Windows users authenticating in OID in Unix

Hi !!!
I am newbie with LDAP and OID, so If anyone can help me...
I have a Computer Associates Aplication which authenticate users against LDAP server but this application is installed in a Windows 2003 Server.
This application already query OID sucessfuly, because this application simply point to OID server through it´s configuration.
My problem is for authenticate users against OID because in Computer Associates Application does not have any configuration to tell authentication server.
What I must configure to tell the Computer Associates Application, or Windows 2003 server to authenticate the users in OID instead locally??

Hi !!!
I am newbie with LDAP and OID, so If anyone can help me...
I have a Computer Associates Aplication which authenticate users against LDAP server but this application is installed in a Windows 2003 Server.
This application already query OID sucessfuly, because this application simply point to OID server through it´s configuration.
My problem is for authenticate users against OID because in Computer Associates Application does not have any configuration to tell authentication server.
What I must configure to tell the Computer Associates Application, or Windows 2003 server to authenticate the users in OID instead locally??

Similar Messages

  • CM User authentication from OID

    Folks,
    I like to authenticate users from OID.
    That being the case, when I add users from the cm admin interface, would it add the users both in the cm schema tables and also in the OID, or just in OID?
    Conversely, if add users into OID using say some ldap client, will the users show up on the cmsdk admin screen?
    In case the user entries must be duplicated in both schema and OID, what is an elegant way to sync both? Can someone give any pointers to any available literature or samples in this regard?
    Thanks in advance,
    Bala.

    Hi
    If you are using 10g then you can use the OID Credential Manager Agent. Have a look in Appendix C of the CMSDK 10g Adminstrators guide.
    Regards

  • SAP User Authentication via Windows Active Directory

    The non-profit company I work for as an SAP Security Admin has been using SAP since 1999.  We are currently running ECC 6.0, BI 7.0, and CRM 7.0.  With fewer than 300 SAP users, we have not implemented CUA, so each of our multiple clients in these systems is managed independently. 
    The company recently licensed and implemented some non-SAP software to be used by all of our employees (~1200) in keeping track of & catagorizing their work time; a very handy feature of this software is that it depends upon Windows Active Directory for user authentication.  Therefore, each employee logs into this time-keeping package by entering his/her standard PC userID & password.  If you can log onto your PC, you can log into the time-keeping software. 
    That got me thinking & researching, because our SAP users - especially those who have access to three or more SAP clients - must maintain their passwords independently in each SAP client that they hope to access in the future.  I'm certainly not the first person who has thought of how nice it would be to permit SAP users to log into all SAP clients across the landscape in which they have defined userIDs, using the same password that they are using to log into their PCs (i.e., the password that is stored & maintained in Windows Active Directory).  My quest has led me to find presentations on this topic that typically involve modules we aren't using & very complicated configurations that we really lack the time & resources to employ; or, to third-party solution providers who claim to be certified SAP partners who would love to sell us more software to provide this convenience, usually irelated to single sign-on, LDAP, etc.  The lowest pricing tier for such software usually would cover many times the number of SAP users we have to serve here - and it feels like trying to push in a tack using a sledgehammer.  It is true that we have not used the same userID for our PCs that we have defined in SAP, so there would need to be some way to translate from one to the other, but our PC password rules are consistent with those we have configured in SAP clients, so it seems to me it should be very simple.   Can anyone lead me to a more straightforward solution?  If not, can you articulate why this has to be so complicated using SAP software when it seems so simple using relatively inexpensive timekeeping sotware?

    >
    Gagan Deep Kaushal wrote:
    > Hi Tim,
    >
    > Its nice to see video.
    >
    > Is that mean using different username on OS and SAP level still we can achieve SSO.
    >
    > Correct if if am wrong.
    > The only thing we need to maintain SNC name.
    Once installed, yes. This is all you need to maintain when users are added. You can even use LDAP if you like to sync all user info between SAP and MS AD domain, but this cannot sync the password, so using SNC authentication instead of using SAP passwords is ideal.
    >
    > So for user test1 i can manage name as p:test2.....  ??
    Yes, that is correct. The mapping is maintained using standard SAP user management, such as su01. The user in AD domain might have long account name, e.g. "firstname.verylonglastname" which is too big for use as a SAP username so you can map this long AD account name onto a SAP user called FIRSTLAST in one or more SAP clients.
    >
    > I think that is what Ronald is also looking, user name need not to be same.
    >
    > Regards,
    > Gagan Deep Kaushal

  • ACS user authenticating through Windows Database

    Hello,
    Please, i need a document/ guideline on how to configure ACS 4.2 user authenticating through Windows Database and the ACS server is running on an appliance.
    Please, help.
    Regards,
    Ethelbert

    Hi,
    If you delete the user in AD, then it would not authenticate the user even if the dynamic mapped user exists in the ACS database, as the password would not be verified from the AD for the user.
    The dynamically mapped user entry would still exist in ACS and would not get deleted if the user is deleted from AD.
    tnx
    somishra

  • How to change user authentication program in windows 8.1

    hello everyone,
    i have developed a user authentication program through mouse gesture dynamics. 
    My program identifies user by its mouse gesture.
    now , i want to use this authentication program when windows boots,  and users would be authenticated by my program
    (instead of windows default password authentication.)
    can you please tell me how should i do this. how to use my program, where to place this in OS code. ?
    thank you
    ravi 

    Friz_ wrote:
    I'm changing some stuff in the way of usernames and pictures right now, but I just can't figure out how to change my display name. I know I can't change my full name in skype, but I know I've changed my display name a few times before. Most of the threads I found on this were a few years old.
    https://support.skype.com/en/faq/FA110/can-i-change-my-skype-name-or-display-name-in-skype-for-windo...

  • Windows Authentication Kerberos - Logon with different windows user

    I've successfully set up Windows Integrated Authentication/SPNego/Kerberos logon on my portal.  Now when I launch the portal from a workstation I am logged on automatically with my Windows userid without needed to provided userid and password again - very happy!
    When I press logoff the portal returns to the logon screen, sees that I've got a kerberos ticket, and logs me straight back on!  Not happy!
    As an administrator or as a super user, it is sometimes necessary to log on with an administrative userid or to visit an end user and log on as myself on their workstation.  Therefore, I need a mechanism to override the automatic logon and force a basic password prompt screen.
    As I understand it I can achieve this by creating a special iView with its own authscheme which does not use SPNego.  I could either point the logoff redirect url setting to this iView or I could simply enter the quicklink for the iView in the browser.  Will this circumvent the automatic logon and, if so, is there anything special I need to do to achieve this?
    I had hoped to use the standard logon screen as the iView.  I've got that stored in a par file (along with my corporate icons and a link to local help files).  I uploaded the par file through system administration - support - portal runtime - administration console and thought I might be able to see that when I created a portal component iView but it's not visible.  Should it be?

    When I need to logon as a test user, I find it easier to disable the integrated Windows authentication in the browser. You can do that in the menus, but I change the registry. Create two text files (e.g., DisableKerb.reg and EnableKerb.reg)
    Disable.reg:
    Windows Registry Editor Version 5.00
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
    "EnableNegotiate"=dword:00000000
    Enable.reg:
    Windows Registry Editor Version 5.00
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
    "EnableNegotiate"=dword:00000001
    Then just double-click to change your authentication mechanism.
    Regards,
    Sean

  • Forms Authentication Error: User '' does not have required permissions. Verify that sufficient permissions have been granted and Windows User Account Control (UAC) restrictions have been addressed

    I created a custom security extension following the steps listed in the Readme_Security Extension Sample. It works fine if I login as the user that is specified AdminConfiguration section of the rsreportserver.config file but if I
    log in as another user, I get this error: User '' does not have required permissions. Verify that sufficient permissions have been granted and Windows User Account Control (UAC) restrictions have been addressed.  I've added the user to both System Administrator
    and System User roles to try to get it to work but still no luck.
    Does anyone know how to fix this?
    Thanks.

    Hi MetronM,
    The issue is due to that user have no permission to access the report server. In report manager, Reporting Services includes predefined roles that we can assign to users and groups to provide immediate access to a report server. Each role defines a collection
    of related tasks.
    You can refer to the following steps to assign corresponding role to the user.
    Open report manager.
    Click “Folder Setting” button. 
    Click “New Role Assignment” icon.
    Type the user name and select the corresponding role.
    There is an article about Granting Permissions on a Native Mode Report Server, you can refer to it.
    http://technet.microsoft.com/en-us/library/ms156014.aspx
    Regards,
    Alisa Tang
    Alisa Tang
    TechNet Community Support

  • Windows Native Authentication with 2 (multiple) AD domains

    I have managed to get Windows Native Authentication for Oracle Application Server 10g (9.0.4) on Windows working. The following has been done and works in a test environment:
    Phase 1) Active Directory (AD) to Oracle Internet Directory (OID) Synchronization
    Phase 2) Configure a Kerberos Service Account for the Single Sign-on
    Currently all the above setup points to a single windows active directory server, i.e. active1.uk.oacle.com. This is acceptable for a test environment, but before the changes can be deployed to production I need to incorporate some disaster recovery.
    The active directory is replicated across multiple servers – i.e. active1.uk.oacle.com, active2.uk.oacle.com. In the event that the primary active directory server is unavailable Oracle users should still be able to access applications. I need to incorporate active2.uk.oacle.com into the above setup.
    Questions:
    1)Can I get away with not incorporating active2.uk.oacle.com into phase 1. If the users have been pulled into OID then we are not particular concerned with pulling in new users in a disaster situation.
    2)Can I configure the Oracle side of the Kerberos setup to use multiple realms with an order or precedence – i.e. try active1.uk.oacle.com, then try active2.uk.oacle.com. I would generate a keytab file from each server.
    Ideally I would like to just modify the Kerberos setup to check active1.uk.oacle.com then active2.uk.oacle.com. Is this a workable approach? If yes how do I proceed? I believe the krb5.ini and opmn.xml need to be amended.
    Thanks

    Does anyone have any ideas on how to do this????

  • CF Admin login fails (invalid pw) for Windows User other than the one used to install CF 10

    I installed CF 10 on a server running Windows Server 2008 R2 Standard having logged into the server as a Windows user in the administrator group.  I set up CF 10 Administrator to use a single password (the default).  I can log into CF Admin when authenticating to the server with the same Windows credentials used when installing CF 10 but if I log into the server as another Windows user in the administrator group I cannot log into CF Admin; I get an Invalid Password error.  I thought the whole point of the single password was so that anyone who can log into the server could log into CF Admin.  It works like that for my CF 8 and CF 9 machines.

    It is a new design, based on security issues that arose in previous ColdFusion versions. See, for example, Charlie Arehart's blog for more details.

  • Windows domain authentication on Oracle Secure Global Desktop

    Hello,
    I made an upgrade of my oracle secure global desktop 4.62 version to 5.1 version.
    The problem is, I was using Windows Domain Authentication in 4.62 and this kind of authentication is not available in the 5.1 version.
    So now, my users cannot log in the application.
    Do you have a solution ?
    Thanks

    What are you authenticating to specifically?  An AD server?  Are you using any of the supported authentication mechanisms now supported?
    http://docs.oracle.com/cd/E41492_01/E41495/html/sgd-authentication.html#system-authentication-mechanisms-table

  • Windows Integrated Authentication on an ABAP data source

    Dear Experts,
    I have to implement Windows Integrated Authentication in my portal. By using Kerberos & SPNEGO, we can implement very easily if portal user id & windows (ADS) user id is same. But my scenario is windows id & portal id is different & data source is already configured as ABAP. Can you suggest me how we can achieve this requirement.
    Regards,
    VENU

    Hi,
    isnt the property krb5principalname used to define the mapping of the user ID when you cannot use the AD standard samaccountname?
    I think that the mapped user ID (as provided by krb5principalname) must be identically with the ABAP userID. When the ABAP user ID isn't present in the LDAP information, SSO won't be possible. Somehow he needs to publish the ABAP user ID into the AD.
    SAP Help:
    http://help.sap.com/SAPHELP_NW70EHP1/helpdata/EN/43/4c363ac31e30f3e10000000a11466f/frameset.htm
    http://help.sap.com/SAPHELP_NW70EHP1/helpdata/EN/43/4c3725aeaf30b4e10000000a11466f/frameset.htm
    br,
    Tobais

  • CE 7.2 NWDS wdp ws client user authentication error

    Hello CE 7.2  experts !
    I am running a CE 7.2 sp 01 env with NWDS. In my landscape I have some webservices running on PI 7.1.
    I am trying to develop a webdynpro webservice client. When run gets user authentication errors.
    I have configured the Service Groups, provider systems, http destinations etc for this webservice.
    After I have successfully build and deployed the wdp app I am getting error on the wdp gui screen like this:
    Exception on execution of web service with WSDL URL 'http://xxxxxxx.lxx.xxxx.xxx:50000/dir/wsdl?p=sa/595aaad7bedb3cf89546e4651ea9954d' with operation 'GetBudgetRequest_out' in interface 'GetBudgetRequest_out'
    And in log trace:
    Invalid Response code (401). Server <http://xxxxxxx.lxx.xxxx.xxx:50000/XISOAPAdapter/MessageServlet?senderParty=&senderService=SLF&receiverParty=&receiverService=&interface=GetBudgetRequest_out&interfaceNamespace=http%3A%2F%2Fsfso.no%2Fagresso%2Fslf> returned message <Unauthorized>. Http proxy info:  none
    [EXCEPTION]
    com.sap.engine.services.webservices.espbase.client.bindings.exceptions.TransportBindingException: Invalid Response code (401). Server <http://xxxxxxx.lxx.xxxx.xxx:50000/XISOAPAdapter/MessageServlet?senderParty=&senderService=SLF&receiverParty=&receiverService=&interface=GetBudgetRequest_out&interfaceNamespace=http%3A%2F%2Fsfso.no%2Fagresso%2Fslf> returned message <Unauthorized>. Http proxy info:  none
    at com.sap.engine.services.webservices.espbase.client.bindings.impl.SOAPTransportBinding.handleSOAPResponseMessage(SOAPTransportBinding.java:561)
    at com.sap.engine.services.webservices.espbase.client.bindings.impl.SOAPTransportBinding.call_SOAP(SOAPTransportBinding.java:1316)
    at com.sap.engine.services.webservices.espbase.client.bindings.impl.SOAPTransportBinding.callWOLogging(SOAPTransportBinding.java:952)
    at com.sap.engine.services.webservices.espbase.client.bindings.impl.SOAPTransportBinding.call(SOAPTransportBinding.java:907)
    at com.sap.engine.services.webservices.espbase.client.dynamic.impl.DInterfaceInvokerImpl.invokeOperation(DInterfaceInvokerImpl.java:76)
    at com.sap.tc.webdynpro.model.webservice.model.WSGenericModelClassExecutable.execute(WSGenericModelClassExecutable.java:73)
    at com.sap.tc.webdynpro.model.webservice.gci.WSTypedModelClassExecutable.execute(WSTypedModelClassExecutable.java:49)
    at com.sap.demo.wd_slf_proj.wd.comp.slf_getbalancecomp.SLF_GetBalanceCustom.executeRequest_GetBudgetRequest_Out(SLF_GetBalanceCustom.java:189)
    at com.sap.demo.wd_slf_proj.wd.comp.slf_getbalancecomp.wdp.InternalSLF_GetBalanceCustom.executeRequest_GetBudgetRequest_Out(InternalSLF_GetBalanceCustom.java:153)
    at com.sap.demo.wd_slf_proj.wd.comp.slf_getbalancecomp.SLF_GetBalanceCompView.onActionSendReq(SLF_GetBalanceCompView.java:187)
    at com.sap.demo.wd_slf_proj.wd.comp.slf_getbalancecomp.wdp.InternalSLF_GetBalanceCompView.wdInvokeEventHandler(InternalSLF_GetBalanceCompView.java:165)
    at com.sap.tc.webdynpro.progmodel.generation.DelegatingView.invokeEventHandler(DelegatingView.java:142)
    at com.sap.tc.webdynpro.progmodel.controller.Action.fire(Action.java:75)
    at com.sap.tc.webdynpro.clientserver.phases.ProcessingEventPhase.doHandleActionEvent(ProcessingEventPhase.java:159)
    at com.sap.tc.webdynpro.clientserver.phases.ProcessingEventPhase.execute(ProcessingEventPhase.java:94)
    at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequestPartly(WindowPhaseModel.java:162)
    at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doProcessRequest(WindowPhaseModel.java:110)
    at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:97)
    at com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:514)
    at com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:55)
    at com.sap.tc.webdynpro.clientserver.cal.ClientApplication.doExecute(ClientApplication.java:1652)
    at com.sap.tc.webdynpro.clientserver.cal.ClientApplication.doProcessing(ClientApplication.java:1466)
    at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doApplicationProcessingStandalone(ApplicationSession.java:884)
    at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doApplicationProcessing(ApplicationSession.java:856)
    at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:343)
    at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:315)
    at com.sap.tc.webdynpro.serverimpl.core.AbstractDispatcherServlet.doContent(AbstractDispatcherServlet.java:87)
    at com.sap.tc.webdynpro.serverimpl.wdc.DispatcherServlet.doContent(DispatcherServlet.java:76)
    at com.sap.tc.webdynpro.serverimpl.core.AbstractDispatcherServlet.doPost(AbstractDispatcherServlet.java:62)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
    at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:152)
    at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:38)
    at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:400)
    at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:203)
    at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:438)
    at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:427)
    at com.sap.engine.services.servlets_jsp.filters.DSRWebContainerFilter.process(DSRWebContainerFilter.java:38)
    at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
    at com.sap.engine.services.servlets_jsp.filters.ServletSelector.process(ServletSelector.java:80)
    at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
    at com.sap.engine.services.servlets_jsp.filters.ApplicationSelector.process(ApplicationSelector.java:268)
    at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
    at com.sap.engine.services.httpserver.filters.WebContainerInvoker.process(WebContainerInvoker.java:81)
    at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)
    at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
    at com.sap.engine.services.httpserver.filters.ResponseLogWriter.process(ResponseLogWriter.java:60)
    at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)
    at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
    at com.sap.engine.services.httpserver.filters.DefineHostFilter.process(DefineHostFilter.java:27)
    at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
    at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
    at com.sap.engine.services.httpserver.filters.MonitoringFilter.process(MonitoringFilter.java:29)
    at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
    at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
    at com.sap.engine.services.httpserver.filters.MemoryStatisticFilter.process(MemoryStatisticFilter.java:54)
    at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
    at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
    at com.sap.engine.services.httpserver.filters.DSRHttpFilter.process(DSRHttpFilter.java:42)
    at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
    at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
    at com.sap.engine.services.httpserver.server.Processor.chainedRequest(Processor.java:447)
    at com.sap.engine.services.httpserver.server.Processor$FCAProcessorThread.process(Processor.java:264)
    at com.sap.engine.services.httpserver.server.rcm.RequestProcessorThread.run(RequestProcessorThread.java:56)
    at com.sap.engine.core.thread.execution.Executable.run(Executable.java:115)
    at com.sap.engine.core.thread.execution.Executable.run(Executable.java:96)
    at com.sap.engine.core.thread.execution.CentralExecutor$SingleThread.run(CentralExecutor.java:315)
    Any help / hits are appreciated.
    Hope to get a prompt solution.
    best regards,
    Ajeet Phadnis

    Hi,
    I hope please upgrade SP01 to SP05.
    Please look at these two forums
    [forum1|Error executing webservice in BPM; and [forum2|Call to sr.esworkplace fails;
    Hope this is help full for u
    Regards
    Vijay

  • Run Labview as different windows user (for database connectivity)

    I have to connect to a corporate remote MSSQL-Database on the network, using the database connectivity toolkit for LabVIEW.
    The db-authentification is realized checking the windows user (ads) who acceses the datebase (not a database user / password which is standard in the database vis)
    Therefore I have to run LabVIEW as the defined windows user, different than the logged in user on the pc.
    Is that possible to realize with LabVIEW?
    Other Windows-tools allow to define the windows user/password which "run" an application - how can I do that with LabVIEW?

    Hi Zav.  There is a windows command 'runas' which _may_ let you do what you want; I haven't
    tried what you need to do, but is has worked for other tasks for us.  Try 'runas /?' for the switches.
    You will have to build your LV program into an executable, then use runas to launch it.  Is there
    a reason you can't just login to Windows as the required user?
    If you can get your db admin to allow dbuser/password authentication that would be a much better
    way to go.
    Matt

  • Not Authorized HTTP Error 401. The requested resource requires user authentication.

    Hi All,
    I have MDS web application on one server and MDS DB on another, both in same domain .
    MDS web application is created as new website on same IIS with SharePoint and have their own port assign
    In IIS Windows Authentication is added and enabled.
    Users do have function permission and module enabled.
    MDS is accessible only on server where web application is.
    When it is accessed from any computer within domain error is
    Not Authorized
    HTTP Error 401. The requested resource requires user authentication.
    Can anyone offer any suggestions?
    Thanks
    Zorko

    Hi Zorko,
    The issue may happen in case:
    1. The Master Data Service(MDS) web application is running under a domain user account
    2. You didn't register a Service Principal Name(SPN) for the account
    3. You are using fully qualified domain name(FQDN) or host name to access the MDS
    4. You are able to access the MDS by IP address(http://<ip address>)
    If I am right, it is because of the browser choose to use Kerberos authentication to connect to the MDS.
    So then, to fix the issue, please:
    Register SPN for the application pool account. Enable the delegation.
    Or, please force the web site to use NTLM authentication only.
    For more information, please see:
    How to use SPNs when you configure Web applications that are hosted on Internet Information Services:
    http://support.microsoft.com/kb/929650
    Forcing NTLM Authentication (IIS 6.0):
    http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/7258232a-5e16-4a83-b76e-11e07c3f2615.mspx?mfr=true
    Thanks,
    Jinchun Chen
    Jinchun Chen(JC)
    TechNet Community Support

  • Proxy User Authentication with SQL Developer

    Hello,
    I realized that there are 2 methods for configuring SQL Developer to user Proxy User Authentication.
    1) one-session method with Syntax:
    personaluser[appuser]
    2) two session-method with dialog "Proxy Connection"
    For me it is unclear, why anybody would want to use the two-session-method.
    a. you need username/password for both user acocunts (personaluser and appuser)
    b. it is unclear which operations in SQL Developer are using the personaluser account. It seems that the SQL Window is only using appuser account.
    What was the motivation to implement Two Session Method?
    Best regards,
    Martin

    I found the possibility that proxy authentication of both accounts can be enforced:
    SQL> alter user appuser grant connect through personaluser AUTHENTICATION REQUIRED;
    I guess that this is the motivation for implementing the 2-session proxy connection method in SQL Developer.
    Regards,
    Martin

Maybe you are looking for

  • Previewing data in UD Datasource (S:RSSDK:400 field is empty)

    Hi, I followed the steps in creating a datasource for UD connect interface. I was successful in saving and activating the datasource; however, when previewing the data, i am given the prompt: "S:RSSDK:400 field is empty." I double checked the databas

  • Iphone won't let me take pictures because it says I have no storage, but I've deleted all my apps

    I have the Iphone 4 (not the 4s) and never had any problems.  I share an ICloud account with my parents and sister, and now my iphone is saying I have no storage.  I deleted all my pictures and a majority of my apps and it still won't let me take any

  • Whats the check box good for?

    Greetings! I'm on a Monday roll. I got bit by a context menu so far so now lets try the check box. I've always been under the impression that the check box was an include/exclude thing its either on or off. Instance I was trying to burn a cd from a p

  • Can I create multiple blogs?

    Hi All, We want to use Blogs in a school setting and would like our students to be able to create a blog for each of their subjects (if required). Any ideas about a way to go about this? We are running SL Server. Cheers,

  • How do I obtain new serial numbers that work for CS5 InDesign on Yosemite?

    I purchased CS5 from Apple in 2010 and worked with it on various MacBooks and all has been fine until I moved to a new computer with Yosemite.  Serial numbers are no longer accepted.   Adobe Chat no longer supports "old" software like this!    Help i