Users getting disabled during Synchronization

Hi All,
We are running Plumtree 5.0.2 in Windows Environment under Tomcat and also used Sample Application "Auth_HelloWorld-Java" as the base and modified it as per the current needs for Authentication and Synchronization. When I run the Synchronization under "Partial Users Synchronization" all the groups and users get imported correctly for the first time. When it is run again the users which were imported during the first run gets disabled automatically and they need to be enabled manually. This is putting us under lots of issues as the number of users are getting more.
Please do let me know how this can be solved.
Thanks , Raghu

Raghu,
I appologize for the delayed response, our notification seem to have been down over the weekend.
In so far as the problems you are having, the only reason that the users would get disabled is that they are not members of a group in the "Fully Synchronized Group List". This list is in the Authentication Source Editor, and should contain the groups from your remote Authentication Source that should be synchronized with the portal. Only users that are members of a group specified in that list will be imported.
Do you have any groups choosen?
Thanks,Akash

Similar Messages

  • WLC 4404 Wireless users getting disabled

    Currently Being Moderated
    Wireless users getting disabled
    Hi,
    I have WLC 4404 with 7.0.116.0 version. I was getting following messages for particular APs
    *Dec 20 14:11:13.875: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
    *Dec 20 14:11:13.908: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
    *Dec 20 14:11:29.383: %LWAPP-5-RLDP: RLDP stopped on slot 0.
    *Dec 20 14:11:29.674: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
    *Dec 20 14:11:29.678: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
    *Dec 20 14:11:29.700: %LWAPP-5-RLDP: RLDP started on slot 0.
    *Dec 20 14:11:29.707: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
    *Dec 20 14:11:29.752: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
    *Dec 20 14:11:29.757: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
    *Dec 20 14:11:29.790: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
    *Dec 20 14:11:45.396: %LWAPP-5-RLDP: RLDP stopped on slot 0. *Dec 20 14:11:13.875: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
    After seeing one of the cisco forum, I have disabled RLDP for that particular APs
    so above messages are rectified.
    But right now we are not able to identify Rogue IP and it is not contained.
    So please give any suggetion so that i can rectify the above messages as well as i can identify the rogue IP.
    Thanks & Regards
    Gaurav Pandya

    Hi Scott,
    You are right i am not able to detect rogue APs because i disabled the RLDP. but when i enable the RLDP for that particular AP. i got the following messages with interface go up and down
    *Dec 20 14:11:13.875: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
    *Dec 20 14:11:13.908: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
    *Dec 20 14:11:29.383: %LWAPP-5-RLDP: RLDP stopped on slot 0.
    *Dec 20 14:11:29.674: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
    *Dec 20 14:11:29.678: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
    *Dec 20 14:11:29.700: %LWAPP-5-RLDP: RLDP started on slot 0.
    So please suggest me the mid way so that i can enable the RLDP (Detect the rogue APs) with out interface going up and down frequently.
    Regards
    Gaurav

  • Automatic tester user gets disabled in ISE

    We have ise1.2 working in our environment. For some reason the radius test user used for NAD device authentication gets disabled automatically. Though i couldnt get the frequency of it neither the timing of it. Any specific setting i am missing here to check or configure in NAD or in ISE?

    Hi Manmohan,
    In ISE there is an option which Specifies the number of times Cisco ISE records incorrect administrator passwords before locking the administrator out of Cisco ISE, and suspending or disabling account credentials.
    Can you check if there is any such password policy enabled for your radius user, and that might be getting locked/disabled after certain number of wrong tries.

  • Wireless users getting disabled

    Hi,
    I have WLC 4404 with 7.0.116.0 version. I was getting following messages for particular APs
    *Dec 20 14:11:13.875: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
    *Dec 20 14:11:13.908: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
    *Dec 20 14:11:29.383: %LWAPP-5-RLDP: RLDP stopped on slot 0.
    *Dec 20 14:11:29.674: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
    *Dec 20 14:11:29.678: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
    *Dec 20 14:11:29.700: %LWAPP-5-RLDP: RLDP started on slot 0.
    *Dec 20 14:11:29.707: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
    *Dec 20 14:11:29.752: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
    *Dec 20 14:11:29.757: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
    *Dec 20 14:11:29.790: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
    *Dec 20 14:11:45.396: %LWAPP-5-RLDP: RLDP stopped on slot 0. *Dec 20 14:11:13.875: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
    After seeing one of the cisco forum, I have disabled RLDP for that particular APs
    so above messages are rectified.
    But right now we are not able to identify Rogue IP and it is not contained.
    So please give any suggetion so that i can rectify the above messages as well as i can identify the rogue IP.
    Thanks & Regards
    Gaurav Pandya

    Post the question in the correct forum for a quicker response.
    https://supportforums.cisco.com/community/netpro/wireless-mobility/security-network-management

  • NAC High Availability: Users getting disconnected during failover

    Hi,
    We have a pair of CAS in in-band virtual-gateway mode in high availability mode.
    We are still running some tests but we have noticed that the clients are losing connectivity during the failover.
    * The service ip is always active (never stops responding pings).
    * The stand-by CAS becomes active immediatly after we shut down the primary, we see it on the CAM.
    * The client however looses connectivity with the internal network for almost two minutes.
    I'm guessing this isn't normal, but would like to know what is the expected behaviour on this.
    Thanks and regards,

    We configured another pair today and we are noticing the same behaviour, however it seems random... sometimes the user barely looses connection, other times it will take from 2-5 minutes for it to come back.
    We are only using eth2 for the failover link since we only have one serial port.
    When we test we make sure both servers are up and then we reboot the primary. The secondary becomes active immediately. When both are up again we repeat the process.
    any other ideas? something we should check?
    Thanks!

  • User get caught during Workspace logon

    Hi all!
    Even tough this issue is related to the Workspace topic I decided to place this request in the Workbench topic. Accurate topic would be: LCES Process Management.
    Has anyone experienced the following strange problem?
    Always when a user task has been escalated (e.g. re-assigning to a group) the according user will be "locked". Locked means: The user can't access the task queue anymore. He is getting caugth after logon (forever; only way out is to close the browser). The log file doesn't say anything.
    All other users can normally logon and access their queues.
    Stopping the escalated task (using LCES AdminUI) releases "the lock" on the user queue.
    Anyone any idea?
    Thanks,
    Nico

    Hi,
    Please check if you set domain name is different with the domain name that host offering the server. For example: There is a DNS SRV record _sipinternaltls._tcp.fabrikam.com with target server.contoso.com on port 5061.
    If this case, you can change the SRV record like this:
    _sipinternaltls._tcp.fabrikam.com with target sip.fabrikam.com on port 5061
    Then add a DNS A record for sip.fabrikam.com to IP of front end pool.
    For details, you can refer to this link:
    http://blogs.technet.com/b/jenstr/archive/2011/02/10/lync-cannot-verify-that-the-server-is-trusted-for-your-sign-in-address.aspx
    Kent Huang
    TechNet Community Support

  • User gets disabled after 3 login failure

    I just realized this problem. I don't want users to buzz a helpdesk because of failed login. Where and how can I turn it off?
    Just wonder if Is it not possible, for example disable a user after 3 failed attempts, and enable it after 2 hours?

    Never mind. I found the solution.
    Solution:
    1. Log into the Admin interface.
    2. Navigate to Configure
    3. Navigate to Policies
    4. Select "Default Lighthouse Account Policy "
    5. Under the "Identity Manager Password Policy Options" label.
    A. Find the "Password policy" and select from the drop down list the password policy that applies to your system. I chose "Windows 2000 Password Policy" because we are using ActiveDirectory pass through authentication.
    B. In the text box labled "Maximum Number of Failed Login Attempts" enter an number. We entered 3.
    C. Save the change.

  • User is getting disabled in EBus when Account Id is changed

    Hello All !
    We have 2 Ebus Instance which have a dependency on a OID instance. When ever there is a change in AcountID the change propeagtes to OIM but the user gets disabled on the EBus instances.
    I see that from the process definition for the Ebus instances the changeAccount id is attached to a custom adapter whcih copys value and where are OID is attached to a deleteuser.
    Not sure of the OID process tack is causing the same. How can I make sure the user is not end dated.
    Thanks in Advance

    Does anybody know a reason why the user is getting disabled

  • User not getting disabled

    A particular user is not getting disabled. This is happening when it tries to disable one of the provisioned resources.
    Logs:
    2012-09-29 23:39:23,100 ERROR QuartzWorkerThread-3 XELLERATE.SERVER - Class/Method: tcProcessUtilities/disableProcess encounter some problems: {1}
    2012-09-29 23:39:23,100 ERROR QuartzWorkerThread-3 XELLERATE.SERVER - Class/Method: tcOIU/disableObjectInstance Error :Unable to disable the object instance.
    2012-09-29 23:39:23,100 INFO QuartzWorkerThread-3 XELLERATE.DATABASE - DB read: select err_key, err_code, err_desc, err_rowver, err_remedy, err_count, err_last_occurance, err_action, err_help_url, err_severity from err where err_code='DOBJ.RESOURCE_NOTCONFIGURED_PROPERLY'
    2012-09-29 23:39:23,102 ERROR QuartzWorkerThread-3 XELLERATE.JAVACLIENT - Class/Method: tcTriggerUserProcesses/disableOrcs Error :Unable to disable the object instance.
    2012-09-29 23:39:23,102 INFO QuartzWorkerThread-3 XELLERATE.DATABASE - DB read: select err_key, err_code, err_desc, err_rowver, err_remedy, err_count, err_last_occurance, err_action, err_help_url, err_severity from err where err_code='DOBJ.RESOURCE_NOTCONFIGURED_PROPERLY'
    Please let me know what might be the problem. Thanks.

    Hi Gyanprakash,
    Thanks for your response.
    1. Disable triggers are defined in that object and multiple instances enabled for that disable trigger task.
    2. Object is still in provisioned state not disabled
    3. Two of its tasks in that process instance are manually completed. Some prob has occured during completion of that task and they have manually completed it. So is that same problem hindering the disable flow also?

  • Getting error during creation of recovery point and synchronization

    hi all
    i am using DPM 2012 R2 . i am getting following error during recovery point creation.
    No recovery point was created, either because synchronization has not occurred since the last recovery point was created, or because no changes were found during synchronization. (ID 208)
    i have tried " create a recovery point after synchronization"  6-7 times but its failed. 
    kindly help me to get out this issue
    thanks in advance.
    Early reply should be really appreciated.

    hi all
    i am using DPM 2012 R2 . i am getting following error during recovery point creation.
    No recovery point was created, either because synchronization has not occurred since the last recovery point was created, or because no changes were found during synchronization. (ID 208)
    i have tried " create a recovery point after synchronization"  6-7 times but its failed. 
    kindly help me to get out this issue
    thanks in advance.
    Early reply should be really appreciated.

  • Can location services get disabled automatically? Or does it always require a user to disable it?

    Can location services get disabled automatically? Or does it always require a user to disable it?
    I was repeatedly trying to Find my iPhone  when it came up with "Location Services Disabled".
    Later I was able to find my iPhone again.  This has happend severally times lately?
    Cold this happen automatically, like a "time out" function?

    Can location services get disabled automatically? Or does it always require a user to disable it?
    I was repeatedly trying to Find my iPhone  when it came up with "Location Services Disabled".
    Later I was able to find my iPhone again.  This has happend severally times lately?
    Cold this happen automatically, like a "time out" function?

  • Deleting AD users vs Disabling. What is the difference? If an account is disabled, can it still be setup for mail forwarding to another user? If an account is deleted, what files get deleted?

    Deleting AD users vs Disabling.  What is the difference?  If an account is disabled, can it still be setup for mail forwarding to another user? If an account is deleted, what files get deleted?  Thanks.

    Hi,
    Disable Users: Nobody can log in to the mailbox, but the data is safe and it can receive email. Once it is enabled, it is back to normal.
    Delete Users: when the user is deleted all the services are removed and all data is erased. The user is deleted from our Active Directory. If you create a user with the same Name and Emial address again, no data or services are recovered.
    If you disable a user, the Active Directory object remains untouched together with the mailbox data and properties, but you will not be able to access any mailbox data.
    If you delete a user, the Active Directory object is removed together with all data and properties of the user.
    Hope it helps.
    Regards,
    Blair Deng
    Blair Deng
    TechNet Community Support

  • Administrator account keeps getting disabled in SAP BI 4 from time to time.

    Hi,
    I am working for Ericsson. Recently during a upgrade for a customer, we migrated from SAP BO XI 3 to BI 4 Platform. Everything is running fine, but the Administrator account keeps getting disabled from time to time. They need to login from any other account with Administrator rights to enable the Administrator account to resume operations. What can be done for this problem?

    Hi,
    Try to check if the administrators group have already enough rights.
    Also verify if one of the admin users is modifying the rights for the administrator.
    Best regards,
    Saloua.

  • Extremely slow login hanging during synchronization

    Hi,
    I have several clients all working quite happily with mobile accounts but one user is experiencing excessive login times. The home dir is around 6-7GB in size with a decent 100x connection to the server. This used to work fine then one day (with no obvious changes made) login started hanging during synchronization. It hangs while scanning for differences before even getting to downloading/uploading new or modified files. I checked what files it stuck on and tried removing them but it just started hanging on other files. I also tested network connections and tried logging in on another machine but with no joy. I suspect there is a cache or preference that is corrupt but I'm not sure where/which one. Can anyone suggest anything?
    Thanks in advance.

    I have the same issue - but I am just using portable home directories. It only affects 1 user (out of 12) - and their login process takes up to 2-3 minutes - whereas everyone else is lightning fast (<10 seconds). I have repaired permissions on the server using disk utility. I don't know what else to try though.

  • User gets "This network connection does not exist" when she tries to log on to Terminal Server (2008 R2)

    User gets "This network connection does not exist" when she tryes to log on to Terminal Server (2008 R2)
    I got more than 100 users. Shes the only one getting is. We tried four computers (All Windows 7 Pro)
    Nothing useful in event viewer to mention.

    Hi,
    Thank you for posting in Windows Server Forum.
    Does that user able to login previously?
    From your comment, it seems that there is some permission issue with that user. As you have checked that user with different system also. Please check that user is added under “Remote Desktop User” local group and also allowed “Allow log on through
    Remote Desktop service” permission under group policy. Also please check that when user tries to login it uses “Domainname\Username” format.
    In addition for a try, also check by disabling firewall on one particular system.
    To add users and groups to the Remote Desktop Users group by using Local Users and Groups snap-in:
    1.  Click Start > Administrative Tools, Open Computer Management.
    2.  In the console tree, click the Local Users and Groups node.
    3.  In the details pane, double-click the Groups folder.
    4.  Double-click Remote Desktop Users, and then click
    Add.
    5.  In the Select Users dialog box, click Locations to specify the search location.
    6.  Click Object Types to specify the types of objects you want to search for.
    7.  Type the name you want to add in the Enter the object names to select (examples) box. 
    8.  Click Check Names.
    When the name is located, click OK.
    More information:
    Remote Desktop disconnected or can’t connect to remote computer or to Remote Desktop server (Terminal Server) that is running Windows Server 2008 R2
    http://support.microsoft.com/kb/2477176/en-us
    Hope it helps!
    Thanks,
    Dharmesh

Maybe you are looking for

  • What are the best settings for ripping cd's in the AAC format?

    I have researched and found out that the AAC format rules over the MP3 format as fas as sound quality goes with lossy formats. Example: AAC at 128 is better than MP3 at 160 as so forth. My questions are: What are the best settings for ripping cd's in

  • Port 8080 to 80

    Hello All, I want to access my application from 80 port which currently is running on 8080. To make it run on 80, I have to change the Connector entry in server.xml from 8080 to 80. For this I need to retstart the server which I cannot as I need to h

  • Error during JLOAD import with Unconvertible UTF-8 character

    Dear gurus, I'm performing a system copy on ECC 6.0. SR£ double stack. During the face of jload import I receive the error Unconvertible UTF-8 character beginning with 0xf9 while importing the table TST_RESERVATION. Here you are the full text of the

  • Mounting folders within a network share ...  please help!

    Hi, I am trying to mount a folder that is one level deep in the share using the following item within an applescript: Mount Volume "SMB://server/share/folder" The share is located on a windows server and I am trying to mount to the users folder withi

  • Apps really slow to delete

    Ive noticed this for a while on my iphone 4 (IOS 5.1) that it takes about 20 - 30 seconds from when i click on the shaking x to actually get the prompt come up saying are you sure you want to delete this app. Ive got plenty of space left on the iphon