User Store for Portal

Similar Messages

• GRC AE User provisioning for Portal giving error

  Hi,
  We are having GRC AC 5.3- SP9.
  While doing user provisioning for Portal, we are getting the following error:  DBCacheVerifier.java@58:isExpired(). Detailed error log is attached herewith. The back end system (EP Dev) is installed with GRC RTA. Connectors are testing OK. The CPIC user id in backend system EPDev is ED1GRC and has SUPER ADMIN Authorizations, with SPML read/write actions attached to the Role. EP Dev system is having UME as data source, not LDAP. The issue was existing even before the SP9 upgrade. We have restarted the Server several times lately. Pls help me in this.
  Thanks & Regards,
  Jagadish H S
  BASIS Team, BPCL, Mumbai.

  Jagadish,
  This type of error would normally be a data setup issue. Have you imported all of the initial data files (XML ones)?
  Otherwise, if it is just a cache issue, then restarting the server would normally solve the proplem. I would also check the Java Netweaver Admin console to ensure that the memory settings are sufficiently configured to match the hardware that is deployed.
  Simon

• User store for OAM

  I am setting OID as default User store for OAM 11gR2. And shall continue to use the internal UserIdentityStore1 as Security Store.
  Is this ok? What is best practice.

  This should be fine and is recommended way.
  When trying to set this up. I would recommend keep few things in mind. i.e. Make sure that you are having a new LDAP Authentication Module created for default User Identity Store. You don't want to create a mess out of your Authentication Modules and Authentication scheme configurations. Few of the OOTB Authentication Schemes use LDAP Authentication Module. If you change the User IdentityStore for it. Then your system store would be UserIdentityStore1 whereas the OAMConsoleScheme and other Authentication Schemes will be using LDAP Module which will be pointing to your OID's User Identity Store instead of your System Store.
  ~Yagnesh

• Using two User Stores for one relying party trust

  Hi all,
  We got a request to implement a trust with an external party. 
  Internal users should be able to make use of that application. But also external users, which have their account stored in a different user store (question is asked if its a SQL or LDAP kind of store).
  Is it possible to have a SSO effect for both internal and external users? 
  Somehow ADFS has to know if the user is internal or external. I can imagine an internal user being in the office will get a nice SSO feeling. From what i think this is not possible for external users. External users should still authenticate once on our sts
  (adfs). Lets say this is true, is it possible for ADFS to see if a user is external, and then use the User Store that belongs to that external user?
  You also must take in mind that an internal user could also be in a internet cafe, so SSO is not possible. Also this time the user should authenticate to the sts. But this time it has to use Active Directory as User Store.
  I know internal users have a username in a different format then external users. 
  Is it possible for ADFS to know which User Store to pick based on the format of the username?
  Thanks in advance for the reaction.

  Hi,
  Thank you for your posting!
  Since Active Directory Federation Service is not an extension of Active Directory schema, I suggest you refer to the following forum to get professional support:
  Claims based access platform (CBA), code-named Geneva Forum
  http://social.msdn.microsoft.com/Forums/vstudio/en-US/home?forum=Geneva
  Thank you for your understanding and support.
  Best Regards,
  Amy Wang

• User doc for portal components?

  Is there any detailed user guide info for the Portal components?
  There is decent Javadoc, but I can not find a user guide?
  http://edocs.beasys.com/wlac/portals/docs/javadoc/index.html
  Marko.

  There is a User's Guide and Developers guide at the following link.
  http://edocs.bea.com/wlcs/index.html
  Marko Milicevic wrote:
  Is there any detailed user guide info for the Portal components?
  There is decent Javadoc, but I can not find a user guide?
  http://edocs.beasys.com/wlac/portals/docs/javadoc/index.html
  Marko.

• Issue on LDAP as a user-store for WebLogic Administrators

  Hi All,
  I have configured a Novell LDAP into WEblogic 10.3.2 successfully. I am able to view all of LDAP users and groups on Weblogic Admin Console, which includes my own account in LDAP.
  Now I am trying to configure my account as a Weblogic administrator so that I can log in the Weblogic Admin Console as my own account in LDAP. I don't want to set up an Administrators group in LDAP. I want to add the user to the Admin global role. As my understanding, all I need to do is
  1. Go to "myrealm"
  2. Click the tab "Roles and Policies"
  3. Click the tab "Realm Roles"
  4. Expand the link "Global Roles"
  5. Click the link "View Role Conditions" coressponding to the name "Admin". Enter the panel "Edit Global Role"
  6. Click the button "Add Conditions"
  7. Select "Predicate List" as "user"
  8. Click the button "Next"
  9. Enter my username (jwang) in LDAP to the field "User Argument Name:"
  10. Click the button "Add"
  11. Click the button "Finish"
  12. Back to the page "Edit Global Role"
  13. Here I can see
  User : jwang
  Or
  Group : Administrators
  14. Click the button "Save"
  15. Restart the server
  16. Log in with the new user jwang. It got denied.
  Can someone help me on this and why I can not log in?
  Thanks a lot.
  John

  Hi Faisal,
  Thank you very much for your prompt reply. With your suggestion, I do figure out where my problem is. I did set the control flag in my ldapAuthenticator "OPTIONAL". However, it appears that the DefaultAuthenticator is given as "REQUIRED" by default.
  Once I changed it to be "OPTIONAL", it works.
  Thanks again.
  John

• Issue adding second user store for failover in OAM

  I am attempting to add a second OVD instance to the OAM Directory servers for Access Manager, Access Server & Identity server. I am getting the error
  Unable to contact the DS. This may happen if DS is down or invalid credentials are provided.
  I have verified communication between the OAM and OVD servers, I have imported the certificate into the OIS & AAA databases using certutil, I have used the same cert to connect to the directory with an ldap browser. Any idea why I can not access the server from OAM?

  Hi,
  I assume its OAM 10g -
  Even though you add failover servers through the console, you would need to check if its reflected in the correct xml file.
  Theres a file by name 'failover.xml' (I dont remember the path). Please check if its updated with the correct information.
  -- Pramod Aravind

• User Store

  Everything worked with Access Manager 6.0, but now I'm using AM 7.0. Not in legecy mode. New GUI.
  Creating a sub realm and policy with a referral at the root did not work for protecting multiple applications. I think referrals only give users permissions to manage policies in sub realms. I wanted to create a realm for each application, but that approach does not seem to work. Any suggestions?
  I've given up on sub realms and just created a user store and a normal policy at the root. When I try to authenticate, Access Manager keeps checking the policy server LDAP. I want the user authenticating against the user store I just added.
  In the policy I selected the new user store for the authentication scheme, but that did not seem to work.
  Any suggestions or ideas?

  Thank you for replying. I was wondering if anyone watches this forum.
  Yes, I created an LDAP Authentication Module for the new user store. In the policy I created an "Authentication Scheme" that refers to my new user store.
  No, I have not modied the chain. When tried changing "Default Authentication Chain", I was unable to login to the AM console using the amAdmin user id.
  I thought "Administrator Authentication Chain" applied to amAdmin and I could modify the "Default Authentication Chain" to use my new user store.
  Thanks again!

• Abap+java stack for Portal 7.0 and MI - User Data Source

  The SAP pre-requisites for Portal and MI (Mobile Infrastructure) 7.0 is an ABAP and Java Stack. If you install an AS ABAP + Java, the UME is automatically set up to use the ABAP user management of the same AS installation. What does this mean? The user store will be created in ABAP, for both the Portal and MI.
  The impact of this is portal users management is in ABAP. This configuration by design cannot be connected to LDAP Active directory for user authentication.
  Please let me know , if some body had already face similar issue and come up with the solution.  Thanks in advance.

  Hi Surya ,
  When you install portal or any NW component with ABAP stack , ABAP stack hold precidence over the JAVA Stack , refer to this link to have more idea on this .
  http://help.sap.com/saphelp_nw2004s/helpdata/en/2b/306bb5bc98f24f8a85d489449af456/frameset.htm--
  http://help.sap.com/saphelp_nw04s/helpdata/en/12/7678123c96814bada2c8632d825443/frameset.htm
  Thanx
  Pankaj

• R/3 User Data store in Portal....?

  Hi All,
  Can anybody tell me what is the necessity of using R/3 as a user data store (UME) in Portal ?
  What are advantages of it over Portal UME ? In what scenarios can we use R/3 as a user datastore in Portal and how can we make well advantage of it ?
  Any help in this regards would be highly appreciated. Full points would be rewarded for usefull answers.
  Regards,
  Anil Kumar

  Hi,
  Imagine a scenario when most users need data only from r/3 what a bother replicating same users again in Portal - Look at it from administration point of view! and role assignment in sap backend , so many issues.
  Consider that you have built a huge list of users, then you add Portal. How tough to keep portal user profile uptodate with backend.
  This is an important reason in my view, single storage of users - optimum use of database space and efficieny and administrative conveniency.
  Regards,
  Harish

• Can I upload a simple iPhone App that all it does is direct the User to a Filemaker Pro URL   fmp://~filename.fmp?$VariableName=Value  This launches Filemaker Go and directs the user to the Database Hosted online   Right now there is no app store for

  Can I upload a simple iPhone App that all it does is direct the User to a Filemaker Pro URL   fmp://~filename.fmp?$VariableName=Value  This launches Filemaker Go and directs the user to the Database Hosted online
  Right now there is no app store for Filemaker Go.   Filemaker Forgot about us.
  So I want to create a simple native iPhone App that all it does
  is launch
  fmp://~/filename.fmp12?$VariableName=value
  This URL will launch the Filemaker Go App
  Filemaker Go is a app that the user will have to have
  downloaded already on the device..
  The Simple Native app will launch the Filemaker Go.
  The fmp  URL has the information where the Filemaker Pro database is hosted
  and get  the user where they need to be..
  Help Me please
  iPhone 5s, iOS 8.1.3

  That would be software. And, you said "upload." That's "uploading software." Why do you question what you stated?
  I don't know where you even want to upload this software. The only way it can be downloaded to a device is through the iTunes store. Do you even know what you want to do?

• Are licenses needed for Portal Users?

  Hi, do you need seperate user licenses for users created on the Portals Database (J2EE only) using the MSS and ESS components? We have an HR ECC5.0 system with 700 users, but only about 100 Managers will login to the Portal to do reports via the MSS component. I thought of creating these 100 managers on the Portal (Database Only), and then using Single Sign-On with SAP Logon Tickets connect them to the HR ABAP system where they also have the same user accounts, thus enabling them to do their work seemlessly. I don't want to use the ABAP User Persistence model, as I don't want the Portal UME to pull in all 700 users from the HR ABAP system when we only maintain 100 managers on the Portal for the MSS component. Will user licensing be an issues?

  There is no need to license your Portal users.  The ABAP license is all that is required.  I would check with SAP just to make sure that your license agreement doesn't contradict this but I highly doubt that it will.

• I'm a brand new Mac user. I want to send photos from Iphoto to my local store for printing, like I can do in Picasa. I can't find that option in Iphoto.

  I'm a brand new Mac user. I want to send photos from Iphoto to my local store for printing, like I can do in Picasa. I can't find that option in Iphoto. I do not want to order them through Itunes.

  I have not idea how you do it with Picasa but with iPhoto you either export the photos to a desktop folder and upload from there or burns that folder to CD - or from the upload window use the media browser in the lower left hand corner of the upload windows - media ==> photos ==> iPhoto
  For pictures see -  https://discussions.apple.com/thread/3547767?tstart=0
  LN

• Is there a Oracle site for user to practice Portal?

  Hello,
  Is there a Oracle site for user to practice Portal?
  Thank you for your attention,
  Emily123

  Not exactly, but you can do some of this at http://portalstudio.oracle.com like (testing your portlets). It might be a helpful resource for you too.
  Portal is a rather easy setup too if you have a system with at least 1.5 GB of RAM where you can install the infrastructure & middle-tiers on a single system. But I'd still look at this site to see if it has resources that help you with your Portal development.
  I hope this helps.

• Detect End User Computer for Incident Request -SCSM 2012 Self Service Portal

  Hi all,
  We want to automatically select user computer name when user submitting a incident request through SCSM 2012 Self Service Portal.  I would like to know is there are OOB feature or workaround without code. 
  Our client does not want to select computer from the list. :) Hence they need Self Service Portal to detect the user computer 
  Thanks in Advance

  Follow the step
  1. Create Request Offering and select "Query Results" for Computer
  2. Select Class : Computer (Advanced)
  3. Configure Criteria Primary User Set Token : Portal User Name
  4. Choose Display Column example: NetBIOS Computer Name
  5. Go to portal, once the form loaded it will auto populate the Primary User Computer
  Hope this help !