyGateway
ip address 10.10.10.1 port 443
http-redirect port 80
ssl trustpoint TP-self-signed-1279712955
inservice
webvpn install svc flash:/webvpn/svc_1.pkg sequence 1
webvpn install csd flash:/webvpn/sdesktop.pkg
webvpn context SecureMeContext
title "My SSL VPN Service"
secondary-color #C0C0C0
title-color #808080
ssl authenticate verify all
url-list "MyServers"
heading "My Intranet"
url-text "Cisco" url-value "http://192.168.0.2"
url-text "NetGear" url-value "http://192.168.0.3"
login-message "Welcome to My VPN"
policy group MyDefaultPolicy
url-list "MyServers"
functions svc-enabled
svc address-pool "sslvpnpool"
svc keep-client-installed
default-group-policy MyDefaultPolicy
aaa authentication list userAuthen
gateway MyGateway domain testvpn
max-users 100
csd enable
inservice
end
Thank you!Hi,
Please check SAP note:
2004579 - You cannot create a FR company from a Package
Thanks & Regards,
Nagarajan -
Lightroom 3.6, two Mac users on same computer, sharing same catalog?
Lightroom 3.6, Mac 10.7.4, images storred on networked 3TB RAID 2 hard drive, trying to use program and same catalog by two different users on the same machine. Installed program on my wife's user account, moved catalog into her Public folder, set file sharing to allow me to Read/Write all files in the folder. Quit Lightroom, logged off as her, logged on as me, started Lightroom. Lightroom asks me to selecet a catalog, I navigate to her Public folder and select the catalog created under her login. Lightroom will not open catalog, stating that the file isnot writable.
Have looked under System Preferences and confirmed file sharing status that allows both her and me to Read/Write to all files in her Public folder. Confirmed that I quit Lightroom under her account (not just minimized) and logged off as her (not just switching users).
I sure hope that this is possible - I don't want to log on as my wife every time I need to use the program and have to look at her wallpaper and file organization. My bigger goal is to set things up so that I can buy another Mac for me, buy another copy of lightroom, and access the same catalog from the other machine via our LAN.
Any help would be appreciated.
Thanks,
jtkI suggest you ask specific usage questions in the LR forum....
Mylenium -
Hello Everyone,
We would like to implement a script to delete the offline files in the Client Side Cache (CSC) for a nominated user (on Windows 7 x64 enterprise).
I am aware that;
1. We can use a registry value to flush the entire CNC cache (for all users) next time the machine reboots.
2. If we delete the user's local profile it appears that Windows 7 also removes their content from the local CSC.
However, we would like to just delete the CSC content for a particular nominated user without having to delete their local user profile.
In our environment we have many users that share workstations but only use them occasionally. We don't use roaming profile so we would like to retain all the users' local profiles but still delete the CSC content for any users that haven't
logged on in a week.
Any ideas or info would be appreciated !
Thanks, MakesHi,
I don't think this is possible.
If you want to achieve it via script, I suggest you post it in official script forum for more professional help:
http://social.technet.microsoft.com/Forums/scriptcenter/en-US/home?category=scripting
The reason why we recommend posting appropriately is you will get the most qualified pool of respondents, and other partners who read the forums regularly can either share their knowledge or learn from your interaction with us. Thank you for your understanding.
Karen Hu
TechNet Community Support
Maybe you are looking for
-
Keep receiving error when trying to use a new Apple ID
"Please sign in again. For added security, we need to reconfirm your Apple ID." I am beyond frustrated and have been working on this for about 2 hours. I don't understand how something so simple is becoming such a nusance. I created a new Apple ID ho
-
Hi, I created a new function group and assigned a function module to it. I transported the function group and function module (available in 1 request) from Dev to QA with no warnings/errors. In QA, i went to SE37, typed my FM name and tried to goto f
-
Combining STOs to create a single invoice
Hi All, I have an requirement where we have to create combined invoices for the Inter company STOs . We are able to create a collective delivery document, but when we create the intercompany invocie, it splits because of tyhe different Purchase orde
-
IPad WEP password required after power off.
Hi, On my ipad mini I am required to re-enter my WEP password after power off. Why is this and how do I prevent it from happening? This does not occur on my mbp or iphone 4s. Thanks, Rob.
-
Chinese Traditional Language Pack for iPod Nano?
With my 500+ chinese songs on my iPod, it is near impossible to find a song without sorting methods. Is there a chinese traditional language pack that I can install on my iPod which provides sorting? Thanks in advance