Whether WLC support LDAP Secure ?..

Similar Messages

• Internal error message configuring LDAP security options in CMC

  After entering LDAP security information in Central Management Console - option authentication, when clicking 'Finish' an error message appears: "internal error in secLdap complement".  How can I solve this problem ?

  Hi,
  Please check that whether you are following the proper steps while configuring the LDAP.
  You can refer the BusinessObjects Admin guide for the configuration:
  http://help.sap.com/businessobject/product_guides/boexir31/en/xi3-1_bip_admin_en.pdf
  And also, please check troubleshooting section for more information.
  Regards,
  Noor.

• WLC and LDAP Groups

  Is there any way on an LDAP server to create an LDAP group that can be tied to the WLC for LDAP authentication.  I have this url that explains local authentication and LDAP...  http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a008093f1b9.shtml .  That helps with local authentication but one thing I don't see is any guidance on how to create a group in a DC to communicate with anything on WLC.  Any ideas?

  You are right. You need a radius server overall that integrates with AD and do AD-to-radius group mapping. This way authentication is allowed/denied from radius, not WLC itself.
  If the user can get a radius server to achieve this that will be great (especially if the user is using 802.1x/EAP authenticaion). If not, what I described about OU mapping is the only solution to get the users classified as per what I understood from users requirements.
  The user is not only limited to Microsoft RADIUS (IAS or NPS). However, any radius server that supports AD group mapping can be used. with cisco ACS for example this is supported as well. I am not sure if this is also supported with open-source radius (openRadius for example). But if it is then openRadius can also be used.

• Can anyone help me answer whether Robohelp has a secure ftp (sftp) or secure http connection protocols?  it only lists ftp or http, but not specifying if secure? Thanks.

  Can anyone help me answer whether Robohelp has a secure ftp (sftp) or secure http connection protocols?  it only lists ftp or http, but not specifying if secure? Thanks.

  Hello again
  First off, sorry for confusing anyone with the WYSIWYG reference. Failed attempt at humor. Ah, live and learn.
  Can you expound on what you mean when you say: But there does seem to be “disagreement” regarding whether RH supports HTTPS?
  If you are only referring to this thread, are you sensing "disagreement" because Willam said you can serve content to users?
  Here's the deal. I sort of "read between the lines" with your post and made an assumption and it seems I may have needed to ask you to clarify before tossing an answer out. The assumption I made was based on your statement of: it only lists ftp or http
  That made me believe you were referring to the Publish section in the Single Source Layout properties. (shown below)
  This dialog allows you to specify a protocol used to UPLOAD your generated content to a server.
  What Willam was referring to was the END USERS viewing the content AFTER it has been uploaded.
  Cheers... Rick

• LDAP Security Realm

  Using Weblogic 7.0 I have an LDAP security realm setup with the LDAP URL admins
  user name and password. I want to be able to interface this connection to access
  the LDAP and make changes to user information within in the ldap. Right now in
  my code I make a connection to the LDAP and supply the same user name and password
  set up in the LDAP security realm. I want to be able to rather then re-supply
  the URL and user name and password in my code I want to be able to just get that
  (or create a connection simil;ar to a jdbc connection pool) connection to the
  LDAP that configured in the Security Realm. Is this possible? And how would I
  go about it if so?
  Thanks
  Sjb

  the LDAPConnection pool which is used WLS Realm is not accessible to public
  for programming.
  thanks
  kiran
  "Sjb" <[email protected]> wrote in message
  news:3f5744c1$[email protected]..
  >
  Using Weblogic 7.0 I have an LDAP security realm setup with the LDAP URLadmins
  user name and password. I want to be able to interface this connection toaccess
  the LDAP and make changes to user information within in the ldap. Rightnow in
  my code I make a connection to the LDAP and supply the same user name andpassword
  set up in the LDAP security realm. I want to be able to rather thenre-supply
  the URL and user name and password in my code I want to be able to justget that
  (or create a connection simil;ar to a jdbc connection pool) connection tothe
  LDAP that configured in the Security Realm. Is this possible? And howwould I
  go about it if so?
  Thanks
  Sjb

• LDAP security provider and web service authentication

  Background: we are currently developing web services to our existing weblogic application. Our users can configure user/password authentication in one of three ways: database, LDAP, or SSO. Setting SSO aside, we need to implement the same authentication for database and LDAP that we use in our existing logon servlet in our web services. In our servlet we detect which they are configured for and, if database, authenticate the encrypted password to a database table we have for user id/password. If LDAP we use weblogic.servlet.security.ServletAuthentication and the weak() method to authenticate.
  We've to use SOAP headers to communicate username/password from the client to the web service. We want to code a SOAP message handler to grab the username/password and do the authentication there. We've successfully put something together that handles the database authentication no problem and are now struggling with how to handle the LDAP authentication. We distribute a LDAP security provider we've coded for LDAP authentication. I guess what I am looking for is an equivalent functionality provided with weblogic.servlet.security.ServletAuthentication. Note that I realize the weblogic.servlet.security package has been deprecated starting with Weblogic 9.0 but cannot find what functionality replaces it. Any help there would be appreciated as well.
  Note that I am fairly new to web service development (about 10 months now) and definitely new to web service security and Weblogic security. I tried digging into the volumes of documentation out there regarding these two topics but am simply having a difficult time sorting it all out and figuring out how to do what I want to do.
  Thanks in advance!
  Julia

  Hi,
  Add Provider (LDAP Credentials) in Admin console Security Realm --> defaultrealm -->Providers. Configuring Ldap in Admin Console will enable Admin Server to connect to LDAP. All the LDAP preconfigured Users/Groups will be available in Users and Groups Tab of Security Realms >defaultrealm >Users and Groups. Add Roles using Security Realms >defaultrealm > Roles and Policies > Global Roles > Roles. Add Role Conditions to the role by specifying users/groups configured in LDAP. If your webservice runs with SSL Anotate the Webservice file something like this below.
  @RolesAllowed({
  @SecurityRole(role="test")
  @Policy(
  uri="policy:Wssp1.2-2007-Https-UsernameToken-Plain.xml",
  attachToWsdl=true)
  Here the role is Preconfigired role in AdminConsole. Add the following tag in the soapenv:header.
  <soapenv:Header>
  <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <wsse:UsernameToken>
  <wsse:Username>test</wsse:Username>
  <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</wsse:Password>
  </wsse:UsernameToken>
  </wsse:Security>
  </soapenv:Header>

• Using LDAP security in Oracle BI Publisher.

  Hi,
  We have newly set up BIP for an environment and we have enable Oracle BI Server security model and only Administrator and Super user has access to view all BIP reports.
  Now some of the business users want to have access to BIP reports and folders. These Users are having access OBI dashboards through LDAP and Object level security is defined by webgroups coming from Siebel source, they are wishing to navigate from OBI to BIP through Products link.
  In this case, we thought to enable LDAP security model in BIP, but how Administrator Access will work after we enable LDAP security model. There are some BIP reports embedded in OBI dashboards, will they work after enabling LDAP security.
  Please advise.
  Thanks
  Krishna

  Please let me know if someone can help on this.
  Thanks
  Krishna

• Unable to setup WLC for LDAP

  Hi,
  I'm trying to setup WLC for LDAP to authenticate the users. I have all the components required according to cisco's document. WLC4402, LAP1142N, 2008 AD serving as LDAP.
  I'm configuring according to the document and also trying same settings from other users on this forum who (seems to) have got the WLC-LDAP up and working. My problem is that I'm receiving the below debug message on the controller and there is nothing on the internet on this error:
  *LDAP DB Task 1: Apr 28 10:05:35.903: LDAP server 1 changed state to IDLE
  *emWeb: Apr 28 10:09:21.046: aaaLdapServerStateSet [1] changed state to 'DISABLED'.
  *emWeb: Apr 28 10:09:21.046: aaaLdapServerStateSet [1] changed state to 'ENABLED'.
  *LDAP DB Task 1: Apr 28 10:09:21.052: ldapTask [1] received msg 'CLOSE' (4) in state 'IDLE' (1)
  *LDAP DB Task 1: Apr 28 10:09:21.055: ldapClose [1] called lcapi_close (rc = 1008 - Invalid client handle)
  *LDAP DB Task 1: Apr 28 10:09:21.055: LDAP server 1 changed state to IDLE
  I'm getting this error regardless of the authentication type, any username and attributes. So it makes me think WLC is not even trying to bind to LDAP. If the error was invalid credentials or something mismatch or something, it gives me some information to base my troubelshooting but I just can't find information on this (rc = 1008 - Invalid client handle) message.
  I appreciate any input you guys have. Also if you need me to post my config screenshots or anything else, then please let me know
  Thanks,
  Delgee

  Hi Nicolas,
  Thanks for the reply.
  I've tried with Softterra LDAP browser and it is working fine. I can browse everything with the account I'm using for binding.
  The funny thing I found out is that the LDAP authentication is actually working, when I try to connect via wireless and enter my AD account the on web auth page, it logs me in. So it is authenticating agains LDAP but why I'm getting this error, I don't know.
  Any idea?
  Regards,
  Delgee

• "Unknown error : Support information ; Security Code - 359"

  I've got a user who is attempting to input his digital signature however upon doing so he receives the error message "Unknown error : Support information ; Security Code - 359"
  Does any one eccountered this problem and knows how to fix it?

  I think that you may have the answer already, contact iTunes Store Support. I see more users posting about purchasing problems with that game than I have ever seen with any other game or App since I have been participating here over two and a half years ago.
  Email iTunes Store Support and seek their help.
  https://expresslane.apple.com/Issues.action
  If you really want to try something other than contacting support, try signing out of your ID, restart the iPad and sign into your ID again. Then try to update the information again. I do believe that you will have to contact iTunes Store Support in order to resolve this.

• Does a 2504 WLC support mobility group with WiSM1 on 6500 Series

  if a 2504 WLC support mobility group with WiSM1 on 6500 Series.
  Model: WLC 2504
  Software version: 7.3.101.0
  Model: WiSM1
  Software verion: 7.x.x.x

  Yes and no. 
  Yes, mobility is supported.  
  No because I personally won't recommend inter-controller roaming.  This is more true when you're dealing with 4400/WiSM-1.  This is even more true when you've got WLC running two (or more) different codes.  

• WLC and LDAP

  Hi to all,
  i want to use local-eap+LDAP (microsoft AD) and i'm experiencing some issue.
  First of all i'm not able to bind WLC and LDAP...if a perform a debug aaa ldap enable i get this output:
  Any idea about how to solve this issue?
  Regards
  Ale

  It sounds like .... invalid credentials ? :-)
  Please post your LDAP config on WLC.
  Is your admin username with which you're binding within the search context that you defined ? this is very important

• Does SES11g support ACL security model in ECM11g

  hi Experts:
  Does SES11g support ACL security model in ECM11g?
  All information I got is negative, but need some comfirmation, sometimes documentation is not accurate.
  If the answer is yes, could you give me a doc url I can reference?
  Best regards

  Hi
  I think that you can have the ACL security enabled on SES searching as well . When creating the source on SES there is a option which mentions if the source's ACL security is to be used or not .
  So if that option is selected then I believe the same can be used on ses searching as well .
  Try it and let me know how it works .
  Thanks
  Srinath

• Y do i have this, i paid ten $ for something that was to support my security camera and so far have not seen any way to do that

  Y do i need this program?

  What program are you talking about, and where did you read that your un-named program would support your security camera?

• IPlanet v5.0 support LDAP protocol v1?

  Does iPlanet v5.0 support LDAP protocol v1?
  Trying to test iPlanet Directory Server 5.0 without success. Netscape
  Directory Server versions 4.11 and 4.13 operate with no problem.
  -- Jim

  No.
  Elaine Julius wrote:
  Does iPlanet 5.0 LDAP support transaction control? That is, is there a
  way to ensure that a number of directory operations either all
  complete succesfully or all fail?
  Thanks
  Try our New Web Based Forum at http://softwareforum.sun.com
  Includes Access to our Product Knowledge Base!

• Understanding LDAP Security Groups - Need assistance...

  Hi,
  Can someone walk me through a simple step-by-step outline of how to adjust LDAP security groups so that they work properly with report objects and folders.  I've added a number of LDAP groups to our server and see the user accounts in them but am having difficulty understanding how to apply these groups to the right folders and have access behave correctly.  As an example I have a couple groups where a few users are in LDAP under MKTDEPT and others are under SYSUSR.  A few users are in both.  I want to give MKTDEPT view rights to a folder whereas SYSUSR gets schedule rights.  I'm having an issue with teh Everyone group in that I have to set it to at least 'view' for anyone to see anything.  This is even though the MKTDEPT and SYSUSER user security is set lower.  So what's the best approach to get this to work right?  Any steps or documents that could help me out would be terrific.
  Thanks,
  Dom

  Dominic,
  Most of the information you need is in the Administration Guide.
  That said, here's how I would do it:
  Lets say MKTDEPT has users A,B,C,D,E and SYSUSER has users B,C,D,H,J. Lets call the folder you want to assign rights to as (rather unimaginatively) FolderA.
  For FolderA, set the following rights.
  Everyone Group --> No Access
  MKTDEPT --> View
  SYSUSER --> Schedule
  The problem now is dealing with users that belong to both group. For this, I would create a new (Enterprise) group called MKTSYS and add the common users to that group. This group would get Schedule rights to FolderA.
  Also, as a practice, it is best to create Enterprise copies of your LDAP groups (especially since you have users that can belong to multiple LDAP groups). So, you would have
  *MKTDEPTENT which contains users in the MKTDEPT LDAP group.
  SYSUSERENT  which contains users in the SYSUSER LDAP group.*
  I would then add these groups to the list of groups with access to FolderA.
  So, the list of groups with access to FolderA would be:
  Everyone
  MKTDEPTENT
  SYSUSERENT 
  MKTSYS
  and the rights would be:
  Everyone Group --> No Access
  MKTDEPTENT --> View
  SYSUSERENT --> Schedule
  MKTSYS --> Schedule
  Please note that the Everyone Group does not need to have View access. That said, the Everyone Group does need to be in the access list for FolderA.
  Also, while this method of replicating LDAP group structure in BO creates additional administrative work, I am of the opinion that it is a small price to pay to prevent unauthorized access.
  Hope this helps,
  Srinivas