Using Encrypt Policy in OSB
HI,
I am struggling to enforce inbound message level security at the proxy service level.
I just wanted to encrypt the request and response payload of the proxy service .
I have tried all my best and added encrypt policy to request and response at the policy tab of proxy service.
Please guide me how to enforce it .
Abhinav
Anuj ,
i am using self signed certificate for service key provider.
My request :
<soapenv:Envelope xmlns:prox="http://in.abhinav/ProxyPayload_Master" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-6" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>weblogic</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">weblogic123</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">za2EsbtNUse5t2Y9DjL9jA==</wsse:Nonce>
<wsu:Created>2012-01-16T06:57:06.769Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<prox:SendOperationRequest>
<username>?</username>
<password>?</password>
<mobilePhoneNumber>?</mobilePhoneNumber>
<vouchernumber>?</vouchernumber>
</prox:SendOperationRequest>
</soapenv:Body>
</soapenv:Envelope>
Resposne :
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
<env:Header/>
<env:Body>
<env:Fault xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<faultcode>wsse:InvalidSecurity</faultcode>
<faultstring>Could not validate encryption against any of the supported token types</faultstring>
</env:Fault>
</env:Body>
</env:Envelope>
Similar Messages
-
How can I deploy EFS using Group Policy and Active Directory with a goal to automatically encrypt computers for ALL users who login? (NOT an option for me to use BitLocker)
I was asked to deploy EFS to encrypt the user my documents folder and profile on all of the users laptops. The laptops are in common areas (board meeting rooms, etc) and security of files is a must.
I successfully created a recovery certificate in AD. I created an OU and setup an EFS policy and users can now login and select to encrypt their own files. The issue is that management would like to have automaticy Encrypt ALL users my documents AUTOMATICALLY
when a user login.
Can this be done?
Please helpHi,
Any update?
Just checking in to see if the suggestions were helpful. Please let us know if you would like further assistance.
Best Regards,
Andy Qi
TechNet Subscriber Support
If you are
TechNet Subscription user and have any feedback on our support quality, please send your feedback
here.
Andy Qi
TechNet Community Support -
I am trying to build a sample OSB service having the OWSM policy attached to it.I am using the option of "From OWSM Policy Store " and used the policy oracle/wss_username_token_service_policy.
When i tried to exceute the OSB,i am getting an error as
"oracle.wsm.policymanager.PolicyManagerException: WSM-02128 : Cannot read WSDL. [Possible Cause : unknown protocol: servicebus]"
Looking like,some issue with the parsing of the WSDL that i used upon the service.Do i need to refer the wsdl from MDS.If,yes how can i do that in OSB.You may refer below blog for configuration -
http://niallcblogs.blogspot.com/2010/07/osb-11g-and-wsm.html
Regards,
Anuj -
Attaching OWSM Policy to OSB Services
Hi,
Can anyone please share the detailed procedure of how to attach the OWSM policy to a Proxy Service in OSB 11g.
The documentaion of OSB 11g doesnt provide the information of attaching the OWSM polic to OSB services.
please refer
http://download.oracle.com/docs/cd/E14571_01/doc.1111/e15866/owsm.htm#CHDBIJHD
I created a Custom Policy with the predefined assertion wss_username_token_service_template .
But i couldnt find a way to attach this policy to OSB Service. Also the OSB 11g Documentation didnt help much.
Thanks in AdvanceHi All,
I figured out a way of how to attach the OWSM policy to a prox service.
Its pretty simple in that way.
After you create a proxy service, Click on the proxy you created which opens the "View a Proxy Service" page.
In that there are many tabs such as
1. Configuration Details
2. Operational Settings
3. SLA Alert Rules
4. Policies
5. Security
In Policies tab, you can select "OWSM Policy Bindings" and then choose the policy you want.
The only thing bothering me now is how to test it?
I have used the following assertion to create the policy "wss_username_token_service_template "
Any help would be appreciated.
Cheers. -
OSB: Cannot acquire data source error while using JCA DBAdapter in OSB
Hi All,
I've entered 'Cannot acquire data source' error while using JCA DBAdapter in OSB.
Error infor are as follows:
The invocation resulted in an error: Invoke JCA outbound service failed with application error, exception: com.bea.wli.sb.transports.jca.JCATransportException: oracle.tip.adapter.sa.api.JCABindingException: oracle.tip.adapter.sa.impl.fw.ext.org.collaxa.thirdparty.apache.wsif.WSIFException: servicebus:/WSDL/DBAdapter1/RetrievePersonService [ RetrievePersonService_ptt::RetrievePersonServiceSelect(RetrievePersonServiceSelect_inputParameters,PersonTCollection) ] - WSIF JCA Execute of operation 'RetrievePersonServiceSelect' failed due to: Could not create/access the TopLink Session.
This session is used to connect to the datastore.
Caused by Exception [EclipseLink-7060] (Eclipse Persistence Services - 2.0.2.v20100323-r6872): org.eclipse.persistence.exceptions.ValidationException
Exception Description: Cannot acquire data source [jdbc/soademoDatabase].
Internal Exception: javax.naming.NameNotFoundException: Unable to resolve 'jdbc.soademoDatabase'. Resolved 'jdbc'; remaining name 'soademoDatabase'.
; nested exception is:
BINDING.JCA-11622
Could not create/access the TopLink Session.
This session is used to connect to the datastore.
JNDI Name for the Database pool: eis/DB/soademoDatabase
JNDI Name for the Data source: jdbc/soademoDatabase
I created a basic DBAdapter in JDeveloper, got the xsd file, wsdl file, .jca file and the topLink mapping file imported them into OSB project.
Then I used the .jca file to generate a business service, and tested, then the error occurs as described above.
Login info in RetrievePersonService-or-mappings.xml
<login xsi:type="database-login">
<platform-class>org.eclipse.persistence.platform.database.oracle.Oracle9Platform</platform-class>
<user-name></user-name>
<connection-url></connection-url>
</login>
jca file content are as follows:
<adapter-config name="RetrievePersonService" adapter="Database Adapter" wsdlLocation="RetrievePersonService.wsdl" xmlns="http://platform.integration.oracle/blocks/adapter/fw/metadata">
<connection-factory location="eis/DB/soademoDatabase" UIConnectionName="Connection1" adapterRef=""/>
<endpoint-interaction portType="RetrievePersonService_ptt" operation="RetrievePersonServiceSelect">
<interaction-spec className="oracle.tip.adapter.db.DBReadInteractionSpec">
<property name="DescriptorName" value="RetrievePersonService.PersonT"/>
<property name="QueryName" value="RetrievePersonServiceSelect"/>
<property name="MappingsMetaDataURL" value="RetrievePersonService-or-mappings.xml"/>
<property name="ReturnSingleResultSet" value="false"/>
<property name="GetActiveUnitOfWork" value="false"/>
</interaction-spec>
</endpoint-interaction>
</adapter-config>
RetrievePersonService_db.wsdl are as follows:
<?xml version="1.0" encoding="UTF-8"?>
<WL5G3N0:definitions name="RetrievePersonService-concrete" targetNamespace="http://xmlns.oracle.com/pcbpel/adapter/db/KnowledeMgmtSOAApplication/AdapterJDevProject/RetrievePersonService" xmlns:WL5G3N0="http://schemas.xmlsoap.org/wsdl/" xmlns:WL5G3N1="http://xmlns.oracle.com/pcbpel/adapter/db/KnowledeMgmtSOAApplication/AdapterJDevProject/RetrievePersonService" xmlns:WL5G3N2="http://schemas.xmlsoap.org/wsdl/soap/">
<WL5G3N0:import location="RetrievePersonService.wsdl" namespace="http://xmlns.oracle.com/pcbpel/adapter/db/KnowledeMgmtSOAApplication/AdapterJDevProject/RetrievePersonService"/>
<WL5G3N0:binding name="RetrievePersonService_ptt-binding" type="WL5G3N1:RetrievePersonService_ptt">
<WL5G3N2:binding style="document" transport="http://www.bea.com/transport/2007/05/jca"/>
<WL5G3N0:operation name="RetrievePersonServiceSelect">
<WL5G3N2:operation soapAction="RetrievePersonServiceSelect"/>
<WL5G3N0:input>
<WL5G3N2:body use="literal"/>
</WL5G3N0:input>
<WL5G3N0:output>
<WL5G3N2:body use="literal"/>
</WL5G3N0:output>
</WL5G3N0:operation>
</WL5G3N0:binding>
<WL5G3N0:service name="RetrievePersonService_ptt-bindingQSService">
<WL5G3N0:port binding="WL5G3N1:RetrievePersonService_ptt-binding" name="RetrievePersonService_ptt-bindingQSPort">
<WL5G3N2:address location="jca://eis/DB/soademoDatabase"/>
</WL5G3N0:port>
</WL5G3N0:service>
</WL5G3N0:definitions>
Any suggestion is appricated .
Thanks in advance!
Edited by: user11262117 on Jan 26, 2011 5:28 PMHi Anuj,
Thanks for your reply!
I found that the data source is registered on server soa_server1 as follows:
Binding Name: jdbc.soademoDatabase
Class: weblogic.jdbc.common.internal.RmiDataSource_1033_WLStub
Hash Code: 80328036
toString Results: ClusterableRemoteRef(8348400613458600489S:10.2.1.143:[8001,8001,-1,-1,-1,-1,-1]:base_domain:soa_server1 [8348400613458600489S:10.2.1.143:[8001,8001,-1,-1,-1,-1,-1]:base_domain:soa_server1/291])/291
Binding Name: jdbc.SOADataSource
Class: weblogic.jdbc.common.internal.RmiDataSource_1033_WLStub
Hash Code: 92966755
toString Results: ClusterableRemoteRef(8348400613458600489S:10.2.1.143:[8001,8001,-1,-1,-1,-1,-1]:base_domain:soa_server1 [8348400613458600489S:10.2.1.143:[8001,8001,-1,-1,-1,-1,-1]:base_domain:soa_server1/285])/285
I don't know how to determine which server the DBAdapter is targetted to.
But I found the following information:
Under Deoloyment->DBAdapter->Monitoring->Outbound Connection Pools
Outbound Connection Pool Server State Current Connections Created Connections
eis/DB/SOADemo AdminServer Running 1 1
eis/DB/SOADemo soa_server1 Running 1 1
eis/DB/soademoDatabase AdminServer Running 1 1
eis/DB/soademoDatabase soa_server1 Running 1 1
The DbAdapter is related to the following files:
C:\ Oracle\ Middleware\ home_11gR1\ Oracle_SOA1\ soa\ connectors\ DbAdapter. rar
C:\ Oracle\ Middleware\ home_11gR1\ Oracle_SOA1\ soa\ DBPlan\ Plan. xml
I unzipped DbAdapter.rar, opened weblogic-ra.xml and found that there's only one data source is registered:
<?xml version="1.0"?>
<weblogic-connector xmlns="http://www.bea.com/ns/weblogic/90">
<enable-global-access-to-classes>true</enable-global-access-to-classes>
<outbound-resource-adapter>
<default-connection-properties>
<pool-params>
<initial-capacity>1</initial-capacity>
<max-capacity>1000</max-capacity>
</pool-params>
<properties>
<property>
<name>usesNativeSequencing</name>
<value>true</value>
</property>
<property>
<name>sequencePreallocationSize</name>
<value>50</value>
</property>
<property>
<name>defaultNChar</name>
<value>false</value>
</property>
<property>
<name>usesBatchWriting</name>
<value>true</value>
</property>
<property>
<name>usesSkipLocking</name>
<value>true</value>
</property>
</properties>
</default-connection-properties>
<connection-definition-group>
<connection-factory-interface>javax.resource.cci.ConnectionFactory</connection-factory-interface>
<connection-instance>
<jndi-name>eis/DB/SOADemo</jndi-name>
<connection-properties>
<properties>
<property>
<name>xADataSourceName</name>
<value>jdbc/SOADataSource</value>
</property>
<property>
<name>dataSourceName</name>
<value></value>
</property>
<property>
<name>platformClassName</name>
<value>org.eclipse.persistence.platform.database.Oracle10Platform</value>
</property>
</properties>
</connection-properties>
</connection-instance>
</connection-definition-group>
</outbound-resource-adapter>
</weblogic-connector>
Then I decided to use eis/DB/SOADemo for testing.
For JDeveloper project, after I deployed to weblogic server, it works fine.
But for OSB project referencing wsdl, jca and mapping file from JDeveloper project, still got the same error as follows:
BEA-380001: Invoke JCA outbound service failed with application error, exception:
com.bea.wli.sb.transports.jca.JCATransportException: oracle.tip.adapter.sa.api.JCABindingException: oracle.tip.adapter.sa.impl.fw.ext.org.collaxa.thirdparty.apache.wsif.WSIFException: servicebus:/WSDL/DBAdapterTest/DBReader [ DBReader_ptt::DBReaderSelect(DBReaderSelect_inputParameters,PersonTCollection) ] - WSIF JCA Execute of operation 'DBReaderSelect' failed due to: Could not create/access the TopLink Session.
This session is used to connect to the datastore.
Caused by Exception [EclipseLink-7060] (Eclipse Persistence Services - 2.0.2.v20100323-r6872): org.eclipse.persistence.exceptions.ValidationException
Exception Description: Cannot acquire data source [jdbc/SOADataSource].
Internal Exception: javax.naming.NameNotFoundException: Unable to resolve 'jdbc.SOADataSource'. Resolved 'jdbc'; remaining name 'SOADataSource'.
; nested exception is:
BINDING.JCA-11622
Could not create/access the TopLink Session.
This session is used to connect to the datastore.
Caused by Exception [EclipseLink-7060] (Eclipse Persistence Services - 2.0.2.v20100323-r6872): org.eclipse.persistence.exceptions.ValidationException
Exception Description: Cannot acquire data source [jdbc/SOADataSource].
Internal Exception: javax.naming.NameNotFoundException: Unable to resolve 'jdbc.SOADataSource'. Resolved 'jdbc'; remaining name 'SOADataSource'.
You may need to configure the connection settings in the deployment descriptor (i.e. DbAdapter.rar#META-INF/weblogic-ra.xml) and restart the server. This exception is considered not retriable, likely due to a modelling mistake.
It almost drive me crazy!!:-(
What's the purpose of 'weblogic-ra.xml' under the folder of 'C:\Oracle\Middleware\home_11gR1\Oracle_OSB1\lib\external\adapters\META-INF'?
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- -
Using SAML policy while invoking a web service
I have to invoke a webservice which is secured using the policy wss10_saml_token_client_policy.
In order to achieve the above i have creates a stub using JAX-WS and while invoking the web service I pass the policy as a SecurityFeature.Code snippet given below:
SecurityPolicyFeature[] securityFeatures = new SecurityPolicyFeature[] { new SecurityPolicyFeature(
getValueFromPropertyFile("oracle/wss10_saml_token_client_policy"))};
SomeStub stub =(UserManagementPortTypev1_0)SomeService.getPort("...","....",securityFeatures );
Once deployed in weblogic and when i invoke the service, the soap request formed is correct. It creates for me the soap header with the correct security nodes. The header formed is like below:
<S:Header>
<work:WorkContext xmlns:work="http://oracle.com/weblogic/soap/workarea/">rO0ABXoAAAJDADBvcmFjbGUuZG1zLmNvbnRleHQuaW50ZXJuYWwud2xzLldMU0NvbnRleHRGYW1pbHkAAAFPAAAAKXdlYmxvZ2ljLndvcmthcmVhLlNlcmlhbGl6YWJsZVdvcmtDb250ZXh0AAABSaztAAVzcgAxd2VibG9naWMud29ya2FyZWEuU2VyaWFsaXphYmxlV29ya0NvbnRleHQkQ2Fycmllcv1CAh9z5wpPAwACWgAHbXV0YWJsZUwADHNlcmlhbGl6YWJsZXQAFkxqYXZhL2lvL1NlcmlhbGl6YWJsZTt4cHcEAAAAAXNyAEFvcmFjbGUuZG1zLmNvbnRleHQuaW50ZXJuYWwud2xzLldMU0NvbnRleHRGYW1pbHkkU2VyaWFsaXphYmxlSW1wbAAAAAAAAAAAAwABTAARbVdMU0NvbnRleHRGYW1pbHl0ADJMb3JhY2xlL2Rtcy9jb250ZXh0L2ludGVybmFsL3dscy9XTFNDb250ZXh0RmFtaWx5O3hwdykAJzEuMDAwMEl6T0lYQ0swam9PTE1pcDJpZTFEbUNMdjAwMDAwMjt2MHh3AQF4ACZ3ZWJsb2dpYy5kaWFnbm9zdGljcy5EaWFnbm9zdGljQ29udGV4dAAAAX8AAAAyd2VibG9naWMuZGlhZ25vc3RpY3MuY29udGV4dC5EaWFnbm9zdGljQ29udGV4dEltcGwAAAAiMDAwMEl6T0lYQ0swam9PTE1pcDJpZTFEbUNMdjAwMDAwMgAAAAAAAAAAAAAA</work:WorkContext>
<wsse:Security S:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<saml:Assertion AssertionID="SAML-L0r20MS5CV0y7B6zHnGX5w22" IssueInstant="2011-05-10T05:03:49Z" Issuer="www.oracle.com" MajorVersion="1" MinorVersion="1" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
<saml:Conditions NotBefore="2011-05-10T05:03:49Z" NotOnOrAfter="2011-05-10T05:08:49Z"/>
<saml:AuthenticationStatement AuthenticationInstant="2011-05-10T05:03:49Z" AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password">
<saml:Subject>
*<saml:NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">anonymous</saml:NameIdentifier>* <saml:SubjectConfirmation>
<saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod>
</saml:SubjectConfirmation>
</saml:Subject>
</saml:AuthenticationStatement>
</saml:Assertion>
</wsse:Security>
</S:Header>
The node NameIdentifier is supposed to be populated with the logged in user id, which will be picked up from JAAS principal.
Now I am invoking the service hosted in weblogic from outside using JSON protocol, I do not have a portal ready to invoke the service.
My question is, is there any way in which i can replicate/ simulate the JAAS principal such that the nameidentifier is populated even when invoked from outside. THis is a requirement from testing perspective.Hi,
Thanx it is working now.
BTW can you give me some urls with info of this kind of setting which i need to do for other kind of integarions in J2EE platform.Sorry if i am asking too much as i am a starter in this technology. -
Convertion of String to XML node using Xquery transformation in OSB
How to convert string to XML node elementusing a built in function using Xquery transformation in OSB?
check this out - http://www.javamonamour.org/2011/06/fn-beainlinedxml.html
if in SOA (BPEL & Mediator) you can use oraext:parseXML.
you should thoroughly analyse where to implement your requirement as some good practices advise to implement more complex logic in SOA and leave OSB to only connect to the services' endpoints.
Hope this helps,
A. -
Unable to poll for files in FTP server using Proxy Service (in OSB Project)
Here are the stepd followed for creating proxy service that should poll ftp server to retrieve files but polling is not happening and unable to see any errors in logs.
1. Created service account by selecting resource type as static and providing the ftp user and password details.
2. Created a New Proxy Service in eclipse
Tab General - service type as Messaging Service
Tab Messaging - Request Message Type as Text, Response message type as None
Tab Transport - Protocol selected as "ftp"
- Endpoint uri entered in the format - ftp://hostname:port/directory
FTP Transport -Selected "external user" as User Authentication
- Selected the Service Account thats created in step1/
- File mMask - *.*
- Polling Interval 60
- Read Limit 10
- Post Read Action - Delete
- Transfer mode - binary
- Download Directory - "some local directoy"
- Error Directory - "some local error directory"
Could any one please help here to trouble shoot the polling issue and correct me if this is wrong approach.
ThanksDid you configure the FTP adapter which is present in Weblogic server?I think he's using FTP transport in OSB and not the JCA adapter, if that's the case FtpAdapter configuration wouldn't help...
unable to see any errors in logsThat's odd, try to mess up the hostname and see if you get a connection refused on the logs...
It may be a permissions issue, the user you're connecting may not even "see" the files you place there... Try using the same user to create and to poll files...
Cheers,
Vlad -
Hi, I am using Group Policy/vb/Lync customization tools to deploy 2013 and remove 2010. The machines have Office 2010. The vb script is as below:
Dim objShell 'As Object
Dim objFSO 'As FileSystemObject
'-- SET OBJECTS
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objShell = CreateObject("WScript.Shell")
strComputerName = objShell.ExpandEnvironmentStrings("%COMPUTERNAME%")
Dim WshNetwork : Set WshNetwork = WScript.CreateObject("WScript.Network")
objShell.Run """\\xxxxxxxxx - Do not Remove\Lync Install 2013 2010\Lync 2013 Outlook 2010\setup.exe"""
I have amended the OCT with relevant settings, Lync 2013 installs but Lync 2010 does not uninstall. Here is how i have it set:
In the Office Customization Tool - Set-up - Add Installation and Run Programs,
In target - pointing to the Lync2010 exe file (on above share)
In Arguments - /silent /uninstall
Is this correct?
Also, i would have thought that, Remove Previous Installations, it would have an option to remove Lync2010?
Anyway..pulling my hair out here!
Hope you can help.Hi,
Based on your description, we can refer to the following threads for help.
Slient Unninstall of Lync 2010 on client machines script required
http://social.technet.microsoft.com/Forums/lync/en-US/69e32128-4581-4be5-9a44-b5d133e1f480/slient-unninstall-of-lync-2010-on-client-machines-script-required
Scripting a Lync 2010 client Uninstall
http://social.technet.microsoft.com/Forums/en-US/a65bd0d0-daa1-4616-8725-63f349fdde86/scripting-a-lync-2010-client-uninstall?forum=lyncconferencing
For this issue is more related to Lync, in order to get better help, we can ask the question in the following TechNet dedicated Lync forum.
Lync 2010 and OCS - Lync Clients and Devices
http://social.technet.microsoft.com/Forums/lync/en-US/home?forum=ocsclients&filter=alltypes&sort=lastpostdesc
In addition, for it also involves scripts, we can also ask for help in the following scripting forum.
The Official Scripting Guys Forum
https://social.technet.microsoft.com/Forums/scriptcenter/en-US/home?forum=ITCG&filter=alltypes&sort=lastpostdesc
Hope it helps.
Best regards,
Frank Shen -
WMP54GS and using encryption with 2 desktops, 1 XP laptop and 1 Macbook question.
Hi all.
Been using this router for a while now without encryption turned on (live in the woods) and want to enable it now. When I enable encryption through the router's page (192.168.1.1), will I be given a key and then just enter that key when asked by every machine? Haven't ever used encryption so I am sorry for such a noob question. Thanks in advance for any help.well once you enable wireless security on the router, initially it would ask for security code on every wireless computer, after that it won't ask for code again and again...
-
Using Encrypter password in Hyperion Scripts
Hi Gurus,
I want to use encrypted password sin the Hyperion scripts.
We are using automated jobs which run cube refrshes, exports and various other operations but the problem is that these scripts use admin password.
So if we view the script the password is also visible, so need to use encrypted password.
i know we have openssh, crypt kinf of function for encrypting the passowrd, but i am not sure if the maxl will recognice the encrypted passowrd.
Also if i encrypt a password will that cause any problem in the shared services ?
Awaiting response
Thanks in Advance ,If you are using Maxl then you can encrypt the scripts, for an example have a read of Encrypting passowrd in maxl
Cheers
John
http://john-goodwin.blogspot.com/ -
I'm trying to prepare our school system for Windows 7 (we currently use XP). I would like to use the new Group Policy Preferences method of deploying printers. I pushed out the XP client side extensions through WSUS. In my test environment, I added the shared printer in group policy preferences. My XP machine had the printers show up automatically, but my Windows 7 machine did not. I realized that I had previously connected a printer of the same type to my XP machine before and the drivers were already installed. To test this theory, I manually connected the shared printers to the Windows 7 machine, deleted them, then logged off and back on. Now the printers are showing up from group policy. My question is does using group policy preferences to deploy printers require the print driver to be pre-installed? If not, then what am I doing wrong? If so, is there a way to work around this? Thanks for your help.
EDIT: To clarify, I am using the share method in GPP. This is the error message I get in the event log:
The user 'PRINTERNAME' preference item in the 'win7 printer test {946461A1-27F8-406F-A0B3-0A1A05AF34F6}' Group Policy object did not apply because it failed with error code '0x80070bcb The specified printer driver was not found on the system and needs to be downloaded.' This error was suppressed.This link have a description of resolution:
http://technet.microsoft.com/en-us/library/cc725938.aspx
Open the GPMC.
Open the GPO where the printer connections are deployed, and navigate to Computer Configuration, Policies, Administrative Templates, Control
Panel, and thenPrinters.
Note
The Point and Print Restrictions setting can also be found under User Configuration\Policies\Administrative Templates\Control Panel\Printers.
This policy is ignored by Windows 7 and Windows Server 2008 R2, but is enforced by earlier editions of Windows including Windows XP with SP1, Windows Server 2003 with SP1, and Windows Server 2008. We recommend that you change
this policy setting in both locations so that all down-level clients have a consistent experience.
Right-click Point and Print Restrictions, and then click Properties.
Click Enabled.
Clear the following check boxes:
Users can only point and print to these servers
Users can only point and print to machines in their forest
In the When installing drivers for a new connection box, select Do not show warning or elevation prompt.
Scroll down, and in the When updating drivers for an existing connection box, select Show warning only.
Click OK. -
How to use Group Policy to remove the shutdown button on the logon screen
Environment: Shared use computers running Window 7 Professional and MS office Suite; Windows 2008 Standard server, Windows 7 EC Domain Policy and MS Office 2007 ADML Template downloaded from Microsoft. WIndows 7 Accounts OU.
I am in the process of developing a shared use computer lockdown policy for several Windows 7 computers that will made available in my client's computer lab. I need to use a group policy setting to remove the Shut Down button on
the logon screen of the Windows 7 client computers. I am editing the Windows 7 EC Domain Policy to user accounts in a Windows 7 Accounts OU that I created. I am using the Group Policy editor in the Group Policy Management Console.
Please let me know the best practice for accomplishing this using Group Policy editor.
Thanks.
P.S. I tried a setting recommended in the following link in the Windows 7 EC Domain Policy which did not seem to work.
http://www.windowsitpro.com/article/group-policy/can-i-use-group-policy-to-display-or-remove-the-shut-down-button-on-the-logon-screen-.aspxHi Vernon,
I tried the group policy you mentioned (Computer Configuration, Windows Settings, Security Settings, Local Policies, and select Security Options, "Shutdown: Allow system to be shut down without having to log on") and it worked on a Windows 7 client.
Thus you may need to check if the group policy you created is actually applied to clients.
A screenshot can be found here:
http://cid-b7ed40feb32ba29f.office.live.com/self.aspx/.Public/desktop/Capture.JPG -
SOA suit 11g uses both ESB and OSB(ALSB)
Hi, I am newbie to SOA suit 11g. Can somebody please explain the use of ESB and OSB(ALSB) both in SOA 11g.In SOA 11g ESB is being used only for mediation.Even OSB(ALSB) has same capability.Then why both needs to be used?Can't we use one of these?
~Pradeephello Pradeep,
there is quite some literature on this hot topic - actually it's one of the most frequently asked question from people who are using OSB and Soa Suite.
if you google "OSB vs Mediator" you will find some useful links:
http://www.scribd.com/doc/23622536/Oracle-SOA-Suite-11g-Mediator-vs-Oracle-Service-Bus-OSB
SOA SUITE 11g - Mediator & OSB
http://oracle-fusion-blogs.com/oracle-fusion-osb-mediator/
and so on.... -
Applying custom Group policy to existing users using group policy
Hello Everyone,
i am unable to find a way to push a custom theme to client PC using group policy.
I have tried "Load a Specific Theme" Group Policy but it is only applying to a new user logging on windows.
I have a custom theme that i want it to load to every existing user's machine.
Is there any way to do it using GPO??Apply theme group policy does not work. Known issue.
I use a vb script,
'@SLH // This Script applies the Themepack "
On Error Resume Next
Select Case themeApplied
Case "yes"
'Has been set once before, nothing happens!
Case Else
'Has not been set before, Company theme is applied
strRegistryKey = readfromRegistry("HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\General\WallpaperSource", "C:\Windows\web\wallpaper\Windows\img0.jpg")
End Select
Function readFromRegistry (strRegistryKey, strDefault )
Dim WshShell, value
Set WshShell = CreateObject("WScript.Shell")
value = WshShell.RegRead( strRegistryKey )
if strDefault = value then
'Write key in registry
WshShell.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Themes\themeApplied", "yes", "REG_SZ"
'Applying theme from server
'Remember to change the path tothe location of your .themepack file
WshShell.Run "rundll32.exe %SystemRoot%\system32\shell32.dll,Control_RunDLL %SystemRoot%\system32\desk.cpl desk,@Themes /Action:OpenTheme /file:""\\seraddressto\ Default.themepack"""
WScript.Sleep 1000
WshShell.AppActivate("Desktop Properties")
WshShell.Sendkeys "%{F4}"
end if
End Function
I then run this in a run once script when the user first logs in, this sets the theme once on new profile generation.
Maybe you are looking for
-
Workflow to change file permission in SharePoint Online Document Library
1.What are my options with SPD 2013 If I want to change a documents file permission in a workflow? 2.Where does SPO host 2013 Workfows? 3.If connecting to SPO Can I use Worklow Manager 1.0? 4.Will I need to host my Workflow Manager workflows on serve
-
How do I password protect a PDF document on a MacBook Air?
I am trying to password my PDF documents on a macbook. I don't understand why the help options are not assisting me. Can someone help me please?
-
AD user information not showing in Outlook 2010
I enabled the use of photos to be added to exchange user accounts in AD, and for some reason, the user information does not show when outlook is in cached mode. If I turn cached mode off, the user information displays in outlook
-
Points available. <b>Is the F110 payment only used for outgoing payments? Can it be used to process incoming payments from customers? If yes, how do we go about setting the config? Is it similar to the config used in FBZP?</b> Thanks in advance!
-
i pay for itunes match, downloaded all my cd's and i see it on my phone but half the songs don't play, what am i doing wrong? i didn't think you had to actually download them onto the phone, this was the idea of not using the storage, right?