User Attribute Management
Hello,
Our Authentication technique is 'SAP'.
We want to add the attribute 'Telephone' from SU01 of the BW system to our BOBJ User attribute.
In order to accomplish that I did the following:
1. In 'User Attribute Managemnet' in CMC, I defined a new User Attribute:
Name: Telephone
Internal Name: SI_TELEPHONE (automatically populated by BOBJ)
Source: SAP
Attribute Source Name: Telephone (this is also the attribute name in SU01)
2. I then did User Update in 'Authentication'. Ran an Update of "Update Roles and Aliases"
3. Now in User Properties of all users, I can see the 'Additional User Properties' and under that I see 'Telephone'.
But it is not populating the Telephone number from SAP SU01.
Any help would be much appreciated.
Thanks.
Hi,
you have to grant the Group "TESTGROUP" at leas the "View Object" right on the Root Level of all Users and All groups - then you see the snap in in the CMC.
Regards
-Seb.
Similar Messages
-
How to do the new created field in User Attributes, show in Manager GTC
Hello Guys,
I have a Connector GTC working perfectly. Now I created a new field in User Attributes and I need make this field appear in "Modify Connector Configuration" of "Manage Generic Connector" without having to create a new Connector.
If I create a new Connector this field is showed normally, but this connector has a lot of mapping between the existing fields, I need only that a new field is displayed.
How to I do this?
ThanksNot sure what version of OIM you are using but check Bug: 12812650
-Bikash -
Change Reference Attribute - "Manager" for multiple users
Hi,
I have a scenario in which I have to create a workflow to change a reference value attribute - "Manager" for multiple users in one go. Is it possible to achieve this with workflow. If yes, then how?
Regards,
Manuj KhuranaHello,
not out of the box, since in workflows and custom activities you can only access the reqestor and target object direcly.
But you can develop your own custom activity that fits you need, or do it with powershell custom activity.
I did a very similar thing, to be able to change users group membership from the user UI, so I have also edit objects other then requestor and target in a workflow.
Since both (manager and member) are reference attributes you maybe find this article helpful:
http://social.technet.microsoft.com/wiki/contents/articles/19615.fim-2010-r2-how-to-manage-group-membership-from-the-user-ui.aspx
I used this powershell activity in my solution:
http://fimpowershellwf.codeplex.com/
Regards
Peter
Peter Stapf - ExpertCircle GmbH - My blog:
JustIDM.wordpress.com -
Bhold-flowing user's Manager attribute to BHOLD core
Hi,
I have a requirement to flow all user's manager value into bhold core.This is for setting up attribute based attestation.The problem with manager is "it is a reference type attribute in both AD and metaverse", so i need to create a reference attribute
in bhold core for the flows to happen from metaverse to bhold .
But there is no reference attribute type in bhold.Please can anybody suggest how to create a reference attribute in bhold.
Regards
Shakti
shaktiHello Shakti,
Attestation in BHOLD is either "Application-based", "Role-based" (not Manager-based) or "File-based". If the Manager in your case is defined on OU-Level you can user Role-based Attestation.
As per BHOLD Definition for Role-based Attestation:
- the Steward's role must be available in the OU branch. that means in the specific OU or in one of the OUs above.
- there must be a Steward in the OU to be attested and must be linked to the Steward's role.
In case this does not meet your environment, you can run File-based Attestation. The Definition file includes the Steward's Name seperated by the user Name to be attested. This works in any case. The file you need can then be produced by FIM (CSV-File Export
MA).
Hope this helps.
Henry -
Extended Identity Manager User Attributes
Howdy,
I'm trying to add some attributes to the user accounts stored local to the Identity Manager. I went to the configure menu, and set up the attributes under the Identity Attributes tab. I set the attributes to be stored locally and saved them. I also made sure to indicate that the attributes should be available to the IDM admin and end user interfaces. However, the attributes do not show up when I list the users. When I go to the users attribute tab, it contains only the Account ID attribute. Shouldn't I be able to add a new attribute and edit it?
Much thanks in advance for any help you may be able to provide.It is an XML object so I dont think it has a limit as such, though the system will get slower to checkout and checkin if you overextend it.
there usually isn't any reason to extend it extensivly... I believe it stores most of that, if the querable flag is set at least, in the user attributes table
if you need a lot of data connected to a user you could always have an extra table and store it in, you dont need to store everything in the user object unless you need it every time the user is checked in/out etc etc -
Oracle OIM Adding Custom Field like manager to user attributes
Hi,
I want to add a user custom attribute to the OIM user screen.
I need the filed to behave like the "manager id" field - I need magnifier glass right to next to the field and I need to open user search to select a value.
We are able to add user defined field but I can't find how to add the search capabilities.
Thanks1-In the User Attributes page, from the Actions menu, select Create Attribute.
2-In the Set Attribute Details :
2.1-Category Name: Custom Attributes.
2.2-Display Type: List of values(LOVs)
2.3-
LOV Type(´search capabilities' )
2.3.1-System Generated
2.3.2-Admin Configured
2.3.3-By Query
I hope this helps,
Thiago Leoncio. -
How can i pass the logged in user attribute value into looku query ?
HI,
Is there any way to pass loggined in user attribute vallue to lookup query directrely in AD Child Group form.(Like '$Form data.UD_ADUSER_AD')
Thanks in advance
Edited by: 790561 on 5/12/2011 16:01loggined in user attribute vallue can be understood differently:
- A requester raising a request and you want *Requestor's ID" there.
- An approver logging in to the system for doing approvals.
- A System admin logged in to the system for managing the *Forms, Requests' etc
All the above cases are different and you would expect different values for all. If you requirement was the Requester then
1) Either create a hidden attribute in the Process Form and pre-populate it from the Request Form. In your query use *$Form data.UD_ADUSER_DUMMYREQID')*
2) Or directly capture the *$Requester Information.User Login$* attribute in the process form and do manipulations -
OIF11g - Help on sending user attributes in HTTP header
Hello, I have a OIF11g setup configured for both IdP and SP. Upon successfull authentication against LDAP, I need to end some user attributes on the HTTP header to the SP application. I do no have OAM in my setup, so there is no option of Webgate or Policy Manager to do that. As far as I read the config doc, I'm in the impression that we need to write a custom authentication engine to accept user credentials and code to authenticate against LDAP and also add attributes to the response header.
Before I go down that path, just wanted to confirm if anybody has done this with OIF?
Thanks,
Sunil.Bernhard:
Actually the headers are not set to null. I have an intermediate index.jsp page which is the first page that is redirected to by the AM - it is this page which calls my LoginServlet.
The value appears consistently on this index.jsp page but after it is forwarded to the LoginServlet it starts behaving inconsistently. I check the system.out log in my websphere /logs folder and that tells me that LoginServlet does not consistenly get these values from the header.
The wierd part is that if I use cookies or attributes, it works perfectly - each time every time. However, only in the case of headers (which is the method i am required to do) it behaves inconsistently.
ANY feedback/help on this would be really appreciated bern.. thanks..
~saahil -
OIM 11g: UDF disappears from User Attributes page
Hi,
I was modifying a user defined attribute using the 11.1.1.3 User Attributes configuration page. All I did was change its category to move it to another section of the user profile page. The last remaining field in the category 'disappeared'. It just went from the list of fields in the category. The field still exists on the USR object and still contains all the values. But it's gone from the UI.
I exported the /file/User.xml from MDS and sure enough the missing attribute is not present in the User.xml file. It is there for the mapping to the back end column, and in another element. But the element that describes the field proper is not there. I've since added the attribute element back in manually and re-imported the metadata using the weblogic environment manager, but the field still does not appear.
So, my question is does anybody know where else OIM stores the attribute details? Is it in the DB somewhere and merely mirrored in the MDS? What do I need to do to restore the field? (I can't add it in because it says it already exists.)
ThanksPeachEye,
I was unable to see the UDF's I had created on the user form until I set up a policy for them. Please check the policy around the UDF's.
I am hoping this can help you.
From Oracle documentation:
User's Guide for Oracle Identity Manager
11g Release 1 (11.1.1)
E14316-03
User-defined fields (UDFs) can be added by creating a policy and
adding attributes in the self service user management
administration policy in Oracle Identity Administration. To add
the User defined attributes for view or modification under the
Attributes tab, these UDFs need to be added to the modify user
data set for self-service. Also, a custom policy needs to be created
under self service user management to grant permission to view
and/or modify these attributes.
For details on authorization policies, refer "Creating and Managing
Authorization Policies" on page 15-2. -
Change form layout by User's Manager
Hi all,
1. I need change forms of provisioning e management for User's Manager/Administrator of Resource view only resources management by him.
Eg.
If Admin1 access User1 profile and go to resource profile, I need show only resources that he is Administrator.
2. Are the some way to filter the resource profile by User's Manager/Administrator of Resource?
Eg.
In the User1 profile, Admin1 view information A/B/C (roles of resource) on the attribute profile(combobox/lookup) and Admin2 view only information B/C/D.
Thanks in advance,
CarlosSorry, i have no idea. I would suggest you create an SR in metalink.oracle.com if you have purchased oracle support to find out what the variable is for.
-Kevin -
Editing LDAP User attributes from UME interface
Hi Gurus,
We want to develop a solution with user management screens in WD. These screens will provide password reset and unlock functionality for users. Our users are stored in LDAP. Current connection to LDAP is in Read Only manner.
I want to know
1. How to enable the connection from UME to LDAP in read/write manner?
2. What certificates need to be exchanged for write access? if any?
3. What changes needs to be done in config file of UME?
4. Which permissions should be granted for communication user to edit LDAP user attributes?
Even after performing the change to read LDAP in read/write manner, will it be sure: If we lock user from UME, it will lock LDAP user? please comment.
regards
Kedar KulkarniHi,
We are half way into our application between UME and LDAP. We have developed screens and tested in our internal server. In internal landscape, UME is connected to LDAP in read only fashion. So when we try to create User, it gets created in UME.
But when we deploy same application into client landscape, we receive error as below:
No data source feels responsible for principal. Please check the data source configuration
Now we are not sure why this error is getting displayed.
In client landscape there are 2 LDAPs connected to UME, with only one LDAP in read/ write access.
Is there any way we can check which LDAP is being accessed by our code? Is there any concept of Default LDAP?
Any code to access LDAP details will help us lot.
regards
Kedar Kulkarni -
Importing User attributes from OIM 9101 to 11g
hi all,
I need to import/create all the User attributes(UDFs) present in the OIM 9101 version to OIM 11g. Is there any way this can be achieved using deployment manager? Looking to avoid creating all of them manually again,as that would be a time consuming/error prone task.
Looking forward to your replies.
Thanks,
Anuj.Hi,
I think, you better create it manually in OIM11g and higher environments. The UDF import in 11g is unstable..some times it works..and some times it disappears..and when you try to create UDF after import, It will make your life hell.
I really had very bad experience with OIM 11g UDF export/import.
Regards,
J -
Broken OIM installation after creating user attribute
Hi All,
I tried to create a new user attribute with a list of values. I assume that I specified some of the required values incorrectly as I obtained an error message from the OIM application. Now however, I am not able to login into the OIM application even after restarting OIM. The error that I am getting in the console is as follows:
<Jan 12, 2012 1:06:21 PM SAST> <Error> <oracle.iam.identity.usermgmt.impl> <IAM-3051235> <An error occurred while searching for the user attributes.
oracle.iam.configservice.exception.InvalidLookupException: An exception occurred while retrieving the look-up values: The look-up code 123 is invalid.
at oracle.iam.configservice.impl.EntityUtil.getAttribute(EntityUtil.java:666)
at oracle.iam.configservice.impl.EntityUtil.getAttributes(EntityUtil.java:743)
at oracle.iam.configservice.impl.EntityUtil.getAttributes(EntityUtil.java:780)
at oracle.iam.configservice.impl.RDBMSDAO.getAttributes(RDBMSDAO.java:1158)
at oracle.iam.configservice.impl.ConfigManagerImpl.getAttributes(ConfigManagerImpl.java:784)
at oracle.iam.identity.usermgmt.impl.UserManagerImpl.hasUnsearchableAttributes(UserManagerImpl.java:4819)
at oracle.iam.identity.usermgmt.impl.UserManagerImpl.search(UserManagerImpl.java:1607)
at oracle.iam.identity.usermgmt.impl.UserDetailsProviderImpl.getUserDetails(UserDetailsProviderImpl.java:125)
at oracle.iam.platform.auth.impl.util.AuthenticationContextUtilForEJB.setUserPreferences(AuthenticationContextUtilForEJB.java:137)
at oracle.iam.platform.auth.impl.util.AuthenticationContextUtilForEJB.setAuthenticationContextInEJB(AuthenticationContextUtilForEJB.java:93)
at oracle.iam.scheduler.api.SchedulerServiceEJB.startx(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.jee.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:37)
at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54)
at com.bea.core.repackaged.springframework.jee.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:50)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy250.startx(Unknown Source)
at oracle.iam.scheduler.api.SchedulerService_lp8yuv_SchedulerServiceRemoteImpl.__WL_invoke(Unknown Source)
at weblogic.ejb.container.internal.SessionRemoteMethodInvoker.invoke(SessionRemoteMethodInvoker.java:40)
at oracle.iam.scheduler.api.SchedulerService_lp8yuv_SchedulerServiceRemoteImpl.startx(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at weblogic.ejb.container.internal.RemoteBusinessIntfProxy.invoke(RemoteBusinessIntfProxy.java:85)
at $Proxy179.startx(Unknown Source)
at oracle.iam.scheduler.api.SchedulerServiceDelegate.start(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at Thor.API.Base.SecurityInvocationHandler$1.run(SecurityInvocationHandler.java:68)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.security.Security.runAs(Security.java:41)
at Thor.API.Security.LoginHandler.weblogicLoginSession.runAs(weblogicLoginSession.java:52)
at Thor.API.Base.SecurityInvocationHandler.invoke(SecurityInvocationHandler.java:79)
at $Proxy249.start(Unknown Source)
at oracle.iam.scheduler.webapp.SchedulerStartupServlet.startScheduler(SchedulerStartupServlet.java:99)
at oracle.iam.scheduler.webapp.SchedulerStartupServlet.init(SchedulerStartupServlet.java:46)
at weblogic.servlet.internal.StubSecurityHelper$ServletInitAction.run(StubSecurityHelper.java:283)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.StubSecurityHelper.createServlet(StubSecurityHelper.java:64)
at weblogic.servlet.internal.StubLifecycleHelper.createOneInstance(StubLifecycleHelper.java:58)
at weblogic.servlet.internal.StubLifecycleHelper.<init>(StubLifecycleHelper.java:48)
at weblogic.servlet.internal.ServletStubImpl.prepareServlet(ServletStubImpl.java:539)
at weblogic.servlet.internal.WebAppServletContext.preloadServlet(WebAppServletContext.java:1985)
at weblogic.servlet.internal.WebAppServletContext.loadServletsOnStartup(WebAppServletContext.java:1959)
at weblogic.servlet.internal.WebAppServletContext.preloadResources(WebAppServletContext.java:1878)
at weblogic.servlet.internal.WebAppServletContext.start(WebAppServletContext.java:3153)
at weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:1508)
at weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:482)
at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:425)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
at weblogic.application.internal.flow.ScopedModuleDriver.start(ScopedModuleDriver.java:200)
at weblogic.application.internal.flow.ModuleListenerInvoker.start(ModuleListenerInvoker.java:247)
at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:425)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
at weblogic.application.internal.flow.StartModulesFlow.activate(StartModulesFlow.java:27)
at weblogic.application.internal.BaseDeployment$2.next(BaseDeployment.java:636)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
at weblogic.application.internal.BaseDeployment.activate(BaseDeployment.java:205)
at weblogic.application.internal.EarDeployment.activate(EarDeployment.java:58)
at weblogic.application.internal.DeploymentStateChecker.activate(DeploymentStateChecker.java:161)
at weblogic.deploy.internal.targetserver.AppContainerInvoker.activate(AppContainerInvoker.java:79)
at weblogic.deploy.internal.targetserver.BasicDeployment.activate(BasicDeployment.java:184)
at weblogic.deploy.internal.targetserver.BasicDeployment.activateFromServerLifecycle(BasicDeployment.java:361)
at weblogic.management.deploy.internal.DeploymentAdapter$1.doActivate(DeploymentAdapter.java:51)
at weblogic.management.deploy.internal.DeploymentAdapter.activate(DeploymentAdapter.java:200)
at weblogic.management.deploy.internal.AppTransition$2.transitionApp(AppTransition.java:30)
at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:261)
at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:220)
at weblogic.management.deploy.internal.ConfiguredDeployments.activate(ConfiguredDeployments.java:169)
at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:123)
at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:180)
at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:96)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
<Jan 12, 2012 1:06:21 PM SAST> <Error> <oracle.iam.platform.auth.impl> <IAM-0060010> <Error while loading mapping plugin
oracle.iam.platform.utils.userpreferences.UserDetailsException: Invalid number of users 0 entries returned for user ID OIMINTERNAL.
at oracle.iam.identity.usermgmt.impl.UserDetailsProviderImpl.getUserDetails(UserDetailsProviderImpl.java:135)
at oracle.iam.platform.auth.impl.util.AuthenticationContextUtilForEJB.setUserPreferences(AuthenticationContextUtilForEJB.java:137)
at oracle.iam.platform.auth.impl.util.AuthenticationContextUtilForEJB.setAuthenticationContextInEJB(AuthenticationContextUtilForEJB.java:93)
at oracle.iam.scheduler.api.SchedulerServiceEJB.startx(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.jee.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:37)
at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54)
at com.bea.core.repackaged.springframework.jee.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:50)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy250.startx(Unknown Source)
at oracle.iam.scheduler.api.SchedulerService_lp8yuv_SchedulerServiceRemoteImpl.__WL_invoke(Unknown Source)
at weblogic.ejb.container.internal.SessionRemoteMethodInvoker.invoke(SessionRemoteMethodInvoker.java:40)
at oracle.iam.scheduler.api.SchedulerService_lp8yuv_SchedulerServiceRemoteImpl.startx(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at weblogic.ejb.container.internal.RemoteBusinessIntfProxy.invoke(RemoteBusinessIntfProxy.java:85)
at $Proxy179.startx(Unknown Source)
at oracle.iam.scheduler.api.SchedulerServiceDelegate.start(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at Thor.API.Base.SecurityInvocationHandler$1.run(SecurityInvocationHandler.java:68)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.security.Security.runAs(Security.java:41)
at Thor.API.Security.LoginHandler.weblogicLoginSession.runAs(weblogicLoginSession.java:52)
at Thor.API.Base.SecurityInvocationHandler.invoke(SecurityInvocationHandler.java:79)
at $Proxy249.start(Unknown Source)
at oracle.iam.scheduler.webapp.SchedulerStartupServlet.startScheduler(SchedulerStartupServlet.java:99)
at oracle.iam.scheduler.webapp.SchedulerStartupServlet.init(SchedulerStartupServlet.java:46)
at weblogic.servlet.internal.StubSecurityHelper$ServletInitAction.run(StubSecurityHelper.java:283)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.StubSecurityHelper.createServlet(StubSecurityHelper.java:64)
at weblogic.servlet.internal.StubLifecycleHelper.createOneInstance(StubLifecycleHelper.java:58)
at weblogic.servlet.internal.StubLifecycleHelper.<init>(StubLifecycleHelper.java:48)
at weblogic.servlet.internal.ServletStubImpl.prepareServlet(ServletStubImpl.java:539)
at weblogic.servlet.internal.WebAppServletContext.preloadServlet(WebAppServletContext.java:1985)
at weblogic.servlet.internal.WebAppServletContext.loadServletsOnStartup(WebAppServletContext.java:1959)
at weblogic.servlet.internal.WebAppServletContext.preloadResources(WebAppServletContext.java:1878)
at weblogic.servlet.internal.WebAppServletContext.start(WebAppServletContext.java:3153)
at weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:1508)
at weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:482)
at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:425)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
at weblogic.application.internal.flow.ScopedModuleDriver.start(ScopedModuleDriver.java:200)
at weblogic.application.internal.flow.ModuleListenerInvoker.start(ModuleListenerInvoker.java:247)
at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:425)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
at weblogic.application.internal.flow.StartModulesFlow.activate(StartModulesFlow.java:27)
at weblogic.application.internal.BaseDeployment$2.next(BaseDeployment.java:636)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
at weblogic.application.internal.BaseDeployment.activate(BaseDeployment.java:205)
at weblogic.application.internal.EarDeployment.activate(EarDeployment.java:58)
at weblogic.application.internal.DeploymentStateChecker.activate(DeploymentStateChecker.java:161)
at weblogic.deploy.internal.targetserver.AppContainerInvoker.activate(AppContainerInvoker.java:79)
at weblogic.deploy.internal.targetserver.BasicDeployment.activate(BasicDeployment.java:184)
at weblogic.deploy.internal.targetserver.BasicDeployment.activateFromServerLifecycle(BasicDeployment.java:361)
at weblogic.management.deploy.internal.DeploymentAdapter$1.doActivate(DeploymentAdapter.java:51)
at weblogic.management.deploy.internal.DeploymentAdapter.activate(DeploymentAdapter.java:200)
at weblogic.management.deploy.internal.AppTransition$2.transitionApp(AppTransition.java:30)
at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:261)
at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:220)
at weblogic.management.deploy.internal.ConfiguredDeployments.activate(ConfiguredDeployments.java:169)
at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:123)
at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:180)
at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:96)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
>
Any assistance will be appreciated. I need this resolved ASAP...
Thanks,
user10233157user10233157 wrote:
Yes Bikash:-) can you log in into Design Console? If yes, recreate the Lookup.
-Bikash -
How to modify user attributes in Microsoft IAS or Active Directory??
Anyone have an idea?? What I'm trying to do is to authenticate management access to an ACE 4710 against a Microsoft IAS server.
According to the document below:
http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA1_7_/configuration/security/guide/aaa.html#wp1519045
it sounds like I need to be able to modify user attributes similar to what I know is doable in ACS. I base my assumption on this because of the following statement in the link above:
"Step 3 Go to the User Setup section of the Cisco Secure ACS HTML interface and double-click the name of an existing user that you want to define a user profile attribute for virtualization. The User Setup page appears.
Step 4 Under the TACACS+ Settings section of the page, configure the following settings:
â¢Click the Shell (exec) check box.
â¢Click the Custom attributes check box.
â¢In the text box under the Custom attributes, enter the user role and associated domain for a specific context in the following format:
shell:<contextname>=<role> <domain1> <domain2>...<domainN>"
Is something like this possible in IAS??
I have the authentication piece working for the ACE however when I login, I'm assigned an ACE defined default role of 'network-monitor' which gives me only read-only access. The way I'm interpreting what needs to be done to resolve this is to have the authentication server send an attribute value that states that the user is in the role 'Admin' in which case I'll have unlimited access to my ACE.
Make sense?? Any thoughts??
Thanks in advance.
-LloydLloyd,
It is possible via Radius and not TACACS. On the same link if you scroll down, you will see option of doing it via Radius.
"Defining Private Attributes for Virtualization Support in a RADIUS Serve"
Find attached the doc that explains about setting up user attributes on IAS.
Regards,
~JG
Do rate helpful posts -
Adding additional user attributes in WLS 7 security
We are using WebLogic Sever 7.0.
We would like to use the WLS 7 security with built in embedded LDAP
server. By default, it provides facility to store username, password
and description for Users. We would like to extend it so that we can
manage more information about user such as phone number, email address
etc.
I have been reading WLS 7 security related documents regarding custom
authentication providers. I do not read to write new authentication
provider from scratch. Whatever we get by default would be fine. I
just would like to add more attributes for user and manage it through
WLS 7 console.
I would really appreciate if someone kindly advise of the steps needed
to accomplish this.
Please do not tell me to just read the documentation, as I have
already been reading WLS 7 security documents for 2 days now and can't
figure it out.[email protected] (Narendra Khatri) wrote in message news:<[email protected]>...
We are using WebLogic Sever 7.0.
We would like to use the WLS 7 security with built in embedded LDAP
server. By default, it provides facility to store username, password
and description for Users. We would like to extend it so that we can
manage more information about user such as phone number, email address
etc.
I have been reading WLS 7 security related documents regarding custom
authentication providers. I do not read to write new authentication
provider from scratch. Whatever we get by default would be fine. I
just would like to add more attributes for user and manage it through
WLS 7 console.
I would really appreciate if someone kindly advise of the steps needed
to accomplish this.
Please do not tell me to just read the documentation, as I have
already been reading WLS 7 security documents for 2 days now and can't
figure it out.Hello Narendra,
I work for OctetString and we are the developers of the LDAP Directory
that is embedded in WLS 7. We provide a suite of Virtual Directory
capabilities that would allow you to extend the attributes in the WLS
directory. Please visit our web site at www.octetstring.com for more
infomration or feel free to contact me at 847-466-1322.
Maybe you are looking for
-
Data security for multiple data sources
Dear BO guru's, I am struggling with a brainbraker on authorizations on Universes since quite some time. I am not a BO guru so hopefully someone can help me with this. I (more or less) know the concept of data security in BO: users can be restricted
-
My touch screen on my ipod Nano, Gen 6 has gone completely white. It had started going white the day before. I tried resetting it but to no avail. Does anyone know how I could fix this. Also I have 2 other ipods that I am no longer able to sync. It c
-
Wife upgraded to iTunes 10.1.2 and cannot sync iDevices, even on iPhoto.
Hi there, My wife just upgraded her Itunes to 10.1.2 on her white iMac running Snow Leopard to latest upgrades. Then she tried to sync her iPhone and iPad and it stalls while syncing Calendar. Not sure if its ut the iTunes issue since she also synced
-
Burning a bootable Lion dvd, how to?
Hi I want to burn a copy of Lion to DVD to have a bootable copy at hand. I found instructions here how to do this: http://techland.time.com/2011/06/17/how-to-burn-an-os-x-lion-boot-disc/ However I follow the steps: > 2. Open the "Contents" folder, th
-
Buenos días, quisiera saber si alguno de ustedes ha usado alguna vez la opción de asistente para el archivo de datos, lo que sucede es lo siguiente: Estamos usando la versión de SAP 9.0 PL10 llevamos 4 años con sap hemos visto que esta opción permite