User ID question

Similar Messages

• HT201441 i just bough a used iphone but looks that it was found and i cant unlock it. its still link to the last user my question is how do i find out who is the last owner so i can unlock it

  i just bough a used iphone but looks that it was found and i cant unlock it. its still link to the last user my question is how do i find out who is the last owner so i can unlock it

  peeweenborre wrote:
  i just bough a used iphone .... its still link to the last user ...
  If you cannot get this information from the seller
  Removing a device from a previous owner’s account
  You need to return the Device for a refund,

• Adding user challenge questions.

  I have been successful in reading and changing questions and answers programmatically but have not been able to add new user questions. (I have been able to add them through IDM online interface.)
  Does anyone know how to add new user challenge questions?

  I am curious at what point your doing this? I have a set of challenge questions and answers in an LDAP that I would like to use to populate the fields inside of iDM. This way, I could utilze the iDM screens/logic when a user forgets their password. I would also need to keep these fields updated in iDM as they could change in the LDAP. Any suggestions?

• Long-time Eudora user, rookie Mail user--have questions, need help!

  Hi, all!
  As the subject heading says, I've been using Eudora for a very long time (way past its shelf life) and have been playing around with Mail off and on over the past year.  (Now, in Eudora's defense, the expiration date on it was a "Best by..." not a "Use by..." date   and it's been working fantastically for years! )
  I recently started to plunge into Mail more deeply and have a couple of questions.
  1. Drafting vs. queuing. 
  I am used to Eudora's system where a bunch of drafted messages sit in an Outbox.  They stay there until I flag QUEUE for the ones I'll eventually be mailing.
  It's a good system.  A quick look at the flags in the Outobx lets me know which I still to need to work on, and which ones are ready to go out (or need a final review before sending).   The user then selects "Send Messages" and it e-mails the ones queued in the Outbox, but not the remaining draft emails that haven't yet been queued.
  How do I set up something like that in Mail?
  Right now, all I have is a list of draft messages and I cannot tell which ones are still really drafts and which are ready to be sent!
  2.  Work-around to try and mirror Eudora's system.
  I tried creating a new mailbox called Queue, in which I can park the emails I've done editing.  Of course, the problem with such a scheme is that when I want to send messages, I either have to put them back into the Drafts mailbox, from where I can select and send everything (including ones I haven't finished editing!), or drag them into Mail's Outbox where they go out instantly.  That's a little freaky and I can see disasters happening (emails going out when I'm wanting to drag other messages to a different mailbox).
  3.  Disable auto-sending? 
  Is there a way of turning off and on the Outbox's automatic sending action?  That could be the simplest solution for me.  I'd really like to send messages only via a menu command--yet, from I've determined, Mail's Send menu command will send any messages selected in the Draft mailbox.  Again, I see screw-ups with that as the wrong draft could be selected and Mail would send it out. 
  4.  Display of badges for mailboxes.
  This is more of a curiosity, but is there a way of having a user-created mailbox show how many e-mails are in there?
  Solutions?
  What do you all do as to work flow?  How do you go about creating and revising a bunch of e-mails, but only sending out certain ones?  And ensuring that only the ones you want to go out, go out?!

  Thank you for posting all this info.  Unfortunately i have no idea how to do flags and how to use a smart mailbox as a place to store emails i am not ready to send.  Eudora is vastly superior in all the things it empowers the user to quickly and easily do, in the traditional Apple spirit of intuitiveness, clear direct normal (not esoteric) communicatioin and user friendliness.
  about three weeks ago i was pretty much forced into Mountain Lion bcause my old MacBook is barely functioning at all and i got a new MacBook Pro.  So, good bye Eudora that i've used since 1995, only because i couldn't find another mail program that did what it does.  I wonder why there aren't others.  I've tried MailForge, it's a great attempt but it seems to have run out of steam and isn't working well enough. 
  I am using Mail and Gmail. The result is i'm suffering a whole range of loss of functionality in email, and am not getting a lot of messages, they are here somewhere but i can't always find them, i have to go to my old computer, enduring a kind of freeze where a beachball is a sign of progress, a trackpad that barely works for drag and drop anymore and a battery that needs reaplacing. i think the hard drive is failing. but i still need it to retrieve my email reliably, to a poiint where i see i 'm going to have to put money into it so it can keep working, for email.  what a poor solution. I am trying as best i can to have Mail communicate better. 
  i just wanted to thank you for your encouraging posts and giving me something to follow up on to try to use, to address this one of many loss of Eudora problems. Why wouldn't a mail program give you the option to queue mail?   Why take away options and functionality?   sorry, i'm just ranting because i've had a very frustrating last few weeks related to numerous new OS challenges, but email is the only really serious one. 
  I really like your idea of badges to show number of new messages, i think that's what you meant, you didn't say 'new', but another great and helpful thing about Eudroa is sorting mail into mail boxes and opening those mailboxes that get new mail each time you download mail, so you kow what's new. You can immediately see it.  In Apple Mail, i find i have to dig through each of the 12 'on my mac' mailboxes/folders i created so far, to see if there is new mail in them. A lot of extra trouble for something that a superior email program can do for you.

• Receiver SOAP adapter - User authentication question

  XI experts,
  Here is the scenario - IDOC > XI > SOAP - Ansynchronous call..
  I need your all help to understand the user authentication on the "Receiver SOAP Adapter"... We are using "HTTP" transport protocol.
  I believe, the userid which we entered in the communication channel needs to have proper security on the web server. The Web server URL starts with "http://lsme
  01.xyz.com/...." .
  Question : Is this usrid and password will be encrypted when XI calls this web service?
  If an answer is "NO" then is there anyway we can encrypt it?
  Thanks in advance!
  Points will be given..
  MP

  XI experts,
  I need an answer to the following question....
  The Web server URL starts with "http://lsme01.xyz.com/...." .
  Question : Is this usrid and password will be encrypted when XI calls this web service?
  If an answer is "NO" then is there anyway we can encrypt it?
  Thanks in advance!
  Points will be given..
  MP

• FCP user preference question

  I got a project from overseas, gotta fly there to edit a video. they provide my basic facilities.
  I used to edit on my own machine....because the short cuts and whole the favorite effects and transitions that I saved in my FCP.
  So my question is, since I gonna shift my FCP user preference files to another FCP, do they affect other editor's preferences. I am pretty sure on the FCP, there are lots of preference settings that other editors made.
  in particular, let's say my shiftcontrol2 is 3 ways color correction tool, but on the computer that I am going to use might not be the color 3 ways, it might be some other functions...
  can i just save their preference in a folder, and put my preference in , and after i am done, and put back their preference..?
  thanks for your advice and suggestion in advance,
  your help is highly appreciated
  Hiro

  Hiro
  You can use FCP Rescue to backup FCP preferences file and restore it later:
  http://fcprescue.andersholck.com/
  Or you can do it manually:
  http://docs.info.apple.com/article.html?artnum=93385
  Hope that helps !
    Alberto

• Authenticated Users Group Question

  I have a quick question regarding the Authenticated Users "group". I used to be a systems administrator, but I'm a bit rusty since I've been a software developer for the last 10 years. A conflict with data center operations (DCO) group
  at work lead me to get another opinion.
  The question is this... is the authenticated users group a domain-level group or is there a local authenticated users group that would allow only users authenticated locally? We have a share that permits the authenticated users group access.
  My opinion is that all domain users who have authenticated successfully have access to this share. The DCO group is telling me that this is the local (to the server containing the share of course) authenticated users group only.
  Is there such a thing as a local-only authenticated users group? To me this doesn't even make sense, but I could very well be wrong.
  Nathon Dalton
  Sr. Software Engineer
  Blog: http://nathondalton.wordpress.com

  I apologize. I don't think I explained myself correctly. Let's consider the following...
  SERVER: SERVER1
  DOMAIN: DOMAIN1
  SHARE: \\SERVER1\SHARE1
  SHARE PERMISSIONS: Authenticated Users - Full Control
  Given the above information, is it possible that the Authenticated Users group will allow ONLY users that are defined on SERVER1 to access \\SERVER1\SHARE1?
  My understanding is that's not possible. There's one defined Authenticated Users group and that represents ALL users that are authenticated against DOMAIN1, whether added to local groups, shares, etc.
  What I'm being told however is that SHARE1 having Authenticated Users assigned is okay since only those user accounts defined on SERVER1 will be able to access it. All the users in the domain will NOT be able to access it. I think this is bogus. Am I wrong?
  Nathon Dalton
  Sr. Lead Developer
  Blog: http://www.nathondalton.com

• Mandatory User input question

  Hello,
  I am trying to write a script that I can use to list out all permissions in a SharePoint site (site).
  I had a mandatory parameter set : [string]$SiteCollection
  Where the user would need to type the site collection and then my command would use that input to find the permisssions for the site collection.
  For my test I used our site collection called service.  It never ran.  After checking the variable $SiteCollection it took the name I typed in 'service' and actually ran the command, thus the variable $SiteCollection was filled with a list of all
  the current services on the machine.
  2 questions
  1) How can I set the input of the mandatory variable to be literally what I type in, not running an alias such as 'service'
  2) I though this might be better if I gave the user a list of site collections to pick from, thus they would not need to know the correct spelling.  Is there a way to list out all the sites (Get-SPSite) in a list with a number next to them and the user
  could then select the number that corresponds with the correct site collection as their input?
  Thanks for you help

  Hi Robert,
  I‘m writing to check if the suggestions were helpful, if you have any questions, please feel free to let me know.
  If you have any feedback on our support, please click here.
  Best Regards,
  Anna
  TechNet Community Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• EAP-TLS User Certificate Question

  I've setup a test ACS server and have everything functioning correctly including the WLAN. However, is there anyway for EAP-TLS to use ONLY the machine certificate and not the user certificate? We are not currently setup with per-user certificates. I'm guessing not on this... My primary question then is with User Certificates, how do you handle the following scenerio:
  I have many CoW's (computer on wheels) through out the hospital that nurses use for inputting patient information. They all have a simple generic username/password (BADDD!!!!) so with this user it won't be hard to have default_user certificate install on the machines. But what if Doctor X decideds to walk up to one of these CoW's and wants to logout and log back in with his user/password on a machine he's never used before. How do we handle making sure he's able to connect if doesn't already have a cert on this computer? I'm quite mistified by this.
  Thanks
  -Raun

  If you are using the MS Supplicant, you need the following registry settings:
  "HKLM\SOFTWARE\Microsoft\EAPOL\Parameters\General\Global\AuthMode", 2, "REG_DWORD"
  "HKLM\SOFTWARE\Microsoft\EAPOL\Parameters\General\Global\SupplicantMode", 3, "REG_DWORD"
  This forces it to only use hardware certificates and sets the authentication to do the correct RFC polling.
  As for the other issue, MS CA user certs do not "roam". Yet. There is discussion of roaming credentials being in Windows 7, but not entirely what that means. Roaming certificates can be easier with a product like Venafi. There "Encryption Management" tools are certificate management suites. The do have roaming management, or at least did when we talked to them.
  Oh, and if you use two CAs (hardware and user), the separation keeps it straight too.

• User Interface Questions

  I have already programmed some dialogs in JavaScript. I'm not using Script UI, although I've played around with Script UI a little bit. Now I'm getting a bit more advanced with some user interfaces and dialogs and have a few questions:
  1. Is it possible to create a "live updating" dialog similar to InDesign's Files > New > Document, where based on a menu selection of a preset, the dialog's editboxes change their values to reflect that menu selection?
  2. Can you program something like the Presets button in InDesign's New Document dialog where the user clicks "Save Preset", names it, and then the main dialog updates with the new preset the user just created.
  3. Script UI does not have measurement friendly boxes, does it? By that I mean that when you enter inches, mm or picas, the box will translate it into the current measurement type.
  4. I love the nudge option on the measurement editboxes. Can that be done via Script UI?
  Ideally my coding needs to work in both CS2 and CS3 and I code in JavaScript because that's what I know, but if the "live updating" stuff is possible in AppleScript or VBScript I'd still like to be aware that it can be done.
  While code examples of any of this are welcome, I mostly need to know what's possible, and any starting point you can offer will help (like the name of the control). That way I can start looking things up and figuring them out.
  Thanks in advance,
  Dan

  Thanks for the answers Bob. They are exactly as I thought, but wanted to make sure. It sucks that we have to recreate (via code), things that were given to us before Script UI. I know Script UI is more powerful in some ways (and hopefully sure will get more powerful with time) but loosing measurement boxes is a big bummer. They had so many nice built in features. I feel like I need to reinvent the wheel with Script UI.
  1. Do you have any example dialogs that you could post? I can often figure out how to get a lot of stuff done by looking over examples other people have created. Especially things where one feature interacts with another, but even just a dialog with menus, text, etc so I can check out how to layout the dialog. I have created one dialog with Script UI, but am not sure if I am doing it very efficiently and I couldn't find any Script UI stuff in InDesign's sample scripts.
  2. I suspect if I use Script UI I'll have to verify that only numbers are entered into the edit fields right? I need numerical values only for what I will be doing. Any thoughts on the best way to verify it's only a number in there? Can I do that live in the dialog before the user clicks OK? Argh, all these complications make me less than enthusiastic to go to Script UI, but I really would like to be able to have a live updating dialog.

• How to make form scroll down as user completes questions

  I have a multi page form that is mostly hidden but as a user answers 1 question this may then prompt another question to appear, what I would like to do is ensure that the form auto scrolls down as the questions are answered.
  Any help would be appreciated

  Hi,
  You can use setFocus(), but I am not sure if this will lead to a good user experience. As the user may not expect the form to automatically jump to a new question.
  Try working with the tab order.
  Niall

• A PC user's questions about Airport Extreme & Airport Express

  Hi all,
  I have a few questions regarding both the Airport Extreme AC and the Airport Express. 
  I am a PC user who is currently looking at replacing my Cisco Linksys EA4500(primary router) and my Linksys E2500(bridge router) due to the lack of regular firmware updates that Linksys fails to provide for their routers  and the fact that I simply find Linksys products to be buggy..  Based on my research,  Apple's Airport Extreme N and the AC versions have received excellent reviews on Amazon and I am considering purchasing both the Airport Extreme AC(to replace my Linksys EA4500) and the Airport Express(to replace my Linksys E2500).
  Before I get to my questions, let me be frank in saying that I do not have a Mac(but intend to after my desktop dies) at this time but in my house we have two iPhone 4s's and one iPad 2 as far as Apple products are concerned.  My computer network consists of my HP Windows 7 based desktop and HP Windows 7 laptop and I have a home ethernet in every room in the house . In addition, my den's ethernet connection is connected as Ethernet wall jack in which the connections include---->Ethernet switch------>Tivo---->Playstation 3/Xbox 360/Nintendo Wii/----->Samsung Smart TV---->Linksys E2500.
  My questions are as follows:
  1. Initial/Out of the box set up: Based on what I have read here, it is possible for a PC user to setup the Airport Extreme by downloading the Airport Extreme utility software from Apple. However I have been confused based on what I have read on Amazon in that some users report that the initial setup can only be done using a Mac.  Would someone from this forum kindly clairify this for me? Can I set up the Airport Extreme with my network assuming that I have previously downloaded an installed Apple's Airport Extreme Utility for the PC?
  2. Using the Airport Express as a wireless bridge: Currently my Linksys E2500 serves as my secondary router in my den in bridge mode.  Can I set up an Airport Express as a wireless bridge assuming I was sucessfully in setting up my Airport Extreme? On Linksys products this is done by setting the router in bridge mode and assigning it a specific IP address within the bridge router's settings.  So for example, my Linksys E2500 has a 192.168.1.1X IP address, can I do this with the Airport Extreme?  Note the the intention here for the extra router in my den to provide additional wireless coverage due to the size of my home.  I do not need it to provide me with the same wireless network name as my primary router, I only want to provide the back of my house with additional wireless coverage that a primary router will not provide.
  3. Router Security and reliability:  I would like the router that I purchase to include regular firmware updates beyond that of one year.  Especially now that most modern routers have some sort of cloud set up,  I wouldn't want to purchase a router today, only to find out that I wouldn't be able to update its firmware one year from now.   With respect to Apple's routers,  how often does Apple release firmware and typically speaking;  how long will Apple support additional firmware releases for its products?
  Thanks to anyone who reads and responds to my long post! 

  The one problem is Apple using their own automatic port opening system.. NAT-PMP which is fine for apple clients but will not work with almost anything else made which depends on UPNP ..
  There are lots of hassles with PS3 and XBox live and anything that depends on standard automatic port opening for interactive internet connection.
  Manually opening ports is possible but a pain.
  eg
  AirPort Extreme and xbox 360
  https://discussions.apple.com/thread/5385065?tstart=0
  I do agree with John Galt that the Apple products are well made and generally great.. they did have a bad capacitor failure issue in the Gen1 and Gen2 TC which he may have forgotten about.. I have repaired about 200 of the bludgers. And there was a dedicated site to pressure apple to fix them.. with 2500 recorded dead TC.
  See http://timecapsuledead.org/
  See
  https://sites.google.com/site/lapastenague/a-deconstruction-of-routers-and-modem s/apple-time-capsule-repair
  And some ongoing issues.. even post getting that fixed up.
  https://sites.google.com/site/lapastenague/a-deconstruction-of-routers-and-modem s/apple-time-capsule-repair/new-issue-with-a1355-gen-3-tc
  But the AEBS had external power supply so didn't add to the heat of built in HDD and power supply in a case too small without cooling. New ones seem to have learnt the lessons of the past in that the power supply is internal but they use a fan system to keep it cool.
  See http://www.ifixit.com/Device/Apple_Time_Capsule for internal construction.. TC and AEBS are now identical except for the hard disk.
  An option worth considering is using a router with third party source firmware.
  You are then never cut off from great updated firmware.. and you can do amazingly more with the fuller setup that includes Telnet cli and extensive interface on the GUI.
  Eg Gargoyle on a Netgear WNDR3800 or even cheaper TP-Link WDR3600 or WDR4300.
  These offer full QoS, not in Apple products.
  Full throttling controls, not in Apple products.
  Quota, not in any other products in domestic market at all.
  NAT-PMP and UPNP, not in Apple products.
  VPN, not in Apple products.
  Multiple VLAN, Multiple IP addressing, not in Apple producs.
  SMTP, which Apple removed from all their new products.. no reason why.
  Log access, which Apple removed from the new airport utility.. no reason why.
  etc.
  If for some reason that firmware doesn't suit.. you can flash over to DD-WRT, or OPENWRT.. etc. in other words you are never again beholden to the manufacturer who after the product is EOL is also end of support.

• Mavericks server alerts and User account questions

  Hi
  I'm looking for more detailed information about setting up Alerts in Mavericks Server, plus I seem to have a strange problem with new user accounts when setting up.
  More Info.
  I have a Mac Mini acting almost 100% exclusively as a Time Machine backup device with encryption of three portable computers on a wired network.  This was originally set up three years using Snow Leopard Server and a 2Tb external FireWire Drive.
  The external drive is now proving too small, and in any case is showing the possible first signs of failure when tested, so the intention is to replace it with a RAID of some sort, probably a 2-drive RAID 1 device but if the budget allows we might be able to look at RAID 5 or 6 units.
  It seems a good opportunity to clean install Mavericks Server on the Mini, so I've set up a test station on my MacBook Pro with my Mac Pro (both running 10.9.2) as a test backup client.  The Server OS is on an external FireWire boot drive, and the TM backup folders are on another external, in this case a USB 3.0
  For obvious reasons there does not seem to be any reason to turn on more services than absolutely necessary, so just Time Machine and File Sharing for the moment.  All works well but I can't seem to get Alerts working.  I've listed 3 different eMail addresses (all mine) for the alerts to be sent to, and I have two Admin Accounts for Notifications, both using the same AppleID I set the Server software up with.  I've gone through the rather sparse setup help information carefully, and there is no information about additional services being required, although I did try setting up the Mail client (tested sending and receiving) on the Server and having it running whilst the backups were being tested.
  As I said, the test backups went fine and when I disconnected the backup drive from the Server to simulate a failed drive the TM on the Mac Pro client showed an alert saying the backup drive could not be found.  However, there were no emails or Notifications received, either on the Mac Pro or my iPhone from the Server.
  There seems to be minimal amount of information available about the workings of Mavericks Server, but I have gone through what I can additionally find online about Mountain Lion Server, with no real indication of what it is that I am missing.  The only instructions seem to be exactly what I've done, so your advice would be appreciated.
  Another thing that puzzles me, is that when restarting the MacBook Pro I get all the Admin and Standard User Accounts (created in Server.app) showing at the login screen.  This is only four Accounts in total, so what would happen if this was 50 Users?  If I click on the 'User' tab in Server.app I get 83 User Accounts showing, but that was not the case until this evening, as only the Admin and Stardard User Accounts I had set up were visible.
  It's obviously possible that I've mucked up the install and basic setup somehow, but I can't see that anything I've done would have these effects as I've been careful to follow the options put in front of me.
  Thank you in advance.

  There's nothing to fetch. You assign the value from the function GET_APPLICATION_PROPERTY(USERNAME); as you would any value returned from a function.
  DECLARE
     myVar    VARCHAR2(50);
  BEGIN
     myVar := GET_APPLICATION_PROPERTY(USERNAME);
  END;Hope this helps.
  Craig...
  -- If my response or the response of another is helpful or answers your question please mark the response accordingly. Thanks!

• Sharing Internet (User Information Question)

  I have been trying to find information about this and have yet to succeed... I really hope someone will be able to help me out on this!
  I have an Intel iMac connected via ethernet to my router. What I have set-up is for the iMac to then share that connection via AirPort to our Powerbook.
  The only thing is... we live in an apartment building and I want to be sure no-one else is piggybacking on the wireless connection (it is password protected but still).
  So, my question is, how can I tell who is logged onto the shared connection at a given time? In the Network dialog, it just says "Internet Sharing is on and is using AirPort to share the connection".
  Is there any where I can see information like:
  -the number of users currently using the shared connection
  -their computer names
  -general bandwidth allocation issues
  Thanks for the help!

  Hi matt,
  So, my question is, how can I tell who is logged onto the shared connection at a given time? In the Network dialog, it just says "Internet Sharing is on and is using AirPort to share the connection"
  You can do it unix-style with tcpdump, Tcpdump is a powerful tool that allows us to sniff network packets and make some statistical analysis out of those dumps. One major drawback to tcpdump is the size of the flat file containing the text output. But tcpdump allows us to precisely see all the traffic and enables us to create statistical monitoring scripts. (From the) Terminal run man tcpdump to read the command's manual.
  You can do it with EtherPeek/AiroPeek, a commercial graphical application: http://www.wildpackets.com/products/etherpeek/overview, http://www.wildpackets.com/products/airopeek/overview.
  Depending on what firewall you're running you can also get some useful information by observing the firewall's log file(s).
  Keep in mind that doing real-time monitoring on an interface will produce huge logs that may take lots of your time to read/understand them.
  Is there any where I can see information like:
  -the number of users currently using the shared connection
  -their computer names
  -general bandwidth allocation issues
  That's a tad bit tricky: if you're thinking about MacOS X's nice graphical interfaces and computer names, then the users (if any) piggybacking your wireless connection must use MacOS X too and be ignorant security-wise. Tiger server offers such a GUI and there's FrameSheer (http://www.apple.com/downloads/macosx/networking_security/frameseer.html), a standalone app you can try...
  Macs running 9.x, Macs running 10.4.x, SGI workstations running Irix 6.5.x
  Message was edited by: fu

• User authentification question ?

  hi,
  i am using wsad, i want to protect some ressources, for this i add all
  security tags needed in the web.xml, except the informations about user,
  because it server specific (username, passwod, role), i am using websphere
  contained in the wsad, my question is at which location i have to put this
  information, is it in the server-cfg.xml file ????
  thanks for your help

  In WebSphere App. Server you have three options for storing user information (user name and passwords).
  1. LDAP server (any supported by WAS)
  2. You can use local operating system or domain accounts.
  3. You can implement inteface com.ibm.websphere.security.CustomRegistry
  This interface has ~14-16 methods, like getUsers(), getUser(String), checkUserPassword(String user,String password)... etc
  If you choose 3rd option - you obviously have to write a class with all these methods, and its really limited only to your imagination where you store user info in this case:)
  Oleg.

• OAM-OIM 11g User Lockout Question

  All,
  We have a OAM and OIM 11.1.1.3 installation and i am testing the invalid login attempt scenarios and came across teh following situation. I was wondering if you could give me steps or some pointers for resolving this:
  1. created an account [email protected] as xelsysadm and reset the password on first login
  2. Have the following OIM default parameters (these are the only configs that i could find are possibly related to this)
  XL.UnlockAfter - 0
  XL.MaxLoginAttempts - 10
  3. Entered incorrect password and for the initial 4 times i got the OAM login screen back with an error message "An incorrect Username or Password was specified"
  4. After 5th attempt i just got the error message "Error
  An incorrect Username or Password was specified"
  5. I go back the http://oimservername:oimport/oim i get the login screen again and enter [email protected] with an incorrect password next 4 times (total 9 now) I get login screen back with "An incorrect Username or Password was specified"
  6. after the 10th attempt with incorrect password i get a different error message with no login screen "Error
  The user account is locked. Please contact Administrator."
  7. I logged into OIM as xelsysadm -> administration -> search user [email protected] and it doesn't show that the account is locked. I lock it anyways explicitly by clicking the button the user screen and click unlock immediately and now enter [email protected] and correct password everything works.
  Few questions that i have are:
  1. how do i get the OAM/OIM system to behave consistently, (give an incorrect username or password message until the first 9 attempts with a login screen back to the end user and give them an error message at the end that the accoutn is locked". I am okay with out of the box message text
  2. How will our operations team understand that the user is really locked becuase they have nowhere to go find this information
  3. what are all the places where i will look for this information in the above scneario when the user account is locked by himself. (OVD/OID, USR table in OIM_DEV schema etc)
  4. Are there any other best practices that i should follow in setting up the system.
  Thanks in advance for reviewing this.
  Prasad.

  It appears to be all happening in OAM. After researching some more, I found this piece at http://download.oracle.com/docs/cd/E17904_01/doc.1111/e15740/idmint.htm#CACBBIDI.
  But never the less it doesn't explain how to unlock the user other than the workaround that i found. Did anyone else had to deal with this.
  x---------------------------------------------------------------x
  2.8.4.4 Account Lock and Unlock
  Oracle Access Manager keeps track of the login attempts and locks the account when the count exceeds the established limit.
  When an account is locked, Oracle Access Manager displays the Help Desk contact information.
  When contacted by the end user, the Help Desk unlocks the account using the Oracle Identity Manager administrative console. Oracle Identity Manager notifies Oracle Access Manager about the changes.
  Account Lock and Unlock Flow
  When the number of unsuccessful user login attempts exceeds the value specified in the password policy, the user account is locked. Any login attempt after the user account has been locked displays a page that provides information about the account unlocking process, which will need to be customized to reflect the process (Help Desk information or similar) that is followed by your organization.
  Note:
  Oracle Identity Manager does not support automatic locking of a user account after a specific period has elapsed.
  The following describes the account locking/unlocking flow:
  Using a browser, a user tries to access an application URL that is protected by Oracle Access Manager.
  Oracle Access Manager Webgate (SSO Agent) intercepts the request and redirects the user to the Oracle Access Manager login page.
  The user submits credentials that fail Oracle Access Manager validation. Oracle Access Manager renders the login page and asks the user to resubmit credentials.
  The user's unsuccessful login attempts exceed the limit specified by the policy. Oracle Access Manager locks the user account and redirects the user to the Oracle Access Manager Account Lockout URL, which displays Help Desk contact information.
  The user contacts the Help Desk over the telephone and asks an administrator to unlock the account.
  Oracle Identity Manager notifies Oracle Access Manager of the account unlock event.
  The user attempts to access an application URL and this event triggers the normal Oracle Access Manager single sign-on flow.