When provision to Active Directory, how to create user in a specific OU????

Similar Messages

• How to create User in the specific group in Microsoft Active Directory

  Hi,
  I am using Nestcape LDAP, and want to create user in the user defined group. I have created a new user group "TestUsers" in the "Users" container of Active Directory, I want to add the new user to Test Users group But my problem is that whenever I create a new user
  it get added to Domain Users group.
  I tried adding memberOf attribute with value "TestUsers"
  attr = new LDAPAttribute("memberOf", "TestUsers");          
  attrs.add(attr);
  It gives me following error :
  code= 53 Exception 0000209A: SvcErr: DSID-031A0D6F, problem 5003 (WILL_NOT_PERFORM), data 0
  Following is the code I am using.
  public LDAPResult createUserID(
  String userId,
  String pwd,
  String pId,
  boolean resetonLogOn,
  LDAPConnection ldCon) {
  boolean flag = false;
  int code=0;
  try {
  String pwdLastSetVal;
  String desName;
  String desc;
  /* Specify the DN of the new entry. */
  String dn =
  "CN=" + userId + ",CN=" + this.container + "," + this.baseDN; // container = "Users"
  /* Create and add attributes to the attribute set. */
  String objectclass_values[] =
  { "top", "person", "organizationalPerson", "user" };
  // LDAPEntry findEntry=null;
  /* Create a new attribute set for the entry. */
  LDAPAttributeSet attrs = new LDAPAttributeSet();
  /* Attribute sAMAccountName */
  LDAPAttribute attr = new LDAPAttribute(LDAP_SAM_KEY, userId);
  attrs.add(attr);
  /* Attribute unicodePwd */ // LDAP_PASSWORD_KEY = "unicodePwd"
  attr =
  new LDAPAttribute(
  LDAP_PASSWORD_KEY,
  (byte[]) this.encodePassword(pwd));
  attrs.add(attr);
  /* Attribute Display Name */
  desName = userId + ":" + pId;
  //desName = userId ;
  attr = new LDAPAttribute(LDAP_DIS_NAME_KEY, desName);
  attrs.add(attr);
  /** Attribute userAccountControl to enable the userid.
  attr = new LDAPAttribute(LDAP_ACCOUNT_KEY, LDAP_ACCOUNT_EN_VAL); // LDAP_ACCOUNT_EN_VAL= "548"
  attrs.add(attr);
  /* Attribute pwdLastSet to reset the password on first logon*/
  if (resetonLogOn == true) {
  pwdLastSetVal = "0";
  } else {
  pwdLastSetVal = "-1";
  attr = new LDAPAttribute(LDAP_RESET_KEY, pwdLastSetVal);
  attrs.add(attr);
  /* Attribute Description */
  desc = " Account Created by HelpNow App";
  attr = new LDAPAttribute(LDAP_DESC_KEY, desc);
  attrs.add(attr);
  /* Attribute objectclass */
  attr = new LDAPAttribute("objectclass", objectclass_values);
  attrs.add(attr);
  attr = new LDAPAttribute("memberOf", "TestUsers");          
  attrs.add(attr);
  /* Create an entry with this DN and these attributes . */
  LDAPEntry myEntry = new LDAPEntry(dn, attrs);
  /* Add the entry to the directory. */
  ldCon.add(myEntry);
  flag = true;
  }catch (LDAPException e) {
  flag = false;
  code=e.getLDAPResultCode();
  }catch (Exception e) {
  flag = false;
  code=LDAPException.OTHER;
  }finally {
  ldaprs.flag=flag;
  ldaprs.code=code;
  return ldaprs;
  }

  Refer to the post titled "JNDI, Active Directory and Group Memberships" available at http://forum.java.sun.com/thread.jspa?threadID=581444&tstart=150

• Error when provisioning to  Active Directory (AD)

  Hi All,
  I have a java class / connector to AD (Active Directory) to the process of making the user ID (Create User).
  Classes are in the export becomes. JAR and I call via IDM (10g Version).
  There are 2 processes scenarionya CREATE USER:
  1. Create user in the Main Branch
  Parmater that I throw over java is:
  "OU = Users, OU = JAS-Senayan, OU = Branches, DC = Corp, DC = PaninBank, DC = Co, DC = Id"
  And the result is completed and no errors.
  2. Create User in the Sub-Branch
  Parmater that I throw over java is:
  "OU = Users, OU = AAC-PERMATA SENAYAN, OU = Sub-Branch, OU = JAS-SENAYAN, OU = Branches, DC = Corp, DC = PaninBank, DC = co, DC = Id "
  And the result is error ,
  java.lang.Exception: The length of the string 'OU=Users,OU=JPT-PERMATA
  SENAYAN,OU=Sub-Branch,OU=JAS-SENAYAN,OU=Branches,DC=Corp,DC=PaninBank
  ,DC=co,DC=Id' is too long for the field length of size 100
  I am stuck at this error.
  Please help
  Thanks,
  Leo Hakrin Siregar

  process form field length is 100. and you are passing value grater than 100.
  'OU=Users,OU=JPT-PERMATA
  SENAYAN,OU=Sub-Branch,OU=JAS-SENAYAN,OU=Branches,DC=Corp,DC=PaninBank
  ,DC=co,DC=Id'
  increse process form field length. (AD Process Form)

• Active Directory: how to return users account permissions RWDA?

  In SCS 7.x
  I`v been looking throught idoc functions and couldn`t find one to return the users account permissions when they log in with active directory..
  How is this done..
  I`v noticed they added the code in 10g..
  <$userHasAccessToAccount("profile_account", "R")$>
  Thanks.
  Update:: I ended up just writing my own function that called a service returned AD info split the string and matched it against the account to return 1 = R, 2 = W, 4 = D, 8 = A
  R = 1
  RW = 3
  RWD = 7
  RWDA = 15

  In SCS 7.x
  I`v been looking throught idoc functions and couldn`t find one to return the users account permissions when they log in with active directory..
  How is this done..
  I`v noticed they added the code in 10g..
  <$userHasAccessToAccount("profile_account", "R")$>
  Thanks.
  Update:: I ended up just writing my own function that called a service returned AD info split the string and matched it against the account to return 1 = R, 2 = W, 4 = D, 8 = A
  R = 1
  RW = 3
  RWD = 7
  RWDA = 15

• How to do provisioning in Active Directory multiple lavel OU structure from FIM 2010 R2 with Country basis.

  Hi,
  I want to do provisioning in Active Directory multiple level Organization Unit(OU) from FIM 2010 R2  with country name basis.
  Suppose i have Asia,Europe,UK,USA region OU and they have another OU in Asia OU like India,china etc if country name is India then Users should be go in India OU and if  if country name is China then Users should be go
  in China OU.so please give me any idea on this this would be very helpful for me
  Regards
  Anil Kumar

   
  Do you have Region attribute in your user object? If yes, then you can do something like this
  "CN="+displayname+
  ",OU="+country+
  ",OU="+region+
  ",DC=mycompany,DC=local"
  If you don’t have region attribute, then you have to write own IIF statement for every county
  IIF(Eq(contry,"China",",OU=China,OU=Asia","")
  You can also parse your dn for synchronization rule in some other place (e.g. metaverse extension), but if you want to do it codeless, IIFs are the way to go.

• Could not connect to the Active Directory. Active Directory Certificate Services will retry when processing requires Active Directory access

  Event properties – Event 91, Level Error, Event ID 91, Date and time 5/10/2012 11:29:48AM, Service CertificationAuthority
  General: 
  Could not connect to the Active Directory.
  Active Directory Certificate Services will retry when processing requires Active Directory access.
  We have a Windows 2008 Server Enterprise with AD . I would like to enable the service  "Certificate Services"  that
  allow me to enable radius to authenticate users wireless with the active directory.

  Hi, 
  Can you please check this forum or someone from Microsoft, as we have post here dating back from October that are not being answered.
  Everything for us is exactly the same as szucsati and Racom
  NMNM, 
  Please give us an answer on this as the link provided is absolutely useless.
  Thank you.

• How to create user in local datasource when UME is already switched to LDAP

  HI,
  Info : I have portal ( NW 700),  recently i switched the datasource of portal to LDAP from local datasource.
  issue: if i create user in portal it get created in LDAP, i want create few users in Local datasource.
  how to create user in local datasource when UME is already switched to LDAP?
  one solution is change the ume back to local datasource > create user > then switch back to LDAP.
  do you know any other sol?
  Regards
  Shridhar Gowda

  Please let me know the Datasource file name .. i.e. the .xml filename.
  try to analyze this name and see whether you get a solution or post it here.
  Reward points if helpful -

• How to create user credit control via customization

  Hi !
  I have to create user credit control via Transaction :
  SPRO.
  path:
  Sales and Distribution->Basic Functions->Credit Management/Risk Management->Credit Management->Define Automatic Credit Control.
  I want to check the user checkbox, and create my logic
  of credit control.
  In the help of credit control screen, it says that i have
  to use user exits LVKMPTZZ and LVKMPFZ1.
  However when i looked for that user exits at SMOD
  that user exit don't exist !!!
  How do i use those user exits ? Why can't i find those user exit ?
  Can you give me please  a code example of how to use
  the user checkbox to change the logic of credit control ? or any material about the issue.
  thanks
  moshe

  Hi,
    You dont find the programs LVKMPTZZ and LVKMPFZ1 in SMOD transaction, check in SE38 by typing the program names, there you have the provision to write your custom code,
    As user exits are specific to the business, it would be difficult to send the sample code to cater the functionality expected by your business,
  Hope this helps,
  Rgds,

• Pre-populate adapter for setting the Active Directory OU for a user

  Hi All
  I created a pre-populate adapter that set the Active Directory OU for a user...
  In the end the status of the resource is still showing "provisioning"..
  It must be "Provsioned"..did I miss something ?
  The logs speak as below :-
  08:01:12,678 INFO [STDOUT] Running Create User
  08:01:12,678 INFO [STDOUT] Before appending Root Context:OU=Human Resources,
  08:01:12,678 INFO [STDOUT] tcUtilLDAPController.java : hierString : OU=Human Resources,dc=mydomain,dc=com
  08:01:13,553 ERROR [ACTIVEDIRECTORYCONTROLLER] Problem creating object: javax.naming.OperationNotSupportedException: [LD
  AP: error code 53 - 0000001F: SvcErr: DSID-031A0FC0, problem 5003 (WILL_NOT_PERFORM), data 0
  ]; remaining name 'cn=ASYMONDS'
  08:03:18,756 INFO [[xlWebApp]] action: LogonAction: User 'XELSYSADM' logged on in session 8116CBC0FA1481D06A207A1941B9
  E096
  08:22:31,256 ERROR [WEBAPP] Class/Method: ProvisionedResourcesForUserAction/confirmEnableSelection encounter some proble
  ms: No checkbox was checked.

  Just verify the OU value is correctly populated , first try doing the provisioning by manually giving OU and everything .
  Is it successful ?
  Then we can check if something wrong going with pre pop.
  Thanks
  Suren

• How to create user editable Crystal Report with dynamic dataset

  What I would like to achieve:
  A program loads a report in runtime updates list of database fields (possibly includes sample data), open report in "Crystal Reports 2011" (or 2008) where user customizes report and saves it. Later on the program loads the report, fills actualized data and displays it in .net report viewer.
  What I do:
  CrReport = New CrystalDecisions.CrystalReports.Engine.ReportDocument
  CrReport.Load(TemplateFilename)
  Dim Results As DataTable
  DataTable is filled from a database
  CrReport.SetDataSource(mResults)
  CrReport.SaveAs(NewReportPath, True)
  The NewReportPath is opened in the default program.
  What are the problems
  The report is open in preview mode (not in design).
  When the field is added to the report the designer asks for XML datasource on preview.

  The short answer is that it is not possible. I broke the question to other two: How to save a report that it opens without preview? and How to create user editable Crystal Report with dynamic dataset, where it is possible to find details. Key answer is Re: How to create an editable previewable report?

• How to create user's in Middleware

  Hi All,
  How to create user's in Middleware(J2EE stack).When we create user's in ABAP stack it has to reflect that user in J2EE stack also. In old version of mobile using WebConsole there was an option by running that program able to see created user's in ABAP stack in WebConsole too. What I mean to say how can get user's synchoronization in between ABAP stack and J2EE stack. Is there any link to know better Administration of J2EE stack. Please let me know
  Thanks in advance.
  Regards,
  Ameer Baba.

  hi Ameer,
  You arent able to see the ABAP users on your Java stack simply due to the fact that the User management Engine of Java stack is not properly configured to connect to a particular client of ABAP stack.
  Please check this link for more information
  http://help.sap.com/saphelp_nw2004s/helpdata/en/45/1bbdccc7850064e10000000a1553f7/content.htm
  If you are still unable to solve the problem please address it in UME forums so that you get a speedy resolution
  regards
  sunil

• How to create User Portal in OID programmatically in JSP

  Hi.
  I want to create User Portal programmatically in JSP (if posible) or have to use procedure.
  I check with package wwsec_api, it just have 'function
  add_portal_user', but it say we must have "the user must already exist in OID before this function is called."
  So, i checked for 'how to create User in OID'. What i got (in metalink)just methods that 'Create manually Portal Users in to OID' by LDAP or PL/SQL coding (with list of user in flat files).
  What i want to do is, How to create User POrtal in OID by JSP? What are the procedure/table/method involved?
  Do anybody have any samples?..
  Thanks.

  I had to write my own because I could not find one anywhere. Here is an addUser() method that seems to work pretty well.
  import oracle.ldap.util.jndi.ConnectionUtil;
  import javax.naming.directory.*;
  import javax.naming.*;
  public class LdapUser
  public LdapUser(){}
  public void addUser(String pUsername, String pPassword, String pFirstName, String pLastName, String pEmail)
  try
  InitialDirContext ctx = ConnectionUtil.getDefaultDirCtx("host", "port", "orcladmin", "pwd");
  BasicAttributes attrs = new BasicAttributes();
  BasicAttribute oc = new BasicAttribute("objectclass");
  oc.add("top");
  oc.add("person");
  oc.add("inetOrgPerson");
  oc.add("organizationalPerson");
  oc.add("orclUser");
  oc.add("orclUserV2");
  attrs.put(oc);
  BasicAttribute gn = new BasicAttribute("givenName", pFirstName);
  attrs.put(gn);
  BasicAttribute sn = new BasicAttribute("sn", pLastName);
  attrs.put(sn);
  BasicAttribute cn = new BasicAttribute("mail", pEmail);
  attrs.put(cn);
  BasicAttribute pwd = new BasicAttribute("userpassword", pPassword);
  attrs.put(pwd);
  // Etcetera, etcetera...
  ctx.createSubcontext("cn="+pUsername+",cn=users,dc=whatever,dc=com", attrs);
  ctx.close();
  System.out.println("Success!!");
  catch (NameAlreadyBoundException nabe)
  System.out.println("Username is already in use. Please choose another.");
  catch (NamingException ne)
  System.out.println("NamingException: " + ne);
  catch (Exception e)
  System.out.println("User account was not created.");
  }

• How to create users on JDI

  Hi
  How to create users on JDI... how to access JDI....
  I want to create users, groups in JDI
  Please help me....
  Thanks & Regards
  Ravi Shankar B

  Hi
  What is the difference b/w Inactive, active and Local DCs...
  In inactive and active DCs i am not getting any thing... why?
  and i need to know how to do the following configuration.....
  Creating Users
  The following shows you how to create various users. Developer and Admin are just placeholders for actual people. CMSadm, on the other hand, is the user name recommended by SAP for the CMS user used by the CMS to access the DTR, CBS, and SLD.
  .1Choose Create User.
  .2Create the users Developer, Admin, and CMSadm, in this order.
  Assigning Users to Groups
  .1 Choose Groups.
  The Groups screen appears.
  .2 In the Groups field, select the JDI.Developers role and choose Assign Users to ...
  The Assign User(s) screen appears.
  For more information, see the installation manual of SAP NetWeaver Development Infrastructure.
  .3 Choose Add User ...
  The Search for User screen appears.
  .4 Enter the user ID Developer and choose Search.
  The Search Result(s) screen appears.
  .5 In the list, select the Developer user and choose Select.
  On the Assign User(s) screen, you see a list of all users that have the JDI.Developers role. Developer has now also been included in the list.
  .6 In the same way, assign the JDI.Administrators role to the users Admin and CMSadm.
  If the SLD is installed on a separate J2EE Engine, you must also create the users Developer and CMSadm in this Engine as well.
  Thanks & Reagards
  Ravi Shankar B
  Message was edited by: RaviShankar B

• How to create user dsn for microsoft access driver(*.mdb,.*accdb) in 64 bit

  hi,
  how to create user dsn for microsodt access driver(*.mdb,*.accdb) using command line in 64 bit.
  i have installed 64 bit drivers and when use following command
  C:\Windows\System32>odbccad.exe CONFIGDSN "Microsoft Access Driver (*.mdb,*.accdb)" "DSN=GLDatabase|Description=GL Data Source|DBQ=C:\DataBase\1.mdb"
  CONFIGDSN:'unable to create a datasource for the "Microsoft Access Driver (*.mdb,*.accdb)" component not found in the registry with the error code -2147467259
  but it works with C:\Windows\SysWow64

  yes i have installed Microsoft Access Database engine 2010 redistributale => AccessDatabaseEngine_x64.exe
  i can able to create user dsn using odbccad32.exe in system32 folder but using command line its not working
  C:\Windows\System32>
  odbccad.exe CONFIGDSN "Microsoft Access Driver (*.mdb,*.accdb)" "DSN=GLDatabase|Description=GL Data Source|DBQ=C:\DataBase\1.mdb"
  CONFIGDSN:'unable to create a datasource for the "Microsoft Access Driver (*.mdb,*.accdb)" component not found in the registry with the error code -2147467259

• How to create users in SAP BO (in cmc)

  Hi All,
  How to create users in SAP BO (in cmc) (pls step by step).
  Thanks in Adavance,
  Nitin

  Hi Erika
  I need your help
  "Account information not recognized.The secLDAP Security Plugin is not enabled.contact your system administrator for details."
  I am getting an error page when i am try to access BO reports from Flex UI.
  This BO reports should work in the same single sign on session with Flex UI as per the application developed.
  Note :The same users when login directly login to BO get access..