WLS .2 MP1: Windows NT authenticator on LINUX

Similar Messages

• NTLMv2 Authentication in Linux

  I am creating a web services client in Java that is intended to extract data from a sharepoint site. My code works in the windows environment but not in the Linux environment. Research lead me to write a java.net.Authenticator implementation as described by the Java Documentation on HTTP Authentication. The link is provided below:
  http://java.sun.com/javase/6/docs/technotes/guides/net/http-auth.html
  I am using JDK 1.6.0_06. the Sharepoint server requires NTLMv2 Authentication. In windows the authenticator is not called my login credentials are automatically used. In Linux, the authenticator is called and fails. The Linux stack trace is:
  java.io.IOException: Server returned HTTP response code: 500 for URL: http://myserver/sites/asite/_vti_bin/Lists.asmx?WSDL
  at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1241)
  at java.net.URL.openStream(URL.java:1009)
  at com.uboc.sharepoint.io.URLGetter.loadURLToStrings(URLGetter.java:26)
  at com.uboc.sharepoint.io.URLGetter.main(URLGetter.java:105)
  I tried every variation of the userid and password. This included:
  1 - Using the domain name as a prefix with a backslash seperator. (<DomainName>\<UserName>)
  2 - Using the system property -Dhttp.auth.ntlm.domain=<DomainName>
  3 - Omitting the domain name alltogether
  None of these work for me.
  Does anyone know whether Sun's Linux implementation of JDK 1.6 supports NTLMv2 authentication protocol?
  My authenticator code is as follows:
  import java.net.Authenticator;
  import java.net.PasswordAuthentication;
  public class WindowsAuthenticator extends Authenticator {
       private String user;
       private String password;
       public WindowsAuthenticator()
            super();
       public WindowsAuthenticator(String user, String password)
            this.user = user;
            this.password = password;
       @Override
       protected PasswordAuthentication getPasswordAuthentication()
            PasswordAuthentication auth;
          System.out.println("RequestingHost=" + this.getRequestingHost());
          System.out.println("RequestingProtocol=" + this.getRequestingProtocol());
          System.out.println("RequestingPort=" + this.getRequestingPort());
          System.out.println("RequestingScheme=" + this.getRequestingScheme());
          System.out.println("RequestingPrompt=" + this.getRequestingPrompt());
          System.out.println("RequestingSite=" + this.getRequestingSite());
          System.out.println("RequestingURL=" + this.getRequestingURL().toString());
          if (this.getRequestorType() == Authenticator.RequestorType.PROXY)
              System.out.println("RequestType=PROXY");
          else if (this.getRequestorType() == Authenticator.RequestorType.SERVER)
              System.out.println("RequestType=SERVER");
          System.out.println("UserID=\"" + this.getUser() +"\"");
          System.out.println("Password=\"" + this.getPassword()+ "\"");
            auth = new PasswordAuthentication(this.user, this.password.toCharArray());
            return auth;
       * @return the password
      public String getPassword()
          return password;
       * @param password the password to set
      public void setPassword(String password)
          this.password = password;
       * @return the user
      public String getUser()
          return user;
       * @param user the user to set
      public void setUser(String user)
          this.user = user;
  My URLGetter Code is as follows
  import java.io.BufferedReader;
  import java.io.File;
  import java.io.FileNotFoundException;
  import java.io.FileOutputStream;
  import java.io.IOException;
  import java.io.InputStreamReader;
  import java.io.PrintStream;
  import java.net.Authenticator;
  import java.net.URL;
  import java.util.ArrayList;
  public class URLGetter {
      public static ArrayList<String> loadURLToStrings( URL url )
      throws IOException
         String inputLine;
         ArrayList<String> lines = new ArrayList<String>();
          ** get an input stream for the URL
         BufferedReader in = new BufferedReader(new InputStreamReader(url.openStream()));
         ** Move the data. OK maybe buffered IO might improve performance.
         while ( (inputLine = in.readLine()) != null )
             lines.add(inputLine);
         ** Close the stream
         in.close();
         return lines;
       * @param args URL, outputFile, userid, password
      public static void main(String[] args)
          String url      = null;
          String outFile  = null;
          String user     = null;
          String password = null;
          PrintStream out = null;
          WindowsAuthenticator auth = null;
          try
               * Get the URL
              if (args.length > 0 )
                  url = args[0];
              else
                  System.err.println("Error: URL not specified.");
                  cmdLineInfo();
                  System.exit(1);
               * Get the output file name
              if (args.length > 1 )
                  outFile = args[1];
                  out     = setupPrintStream( outFile);
              else
                  out = System.out;
                  System.err.println("Using stdout.");
               * Get the userid
              if (args.length > 2 )
                  user = args[2];
                  auth = new WindowsAuthenticator();
                  auth.setUser(user);
                  Authenticator.setDefault(auth);
                  System.err.println("userid specified.");
               * Get the password
              if (args.length > 3 )
                  password = args[3];
                  auth.setPassword(password);
                  System.err.println("password specified.");
               * Download the URL
                 ArrayList<String> data = loadURLToStrings(new URL( url ));
                 for ( int i = 0; i < data.size(); i++)
                      out.println( data.get(i));
            catch (Exception e)
                 e.printStackTrace();
       *  Prints the command line parameters to the console
      public static void cmdLineInfo()
          System.err.println("Usage: java [options] URLGetter URL outputFileName [userid] [password]");
          System.err.println("Where command line parameters include:");
          System.err.println("URL          The full qualified URL or address of the information to download.");
          System.err.println("outputFile   The name of the file to save downloaded info.");
          System.err.println("userid       The optional username when the URL requires login.");
          System.err.println("password     The optional password when the URL requires login.");
       * Setup output File
       * @param fileName
       *        file that will be used to create an output file 
      public static PrintStream setupPrintStream( String fileName ) throws FileNotFoundException
          PrintStream out  = null;
          File        file = new File( fileName );
          file.delete();
          FileOutputStream stream  = new FileOutputStream(fileName, true);
          out     = new PrintStream( stream );
          return out;
  }

  It's an old post but the basic problem is that the code shown doesn't implement NTLMv2 authentication at all. It just implements basic password authentication.
  Does anyone know whether Sun's Linux implementation of JDK 1.6 supports NTLMv2 authentication protocol?@OP: you should have read the link you provided! It clearly says that NTLM authentication via java.net.Authenticator only works on Windows platforms, and it works by not calling your installed Authenticator. If yours gets called, it is not working or not available.
  There are other problems:
  public static PrintStream setupPrintStream( String fileName ) throws FileNotFoundException
  PrintStream out  = null;
  File        file = new File( fileName );
  file.delete();
  FileOutputStream stream  = new FileOutputStream(fileName, true);
  out     = new PrintStream( stream );
  return out;
  }All that could be reduced to new PrintStream(new FileOutputStream(fileName), false). You don't even need the method.

• Windows Native Authentication with 2 (multiple) AD domains

  I have managed to get Windows Native Authentication for Oracle Application Server 10g (9.0.4) on Windows working. The following has been done and works in a test environment:
  Phase 1) Active Directory (AD) to Oracle Internet Directory (OID) Synchronization
  Phase 2) Configure a Kerberos Service Account for the Single Sign-on
  Currently all the above setup points to a single windows active directory server, i.e. active1.uk.oacle.com. This is acceptable for a test environment, but before the changes can be deployed to production I need to incorporate some disaster recovery.
  The active directory is replicated across multiple servers – i.e. active1.uk.oacle.com, active2.uk.oacle.com. In the event that the primary active directory server is unavailable Oracle users should still be able to access applications. I need to incorporate active2.uk.oacle.com into the above setup.
  Questions:
  1)Can I get away with not incorporating active2.uk.oacle.com into phase 1. If the users have been pulled into OID then we are not particular concerned with pulling in new users in a disaster situation.
  2)Can I configure the Oracle side of the Kerberos setup to use multiple realms with an order or precedence – i.e. try active1.uk.oacle.com, then try active2.uk.oacle.com. I would generate a keytab file from each server.
  Ideally I would like to just modify the Kerberos setup to check active1.uk.oacle.com then active2.uk.oacle.com. Is this a workable approach? If yes how do I proceed? I believe the krb5.ini and opmn.xml need to be amended.
  Thanks

  Does anyone have any ideas on how to do this????

• Windows domain authentication on Oracle Secure Global Desktop

  Hello,
  I made an upgrade of my oracle secure global desktop 4.62 version to 5.1 version.
  The problem is, I was using Windows Domain Authentication in 4.62 and this kind of authentication is not available in the 5.1 version.
  So now, my users cannot log in the application.
  Do you have a solution ?
  Thanks

  What are you authenticating to specifically?  An AD server?  Are you using any of the supported authentication mechanisms now supported?
  http://docs.oracle.com/cd/E41492_01/E41495/html/sgd-authentication.html#system-authentication-mechanisms-table

• Windows Integrated Authentication on an ABAP data source

  Dear Experts,
  I have to implement Windows Integrated Authentication in my portal. By using Kerberos & SPNEGO, we can implement very easily if portal user id & windows (ADS) user id is same. But my scenario is windows id & portal id is different & data source is already configured as ABAP. Can you suggest me how we can achieve this requirement.
  Regards,
  VENU

  Hi,
  isnt the property krb5principalname used to define the mapping of the user ID when you cannot use the AD standard samaccountname?
  I think that the mapped user ID (as provided by krb5principalname) must be identically with the ABAP userID. When the ABAP user ID isn't present in the LDAP information, SSO won't be possible. Somehow he needs to publish the ABAP user ID into the AD.
  SAP Help:
  http://help.sap.com/SAPHELP_NW70EHP1/helpdata/EN/43/4c363ac31e30f3e10000000a11466f/frameset.htm
  http://help.sap.com/SAPHELP_NW70EHP1/helpdata/EN/43/4c3725aeaf30b4e10000000a11466f/frameset.htm
  br,
  Tobais

• [Solved]dual boot windows 7 and arch linux

  I have successfully installed arch linux dual boot with the original win7 on my PC. If I only use linux, then the system works well. The problem is that once I boot into Win7 then after reboot, the linux boot manager will stop working and the system always boots into windows automatically. My guess is Win7 automatically repair the boot loader.
  My current solution is whenever I have finished using Windows, I'll boot with my linux USB installation, and run "gummiboot --path=/boot install". Afterwards, linux will work fine. But I believe there must be a better solution. Any help will be appreciated.
  I have UEFI board by the way.
  Last edited by jl2014 (2015-04-19 17:35:57)

  Thanks for all your help first! I have tried Head_on_a_Stick's suggestions as the first step. Here is what I did. I have created :
  $ cat /boot/loader/entries/windows.conf
  title Windows
  efi /EFI/hidden/Boot/bootmgfw.efi
  The window boot path was :
  /boot/EFI/Microsoft/Boot/bootmgfw.efi
  and I changed
  /boot/EFI/Microsoft
  to
  /boot/EFI/hidden
  After reboot, I clicked 'Windows' option on the linux boot manager. Below are the error messages:
  Windows failed to start.
  File: \EFI\Microsoft/Boot/BCD
  Info: An error occurred while attempting to read the boot configuration data.
  Any idea what goes wrong?
  I'll try other suggestions soon. Thanks all of you again.
  Last edited by jl2014 (2015-04-19 00:03:33)

• Where to download and how to install X Window System for Oracle Linux 5 ?

  Folks,
  Hello. I am using Oracle Linux 5 and Oracle Database 11g for PIA.
  Before install Oracle DB 11g into Oracle Linux 5, we need to install X Window System according to the document page 2 http://download.oracle.com/docs/cd/B28359_01/install.111/b32285.pdf
  But I don't know where to download and how to install X Window System for Oracle Linux 5.
  Can any folk provide a link to download X Window System and tutorial to install it for Oracle Linux 5 ?

  You can address the problem in a number of different ways.
  You can install X-windows from the installation DVD or setup access to the Oracle public software repository as described in http://public-yum.oracle.com. In which case, the command to install X-windows is: yum groupinstall "X Window System"
  Or, you login remotely and and use SSH with X-forwarding, in which case the software on the server will use the X-Windows server on your client system. This is probably the preferred way since you do not have X-windows installed on the server. For more details about SSH forwarding and howto, please see Install Oracle 11gR2 on Ubuntu Linux 11.04 (64-bit) Howto part 2 Oracle Universal Installer.

• S10e -- Can I install Windows XP onto my Linux-Netbook and same way Linux on Windows Netbook?

  Hello all,
  I wanna buy a S10e and I still have one question:  
  Can I install Windows XP onto my Linux-Netbook and same way Linux on my Windows Netbook?
  I wanna use Suse for all my net applications and still wanna Windows for just old games running on a long trip as flights ect..
  Is it possible? Install booth?
  Thanks 
  Message Edited by ykin on 01-24-2009 12:43 PM

  Boot Camp will only let you install onto an internal disk. This is largely because of Windows restrictions, not Mac OS restrictions. The beta thread has some supposed approaches to let you do this, using manual steps instead of using Boot Camp Assistant.
  Doug

• WLS 7.0 Active Directory authenticator - problems starting managed server (Solaris 8)

  Has anyone managed to setup a WLS 7.0 Active Directory authenticator and booted
  a managed server using the node manager? I can boot the server without the AD
  authenticator and I can also boot the server using a script and successfully authenticate
  through AD. My AD control flag is set to OPTIONAL and I have also setup a default
  authenticator to boot weblogic - the control flag here is set to SUFFICIENT. This
  configuration works fine with weblogic running on W2K, but not on Solaris (it
  looks like the control flag is being ignored). Errors as follows
  ####<Oct 1, 2002 1:59:08 PM BST> <Info> <Logging> <mymachine> <server01> <main>
  <kernel identity> <> <000000> <FileLo
  gger Opened at /opt/app/live/appserver/domains/test/NodeManager/server01/server01.log>
  ####<Oct 1, 2002 1:59:09 PM BST> <Info> <socket> <mymachine> <server01> <main>
  <kernel identity> <> <000415> <System
  has file descriptor limits of - soft: 1,024, hard: 1,024>
  ####<Oct 1, 2002 1:59:09 PM BST> <Info> <socket> <mymachine> <server01> <main>
  <kernel identity> <> <000416> <Using e
  ffective file descriptor limit of: 1,024 open sockets/files.>
  ####<Oct 1, 2002 1:59:09 PM BST> <Info> <socket> <mymachine> <server01> <main>
  <kernel identity> <> <000418> <Allocat
  ing: 3 POSIX reader threads>
  ####<Oct 1, 2002 1:59:19 PM BST> <Critical> <WebLogicServer> <mymachine> <server01>
  <main> <kernel identity> <> <0003
  64> <Server failed during initialization. Exception:weblogic.security.service.SecurityServiceRuntimeException:
  Problem instantiating
  Authentication Providerjavax.management.RuntimeOperationsException: RuntimeException
  thrown by the getAttribute method of the Dynam
  icMBean for the attribute Credential>
  weblogic.security.service.SecurityServiceRuntimeException: Problem instantiating
  Authentication Providerjavax.management.RuntimeOper
  ationsException: RuntimeException thrown by the getAttribute method of the DynamicMBean
  for the attribute Credential
  at weblogic.security.service.PrincipalAuthenticator.initialize(PrincipalAuthenticator.java:186)
  at weblogic.security.service.PrincipalAuthenticator.<init>(PrincipalAuthenticator.java:236)
  at weblogic.security.service.SecurityServiceManager.doATN(SecurityServiceManager.java:1506)
  at weblogic.security.service.SecurityServiceManager.initializeRealm(SecurityServiceManager.java:1308)
  at weblogic.security.service.SecurityServiceManager.loadRealm(SecurityServiceManager.java:1247)
  at weblogic.security.service.SecurityServiceManager.initializeRealms(SecurityServiceManager.java:1364)
  at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:1107)
  at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:703)
  at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:588)
  at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:276)
  at weblogic.Server.main(Server.java:31)
  ####<Oct 1, 2002 1:59:19 PM BST> <Emergency> <WebLogicServer> <mymachine> <server01>
  <main> <kernel identity> <> <000
  342> <Unable to initialize the server: Fatal initialization exception
  Throwable: weblogic.security.service.SecurityServiceRuntimeException: Problem
  instantiating Authentication Providerjavax.management.
  RuntimeOperationsException: RuntimeException thrown by the getAttribute method
  of the DynamicMBean for the attribute Credential
  weblogic.security.service.SecurityServiceRuntimeException: Problem instantiating
  Authentication Providerjavax.management.RuntimeOper
  ationsException: RuntimeException thrown by the getAttribute method of the DynamicMBean
  for the attribute Credential
  at weblogic.security.service.PrincipalAuthenticator.initialize(PrincipalAuthenticator.java:186)
  at weblogic.security.service.PrincipalAuthenticator.<init>(PrincipalAuthenticator.java:236)
  at weblogic.security.service.SecurityServiceManager.doATN(SecurityServiceManager.java:1506)
  at weblogic.security.service.SecurityServiceManager.initializeRealm(SecurityServiceManager.java:1308)
  at weblogic.security.service.SecurityServiceManager.loadRealm(SecurityServiceManager.java:1247)
  at weblogic.security.service.SecurityServiceManager.initializeRealms(SecurityServiceManager.java:1364)
  at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:1107)
  at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:703)
  at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:588)
  at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:276)
  at weblogic.Server.main(Server.java:31)

  Solved the problem. The 'domain root' directory specified in the remote start configuration,
  must contain a copy of the file 'SerializedSystemIni.dat' that was created along
  with the domain, in order to boot when an AD authenticator is configured. If an
  AD authenticator is not configured, no file is required. This was not a platform
  specific issue; on Win2K I had configured the 'domain root' remote start parameter
  to point to an existing domain root and not a new directory.
  "Andrew Walker" <[email protected]> wrote:
  >
  Has anyone managed to setup a WLS 7.0 Active Directory authenticator
  and booted
  a managed server using the node manager? I can boot the server without
  the AD
  authenticator and I can also boot the server using a script and successfully
  authenticate
  through AD. My AD control flag is set to OPTIONAL and I have also setup
  a default
  authenticator to boot weblogic - the control flag here is set to SUFFICIENT.
  This
  configuration works fine with weblogic running on W2K, but not on Solaris
  (it
  looks like the control flag is being ignored). Errors as follows
  ####<Oct 1, 2002 1:59:08 PM BST> <Info> <Logging> <mymachine> <server01>
  <main>
  <kernel identity> <> <000000> <FileLo
  gger Opened at /opt/app/live/appserver/domains/test/NodeManager/server01/server01.log>
  ####<Oct 1, 2002 1:59:09 PM BST> <Info> <socket> <mymachine> <server01>
  <main>
  <kernel identity> <> <000415> <System
  has file descriptor limits of - soft: 1,024, hard: 1,024>
  ####<Oct 1, 2002 1:59:09 PM BST> <Info> <socket> <mymachine> <server01>
  <main>
  <kernel identity> <> <000416> <Using e
  ffective file descriptor limit of: 1,024 open sockets/files.>
  ####<Oct 1, 2002 1:59:09 PM BST> <Info> <socket> <mymachine> <server01>
  <main>
  <kernel identity> <> <000418> <Allocat
  ing: 3 POSIX reader threads>
  ####<Oct 1, 2002 1:59:19 PM BST> <Critical> <WebLogicServer> <mymachine>
  <server01>
  <main> <kernel identity> <> <0003
  64> <Server failed during initialization. Exception:weblogic.security.service.SecurityServiceRuntimeException:
  Problem instantiating
  Authentication Providerjavax.management.RuntimeOperationsException:
  RuntimeException
  thrown by the getAttribute method of the Dynam
  icMBean for the attribute Credential>
  weblogic.security.service.SecurityServiceRuntimeException: Problem instantiating
  Authentication Providerjavax.management.RuntimeOper
  ationsException: RuntimeException thrown by the getAttribute method of
  the DynamicMBean
  for the attribute Credential
  at weblogic.security.service.PrincipalAuthenticator.initialize(PrincipalAuthenticator.java:186)
  at weblogic.security.service.PrincipalAuthenticator.<init>(PrincipalAuthenticator.java:236)
  at weblogic.security.service.SecurityServiceManager.doATN(SecurityServiceManager.java:1506)
  at weblogic.security.service.SecurityServiceManager.initializeRealm(SecurityServiceManager.java:1308)
  at weblogic.security.service.SecurityServiceManager.loadRealm(SecurityServiceManager.java:1247)
  at weblogic.security.service.SecurityServiceManager.initializeRealms(SecurityServiceManager.java:1364)
  at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:1107)
  at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:703)
  at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:588)
  at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:276)
  at weblogic.Server.main(Server.java:31)
  ####<Oct 1, 2002 1:59:19 PM BST> <Emergency> <WebLogicServer> <mymachine>
  <server01>
  <main> <kernel identity> <> <000
  342> <Unable to initialize the server: Fatal initialization exception
  Throwable: weblogic.security.service.SecurityServiceRuntimeException:
  Problem
  instantiating Authentication Providerjavax.management.
  RuntimeOperationsException: RuntimeException thrown by the getAttribute
  method
  of the DynamicMBean for the attribute Credential
  weblogic.security.service.SecurityServiceRuntimeException: Problem instantiating
  Authentication Providerjavax.management.RuntimeOper
  ationsException: RuntimeException thrown by the getAttribute method of
  the DynamicMBean
  for the attribute Credential
  at weblogic.security.service.PrincipalAuthenticator.initialize(PrincipalAuthenticator.java:186)
  at weblogic.security.service.PrincipalAuthenticator.<init>(PrincipalAuthenticator.java:236)
  at weblogic.security.service.SecurityServiceManager.doATN(SecurityServiceManager.java:1506)
  at weblogic.security.service.SecurityServiceManager.initializeRealm(SecurityServiceManager.java:1308)
  at weblogic.security.service.SecurityServiceManager.loadRealm(SecurityServiceManager.java:1247)
  at weblogic.security.service.SecurityServiceManager.initializeRealms(SecurityServiceManager.java:1364)
  at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:1107)
  at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:703)
  at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:588)
  at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:276)
  at weblogic.Server.main(Server.java:31)

• DAC 10.1.3.4.1 Server on Windows (64 bit) and Linux x86 (64 bit)?

  Hi Friends,
  Please confirm wheteher Oracle Business Intelligence Data Warehouse Administration Console 10.1.3.4.1 Server is supported on
  Windows (64 bit) and Linux x86 (64 bit)
  Because from edelivery.oracle.com i could see the downloads only for windows and Linux and not specified as 32/64 - bit
  so will it mean that the same dump is used for both 32 and 64 bit
  1) Oracle Business Intelligence Data Warehouse Administration Console 10.1.3.4.1 for Microsoft Windows (V16377-01)
  can the above dump is used for both 32 and 64 bit windows?
  2) Oracle Business Intelligence Data Warehouse Administration Console 10.1.3.4.1 for Linux x86 (V16378-01)
  can the above dump is used for both 32 and 64 bit Linux?
  The reason is because for OBIA 7.9.6.3 configuration both the Informatica Power Centre and DAC Server should co-exist
  and i could see seperate installer for 32 and 64 bit for both Windows and Linux whereas i couldn't see it for DAC Server
  Please confirm .
  Regards,
  DB

  It is supported on both platforms. With Linux however, if you have any issues you can to install in a windows environment, then copy over the folder structure. Also, you can possibly run into issues running the setup.exe on 64bit windows. When you open the install directory, go to dac/disk1/install and run the executable for win32. win64bit can return an error where it says it cannot create certain temp directories. It is a known java bug you can find in the support website.
  Edited by: user12838563 on Jul 13, 2011 11:35 PM

• Prerequisites for Using Windows NTLM Authentication

  Hi,
  One of the prerequisites for using Windows NTLM Authentication, mentioned on help.sap.com documentation, is:
  - The user’s Web browser must be a Microsoft Internet Explorer
  This means that users not using Internet Explorer can’t authenticate using other web browser (Firefox and Netscape).
  In PAM, SAP says that web browser based on mozzila 1.7.x is also supported, and from this version on, Firefox and Netscape, both, support NTLM.
  NTLM Authentication in portal, still be supported with IE web browser?
  Thanks and Regards,
  Paul

  Hi Paul,
  I suspect that although it may not be officially supported, it will work.  The main thing is that a frontend web server perform the NTLM authentication and pass the header variable back to the J2EE engine.  By the time the header gets back to the J2EE engine, I dont think the portal has any idea how the header REMOTE_USER was generated, just that it was.
  Not positive though, as I havent tested the scenario you describe below..just thought I'd throw in my two cents.
  Marty

• I had migrated Oracle 10g database from Windows to Oracle 11g Linux

  I had migrated Oracle 10g database from Windows to Oracle 11g Linux.  The database is performing very slow.
  Please guide me where I have to begin (starting point) looking into it.
  Some document stated gather system statistics.  How to check system statistics is up to date
  What are the crucial initialization parameter ?

  Hi,
  Let me just point you out to the documentation, which may concern you:
  I had migrated Oracle 10g database from Windows to Oracle 11g Linux.  The database is performing very slow.
  Managing Optimizer Statistics
  How to check system statistics is up to date
  Managing Optimizer Statistics
  What are the crucial initialization parameter ?
  Configuring a Database for Performance
  Thanks &
  Best Regards,

• Windows Native Authentication from Windows 7

  Has anyone successfully tested SSO with Windows Native authentication from a windows 7 client ?
  I have a working setup with SSO on OID 10.1.4.3 but with windows 7 client I get the fallback login prompt instead of automatic login.
  I have got a workaround from support but it still does not work:
  - on the client Windows7 PC to to PC security policies (Policies -> Network Security -> Configure encryption types allowed for Kerberos) and select all of them EXCEPT the “Allow future types” option;
  - change the value of HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SuppressExtendedProtection = REG_DWORD with a value of 3 (please take a backup of the registry settings before any change).
  Thanks // Kerstin

  Apply patch 6915917 solves the problem

• Over-ride Windows NT Authentication

  Hi All,
  I want to know something about Windows NT Authentication.
  What is the URL when the user is directly logged in to the Portal. Can I parameterize the URL. Is it possible to override the Windows NT Authentication by giving the user parameter in URL. If yes, then what should be the user parameter.
  Regards
  Nikhil Bansal

  Hi,
  Check the below link it will be useful....
  http://help.sap.com/saphelp_nw04/helpdata/en/a3/e5a0404dd52b54e10000000a1550b0/frameset.htm
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/ee62e690-0201-0010-a480-870c17642aac
  http://help.sap.com/saphelp_nw04s/helpdata/en/8f/ae29411ab3db2be10000000a1550b0/frameset.htm

• Establish Windows NT authentication

  Hi,
  I would be interested in establish a Windows NT authentication method my Hyperion EPM system. I have been checking the EPM Security Guide and I haven't foind any reference to this method. Do you know if it is possible configure this kind of authentication?

  Is your web/app java? Such as tomcat? There is no NT option in tomcat or other java app server. You must set up AD authentication and kerberos to use AD on a java/app.
  Migrating an existing istallaion from NT o AD is much simplier than i would seem. There are SAP notes on the subject or you can open a case with he authentication team. Basically rename your goups and remapp them into AD(using the original name). Then configure kerberos to login.
  Regards,
  Tim