WLST Script to Add Users in Domain

Similar Messages

• How to add user from domain A to a group in domain B

  How would you acheive adding a user from domain A to a group that is in domain B via powershell without the Quest cmdlets? I've been trying to figure this out for about a week now. Please let me know if the scripting guy has seen this issue before.
  LittleTech

  Hello jrv,
  Here's what i was trying to do. The two domains im working with have a trust between them.
  1. Create a user in External.Domain.Com
  2. Add the user in External.Domain.Com to GroupOne in ExternalDomain2.Domain.com
  3. The only knowledge that ExternalDomain2.Domain.Com would have about the account in External.Domain.Com is whatever is in the Global Catalog. Here is what im trying, but it isn't working.
  #Connecting to domain PSDrive
  New-PSDrive
  -Name
  ExternalDomain
  -PSProvider
  ActiveDirectory
  -Root
  -Server
  DC01.Domain.com
  cd
  ExternalDomain:
  #Create user
  #Add to ExternalDomain Groups
  $UserDN=Get-ADUser-LDAPFilter"(sAMAccountName=$UserID)"
  #Connecting to domain2 PSDrive 
  cd
  AD:
  $GroupDN="CN=Wireless
  Device Users,OU=Wireless,OU=Systems and Technology,DC=External,DC=Domain2,DC=Com"
  Add-ADGroupMember-Identity$GroupDN-Members(Get-ADObject-Identity$UserDN.DistinguishedName
  -Server"DC01.Domain.com:3268")
  Connecting via port 3268 allows me to talk to the global catalog instead of LDAP.
  I receive the following message: A Referral was returned from the server
  I know that if i connect using [ADSI] i am able to specify that the connection follows referrals, the AD cmdlets seem to not have that function. The Quest AD cmdlets do... I just dont want to have to use third party cmdlets to do what the AD cmdlets should
  be able to do in the first place.
  THanks,
  LittleTech

• Error when trying to add users

  Hi,
  I have BPC NW 7.5 SP 3 installed. From the client system I have opened Appshell and when I click on Users I am getting the following error
  "Could not find function module UJE_API_GET_ALL_TEAMS_DATA"
  I checked in ABAP in SE37 and it says that this function is not available.
  What could be the problem and the possible resolution.
  Thanks,
  Prasanth.

  Hi Prasanth,
  The function module UJE_API_GET_ALL_TEAMS_DATA is not exist in my system when i checked in SE37 but still iam able add users with Domain\id by selecting your domain in Available domain..
  Please let me still your facing same issue.
  Regards,
  Naresh.K

• Can't find sample WLST Scripts for OSB10gR3

  Hello,
  I have installed OSB 10gR3. I do not find sample WLST Scripts to create a OSB Domain etc. Sample scripts are available in ALSB 2.5 under C:\bea\alsb25\weblogic92\samples\server\examples\src\examples\wlst\online.
  Can you please post WLST Scripts for creating a ALSB Domain, cluster configuration etc for 10gR3.
  Thanks in advance.

  Hi,
  Pls choose custom install and choose Samples for Weblogic Server, Once installed check
  c:\beahome\wlserver_10.3\samples
  You will have samples for WLST
  http://edocs.bea.com/wls/docs100/config_scripting/intro.html#wp1034451

• Add users from several Active Directories in SAP BPC

  Hello everybody,
  Does anybody know if you can add users from several Active Directories in SAP BPC??
  In affirmative case, how can you add several Active Directories in SAP BPC??
  Thank you very much.
  Best regards,
  Fernando

  Hi,
  We almost have same issue to add users from several Active Directories.
  BPC server is in Domain A. We perform to add users from Domain B. Our trusted relation between AD is Domain B approve Domain A (unidirectional).
  We cannot get one user which is able to browse both AD. So we install BPC with a user which has rights to browse Domain A  and we use another user in COM+ component (OsoftUSerManage) which has right to browse Domain B.
  But it is not working : we encounter an issue (access denied) in web administration by adding users from Domain B.
  Any idea ?
  Env. : BPC 5.1 SP6

• Add users to a group from another Active Directory domain

  Hi Folks,
  I need add users in a group the active directory through the FIM 2010 R2.
  My scenery it is:
  Domain A with FIM 2010 R2 provisioning users for Domain B;
  I need get users the Domain B and add in group in Domain C.
  What's better way, create FIM portal for them, or create aditional script/development for FIM 2010 R2.
  Thanks a lot!
  Wilsterman Fernandes

  There are two approaches to do it.
  1st - easier - using FIM Portal/Service - just create a criteria based group that would be created in Domain C.
  2nd - more difficult, but you don't need FIM Service/FIM Portal - just export all users to one table in SQL and create a view, where a group and members (users from Domain B) are. It would be cheaper as you don't have to have FIM Service to do it. But if
  you have it, first is easier.
  If you found my post helpful, please give it a Helpful vote. If it answered your question, remember to mark it as an Answer.

• Error While running WLST script to create SOA Domain in Clustered Environme

  Hi,
  I am trying to run WLST script to create SOA Domain in clustered environment.The script is as follows.
  import sys
  print "@@@ Starting the script ..."
  global props
  from wlstModule import *#@UnusedWildImport
  from java.io import FileInputStream
  from java.io import File
  #=======================================================================================
  # Create Boot Properties File
  #=======================================================================================
  def createBootPropertiesFile(directoryPath, username, password):
  adminserverDir = File(directoryPath)
  bool = adminserverDir.mkdirs()
  fileNew=open(directoryPath + '/boot.properties', 'w')
  fileNew.write('username=%s\n' % username)
  fileNew.write('password=%s\n' % password)
  fileNew.flush()
  fileNew.close()
  def createNodeManagerPropertiesFile(directoryPath, username, password):
  adminserverDir = File(directoryPath)
  bool = adminserverDir.mkdirs()
  fileNew=open(directoryPath + '/nm_password.properties', 'w')
  fileNew.write('username=%s\n' % username)
  fileNew.write('password=%s\n' % password)
  fileNew.flush()
  fileNew.close()
  def createAdminStartupPropertiesFile(directoryPath, args):
  adminserverDir = File(directoryPath)
  bool = adminserverDir.mkdirs()
  fileNew=open(directoryPath + '/startup.properties', 'w')
  args=args.replace(':','\\:')
  args=args.replace('=','\\=')
  fileNew.write('Arguments=%s\n' % args)
  fileNew.flush()
  fileNew.close()
  I am getting the error :
  Problem invoking WLST - Traceback (innermost last):
  (no code object) at line 0
  File "D:\Oracle\Middleware\Oracle_SOA1\bin\SOADomainScript.py", line 11
  adminserverDir = File(directoryPath)
  ^
  SyntaxError: invalid syntax
  Do i need to set any jar in the classpath? Already jython.jar is available in the classapath.
  Thanks in advance.
  Regards,
  Subha

  Hi,
  I am trying to run WLST script to create SOA Domain in clustered environment.The script is as follows.
  import sys
  print "@@@ Starting the script ..."
  global props
  from wlstModule import *#@UnusedWildImport
  from java.io import FileInputStream
  from java.io import File
  #=======================================================================================
  # Create Boot Properties File
  #=======================================================================================
  def createBootPropertiesFile(directoryPath, username, password):
  adminserverDir = File(directoryPath)
  bool = adminserverDir.mkdirs()
  fileNew=open(directoryPath + '/boot.properties', 'w')
  fileNew.write('username=%s\n' % username)
  fileNew.write('password=%s\n' % password)
  fileNew.flush()
  fileNew.close()
  def createNodeManagerPropertiesFile(directoryPath, username, password):
  adminserverDir = File(directoryPath)
  bool = adminserverDir.mkdirs()
  fileNew=open(directoryPath + '/nm_password.properties', 'w')
  fileNew.write('username=%s\n' % username)
  fileNew.write('password=%s\n' % password)
  fileNew.flush()
  fileNew.close()
  def createAdminStartupPropertiesFile(directoryPath, args):
  adminserverDir = File(directoryPath)
  bool = adminserverDir.mkdirs()
  fileNew=open(directoryPath + '/startup.properties', 'w')
  args=args.replace(':','\\:')
  args=args.replace('=','\\=')
  fileNew.write('Arguments=%s\n' % args)
  fileNew.flush()
  fileNew.close()
  I am getting the error :
  Problem invoking WLST - Traceback (innermost last):
  (no code object) at line 0
  File "D:\Oracle\Middleware\Oracle_SOA1\bin\SOADomainScript.py", line 11
  adminserverDir = File(directoryPath)
  ^
  SyntaxError: invalid syntax
  Do i need to set any jar in the classpath? Already jython.jar is available in the classapath.
  Thanks in advance.
  Regards,
  Subha

• Example WLST scripts for creating clustered domain for soa suite 11.1.1.4?

  Hello,
  does anyone know sample wlst scripts for creating domain for soa suite 11.1.1.4 on top of weblogic 10.3.4?
  I try to create a domain having a cluster with two managed servers in two linux machines.
  Any help appreciated.
  regards, Matti

  Please refer -
  http://download.oracle.com/docs/cd/E17904_01/web.1111/e13715/domains.htm
  http://download.oracle.com/docs/cd/E17904_01/web.1111/e13715/intro.htm#WLSTG112
  Regards,
  Anuj

• How to add users to group which is present in another AD domain?

  Hi,
  Using JNDI how to add user as a member of group which is present in another AD domain?
  For example: In AD forest test.com their are two domain a.test.com and b.test.com. Group is present in a.test.com and I want to add user present in b.test.com as a member of the group.
  Any pointer around this would be great help.

  See the below link to get an idea on group types.
  http://technet.microsoft.com/en-us/library/cc755692(v=ws.10).aspx
  If the group is a universal group, you can just add members similar to local group even if user and group are in different domains. That is by setting the member attribute of the group.

• Error when trying to add users - The server is not operational [domain]

  Installed the admin console and went to start adding users to the system.  On the add users screen I select the domain and then get the following error:
  The server is not operational [domain]
  I looked this up in Service Notes and found this and found SN 1098415.
  The root cause indicated there is that the server is part of a WindowsNT domain and as such can't issue the LDAP query.
  This server is running in an active directory domain (not sure if it is 2000 or 2003, but it is AD nonetheless.
  Any thoughts?  There are no firewalls in-between the servers that provide AD and this server.
  McP

  I solved my problem.  For purposes of discussion let's call my Pre-Windows 2000 domain name ACME and my Windows 2000/2003 domain acme.net.
  After writing several manual VBScript LDAP queries (to take BPC out of the equation) I determined that the DC didn't want to answer to ACME.  It would only answer to acme.net.
  So, I went into Server Manager to "Define System User Groups" and updated the system user group "Domain Users" to look at acme.net for the domain name instead of just ACME.
  That did the trick - I am now able to see all the users in the domain.
  Thanks for all the suggestions.
  McP

• Cannot add users to new domains anymore

  I got messaging server and delegated admin to work just fine recently until I tried getting LDAP authentication to work so LDAP users could log into Sunrays.
  I used idsconfig and saw that it added a bunch of stuff to the directory so I deleted that stuff after I realized I couldn't add users to a new domain anymore. It just says "cannot create user - unknown error". I can still add users to old domains just fine.
  And I tried both DA and commadmin, neither work. Heres my Messaging server and DA version:
  Sun Java(tm) System Messaging Server 6.2-3.04 (built Jul 15 2005)
  libimta.so 6.2-3.04 (built 01:43:03, Jul 15 2005)
  SunOS testy.i-n-control.com 5.10 Generic_118822-25 sun4u sparc SUNW,Sun-Fire-V440
  Delegated Administrator 6.3-0.09
  I turned on debugging for DA and heres the output:
  TRACE [Wed Aug 02 10:10:47 MDT 2006] Default people container = ou=People,o=domain,dc=mail,dc=example,dc=com
  TRACE [Wed Aug 02 10:10:47 MDT 2006] ServerPushThread: setting stop flag
  TRACE [Wed Aug 02 10:10:47 MDT 2006] commTaskManager: progress thread stopped
  TRACE [Wed Aug 02 10:10:47 MDT 2006] com.iplanet.am.sdk.AMException: Unable to create entry.
       at com.iplanet.am.sdk.ldap.DirectoryManager.processInternalException(DirectoryManager.java:433)
       at com.iplanet.am.sdk.ldap.DirectoryManager.createUser(DirectoryManager.java:1046)
       at com.iplanet.am.sdk.ldap.DirectoryManager.createEntry(DirectoryManager.java:1525)
       at com.iplanet.am.sdk.AMDirectoryManager.createEntry(AMDirectoryManager.java:651)
       at com.iplanet.am.sdk.AMCacheManager.createEntry(AMCacheManager.java:337)
       at com.iplanet.am.sdk.AMObjectImpl.create(AMObjectImpl.java:1009)
       at com.iplanet.am.sdk.AMPeopleContainerImpl.createUser(AMPeopleContainerImpl.java:285)
       at sun.comm.cli.server.servlet.CreateUser.create(CreateUser.java:677)
       at sun.comm.cli.server.servlet.CreateUser.doTask(CreateUser.java:91)
       at sun.comm.cli.server.servlet.commTaskManager.execute(commTaskManager.java:196)
       at sun.comm.cli.server.servlet.commServlet.doPost(commServlet.java:90)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:807)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
       at org.apache.catalina.core.StandardWrapperValve.invokeServletService(StandardWrapperValve.java:771)
       at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:322)
       at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
       at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:212)
       at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
       at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:209)
       at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
       at com.iplanet.ias.web.connector.nsapi.NSAPIProcessor.process(NSAPIProcessor.java:161)
       at com.iplanet.ias.web.WebContainer.service(WebContainer.java:580)
  TRACE [Wed Aug 02 10:10:47 MDT 2006] After AM Exception , msg being sent is Unable to create entry.^324^NONE
  TRACE [Wed Aug 02 10:10:47 MDT 2006] in CLIPageData constructor:status = 1
  TRACE [Wed Aug 02 10:10:47 MDT 2006] commTaskManager - execute => generateOutput
  TRACE [Wed Aug 02 10:10:47 MDT 2006] In CLIPageGenerator ....
  TRACE [Wed Aug 02 10:10:47 MDT 2006] CLIPageGenerator - generateOutput : cliData.status = 1
  TRACE [Wed Aug 02 10:10:47 MDT 2006] CLIPageGenerator - generateOutput : CLIPageData.OK = 0
  TRACE [Wed Aug 02 10:10:47 MDT 2006] CLIPageGenerator - generateOutput : CLIPageData.FAIL = 1
  TRACE [Wed Aug 02 10:10:47 MDT 2006] Failed: Unable to create entry.^324^NONE
  TRACE [Wed Aug 02 10:10:47 MDT 2006] CLIPageGenerator - generateOutput - Printing successfull results
  TRACE [Wed Aug 02 10:10:47 MDT 2006] CLIPageGenerator - generateOutput - status => FAIL
  TRACE [Wed Aug 02 10:10:47 MDT 2006] CLIPageGenerator - generateOutput - message => Unable to create entry.^324^NONE
  TRACE [Wed Aug 02 10:10:48 MDT 2006] ServerPushThread: done
  TRACE [Wed Aug 02 10:10:48 MDT 2006] ServerPushThread: done
  TRACE [Wed Aug 02 10:10:49 MDT 2006] ServerPushThread: done
  TRACE [Wed Aug 02 10:10:58 MDT 2006] sun.comm.cli.server.servlet.commLDAPAuth: shutting down. Total access count = 1
  Message was edited by:
  nate.wheeler

  Frankly, I'm new to LDAP so I don't know really what
  changed.No time like the present to start learning.
  Its weird, I can do some things, but not
  others. Like I can assign service packages, but not
  change the login id or password of a user. So it
  doesn't look like amadmin can't change things.LDAP provides "ACI", or Access Control settings that can be changed, and create exactly the kinds of things you're looking at.
  The Directory Console can view ACI
  >
  The password encryption seemed to have changed from
  {SSHA} to {CRYPT}. Although I have no idea how to
  switch it back or where to look to see if it did.Unlikely to have made any difference. That should be transparent to the application using DS.
  Most of our applications don't compare the password entry, but attempt a BIND for that very reason.
  Again, I'd be looking at your LDAP access logs for a clue to what's happening.
  >
  Message was edited by:
  nate.wheeler

• OWLS Domain to WLST script Generation.

  Dears -
  Is there any way to generate the WLST script from already created domain?
  OWLS version : Any Version.
  Thanks in Advance !
  Regards,
  Justin.

  ConfigToScript
  http://weblogic-wonders.com/weblogic/2010/11/19/configtoscript-command/

• Add User to Group Behavior

  Hi all
  I found
  this post that explains the same issue I'm having, but the marked answer isn't relevant to my environment. I've built a user creation runbook, using 2012 R2 and this
  Active Directory Integration Pack. Everything works properly, except I'm getting strange security log events when using the Add User to Group activity.
  In one of the tests, I added a single user that was being created to about 100 different groups. Let's say one group has 50 members. When the user gets added to that group, the security audit shows that 50 users were removed from the group, and then those
  50 users were added back plus my new user. It shows this activity for every group that the user was added to. I get the following two actions for every member of the group:
  Member '-' was removed from 'Domain\Group' by 'Domain\User' on...
  Member 'DN of Member' was added to 'Domain\Group'...
  This is a problem because it makes our audit reports and notifications worthless since we'd have to read through all the noise to see an actual anomaly. I'm also concerned that if users are actually being removed and re-added to those groups, that there
  could be some consequences of that that we aren't seeing yet (i.e. application access interruptions, or what if the connection to AD is lost after removing the users but before adding them back in). Although I should say I'm not convinced that the users are
  actually being removed because as you can see above, no member information is recorded on the removal, and all the removals and additions have the same exact time stamp meaning they occurred within 1 second, which seems pretty fast given that some of our groups
  are large.
  Is this the intended behavior of the Add User to Group activity? If so, is there a workaround I can use to avoid this behavior? The next thing I'll try is using PowerShell to add the user to the group, but this option isn't ideal since the runbook will be
  managed by users who are not that familiar with scripting, so I'd like the solution to contain as little as possible.
  Thanks

  Hi,
  the issue of the AD IP 7.0 is reported here 
  http://social.technet.microsoft.com/Forums/de-DE/eef9cdda-774f-4b95-bd89-aa3f86feee9b/ad-integration-pack-add-user-to-group-activity-problem?forum=scoscip
  Try the up-to-date Version 7.2
  http://www.sc-orchestrator.eu/index.php/scoblog/115-updated-system-center-2012-r2-orchestrator-integration-packs-available
  Regards,
  Stefan
  www.sc-orchestrator.eu ,
  Blog sc-orchestrator.eu

• Does anybody have a WLST script for step-by-step cluster restart?

  Does anybody have a WLST script for step-by-step "smart" cluster restart?

  Dear SAM,
  are you looking for exchange 2013 installation. Please follow below link. I have done the same scenario as yours
  1. install first VM - 2012
  2. Static IP / loopback as primary DNS
  3. install ADDS /DNS (forwarder to ISP)
  4. install second VM - Static IP again
  5. DNS of second VM to be the IP of first VM
  6. this will join the domain
  7. installation of exchange will be simple, configuration from this link : http://www.techieshelp.com/exchange-2013-step-by-step-configuration/
  MARK AS USEFUL/ANSWER IF IT DID
  Thanks
  Happiness Always
  Jatin

• Need Help regarding wlst script

  Hi
  I am new to wlst scripting, I need to know how to add error handling in below script and how to unlock the invoke in case of error.
  below is the script
  connect(userConfigFile=str(gConfigFile), userKeyFile=str(gKeyFile), url=str(gAdminHost) + ':' + str(gAdminPort));
  print 'Connecting to Domain ...'
  domainCustom()
  cd ('oracle.biee.admin')
  print 'Connecting to BIDomain MBean ...'
  cd ('oracle.biee.admin:type=BIDomain,group=Service')
  objs = jarray.array([], java.lang.Object)
  strs = jarray.array([], java.lang.String)
  invoke('lock', objs, strs)
  cd ('..')
  cd ('oracle.biee.admin:type=BIDomain.BIInstance.ServerConfiguration,biInstance=coreapplication,group=Service')
  objs=jarray.array([newRPDlocation,newRPDpassword],Object)
  strs=jarray.array(['java.lang.String', 'java.lang.String'],String)
  invoke('uploadRepository', objs, strs)
  cd ('..')
  cd ('oracle.biee.admin:type=BIDomain,group=Service')
  objs = jarray.array([], java.lang.Object)
  strs = jarray.array([], java.lang.String)
  invoke('commit', objs, strs)
  disconnect()
  exit()
  Thanks
  Samit Baghla

  A handy link - http://docs.python.org/2/tutorial/errors.html
  An example (taken from - Middleware Snippets: Automate WebLogic 12.1.2 Deployment)
  def createFile(directory_name, file_name, content):
       dedirectory = java.io.File(directory_name);
       defile = java.io.File(directory_name + '/' + file_name);
       writer = None;
       try:
            dedirectory.mkdirs();
            defile.createNewFile();
            writer = java.io.FileWriter(defile);
            writer.write(content);
       finally:
            try:
                 print 'WRITING FILE ' + file_name;
                 if writer != None:
                      writer.flush();
                      writer.close();
            except java.io.IOException, e:
                 e.printStackTrace();