User Accounts in Portal

Similar Messages

• User Accounts expires again and again

  Hello Everyone. The question is:
  When I create a new user account in Portal Builder, and if the user don´t use this account for a 1-2 months, this account expires, i put a end date to 2010 and enable this, but nothing... they expires again and again if the users dont use to much....
  How can i resolve this "expire acount problem"
  Thanks
  Leonel

  Leonel,
  cf http://download-uk.oracle.com/docs/cd/B14099_11/idmanage.1012/b14082/trblsht.htm#CHDFJBIG
  Beginning with Release 9.0.4, the pwdmaxage attributes of the password policies are defaulted to time value of 60 days.
  You have to use oidadmin to fix the problem (as documented in the link)
  Patrick.

• Can't enroll device for user and this user account is not authorized to use Windows Intune.

  Hello,
  We have SCCM 2012 R2 inegrated with intune via an intune subscription. When I enroll a device with my admin account there are no problems, but when I want to add it with another user account which is a member of the Intune users collection, it can't be enrolled.
  When I tested on https://portal.manage.microsoft.com with the credentials of the user I couldn't connect and received the following error: This user account is not authorized to use Windows Intune.
  Do I have to do anything in the https://accounts.manage.microsoft.com as there is a checkbox saying Windows Intune. this is unchecked now for all the users even my own account on which I'm able to enroll a device.
  Or is this a license problem? I know configuration Manager uses licenses for Intune but where can we track how many licenses are used and how many available? Is there some kind of report available?
  I hope someone can help me
  Kind regards,
  Robben

  I added them yesterday and this morning I was still not able to enroll a device with the added user his credentials.
  The UPN is correct. Maybe I need to force the DirSync then? Or will one day of waiting be enough normally?
  I can see the user in the intune management portal. Does this means it has been synced?
  Another thing I noticed is the cloudusersync.log doesn't show them being added? What I was thinking is I first used the all Users collection in the subscription and afterwards I changed it to a specific collection with only the test users. Could it be that
  they all synced already and the log doesn't show them anymore?
  A warning in this log shows this also:
  WARNING: Failed to get lsu url. default release one will be used. exception = System.NullReferenceException: Object reference not set to an instance of an object.~~   at Microsoft.ConfigurationManager.DmpConnector.UserSync.CloudUserUpload..ctor()  
   SMS_CLOUD_USERSYNC    23/04/2014 15:02:18    7684 (0x1E04)
  I don't know if that has anything to do with this?
  this is an extract of that log:
  CCloudUserSync::Process - User sync processing thread is now stopping.    SMS_CLOUD_USERSYNC    23/04/2014 14:59:42    8144 (0x1FD0)
  SMS_EXECUTIVE started SMS_CLOUD_USERSYNC as thread ID 7684 (0x1E04).    SMS_CLOUD_USERSYNC    23/04/2014 15:02:15    7572 (0x1D94)
  CCloudUserSync::Process - User sync processing has started.    SMS_CLOUD_USERSYNC    23/04/2014 15:02:15    7684 (0x1E04)
  Starting user sync ...    SMS_CLOUD_USERSYNC    23/04/2014 15:02:15    7684 (0x1E04)
  WARNING: Failed to get lsu url. default release one will be used. exception = System.NullReferenceException: Object reference not set to an instance of an object.~~   at Microsoft.ConfigurationManager.DmpConnector.UserSync.CloudUserUpload..ctor()  
   SMS_CLOUD_USERSYNC    23/04/2014 15:02:18    7684 (0x1E04)
  Starting user delta sync, raise failure status messages = True    SMS_CLOUD_USERSYNC    23/04/2014 15:02:18    7684 (0x1E04)
  Total received users from SCCM to be removed from cloud = 0    SMS_CLOUD_USERSYNC    23/04/2014 15:02:19    7684 (0x1E04)
  Successfully removed users from cloud 0    SMS_CLOUD_USERSYNC    23/04/2014 15:02:19    7684 (0x1E04)
  Total received users to add from SCCM = 0, Total Successfully added users to Cloud = 0    SMS_CLOUD_USERSYNC    23/04/2014 15:02:19    7684 (0x1E04)
  UserDeltaSync:- Users Added = 0, Users Removed = 0    SMS_CLOUD_USERSYNC    23/04/2014 15:02:19    7684 (0x1E04)
  Starting user delta sync, raise failure status messages = True    SMS_CLOUD_USERSYNC    23/04/2014 15:07:19    7684 (0x1E04)
  Total received users from SCCM to be removed from cloud = 0    SMS_CLOUD_USERSYNC    23/04/2014 15:07:19    7684 (0x1E04)
  Successfully removed users from cloud 0    SMS_CLOUD_USERSYNC    23/04/2014 15:07:19    7684 (0x1E04)
  Total received users to add from SCCM = 0, Total Successfully added users to Cloud = 0    SMS_CLOUD_USERSYNC    23/04/2014 15:07:19    7684 (0x1E04)
  UserDeltaSync:- Users Added = 0, Users Removed = 0    SMS_CLOUD_USERSYNC    23/04/2014 15:07:19    7684 (0x1E04)
  Starting user delta sync, raise failure status messages = True    SMS_CLOUD_USERSYNC    23/04/2014 15:12:19    7684 (0x1E04)
  Total received users from SCCM to be removed from cloud = 0    SMS_CLOUD_USERSYNC    23/04/2014 15:12:19    7684 (0x1E04)
  Successfully removed users from cloud 0    SMS_CLOUD_USERSYNC    23/04/2014 15:12:19    7684 (0x1E04)
  Total received users to add from SCCM = 0, Total Successfully added users to Cloud = 0    SMS_CLOUD_USERSYNC    23/04/2014 15:12:19    7684 (0x1E04)
  UserDeltaSync:- Users Added = 0, Users Removed = 0    SMS_CLOUD_USERSYNC    23/04/2014 15:12:19    7684 (0x1E04)
  Starting user delta sync, raise failure status messages = True    SMS_CLOUD_USERSYNC    23/04/2014 15:17:19    7684 (0x1E04)
  Total received users from SCCM to be removed from cloud = 0    SMS_CLOUD_USERSYNC    23/04/2014 15:17:19    7684 (0x1E04)
  Successfully removed users from cloud 0    SMS_CLOUD_USERSYNC    23/04/2014 15:17:19    7684 (0x1E04)
  Total received users to add from SCCM = 0, Total Successfully added users to Cloud = 0    SMS_CLOUD_USERSYNC    23/04/2014 15:17:19    7684 (0x1E04)
  UserDeltaSync:- Users Added = 0, Users Removed = 0    SMS_CLOUD_USERSYNC    23/04/2014 15:17:19    7684 (0x1E04)
  Starting user delta sync, raise failure status messages = True    SMS_CLOUD_USERSYNC    23/04/2014 15:22:19    7684 (0x1E04)
  Total received users from SCCM to be removed from cloud = 0    SMS_CLOUD_USERSYNC    23/04/2014 15:22:19    7684 (0x1E04)
  Successfully removed users from cloud 0    SMS_CLOUD_USERSYNC    23/04/2014 15:22:19    7684 (0x1E04)
  Total received users to add from SCCM = 0, Total Successfully added users to Cloud = 0    SMS_CLOUD_USERSYNC    23/04/2014 15:22:20    7684 (0x1E04)
  UserDeltaSync:- Users Added = 0, Users Removed = 0    SMS_CLOUD_USERSYNC    23/04/2014 15:22:20    7684 (0x1E04)
  kind regards,
  Robben

• Can you restrict creation of user types in Portal?

  Hi,
  Is it possible to give a group of users the ability to just create 'Vendor' accounts in the Portal?
  While another group of users the ability to just create 'Contractor' accounts in the Portal?
  ...and other group of users to create just another 'type' of users in the Portal?
  Thanks,
  Sk

  Humm, it's seems a bit complex but try to based your drop down over a new object "UserType".
  See
  http://theidentityguy.blogspot.fr/2011/07/populating-rcdc-dropdownlist-with.html
  After that gives the right to view only object UserType "Vendor" for the set "All admins of Vendor"
  I never try this, it's only an idea :)
  Regards,
  Sylvain

• Is there a way to audit user accounts by last login date/time?

  Hello all,
  Is there a way to see or report on a user's last login.  I don't see a last login date parameter in the UM record.  I see that all security events are logged in the security log including logon and logoff, but what I need is to be able to produce a report that provides all user accounts which have not been logged on to since a specified date or # of days, i.e. since 01/01/2008 or >180 days.
  Any clues or guidance is appreciated.
  Regards,
  Paul

  Is there a SAP / Portal standard way of accessing this information?
  Our authorisations team have asked me to get them such a report, and I can't find anything on the portal (NW2004) that would give this information. I don't think the basis guys would be terribly chuffed to provide access directly to the database. If this (database access) is the only way, then I suppose a custom developed app could be created and deployed to the portal, but I would have thought this is a reasonalby sensible report so would be standard content somewhere.
  Cheers,
  Andrew

• Flash player only works for user account installed with

  Hi all
  I've different user accounts on my PC for me and my son.
  Somehow Flash Player 10 only works for the user account I installed Flash player with.
  In case I install it using my account it will not work for my son's account and vice versa.
  How can I solve this?
  Thanks
  Mario

  I've struggled with this for a long time.  Here is what I've come up with.
  Adobe tech support recommended this:
  1. Log in as Admin
  2. Download the following zip file from here:
  www.supportflash.com/reset_all.zip
  3. Unzip this folder onto your desktop.
  4. Drag both files ‘reset_min_all.cmd’ and
  ‘subinacl.exe’ to your
  desktop.
  5. Run the reset_min_all.cmd file.
  6. It will open a DOS like terminal and start
  running through registry
  keys.
  7. When it is finished it will say “press any key
  to continue”.
  8. At this point you can install the latest Flash
  Player:
  for Internet Explorer:
  http://www.adobe.com/support/flashplayer/ts/documents/tn_19166/Install_F
  lash_Player_9_ActiveX.zip
  other browsers:
  http://www.adobe.com/go/getflashplayer
  9. Check that Flash Player is working for the
  Admin.
  10. Check that Flash Player is working as the
  other 2 users.
  I hope this information helps. Feel free to reply
  if you need further
  assistance on the issue discussed here or file
  a new case if you want to
  report a new issue in the Support Portal:
  <(><<)
  >http://www.adobe.com/go/supportportal>
  Thank you.
  Regards,
  Technical Support Engineer
  Adobe Systems, Inc.
  I can't recall whether I had to run this in each account or not.  It somewhat worked for me.  If the accounts were all set up as admin accounts, flash worked in all the accounts after that.  If one account was admin and the rest were limitied (I'm running xp home) it wouldn't work in the limited account.
  I gave up and reverted back to flash player 9 via NOrton go back
  It must be a permissons issue of some sort.  I just don't have the patience to figure it out.
  Good Luck,
  Let us know what you figure out

• ISE, WLC: web auth, blocking user account

  Hello!
  We are implementing BYOD concept with ISE (1.1.4) and WLC 5508 (7.4.100).
  On WLC there is SSID(WLAN) with MAC filtering without L2 security. For authentication user is redirected to the ISE Guest Portal.
  Credentials are created at the ISE sponsor portal.
  We create user account in ISE sponsor portal with one hour lease.
  In 10 minutes we delete (or block)  user credentials.
  In spite of it the user is still able to work. Even if we manually disconnect client and reconnect it again, client opens the browser and there is no redirection to the ISE web auth page.
  This happens because WLC thinks, that client is still associated.
  There are session and idle timeout timers in WLC WLAN, but they can't solve the problem of automatic client session removing.
  From my point of you, ISE must send some kind of reauth request to the user after account deletion, to make user authentication impossible .
  In practice, ISE doesn't tell wlc or user, that client sesssion is blocked.
  How the user account blocking process can be automated without manually deleting the client session from WLC client database?

  It seems that there is some bug about CoA when deleting Guest accounts
  CSCuc82135
  Guests need to be removed from the network on Suspend/Delete/Expiration
  When a guest user is deleted from the system, the RADIUS sessions   associated with that guest user still exists.
  Workaround   Reissue the Change of Authorization using the   session information from Monitoring reports for the sessions associated with   that guest user.
  http://www.cisco.com/en/US/docs/security/ise/1.1.1/release_notes/ise111_rn.html#wp411891
  from BUG Toolkit there is Release-Pending in "Fixed-in" option.

• HotSynch issues: can't change any settings in User Accounts, can't rename or delete, can't sync!

  Hello,  I am running Windows XP Pro Version 5.1.2600.  My wife and I both have Palm Treo 700p smartphones running Palm OS 5.2H. 
  Her phone has been having continual issues with some third-party software.  Each time we would attempt to sync her phone after installation we would get the same error message:
  HotSync Exchange synchronization failed
  HotSync Error: Unknown error. (FE00)
  We have tried to contact the software developer for the third-party application with no luck.  They simply insist that there is nothing wrong with their software. Mind you, the phone would always sync with no issues before we installed the third-party software, but that's neither here nor there.  Point being her phone would not sync no matter what I tried.
  I searched the troubleshooting articles for HotSync issues and found that the only solution that might help would be to update our Palm Desktop from version 4.2 to  6.2.  After installing the new Palm Desktop I was able to sync my 700p.  However, when I attempted to sync my wife's 700p it still did not work.  When I tried to access the HotSync log on the desktop it would only show the log for my phone.  Her name would show up in the list of users, but once I tried to select it my name would appear in the window.  When I attempt to open the "User Accounts" window in the HotSync Manager the application freezes and I must shut it down.  I am unable to delete or rename the User accounts.  
  Now we are stuck not being able to sync her phone and not being able to fix the issue.  She has a lot of files on her phone which she spent a lot of time working on, hundreds of hours, to get them where she needs them.  Our concern is that in the process of fixing the HotSync issue she'll lose her work.  We need a solution.  Any assistance you can offer would be greatly appreciated.
  Thanks,
  Sam
  Post relates to: Treo 700p (Verizon)
  Post relates to: Treo 700p (Verizon)

  Versamail is a email application on the device. As for the backup folder you may have renamed it follow these steps (You may not need to hard reset the device. You can skip that part)
  To fix this what we need to do is hard reset your device. The instructions to do that is here http://kb.palm.com/wps/portal/kb/common/article/887_en.html this tells you how to do all types of resets. Also, what we need to do is rename your backup folder. What this folder is, it hold all your programs from the last time you synced your PC. On your computer go here
  Palm Desktop 4.2 and below
  My Computer--> C drive --> Program files --> Palm/PalmOne--> your hotsync username
  Palm Desktop 6.2.2
  My Documents/Documents --> Palm OS Desktop --> your hotsync username
  Right click on your backup folder and rename it to "backupOld". Resync your device to the same user name and you will get all your contacts, calendar, tasks, and memos.
  You can install the programs again but make sure they are compatible with the device. Also try one program again and wait 24 hours to see if the same thing happens again. This way you know what program is causing the issue.

• User creation in portal

  HI,
  Can we change the registration flow in the portal, so that a mail is sent to the email address and only when the user clicks on the link in the mail, the user account becomes active. Until the user clicks on the link and activates his account the user account should not be active.
  Can we implement this in SAP EP?

  Hi,
  You could do it via the UME API, but you would have to code it yourself.
  You could create the user via the admin functionality (but with the standard email generation disabled for user creation) , and manually lock it, or create the user via a custom WebDynpro or JSP front end that users the UME API to create and lock the user.
  Then use a mail API to generate the email with a URL to a servlet running on the Portal server, which extracts an id of the user from the URL (either the username in unencoded form which is a bit dodgy, or using some unique number that you store against the user to be activated to associate the two) and again use the UME API to unlock the user.
  Should be fairly straightforward providing you are confident with:
  1 - Deploying a web application to J2EE engine containing a servlet.
  2 - Can figure out how to use the UME API
  3 - Can use a mail API like Javamail, which is straightforward
  Cheers,
  Steve

• User Creation In portal Using NWDS

  Hello Experts
  Is there any way we can create a job in SAP Netweaver Portal using NWDS for the user creation.
  Any pointers will be extremely helpful as I am new to this.
  I am using SAP Netweaver 7.3 SP 09.
  Thanks
  Utsav Mishra

  Hi,
  You can use the sample code.You can create an  Abstract Portal component in  NWDS and write the required code inside of it.
  Users can be created with the UserFactory newUser() method.
  IUserMaint represents a modifiable user object. You must issue
          a commit() in order to actually create the user.
  An associated account needs to be created for the User with
          newUserAccount() using the UniqueID of the new User.
  Take care to delete the user if an error occurs (catch the
          appropriate exception and handle it).
  // Create User
  String uid = "testuser01";
  IUserMaint newUser = UMFactory.getUserFactory().newUser(uid);
  newUser.setFirstName("Test");
  newUser.setLastName("User");
  newUser.setEmail("[email protected]");
  newUser.save();
  newUser.commit();
  try
  // Create User Account
  IUserAccount uacc = UMFactory.getUserAccountFactory().
  newUserAccount(uid,newUser.getUniqueID());
  uacc.setPassword("secret");
  uacc.save();
  uacc.commit();
  // NOTE: productive passwords cannot be set if the
  // account is created in a SAP System
  // continue process by trying to set password flag…
  // Now try to modify password change flag for the new user
  try
  IUserAccount uacc = UMFactory.getUserAccountFactory().
  getMutableUserAccount(uacc.getUniqueID());
  uacc.setPasswordChangeRequired(false);
  uacc.save();
  uacc.commit();
  catch (UMException ex)
  //trace warning: “Password is not productive and has to
  // changed during the first logon”.
  catch (UMException umex)
  UMFactory.getUserFactory().deleteUser(newUser.getUniqueID());
  //trace error: “User cannot be created because of an
  // error which occurred during the creation of the
  // corresponding account object”
  You can refer to the below URL for abstract portal component
  Creating an AbstractPortalComponent (SAP Library - Running an Enterprise Portal)
  Please reply in case you have any queries.
  Regards
  Veera

• Creating user accounts programmatically

  Hi,
  We would like to perform few activities programmatically in Azure as follows:
  1) Like to know the approach or APIs available to create the user accounts programmatically
  2) Also would like to know how to access the pricing model of the Azure cloud component programmatically
  Please help us at the earliest to the APIs/ways we requested.
  Thanks,
  Sathish Kumar.K

  Hi
  What's the user account mean here?
  Co-admin or Storage account?
  I wrote a blog about how to manage Azure programmatically
  here.
  You can use that class libraries to do that.
  If you have any further question, please let me know
  For the second question:
  In my memory  there isn't have any billing API for developers, you can only get the info by portal.
  My Blog
  Please use Make as Answer if my post solved your problem and use
  Vote As Helpful if a post was useful.

• Palm TX Won't Keep User Account ID After Hard Reset

  I downloaded some malware and it froze my TX. I had to do a hard reset and when I went to resynch everything I got a dialog box that said that my handheld didn't have a user account ID and I got the choice of selecting an existing one or creating a new one. So I selected "existing" and it went through a very long process of reinstalling everything. So then I had another item to install, and instead of just installing that item, I got the same dialog box and EVERYTHING reinstalled.
  Since then I've tried everything I could think of, changing the ID, creating a new ID, and still I get the same dialog box and no matter which option I choose I have to put up with it reinstalling EVERYTHING.
  Plus software that is ID-dependent won't work since it's looking for the ID that is hooked to the unlock (Acid Spider, for example)
  This is getting tedious and I need help!
  Post relates to: Palm TX

  You may need to hard reset your device and rename your backup folder. Go to http://www.palm.com/cgi-bin/cso_kbURL.cgi?ID=887 and follow the directions to do a hard reset. Next before you hotsync your data back over you will need to rename your backup folder, to do that go here;
  XP
  C:\program files\palm or palm one\[hotsync username]\ and rename your backup
  folder to backup.old
  Vista
  Start-->documents\Palm OS Desktop\[hotsync username]\ and rename your backup
  folder to backup.old
  Then hotsync to your current hotsync name and all your contacts, calendar,
  tasks, and memos will come back over.
  Show file extensions for XP or Vista
  XP
  If you can not view file extensions on your PC I would like you to open a
  folder go to Tools-->Folder Options--> View (tab) and under show hidden
  files and folders uncheck hide file extensions for known file types.
  Vista
  Open control Panel go to Folder Options--> View (tab) and under show hidden
  files and folders uncheck hide file extensions for known file types.
  For reference purposes, click on the following link for the support page for your device on the kb.palm.com webpage.
  http://kb.palm.com/wps/portal/kb/na/tungsten/tx/un​locked/home/page_en.html
  There are links on the page to the user guide, troubleshooting, how to's, downloads, etc.

• Importing NT User information into Portal

  We are using Portal in an NT environment, and we have been able to get through the necessary single sign on issues.
  Now, we need to pull our NT user information into Portal's user database, including all the groupings we already have set up so that we can take advantage of Portal's exceptional security features. This is key to our ability to use the product, and to our demo in a week.
  The fact is we have 5,000 users to enter, and it is prohibitive for us to do that through the standard Portal APIs. We already have the users' input once in NT, we can get a flat file with all the information we need, we just need a way to get this information
  into the appropriate tables within Portal's database.
  Is there a script or some more "automated" way you can suggest for us to do this?

  Maybe you could try to use an intermediate LDAP export file (ldif), since Active Directory is LDAP-based and you can plug a LDAP to your Portal SSO Login Server.
  I only have tried exporting and importing using .ldif files up to now.
  I also have heard about techniques to use NT user account info to log on to Portal ; 'could be easier.

• Unable to replicate SRM users in SAP Portal

  Dear All,
  We've followed the below link to auto replicate the SRM Users in SAP Portal:
  http://help.sap.com/saphelp_srm70/helpdata/en/08/bae789ee8743d5b4cb2fbf93a9831b/content.htm?frameset=/en/08/bae789ee8743d5b4cb2fbf93a9831b/frameset.htm
  But after doing all the configuration steps, we are yet not able to replicate the SRM users in Portal.
  SPML Destination Connection test is successful and all other configurations are done and cross checked.
  Is there any report program that we have to run / schedule for the user replication.
  Please suggest.
  Regards,
  Anurag

  Dear Carl,
  The above link that you've shared talks about replicating user accounts from UME to the SAP System.
  However in our scenario, we want the replication from SAP system to UME. So, it's a reverse scenario.
  The link that I've shared above in my thread talks about my scenario and in fact we've done all the configuration steps also.
  But it is not working at the moment and I believe that there must be some additional setting / trigger point that would initiate the replication.
  If somebody has already come across such scenario, please advice.
  Regards,
  Anurag Gwari

• Retriving user details from user rofile in portal database

  HI all,
  any one knows how to retrive user details from user rpofile in portal database. I am using webdynpro appliction.Please reply.
  Thank you
  Maruthi

  Hi maruti Rao ,
  All Gives U gud Idea..here i give u some brief procedure.First of all u need to add 2 jar file in ur project structure for proper working of "com.sap.security.api.IUser" Interface. After that for retriving Users data Stored on LDAP Server.
  If you are using an LDAP directory as a data source for your user-related data, the ‘logical’ attribute names used by the Java application programming interface (API) of SAP User Management Engine (UME) must be mapped to the ‘physical’ attribute names used in the schema of your corporate LDAP directory.
  Example Data-Source File is as Below From Where U can Get All The Information of Logged user...
  <dataSources>
  <dataSource id="CORP_LDAP"
      className="com.sap.security.core.persistence.datasource.imp.LDAPPersistence"
      isReadonly="false"
      isPrimary="true">
    <responsibleFor>
      <principal type="account">
      </principal>
      <principal type="user">
        <nameSpaces>
          <nameSpace name="com.sap.security.core.usermanagement">
            <attributes>
              <attribute name="firstname" populateInitially="true"/>
              <attribute name="displayname" populateInitially="true"/>
              <attribute name="lastname" populateInitially="true"/>
              <attribute name="fax"/>
              <attribute name="email"/>
              <attribute name="title"/>
              <attribute name="department"/>
              <attribute name="description"/>
              <attribute name="mobile"/>
              <attribute name="telephone"/>
              <attribute name="streetaddress"/>
              <attribute name="uniquename" populateInitially="true"/>
            </attributes>
          </nameSpace>
        </nameSpaces>
      </principal>
        <principal type="group">
        </principal>
    </responsibleFor>
    <attributeMapping>
      <principals>
        <principal type="account">
        </principal>
        <principal type="user">
          <nameSpaces>
            <nameSpace name="com.sap.security.core.usermanagement">
              <attributes>
                <attribute name="firstname">
                  <physicalAttribute name="givenname"/>
                </attribute>
                <attribute name="displayname">
                  <physicalAttribute name="displayname"/>
                </attribute>
                <attribute name="lastname">
                  <physicalAttribute name="sn"/>
                </attribute>
                <attribute name="fax">
                  <physicalAttribute name="facsimiletelephonenumber"/>
                </attribute>
                <attribute name="uniquename">
                  <physicalAttribute name="uid"/>
                </attribute>
                <attribute name="loginid">
                  <physicalAttribute name="null"/>
                </attribute>
                <attribute name="email">
                  <physicalAttribute name="mail"/>
                </attribute>
                <attribute name="mobile">
                  <physicalAttribute name="mobile"/>
                </attribute>
                <attribute name="telephone">
                  <physicalAttribute name="telephonenumber"/>
                </attribute>
                <attribute name="department">
                  <physicalAttribute name="ou"/>
                </attribute>
                <attribute name="description">
                  <physicalAttribute name="description"/>
                </attribute>
                <attribute name="streetadress">
                  <physicalAttribute name="postaladdress"/>
                </attribute>
                <attribute name="pobox">
                  <physicalAttribute name="postofficebox"/>
                </attribute>
                <attribute name="preferredlanguage">
                  <physicalAttribute name="preferredlanguage"/>
                </attribute>
              </attributes>
            </nameSpace>
          </nameSpaces>
        </principal>
        <principal type="group">
        </principal>
      </principals>
    </attributeMapping>
  </dataSources>
  regard's
  Dheerendra Shukla