• RELEVANCY SCORE 4.44

    DB:4.44:Problem With Ldap Configuration In Emgc 8d




    Hi All,

    I am trying to configure a OID LDAP instance in grid control. As part of the LDAP instance configuration I am providing cn=orcladmin and its password as suggested in inline help. But I am getting metrics collection errors "ORA-01017: invalid username/password; logon denied". When I try LDAP bind from command line with same cn=orcladmin and password LDAP bind is successful. I could not understand what went wrong, is the problem in EMGC LDAP configuration settings or LDAP instance itself? Please help me.

    thanks in advance.

    regards,
    Ashok Chava

    DB:4.44:Problem With Ldap Configuration In Emgc 8d

    Check that you have the correct Preferred Credentials with Logon as batch job if this is windows. Also check the correct configuration with regards LDAP integration for you platform.

  • RELEVANCY SCORE 2.99

    DB:2.99:Thread: Gwia Configuration Problem With Ldap d9




    hi,

    can\'t configurate die Internet Agent Setup, because LDAP-Login doesn\' work.

    Error LDAP-Login.

    LDAP-Login is cn=admin,o=domain

    can sombody help?

    no other LDAP server runs

    Server: SUSe Linux

    DB:2.99:Thread: Gwia Configuration Problem With Ldap d9

    See the two recent threads on this in gwia forum

    peter@whx.de wrote in message

    news:SrKzg.1818$P35.159@prv-forum2.provo.novell.com...

    hi,

    can\'t configurate die Internet Agent Setup, because LDAP-Login doesn\'

    work.

    Error LDAP-Login.

    LDAP-Login is cn=admin,o=domain

    can sombody help?

    no other LDAP server runs

    Server: SUSe Linux

  • RELEVANCY SCORE 2.91

    DB:2.91:Thread: Ldap Ssl Configuration Problem ks




    I have a GW 7.0.3 system running on SLES 9. I have setup my users to authenticate via LDAP. I\'m trying to implement LDAP w/ SSL but am having problems. I\'ve followed many Novell docs and Google searches that I can find, but am still having problems.

    When trying to login with the GW client, I get LDAP failure detected. Webaccess login also does not work.

    My POA log shows this:

    Negotiated SSL succsesfully on socket:9 with ::ffff:ip_address_GW_system

    Initializing Secured LDAP session with ip_address at port 636 using SSL Key file /root/TrustedRootCert.der

    LDAP Error: 81

    LDAP Error: Can\'t contact LDAP server

    Error: LDAP failure detected [D06B] User:user_account_on_GW_system

    ..........................

    Any thoughts......if I disable SSL, then LDAP works fine.

    Thanks.

  • RELEVANCY SCORE 2.86

    DB:2.86:View Setup Failing With Check_Database_Create.Dif Check_Install_Oh.Dif 38


    Trying to create a view with the latest label: EMGC_MAIN_LINUX.X64_130417

    Consistently failing with these difs check_database_create.dif check_install_oh.dif

    If I look into the contents of the difs. I see the following lines

    /ade/asrajase_lrg_emg555/emgc/env_file: line 703: GARBAGE_QUESTION_MARK: command not found
    /ade/asrajase_lrg_emg555/emgc/env_file: line 1729: GARBAGE_QUESTION_MARK: command not found
    Processing "/ade/asrajase_lrg_emg555/oracle/emdev/utl/common.sh" ...make[3]: Entering directory `/scratch/asrajase/view_storage/asrajase_lrg_emg555/emgc/emxa'
    make[4]: Entering directory `/scratch/asrajase/view_storage/asrajase_lrg_emg555/emgc/emxa'

    /ade/asrajase_lrg_emg555/emgc/env_file: line 703: GARBAGE_QUESTION_MARK: command not found
    /ade/asrajase_lrg_emg555/emgc/env_file: line 1729: GARBAGE_QUESTION_MARK: command not foundI commented out these entries in env_file, but still I keep hitting at the same dif.

    I also did a ade cleanview and try to setup again, but same issue.

    DB:2.86:View Setup Failing With Check_Database_Create.Dif Check_Install_Oh.Dif 38

    Trying to create a view with the latest label: EMGC_MAIN_LINUX.X64_130417

    Consistently failing with these difs check_database_create.dif check_install_oh.dif

    If I look into the contents of the difs. I see the following lines

    /ade/asrajase_lrg_emg555/emgc/env_file: line 703: GARBAGE_QUESTION_MARK: command not found
    /ade/asrajase_lrg_emg555/emgc/env_file: line 1729: GARBAGE_QUESTION_MARK: command not found
    Processing "/ade/asrajase_lrg_emg555/oracle/emdev/utl/common.sh" ...make[3]: Entering directory `/scratch/asrajase/view_storage/asrajase_lrg_emg555/emgc/emxa'
    make[4]: Entering directory `/scratch/asrajase/view_storage/asrajase_lrg_emg555/emgc/emxa'

    /ade/asrajase_lrg_emg555/emgc/env_file: line 703: GARBAGE_QUESTION_MARK: command not found
    /ade/asrajase_lrg_emg555/emgc/env_file: line 1729: GARBAGE_QUESTION_MARK: command not foundI commented out these entries in env_file, but still I keep hitting at the same dif.

    I also did a ade cleanview and try to setup again, but same issue.

  • RELEVANCY SCORE 2.86

    DB:2.86:Thread: Ldap 1m


    I\'m still trying to install NLSBS 9 and have another question. When asked

    for the User Authentication Method, on a previous installation attempt, I

    specified Local (/etc/passwd) which is what I understood I should choose

    according to the documentation. Later on, however, I ended up not being

    able to authenticate to eDirectory and got a message saying that this was

    likely related to LDAP either not being configured or not having been

    activated in eDirectory. I didn\'t think that specifying Local during the

    base installation (instead of NIS or LDAP) would have an effect on the

    eDirectory installation/configuration because the documentation said to

    select Local.

    So, my question is: Which should I select here (LDAP or Local) and why

    would I have had a problem with LDAP authentication in eDirectory later

    on? Hope this makes sense.

    Thanks!

    DB:2.86:Thread: Ldap 1m

    I decided to use Local (as I had done before). This time, there were no

    problems with the later installation of eDirectory or with authenticating

    to eDirectory. So, I\'m not sure what caused the error the first time, but

    simply going through the installation again seemed to fix the problem.

    Everything worked perfectly the second time around. Go figure.

    I\'m still trying to install NLSBS 9 and have another question. When

    asked

    for the User Authentication Method, on a previous installation attempt,

    I

    specified Local (/etc/passwd) which is what I understood I should

    choose

    according to the documentation. Later on, however, I ended up not being

    able to authenticate to eDirectory and got a message saying that this

    was

    likely related to LDAP either not being configured or not having been

    activated in eDirectory. I didn\'t think that specifying Local during

    the

    base installation (instead of NIS or LDAP) would have an effect on the

    eDirectory installation/configuration because the documentation said to

    select Local.

    So, my question is: Which should I select here (LDAP or Local) and why

    would I have had a problem with LDAP authentication in eDirectory later

    on? Hope this makes sense.

    Thanks!

  • RELEVANCY SCORE 2.85

    DB:2.85:Jbpm5.4 With Ldap Configuration 9c



    Hi,

    I want to integrate jbpm5.4 with ldap so ldap users can login into jbpm console.

    So plz any one show me integration n also show me configuration in jxplorer or apache directory studio for ldap users.

    Thanks.

    DB:2.85:Jbpm5.4 With Ldap Configuration 9c


    Hi,

    I want to integrate jbpm5.4 with ldap so ldap users can login into jbpm console.

    So plz any one show me integration n also show me configuration in jxplorer or apache directory studio for ldap users.

    Thanks.

  • RELEVANCY SCORE 2.84

    DB:2.84:Poweranalyzer 4 With Ldap Configuration p1



    Has anyone ever configured the PowerAnalyzer with LDAP? I wonder besides entering LDAP server information under Administration LDAP settings, what else need to be done?Name: LDAPURL: ldap://ids.mot.com:389BaseDN: ou=people, ou=intranet, dc=company, dc=comAuthentication: AnonymousI could not find any documents related to this at all. Thanks in advance.

    Ittichai

    DB:2.84:Poweranalyzer 4 With Ldap Configuration p1


    Has anyone ever configured the PowerAnalyzer with LDAP? I wonder besides entering LDAP server information under Administration LDAP settings, what else need to be done?Name: LDAPURL: ldap://ids.mot.com:389BaseDN: ou=people, ou=intranet, dc=company, dc=comAuthentication: AnonymousI could not find any documents related to this at all. Thanks in advance.

    Ittichai

  • RELEVANCY SCORE 2.83

    DB:2.83:Ldap Authentication Sso Configuration Failing. 8k



    Hi,

    I'm trying to add a single sign-on configuration identity source with the source type as Active Directory as a LDAP Server however when I test the connection it is failing with the following error:

    The provided credentials for authentication against LDAP xxxxxx server are not valid

    Is there any way to see the logs for this action, so I can determine what the problem is. As the credentials are correct

    Thanks

  • RELEVANCY SCORE 2.81

    DB:2.81:Directory Setup - Ldap Configuration - Error m7



    After install CRA3.1(3) at server with CCM3.3(2) and during set up the Cisco CRA server i recived next error-

    "Directory Setup

    LDAP Configuration - Error

    There has been some failure while updating the LDAP. Please contact Administrator. "

    The CRA Engine didn't started.

    How to resolve it?

    DB:2.81:Directory Setup - Ldap Configuration - Error m7


    Yes, the password for account Directory Manager was wrong.

    Now setup is finished w/o problem!

    Thank you!

    Best wishes!

  • RELEVANCY SCORE 2.80

    DB:2.80:Ldap Problem zm



    Hi Gurus,Whats the best timeout caching / cache entries that should be defined on my LDAP configuration..I have this error below...alerting me... but my ldap works fine...LDAP group query failure during per-recipient scanning, possible LDAP misconfiguration or unreachable serverAny help?thank you.

    DB:2.80:Ldap Problem zm


    Try using 'ldaptest' from the cli to test each query independently.From the error message, it appears that one of the AD servers is unreachable.Also, enable an ldapdebug log.The following KnowledgeBase article describes creating logs in general, but uses ldapdebug as an example, and should help you create one.http://tinyurl.com/pnv57Once the ldapdebug log is created, you can tail it from the cli to see what exactly is causing this error.-whardison

  • RELEVANCY SCORE 2.78

    DB:2.78:Authentication Problem With Acs 5.2 Using Ldap xm



    HI!

    I  want to use LDAP for connecting to active directory but I get this   Error from ACS 5.2 ( 22056 subject not found in the applicable identity  stores).Is there anyone who can HELP me?

    I used this configuration in ACS 5.2:

    Users and Identity Stores / External identity store / ldap / Directory Organization

    Subject ObjectClass : User

    Subject Name attribute ; sAMAccountName

    Group ObjectClass : Group

    Group Map Attribute : MemberOf

    DB:2.78:Authentication Problem With Acs 5.2 Using Ldap xm


    HI jrabinow

    Thanks for your answer

    yes I tested it and the result was successful I also add ldap database in the identity store. but the error is the same.

  • RELEVANCY SCORE 2.78

    DB:2.78:Skip Repository Validation kj


    I tried install emgc 12.1.0.4 with existed oracle db. During prerequisites checking, it requires block size of db to be 8192. Any way to ignore this prerequisite?Thanks

    DB:2.78:Skip Repository Validation kj

    We recommend DB block size to be 8192 for EM install, but as user you need to make sure the DB block size has the recommended value before install and if its less than the recommended value, then fix the value and re-try the install. Since we don't want any user to apply W/A during install.

  • RELEVANCY SCORE 2.77

    DB:2.77:Ldap Source Query Ip (Cisco Isr G2 Websecurity) dk



    Hi Cisco folks,

     

    Goal: I would like to implement Cisco ISR Connector with ScanSafe for the company.I have followed the ISR Solution Guide carefully (found here:

    http://www.cisco.com/en/US/docs/security/web_security/ISR_SS/ISR_ScanSafe_SolutionGuide.pdf)So far I have managed to get a basic configuration working.

     

    Problem:

    This configuration consists of the basic Web Security features and a VPN to our internal network.I would now like to implement authentication on the device with LDAP.As far as I can tell the configuration is correct. (I followed the solution guide precisely)The authentication though doesn't work.

     

    Here an output from the debug:

     

     
    *Feb 22 13:07:35.034: LDAP: LDAP: Queuing AAA request 52 for processing
    *Feb 22 13:07:35.034: LDAP: Received queue event, new AAA request
    *Feb 22 13:07:35.034: LDAP: LDAP authentication request
    *Feb 22 13:07:35.034: LDAP: Username sanity check failed
    *Feb 22 13:07:35.034: LDAP: Invalid hash index 512, nothing to remove
    *Feb 22 13:07:35.038: LDAP: New LDAP request
    *Feb 22 13:07:35.038: LDAP: Attempting first  next available LDAP server
    *Feb 22 13:07:35.038: LDAP: Got next LDAP server :scansafe-ldap-server
    *Feb 22 13:07:35.038: LDAP: Free connection not available. Open a new one.
    *Feb 22 13:07:35.038: LDAP: Opening ldap connection ( Internal IP of DC, 636 )ldap_open
    ldap_init libldap 4.5 18-FEB-2000
    open_ldap_connection
    ldap_connect_to_host: Internal IP of DC:636

     

     
    *Feb 22 13:07:35.038: LDAP: socket 5 - connecting to Internal IP of DC (636)
    *Feb 22 13:07:35.038: LDAP: socket 5 - connection in progress
    *Feb 22 13:07:35.038: LDAP: Connection on socket 5
    *Feb 22 13:07:35.038: LDAP: Connection to LDAP server (scansafe-ldap-server, Internal IP of DC) attempted
    *Feb 22 13:07:35.038: LDAP: Connection state: DOWN = CONNECTING
    *Feb 22 13:07:35.038: LDAP: LDAP request saved. Will be served after Root Bind is done.
    *Feb 22 13:07:35.038: LDAP: LDAP request successfully processed
    *Feb 22 13:08:05.038: LDAP: Received socket event
    *Feb 22 13:08:05.038: LDAP: Process socket event for socket = 5
    *Feb 22 13:08:05.038: LDAP: Server is not valid and non-TLS
    *Feb 22 13:08:05.038: LDAP: Socket read event socket=5
    *Feb 22 13:08:05.038: LDAP: Found socket ctx
    *Feb 22 13:08:05.038: LDAP: ldap tcp transport closing on socket 5
    *Feb 22 13:08:05.038: LDAP: Transport DOWN notification for scansafe-ldap-server/5
    *Feb 22 13:08:05.038: LDAP: Clearing all ldap transactions
    *Feb 22 13:08:05.038: LDAP: Triggering server failover for transit requet
    *Feb 22 13:08:05.038: LDAP: Connection state: CONNECTING = DOWNldap_unbind
    ldap_free_connection lc=0x8C5C14D4
    ldap_free_connection: actually freed

     

     

     

    As you can see the router can't contact our DC.Now I did some sniffing and noticed that the router sends the LDAP query with the source address of the external interface (Public IP).This results, that the queries are sent out into the internet with an internal destination IP. -- hence can't connect.

     

    Question:

    Now to my actual question.. How can I force the ISR to originate the LDAP queries from our internal interface ... which would then enter the VPN and connect to the DC?

     

     

    Thanks in advance, and if you need any additional information, please don't hesitate to ask

     

    Kind regards

     

    - Sam

    DB:2.77:Ldap Source Query Ip (Cisco Isr G2 Websecurity) dk


    Hello Jeff

    Thank you very much for your fast reply. I have tried the first workaround you mentioned.

    I do see an issue with the first workaround though.

    As long as the VPN is up the first workaround will work just fine. The problem though will be as soon as the vpn connection dies for some reason, the VPN will not come up again until the egress IP is removed from the VPN ACL. Hence it is not really a viable solution for a company of our size.

    Thanks

    -Sam

  • RELEVANCY SCORE 2.77

    DB:2.77:Problem With Connection To Address Book Having Ldap Authentication Turned On zd



    Dear FootPrints Users,

    Have you ever encountered such error message while navigating to Address Book ? Would like to emphasieze, that such problem has appeared after performing LDAP authentication path amendement. Thank you for any hints in advance.

    Error message:

    Pole nazwy pliku mapowania, C:\FootPrintsServiceCore\db\ABMASTER1\MR\LDAPFieldNameMapping, not found. This file must be present to use FootPrints Service Core in conjunction with an LDAP database. wybierz Administration/Address Book/Configure LDAP on the main toolbar to check your LDAP configuration. Then click the GO button and be sure to configure your LDAP fields.

    DB:2.77:Problem With Connection To Address Book Having Ldap Authentication Turned On zd


    That's great! When you are using LDAP AB, the Administration settings will replace the "Address Book Type" to "Configure LDAP". From this point if you can't get to this page because of the mentioned error, find out first if there is a file named: LDAPFieldNameMapping.bak then rename it to LDAPFieldNameMapping with no file extension. If the .bak file is also missing, your last resort is do the steps you took on fixing this problem.

  • RELEVANCY SCORE 2.76

    DB:2.76:Thread: Secure Ldap Authentication? 8a


    Hi all,

    I\'ve run into a problem doing a secure ldap lookup for username/passwords for users. I followed the \'Novell Teaming 1.0 Installation and Configuration Guide\' (section 2.4) and the \'Configuring LDAP authentication of Novell Teaming Users through eDirectory\' (section 23.4), and have successfully logged in using port 389 (unsecure). Using the liferay Enterprise Admin portlet, and browsing through Settings-Authentication-LDAP, if I change the Base Provider URL to ldaps://niwa-ham:636 I receive this error:

    Failed to bind to the LDAP server with given values.

    Under the Teaming Administration portlet - Configure LDAP - Connection

    If I change the URL from

    ldap://niwa-ham:389/o=niwa

    to

    ldaps://niwa-ham:636/o=niwa

    it accepts that quite happily (with the same username/password as used in the liferay Enterprise Admin portlet).

    FYI I followed the 2.4.4 Secure LDAP/eDirectory Setup in the teaming installation and configuration guide, and that all went fine.

    Am I missing something? Is it OK for the enterprise admin portlet be unsecure, with the teaming admin portlet using secure?

    As it stands I also followed this (Redirect Incoming HTTP Requests to HTTPS Before Logging into Novell Teaming | Novell User Communities) cool solution to make the teaming site go https, I assume this should encrypt the password anyway?

    Thanks for any and all help!!

    Dylan

    DB:2.76:Thread: Secure Ldap Authentication? 8a

    Hi!

    I followed this TID 3769737 for the Conferencing LDAP login over SSL.

    http://www.novell.com/support/search...200%2056511842

    It worked perfect for the Conferencing server to access LDAP over SSL on the eDirectory server.

    /Kind Regards

    Erik Wellander

  • RELEVANCY SCORE 2.74

    DB:2.74:Ldap Custom Filter -Cucm 8.X 88


    Problem

    How to configure an LDAP filter that only imports users with  IP Phones. That is you just want to sync with users that have extension at IP Phone field at LDAP. 

    When you setup the LDAP connector, the end user director populates all users, not just those with the IP Phones field populated.
    Solution In Cisco Unified Communications Manager Administration, use the System LDAP LDAP Custom Filter
    menu path to configure LDAP filters.
    In the LDAP Filter Configuration window, you specify information about the LDAP filter.

    LDAP Custom Filter SettingsFilter Name: Enter a name for the LDAP filter. The name can contain amaximum of 64 UTF-8 characters.Filter: Enter a filter. The filter can contain a maximum of 1024 UTF-8characters. Enclose the filter text within parentheses ().The LDAP filter filters the results of LDAP searches. LDAP users that matchthe filter get imported into the Cisco Unified Communications Managerdatabase, while LDAP users that do not match the filter do not get imported.The filter text that you enter must comply with the regular LDAP searchfilter standards specified in RFC 4515. It is recommended that you verifythe LDAP search filter against the LDAP directory/searchbase by using theldapsearch command.
    Now you need to apply LDAP filters to LDAP directoriesLDAP Directory ConfigurationLDAP Custom FilterSelect an LDAP custom filter from the drop-down list. The LDAP filter filters the results of LDAP searches. LDAP users that match the filter get imported into the Cisco Unified Communications Manager database, but LDAPusers that do not match the filter do not get imported.

    The search filters use the following formats:*********************************************filter=(attributeoperatorvalue)or (operatorfilter1filter2) *********************************************For example to get all users with an email attribute:you need to Set up LDAP custom filter as ((objectClass=user)(email=*))and if its telephonenumber or ipPhone
    you need to change the email attribute with telephonenumber attributelike ((objectclass=user)(telephonenumber=*))
    Refer this url : https://supportforums.cisco.com/thread/2169692?tstart=0#3727518
    to find how to filter disabled users from Active Directory
    Related InformationHow to Configure Unified Communications Manager Directory Integration in a Multi-Forest EnvironmentLDAP Query Filter Syntax and Server-Side FilteringLDAP Custom Filter ConfigurationLDAP Directory Configuration

    DB:2.74:Ldap Custom Filter -Cucm 8.X 88

    Problem

    How to configure an LDAP filter that only imports users with  IP Phones. That is you just want to sync with users that have extension at IP Phone field at LDAP. 

    When you setup the LDAP connector, the end user director populates all users, not just those with the IP Phones field populated.
    Solution In Cisco Unified Communications Manager Administration, use the System LDAP LDAP Custom Filter
    menu path to configure LDAP filters.
    In the LDAP Filter Configuration window, you specify information about the LDAP filter.

    LDAP Custom Filter SettingsFilter Name: Enter a name for the LDAP filter. The name can contain amaximum of 64 UTF-8 characters.Filter: Enter a filter. The filter can contain a maximum of 1024 UTF-8characters. Enclose the filter text within parentheses ().The LDAP filter filters the results of LDAP searches. LDAP users that matchthe filter get imported into the Cisco Unified Communications Managerdatabase, while LDAP users that do not match the filter do not get imported.The filter text that you enter must comply with the regular LDAP searchfilter standards specified in RFC 4515. It is recommended that you verifythe LDAP search filter against the LDAP directory/searchbase by using theldapsearch command.
    Now you need to apply LDAP filters to LDAP directoriesLDAP Directory ConfigurationLDAP Custom FilterSelect an LDAP custom filter from the drop-down list. The LDAP filter filters the results of LDAP searches. LDAP users that match the filter get imported into the Cisco Unified Communications Manager database, but LDAPusers that do not match the filter do not get imported.

    The search filters use the following formats:*********************************************filter=(attributeoperatorvalue)or (operatorfilter1filter2) *********************************************For example to get all users with an email attribute:you need to Set up LDAP custom filter as ((objectClass=user)(email=*))and if its telephonenumber or ipPhone
    you need to change the email attribute with telephonenumber attributelike ((objectclass=user)(telephonenumber=*))
    Refer this url : https://supportforums.cisco.com/thread/2169692?tstart=0#3727518
    to find how to filter disabled users from Active Directory
    Related InformationHow to Configure Unified Communications Manager Directory Integration in a Multi-Forest EnvironmentLDAP Query Filter Syntax and Server-Side FilteringLDAP Custom Filter ConfigurationLDAP Directory Configuration

  • RELEVANCY SCORE 2.73

    DB:2.73:Does Oracle Management Agent 12c Communicate With Emgc 10.2.0.4 And/Or 11g ad


    Hello,

    In the documentation of Oracle EM 12c is written that EM12c only can word with agent 12c, which does not surprise me.
    But, can older versions of EM Grid Control, like 10.2.0.4 or EMGC 11g work with Agent-12c?

    Best regards,
    Jan.

  • RELEVANCY SCORE 2.72

    DB:2.72:Ldap Directory Sync Problem 7x



    Hi,

    I have an issue it seems with sync with AD. CM 5.0.4 and 2 domains defined in LDAP directory configuration page. One of the domain does not seem to be syncing, we have it on a 6 hour schedule, but new users are not appearing in the users list when we do a search. From the LDAP directory configuration page the button "cancel sync process" is always on. not "perform full sync now" like it is hung.

    Any idea's about this? The other domain we sync with looks fine

    Thanks

    DB:2.72:Ldap Directory Sync Problem 7x


    A synchronization agreement for a domain will not synchronize users outside of that domain nor within a child domain because Cisco Unified CallManager does not follow AD referrals during the synchronization process.

    http://www.cisco.com/en/US/products/sw/voicesw/ps556/products_implementation_design_guide_chapter09186a008063748a.html

  • RELEVANCY SCORE 2.72

    DB:2.72:Css11501 Load-Balancing Smtp And Ldap Servers 1k



    Can anybody provide me with samples of configuration to load-balance SMTP LDAP servers with CSS ? I feer having the same problem as with FTP when the session is initiated from the server side and that we have to make some special adds-on to the config ?

    DB:2.72:Css11501 Load-Balancing Smtp And Ldap Servers 1k


    Load balancing should work fine on the CSS. I am sure that there is some confiugaration issue. Can you post the configuration so that we can check where the problem is?

  • RELEVANCY SCORE 2.72

    DB:2.72:Integrating Bip With Multiple Ldap Servers 9m


    Hi,
    my question is very simple. In Admin-Security Configuration-Security Model section i've setted Security model combobox with LDAP value. Then i've filled all LDAP information field (for example:URL). All works. But in my rpd i 've multiple LDAP servers (multiple URL) and in the form i can insert information about only one LDAP server.
    Is it possible configure BIP with multiple LDAP servers?

    Thanks

    Giancarlo

    P.S. I'm using OBIEE 10g

    DB:2.72:Integrating Bip With Multiple Ldap Servers 9m

    Hi,
    my question is very simple. In Admin-Security Configuration-Security Model section i've setted Security model combobox with LDAP value. Then i've filled all LDAP information field (for example:URL). All works. But in my rpd i 've multiple LDAP servers (multiple URL) and in the form i can insert information about only one LDAP server.
    Is it possible configure BIP with multiple LDAP servers?

    Thanks

    Giancarlo

    P.S. I'm using OBIEE 10g

  • RELEVANCY SCORE 2.71

    DB:2.71:Telepresence Content Server Ldap Configuration 7x



    Hello,

    I am looking to integrate LDAP for our users logins but we already have many users with logins already set up.  My question is when I enable LDAP will this erase the current users and aliases associated with them?

    Thanks

    DB:2.71:Telepresence Content Server Ldap Configuration 7x


    Hi William,

    First of all as soon you will change the "Authentication Mode" to LDAP in Site Settings, you will not be able to login using your earlier admin user id. There would be no way to login back to TCS. You'll have to try logging-in Rescue Mode by following steps below:

    1.       Type the ip address of the server in web browser.2.       Now add #page:loginrescue:true to the end of the Content Server URL in the browser.
    For eg: http:///tcs/#page:loginrescue:true

    This will allow to login by putting admin credentials that you used before.

    One most important thing before changing authentication mode to LDAP is to create atleast one user with admin role. After this you can use this for login as admin user id. Now coming to your question "Changing authentication mode will not erase any users created by you earlier, but it may stop working depending on the ldap policies in your company" The aliases should work fine.

    Hope this helps. Feel free to reply in case of any query.

    Regards,

    Gaurav

  • RELEVANCY SCORE 2.68

    DB:2.68:Thread: Random Ldap Error: 80 Issues With Gw8 Using Ldap Pool z1


    Running multiple GW8 SP2 PostOffices on OES2 SP2, using LDAP authentication.

    LDAP pool set with two LDAP servers.

    Randomly some POA starts giving login errors, LDAP Error: 80 on the logfile.

    Both LDAP servers are fine and others POAs continue to work.

    Restarting the problem POA fixes the problem - until it comes back someday.

    Others seen this?

    -sk

    DB:2.68:Thread: Random Ldap Error: 80 Issues With Gw8 Using Ldap Pool z1

    Originally Posted by skapanen


    Running multiple GW8 SP2 PostOffices on OES2 SP2, using LDAP authentication.

    LDAP pool set with two LDAP servers.

    Randomly some POA starts giving login errors, LDAP Error: 80 on the logfile.

    Both LDAP servers are fine and others POAs continue to work.

    Restarting the problem POA fixes the problem - until it comes back someday.

    Others seen this?

    -sk



    Hello Sami, (old post but I hit it though)

    We have a similar set up.

    This error appears at least then if NDS has login limit restriction applied to a user trying to log when error appears. Removing the limit, increasing it or logging out of some machines will free the user to log in and POA allows the connection.

    This was what helpped us.

    Juha

  • RELEVANCY SCORE 2.68

    DB:2.68:Ldap Ssl 17



    Has anyone configured LDAP SSL before? We are in D6.6, can someone please share with us how the SSL LDAP configuration is.

    DB:2.68:Ldap Ssl 17


    Has anyone deployed SSL LDAP in 6.6 yet? If you did can you please share the steps with us.

  • RELEVANCY SCORE 2.68

    DB:2.68:Vmware Vcenter Orcestrator Configuration Issue - Ldap Connection ds


    Hello All,

    I have been given the task of setting up Ccenter and I am having a little problem.

    I have everything configured except the LDAP connection setup in the vcenter web configuration.

    I am receining the following error:

    Type

    Title

    Description

    Error

    LDAP connection successful but no users found. Please check LDAP paths.

    LDAP connection successful but no users found. Please check LDAP paths.

    Error

    Admin group not found

    I have no real LDAP expereince so I am totally lost on this error message.

    Can anyone offer any help on this problem?

    Thanks - Ron

    DB:2.68:Vmware Vcenter Orcestrator Configuration Issue - Ldap Connection ds

    Hi Everyone,

    I wanted to thank everyone for their help on this issue.

    I had all the LDAP lookup information correct, but I determined that our AD is a little

    more complicated than I first thought. The whole turned out to be the root login information.

    I had to use the loginaccount@mydomain.org

    Thanks,

    Ron

  • RELEVANCY SCORE 2.68

    DB:2.68:Dataguard Broker Setup - Licensing Terms p1


    Hi,

    This is a simple question. I have searched Oracle documentation fairly elaborately, but could not find an answer.

    The question is: Can I co-host Dataguard Broker configuration with RMAN Catalog+EMGC ?

    We already have one host (Running EE) catering to RMAN Catalog and EMGC repository (On a single server). Since we have a requirement of configuring dataguard broker, the thought was to co-host this on the same server.

    Is there a licensing consideration to this? Can someone refer some relevant documentation please? Thanks in advance.

    Cheers,
    -Ganesh

    DB:2.68:Dataguard Broker Setup - Licensing Terms p1

    Hi,

    Thanks. But let me make my question clear. The question is not about licensing the Data guard configuration. We have taken care of that already.
    The question is regarding the Dataguard Broker configuration and its co-hosting possibilities with RMAN catalog or EMGC repository database.

    Cheers,
    Ganesh

  • RELEVANCY SCORE 2.67

    DB:2.67:Re: Differents Between Emdc (Database Control) And Emgc (Grid Control)?????? p3


    Hi Nicolas,

    Thanks for your Reply....But I have the same doubt..We can monitor Databases with their EMDC (Enterprise Manager Database Control)..So why should we buy use EMGC ( Grid Control )??

    Could you specify the advantage of EMGC from EMDC???

    Hope your valuable support..

    Arun Kurungatt

  • RELEVANCY SCORE 2.67

    DB:2.67:Rac11.2 Emgc 11.1 Node Did Not Discover Asm 39


    Hi,
    we installed a two node RAC with ASM and grid infrastructure on OEL. On system level grid and db runs fine.
    #crsctl stat res -t -- all ok.

    We deploy the agents form EMGC 11.1the installation was finish successfully.
    On node one the agent discover all components form the node...host, +ASM1, LISTENER_node1, SCANS1,2
    But on node two the agent did not discover +ASM2 and the LISTENER_node2.
    All Passwords are the same on both nodes and provided to the EMGC11.1

    In configuration tab in EMGC 11.1 all installations are found
    Oracle Database 11g 11.2.0.2.0/u01/app/oracle/product/11.2.0/dbhome_1 (OraDb11g_home1)Jun 9, 2011 1:26:07 PM GMT
    Oracle Grid Infrastructure 11.2.0.2.0/u01/app/11.2.0/grid (Ora11g_gridinfrahome1)Jun 9, 2011 12:23:31 PM GMT
    Oracle Management Agent 11.1.0.1.0/u01/app/oracle/product/agent11g (agent11g1)Jun 14, 2011 1:14:26 PM GMT

    node2 #emctl status agent --- agent OK heartbeat to OMS -- 2011-06......

    Does anyone can help to find why the agent on node2 dont find all components. Or how to tell agent to rediscover everything.
    Thanks
    *T

    DB:2.67:Rac11.2 Emgc 11.1 Node Did Not Discover Asm 39

    have you installed the agent in clustermode?

    I can't tell you the reason why one agent has discovered the node completely and why the other hasnt't. Please compare the file target.xml (.../sysman/emd) from the fully discovered node with the the file target.xml of the other node. Do both contain the same amount of targets?
    If not, you may edit this file on the node where the targets are missing (but be careful: you have ASM1 on node#1 and ASM2 on node #2).
    And you certainly have to replace the hostname from node #1 with host-name of node #2. But before editing this file please shutdown the
    agent and restart them afterwards. I know that this way is not supported or recommended by Oracle - but I have done that before and it worked
    fine.

    If you want to figure out why the targets on one node haven't been discovered please check the logfiles under .../sysman/log. Maybe you
    find a reason. Any you could try "emctl stop agent", "emctl clearstate agent" and "emctl start agent"...

  • RELEVANCY SCORE 2.67

    DB:2.67:Bmc Dashboards For Bsm 2.0 - Ldap Configuration am



    Hi all,

    Anyone have configured BMC Dashboards for BSM 2.0 with LDAP to authenticate users? Any errors during configuration process? By default, Dashboards download ALL users from LDAP? Architecture department is very worried inDashboards queries on LDAP.

    Any recommendations?

    Thanks and regards,

    DB:2.67:Bmc Dashboards For Bsm 2.0 - Ldap Configuration am


    I have successfully installed with LDAP on BMC test systems, and I have also helped customers do the same.

    During install, it only "downloads" the user that you specify during installation.

    Post install, you use the User Management options to add further users and assign roles.

    It does *not* download all users. Please explain exactly what your architecture department is worried about.

    The current version (BMC Dashbaords for BSM 2.0.00) is only enabled for LDAP authentication against a single single OU. It can be extended, but this is a post-install manual configuration, which can become unwieldy in complex Active Directory environments where users are defined in a lot of different containers.

    There is a patch 2.0.00.003 to enable LDAP authentication of accounts that contain special charcters - see the Technical Bulletin on the support Web site.

    Thanks Regards

    Jim

  • RELEVANCY SCORE 2.67

    DB:2.67:Configure Jboss As 5 And Ldap 77



    Hi there,

    Basically i have an application that sits on JBoss which needs to connect to a LDAP server. (OS is Windows XP Pro)

    I started the JBoss with run.bat -c all -b 192.168.1.1.

    I have no problem connecting to the LDAP server without SSL. The problem only surface when i setup the LDAP server with SSL which i have trouble connecting to the LDAP server. The following is the error message.

    javax.naming.CommunicationException: simple bind failed: 192.168.1.100:636 [Root exception is javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty]

    I have google about configuring JBoss and LDAP and stumbled upon http://docs.jboss.org/jbportal/v2.6.2/referenceGuide/html/ldap.html . Do I really need a JBoss Portal to setup with LDAP??

    Could anyone out there help me out with this?? Or am i missing out any configuration on JBoss.

    Any advice would be greatly appreciated. Many thanks in advance.

    Kevin

    DB:2.67:Configure Jboss As 5 And Ldap 77


    Hi there,

    Basically i have an application that sits on JBoss which needs to connect to a LDAP server. (OS is Windows XP Pro)

    I started the JBoss with run.bat -c all -b 192.168.1.1.

    I have no problem connecting to the LDAP server without SSL. The problem only surface when i setup the LDAP server with SSL which i have trouble connecting to the LDAP server. The following is the error message.

    javax.naming.CommunicationException: simple bind failed: 192.168.1.100:636 [Root exception is javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty]

    I have google about configuring JBoss and LDAP and stumbled upon http://docs.jboss.org/jbportal/v2.6.2/referenceGuide/html/ldap.html . Do I really need a JBoss Portal to setup with LDAP??

    Could anyone out there help me out with this?? Or am i missing out any configuration on JBoss.

    Any advice would be greatly appreciated. Many thanks in advance.

    Kevin

  • RELEVANCY SCORE 2.67

    DB:2.67:Error : Invokemethod() Failed While Calling: Onlogin In Ldap Authentication az


    Hi all,I am have an problem with LDAP authentication in WP 5.3.I have created a LDAP configuration in DA 5.3.The LDAP configuration parameters are fine as I get logged on to WP 5.3 after LDAP authentication.But quite often, when I tries to enter in WP through LDAP, documentum throws an error pop-up window saying invokeMethod() failed while calling: onLogin.When i try to view the error details by clicking the show details link, Timed out message comes and then WP main window appears and I can perform all the activities perfectly fine.Has someone faced this kind of scenario before? Do i need to set some configuration for 5.3?I have tested my LDAP configuration in 5.2.5 SP3,i dont get this sort of error message in WP 5.2.5 SP3.Any thoughts on this is welcomed.ThanksAmrit

    DB:2.67:Error : Invokemethod() Failed While Calling: Onlogin In Ldap Authentication az

    I finally got this right. The problem was dm_LDAPSynchronization job did not run successfully before. After successful run of this job i don't get the above error in WP.This brings another doubt to me. How is dm_LDAPSynchronization job related to login authentication? What does this job do?Earlier,I manually created few LDAP users in DA 5.3 for testing LDAP and those users were getting authenticated in DA without any error and was able to login successfully. I even checked those user using IAPI tools and there also they were getting authenticated without any problem. Only problem was with WP 5.3, where ldap authentication was throwing intermittent error as mentioned above.Can somebody throw some light on dm_lpadSyncronization job and what effect it has on login?ThanksAmritMessage was edited by: amritanshu

  • RELEVANCY SCORE 2.66

    DB:2.66:Ldap Application Not Working With 2811 Ios 12.3(8)T11 a8



    Hi,

    We are having LDAP application problem with 2811 router running 12.3(8)T11 image.

    Before this application worked with 2621 router running 12.2(4)T3 and 12.1(5)T12

    Note: There is no LDAP Query configuration in router, for LDAP just it pass through (it will do normal packet routing, configuration attached for reference).

    Now we are hearing different suggestions from different people.

    1 Some people are saying that "This LDAP application will work only with 12.1 and 12.2"

    2 Some people saying that "It works only with 26xx series router".

    3 Some people recommending to upgrade to latest IOS in 12.3 or 12.4 series.

    I am requesting all technicins to put some comments on it.

    Regards

    Sivakondala Rao

    DB:2.66:Ldap Application Not Working With 2811 Ios 12.3(8)T11 a8


    Hi

    Does the router function normally for other traffic. If it is and you are merely routing the ldap traffic then it should make no difference which router you use. So this would point to other issues. Looking at your config 2 things jump out

    1) NAT

    2) access-lists

    Could you send more details on source IP address and destination IP address and which direction on the router the ldap traffic flows.

    Jon

  • RELEVANCY SCORE 2.66

    DB:2.66:How-To Refresh/Synchronize Ldap Attribute Map In The Da Drop Down List? 8c


    Hi,I have following problem. After adding some attributes to LDAP, they do not appear in Attribute Map drop down list:Administration - User Management - LDAP- My LDAP Configuration Object - Attribute Map - My DM Attribute - LDAP AttributeI started dm_LDAPSynchronization with default settings, but this did not help.Greetings,Maciek

    DB:2.66:How-To Refresh/Synchronize Ldap Attribute Map In The Da Drop Down List? 8c

    Hi, I tryed that already, but somehow I do not see my attribute.....There are no errors in sych-job.Thanks,Maciek

  • RELEVANCY SCORE 2.65

    DB:2.65:Thread: In The Ldap Trcae I See This Errors: c9


    NW65SP8. Enable LDAPtrace and se this errors..

    This is critical errors ?

    Any suggestions, please..

    Tuesday, 11 Aug 2009

    9646C300 LDAP: ldapDefaultReferralBehavior: Not Defined

    9646C300 LDAP: LDAP Referral: Not Defined

    9646C300 LDAP: ldapLBURPNumWriterThreads: Not Defined

    9646C300 LDAP: ldapInterfaces: Not Defined

    9646C300 LDAP: ldapChainSecureRequired: Not Defined

    9646C300 LDAP: ldapStdCompliance: Not Defined

    9646C300 LDAP: LDAP UDP Port: Not Defined

    9646C300 LDAP: Ignored duplicate LDAP attr lDAPAttributeMap for NDS attr LDAP Attribute Map as it conflicts with existing LDAP attr ldapAttributeMap for NDS attr LDAP Attribute Map v11

    9646C300 LDAP: Ignored duplicate LDAP attr lDAPClassMap for NDS attr LDAP Class Map as it conflicts with existing LDAP attr ldapClassMap for NDS attr LDAP Class Map v11

    9646C300 LDAP: Ignored duplicate LDAP attr appPath for NDS attr App Path as it conflicts with existing LDAP attr appPath for NDS attr App:Path

    9646C300 LDAP: Ignored duplicate LDAP attr appIcon for NDS attr App Icon as it conflicts with existing LDAP attr appIcon for NDS attr App:Icon

    9646C300 LDAP: Ignored duplicate LDAP attr appContacts for NDS attr App Contacts as it conflicts with existing LDAP attr appContacts for NDS attr App:Contacts

    9646C300 LDAP: Ignored duplicate LDAP attr appWorkingDirectory for NDS attr App Working Directory as it conflicts with existing LDAP attr appWorkingDirectory for NDS attr App:Working Directory

    9646C300 LDAP: Ignored duplicate LDAP attr appDriveMappings for NDS attr App Drive Mappings as it conflicts with existing LDAP attr appDriveMappings for NDS attr App:Drive Mappings

    9646C300 LDAP: Ignored duplicate LDAP attr appPrinterPorts for NDS attr App Printer Ports as it conflicts with existing LDAP attr appPrinterPorts for NDS attr App:Printer Ports

    9646C300 LDAP: Ignored duplicate LDAP attr appParameters for NDS attr App Parameters as it conflicts with existing LDAP attr appParameters for NDS attr App:Parameters

    9646C300 LDAP: Ignored duplicate LDAP attr appFlags for NDS attr App Flags as it conflicts with existing LDAP attr appFlags for NDS attr App:Flags

    9646C300 LDAP: Ignored duplicate LDAP attr appStartupScript for NDS attr App Startup Script as it conflicts with existing LDAP attr appStartupScript for NDS attr App:Startup Script

    9646C300 LDAP: Ignored duplicate LDAP attr appShutdownScript for NDS attr App Shutdown Script as it conflicts with existing LDAP attr appShutdownScript for NDS attr App:Shutdown Script

    9646C300 LDAP: Ignored duplicate LDAP attr bRDSRVSAlertBitMask for NDS attr BRDSRVS:Alert Bit Mask as it conflicts with existing LDAP attr bRDSRVSAlertBitMask for NDS attr BRDSRVS: Alert Bit Mask

    9646C300 LDAP: Ignored duplicate LDAP attr sASSecretStoreKey for NDS attr SAS:SecretStoreKey as it conflicts with existing LDAP attr sASSecretStoreKey for NDS attr SAS:SecretStore:Key

    9646C300 LDAP: Ignored duplicate LDAP attr sASSecretStoreData for NDS attr SAS:SecretStoreData as it conflicts with existing LDAP attr sASSecretStoreData for NDS attr SAS:SecretStore:Data

    9646C300 LDAP: Updating server configuration

    9649A3C0 LDAP: Listener applying new configuration

    9649A3C0 LDAP: LDAPURL: ldap://:389

    9649A3C0 LDAP: LDAPURL: ldaps://:636

    Serg

    DB:2.65:Thread: In The Ldap Trcae I See This Errors: c9

    -' + '-' + '-' + '-' + '-BEGIN PGP SIGNED MESSAGE-' + '-' + '-' + '-' + '-

    Hash: SHA1

    No, these are mostly informational. Some of them (\'LDAP UDP Port\') look a

    bit strange... I\'ve never seen anybody (or anything) use LDAP over UDP.

    Some of the others are warning you that duplicate mappings are being

    ignored though, again, it\'s cosmetic. If things do not work via LDAP as

    you would expect perhaps check here but otherwise I do not see a problem

    with these messages.

    Good luck.

    skoltogyan wrote:

    NW65SP8. Enable LDAPtrace and se this errors..

    This is critical errors ?

    Any suggestions, please..

    Tuesday, 11 Aug 2009

    9646C300 LDAP: ldapDefaultReferralBehavior: Not Defined

    9646C300 LDAP: LDAP Referral: Not Defined

    9646C300 LDAP: ldapLBURPNumWriterThreads: Not Defined

    9646C300 LDAP: ldapInterfaces: Not Defined

    9646C300 LDAP: ldapChainSecureRequired: Not Defined

    9646C300 LDAP: ldapStdCompliance: Not Defined

    9646C300 LDAP: LDAP UDP Port: Not Defined

    9646C300 LDAP: Ignored duplicate LDAP attr lDAPAttributeMap for NDS

    attr LDAP Attribute Map as it conflicts with existing LDAP attr

    ldapAttributeMap for NDS attr LDAP Attribute Map v11

    9646C300 LDAP: Ignored duplicate LDAP attr lDAPClassMap for NDS attr

    LDAP Class Map as it conflicts with existing LDAP attr ldapClassMap

    for NDS attr LDAP Class Map v11

    9646C300 LDAP: Ignored duplicate LDAP attr appPath for NDS attr App

    Path as it conflicts with existing LDAP attr appPath for NDS attr

    App:Path

    9646C300 LDAP: Ignored duplicate LDAP attr appIcon for NDS attr App

    Icon as it conflicts with existing LDAP attr appIcon for NDS attr

    App:Icon

    9646C300 LDAP: Ignored duplicate LDAP attr appContacts for NDS attr

    App Contacts as it conflicts with existing LDAP attr appContacts for

    NDS attr App:Contacts

    9646C300 LDAP: Ignored duplicate LDAP attr appWorkingDirectory for

    NDS attr App Working Directory as it conflicts with existing LDAP attr

    appWorkingDirectory for NDS attr App:Working Directory

    9646C300 LDAP: Ignored duplicate LDAP attr appDriveMappings for NDS

    attr App Drive Mappings as it conflicts with existing LDAP attr

    appDriveMappings for NDS attr App:Drive Mappings

    9646C300 LDAP: Ignored duplicate LDAP attr appPrinterPorts for NDS

    attr App Printer Ports as it conflicts with existing LDAP attr

    appPrinterPorts for NDS attr App:Printer Ports

    9646C300 LDAP: Ignored duplicate LDAP attr appParameters for NDS attr

    App Parameters as it conflicts with existing LDAP attr appParameters

    for NDS attr App:Parameters

    9646C300 LDAP: Ignored duplicate LDAP attr appFlags for NDS attr App

    Flags as it conflicts with existing LDAP attr appFlags for NDS attr

    App:Flags

    9646C300 LDAP: Ignored duplicate LDAP attr appStartupScript for NDS

    attr App Startup Script as it conflicts with existing LDAP attr

    appStartupScript for NDS attr App:Startup Script

    9646C300 LDAP: Ignored duplicate LDAP attr appShutdownScript for NDS

    attr App Shutdown Script as it conflicts with existing LDAP attr

    appShutdownScript for NDS attr App:Shutdown Script

    9646C300 LDAP: Ignored duplicate LDAP attr bRDSRVSAlertBitMask for

    NDS attr BRDSRVS:Alert Bit Mask as it conflicts with existing LDAP

    attr bRDSRVSAlertBitMask for NDS attr BRDSRVS: Alert Bit Mask

    9646C300 LDAP: Ignored duplicate LDAP attr sASSecretStoreKey for NDS

    attr SAS:SecretStoreKey as it conflicts with existing LDAP attr

    sASSecretStoreKey for NDS attr SAS:SecretStore:Key

    9646C300 LDAP: Ignored duplicate LDAP attr sASSecretStoreData for NDS

    attr SAS:SecretStoreData as it conflicts with existing LDAP attr

    sASSecretStoreData for NDS attr SAS:SecretStore:Data

    9646C300 LDAP: Updating server configuration

    9649A3C0 LDAP: Listener applying new configuration

    9649A3C0 LDAP: LDAPURL: ldap://:389

    9649A3C0 LDAP: LDAPURL: ldaps://:636

    Serg

    -' + '-' + '-' + '-' + '-BEGIN PGP SIGNATURE-' + '-' + '-' + '-' + '-

    Version: GnuPG v2.0.9 (GNU/Linux)

    Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

    iQIcBAEBAgAGBQJKgYeTAAoJEF+XTK08PnB5qqEQAIhcQmjncz ntGWQu6HDY3fMI

    kqqTYf03kTWUfbn2oazsD4MeOGifEN4AXzIxCkCwXcgZSq/FR6FtaQ2HcK5HVm5V

    +1BmUJZjoenn042VTAjyXHyEzmKClS2XBfEeB20xrF6VBCXTeq kylQB+eJxHTO4B

    UxhwIaC9QKYIVTOkEGLraydi3YpraA3ntphgdaHAJOtkIvnG4m x+p6aPJwqWFqIl

    9gZwklvzXE8JiFbpAuTnpTbMRGKtonlkv69HvC0tzaIVzBGn6x 1M2PULHhIueAsm

    cgqWzwG2Qm2WdxtiHWYHMDCPowjSch33ASRLQxvNbTQnqBcqoU EuWXmFBa/7h967

    2NyqoqnUuVpowgGmGFmc8JgKiJ88VZ3+tZ1ol2YSAoC6wiF3GY Kplum0LTyezzkx

    gjHoVpV4QiilmOoPV3HAbZ5EkXXTIVIx8nJY93jsqYX7S3pXA7 8EejMfyay7Qo3n

    +bwvUNv5JaOOIKIrt1BrCJED7jWP/mLr8SYiROligccVZY4TramZ5oU3ik9VNEwA

    9wOeqBa4rQXZ0cd5m7YiH60nuGH7Hk7xAaV+nyhEtqWM8Q2n/9lesjy6Z4SILSCm

    qEImotxwX+6xiwfGAQsOnu6dhGTG++iqf0eQ285gM9IX7pRaD2 rCEUi0AOt5bnec

    JONUNF8Y68munOFYQp/G

    =WsO0

    -' + '-' + '-' + '-' + '-END PGP SIGNATURE-' + '-' + '-' + '-' + '-

  • RELEVANCY SCORE 2.65

    DB:2.65:Netapp Ldap Hashes m9



    Hi,

    I've configured NetApp with LDAP as I found in the TR-3464. I can login into the NetApp through LDAP correctly. The problem starts when a user with the SHA password hash try to login; he doesn't. Only can login if the password is stored with CRYPT hash.

    Is possible to login with another password hashes? Are there any netapp configuration I forgot?

    Thanks.

    DB:2.65:Netapp Ldap Hashes m9


    Yes I can confirm that CRYPT will work!!

    Would love to see an update that supports SSHA, since this has been a defacto hashing standard in a few directories for some time.

    What is super important that whatever administrative username you are using needs to have the ability to read the password hash attribute. You can easily test to see if you have the permissions to the password attribute with getXXbyYY.
    filer9* getXXbyYY getpwbyname_r gunn
    pw_name = gunn
    pw_passwd = saltsaltABCDEF
    pw_uid = 1000, pw_gid = 1000
    pw_gecos = Paul gunn
    pw_dir = /home/gunn
    pw_shell = /bin/bash

    If you don't have the correct permissions, the pw_passwd will always show up as pw_passwd = {{******}}

    --

    Chris

  • RELEVANCY SCORE 2.65

    DB:2.65:Ldap Configuration 98



    hello,

    Can you help me about ldap configuration ?

    thanks

    DB:2.65:Ldap Configuration 98


    Hi Neel,

    I am haring my emal id. Can yo please send me the ldap configuration document. my email id is vattikota.kumar@wipro.com.

    Thanks Regards

    Kiran Kumar V.

  • RELEVANCY SCORE 2.65

    DB:2.65:Novell Ldap Configuration ps



    We have a problem with the configuration of LDAP novell edirectory 8.6.2 .

    We are not able to set the:

    dataSourceConfiguration_novell_deep_not_readonly_db.xml

    Could someone help us to configure this file?

    Thanks!

    DB:2.65:Novell Ldap Configuration ps


    We have a problem with the configuration of LDAP novell edirectory 8.6.2 .

    We are not able to set the:

    dataSourceConfiguration_novell_deep_not_readonly_db.xml

    Could someone help us to configure this file?

    Thanks!

  • RELEVANCY SCORE 2.64

    DB:2.64:Problem With Ldap Synch With Oid 11g p3


    Hi,

    hey i am working with oim 11g here i am implementing ldap synch with oid 11g, here my problem is while enabling ldap synch option the config.cmd page starts from server, design console configuration step, im not getting ldap synch step directly. if i do configuration for server again it may cause error.

    so may i know the solution for this

    Thanking you

    DB:2.64:Problem With Ldap Synch With Oid 11g p3

    Hi,

    hey i am working with oim 11g here i am implementing ldap synch with oid 11g, here my problem is while enabling ldap synch option the config.cmd page starts from server, design console configuration step, im not getting ldap synch step directly. if i do configuration for server again it may cause error.

    so may i know the solution for this

    Thanking you

  • RELEVANCY SCORE 2.64

    DB:2.64:Ldap Authentication Problem mx



    Hi all..

    I've got some problems configuring ldap auth on one my customer servers. This customer has got 2 esx starter. On the first server I've successfully configured ldap centralized auth with esxcfg-auth and /etc/pam.d/vmware-authd. On the second server I've done the same configuration but it does not works.

    On the second server if I try to use ldap search or getent passwd I see all ldap accounts, but when I try to configure ldap users on vi client permission tab I only see the local passwd accounts.

    To configure ldap auth I do these:

    \# esxcfg-auth --enableldap --ldapserver=ldapsrv.domain.local --ldapbasedn="ou=domain,o=local"

    \[root@vmware-b pam.d]# cat vmware-authd

    #%PAM-1.0

    auth sufficient /lib/security/pam_unix_auth.so shadow nullok

    account required /lib/security/pam_unix_acct.so

    auth required /lib/security/pam_ldap.so use_first_pass

    Thank

    Matteo

    DB:2.64:Ldap Authentication Problem mx


    Hi all..

    I've got some problems configuring ldap auth on one my customer servers. This customer has got 2 esx starter. On the first server I've successfully configured ldap centralized auth with esxcfg-auth and /etc/pam.d/vmware-authd. On the second server I've done the same configuration but it does not works.

    On the second server if I try to use ldap search or getent passwd I see all ldap accounts, but when I try to configure ldap users on vi client permission tab I only see the local passwd accounts.

    To configure ldap auth I do these:

    \# esxcfg-auth --enableldap --ldapserver=ldapsrv.domain.local --ldapbasedn="ou=domain,o=local"

    \[root@vmware-b pam.d]# cat vmware-authd

    #%PAM-1.0

    auth sufficient /lib/security/pam_unix_auth.so shadow nullok

    account required /lib/security/pam_unix_acct.so

    auth required /lib/security/pam_ldap.so use_first_pass

    Thank

    Matteo

  • RELEVANCY SCORE 2.63

    DB:2.63:Domain-Required Authentication X Ldap x9


    Has someone already worked with this configuration: authentication protocol = "domain-required" and users from LDAP? It works?

    DB:2.63:Domain-Required Authentication X Ldap x9

    Has someone already worked with this configuration: authentication protocol = "domain-required" and users from LDAP? It works?

  • RELEVANCY SCORE 2.63

    DB:2.63:Problem Using Ldap ap


    Dear Experts,
    I've used LDAPCfgWiz.cmd to configure my primavera contract management 13 to use LDAP.
    I have a domain in my network and it's on Active Directory.
    I've followed the topic "importing users from LDAP" starting from page 113 of an ebook called "Contract Management 13.0 Installation and Configuration Guide for Microsoft SQL Server".
    My experience with LDAPCfgWiz.cmd tool was unsuccessful and I couldn't see users to import.
    However when I restarted the server, I couldn't logon with my account (the system administrator). Nobody could logon!!!
    Thank admincm.cmd I saw that although it was unsuccessful, but it has changed Authentication configuration.
    The related items are as follows:

    Contract Management 13.0 SettingsApplication Server/app_server_nameJBoss
    Contract Management 13.0 SettingsApplication Server/DomainHomeC:\jboss-5.0.1.GA\server\cm
    Contract Management 13.0 SettingsAuthentication/ModeLDAP
    Contract Management 13.0 SettingsAuthentication/LDAP/Connection Information/LDAPHostsrv-dc.my-domain.com
    Contract Management 13.0 SettingsAuthentication/LDAP/Connection Information/LDAPPort389
    Contract Management 13.0 SettingsAuthentication/LDAP/Connection Information/LDAPUserName"alias name of my-domain"\MyAccount1
    Contract Management 13.0 SettingsAuthentication/LDAP/Connection Information/LDAPPassword*************
    Contract Management 13.0 SettingsAuthentication/LDAP/Connection Information/LDAPBaseDNOU=Project 1,OU=Network Services,OU=Infrastructure and Support,OU=Informatics Dept.,OU=Resources Logistics Vice Presidency,OU=T-HQ and Groups,DC=my-domain,DC=com
    Contract Management 13.0 SettingsAuthentication/LDAP/Connection Information/SSL Certificate Store
    Contract Management 13.0 SettingsAuthentication/LDAP/Connection Information/SSL Store Password
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/LDAP Attribute
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/Mapped Database FieldEMAIL
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/LDAP Attribute
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/Mapped Database FieldEXTENTION
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/LDAP Attribute
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/Mapped Database FieldFAX
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/LDAP Attribute
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/Mapped Database FieldFIRST_NAME
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/LDAP Attribute
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/Mapped Database FieldFULL_NAME
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/LDAP Attribute
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/Mapped Database FieldJOB_TITLE
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/LDAP Attribute
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/Mapped Database FieldLAST_NAME
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/LDAP Attributesamaccountname
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/Mapped Database FieldLOGIN_NAME
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/LDAP Attribute
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/Mapped Database FieldMOBILE
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/LDAP Attribute
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/Mapped Database FieldTELEPHONE
    Contract Management 13.0 SettingsAuthentication/LDAP/LastSearch

    By the way, is it possible that using service pack solves the problem?

    Please help me friends

    Edited by: 974470 on Dec 3, 2012 7:27 AM

    DB:2.63:Problem Using Ldap ap

    Dear Experts,
    I've used LDAPCfgWiz.cmd to configure my primavera contract management 13 to use LDAP.
    I have a domain in my network and it's on Active Directory.
    I've followed the topic "importing users from LDAP" starting from page 113 of an ebook called "Contract Management 13.0 Installation and Configuration Guide for Microsoft SQL Server".
    My experience with LDAPCfgWiz.cmd tool was unsuccessful and I couldn't see users to import.
    However when I restarted the server, I couldn't logon with my account (the system administrator). Nobody could logon!!!
    Thank admincm.cmd I saw that although it was unsuccessful, but it has changed Authentication configuration.
    The related items are as follows:

    Contract Management 13.0 SettingsApplication Server/app_server_nameJBoss
    Contract Management 13.0 SettingsApplication Server/DomainHomeC:\jboss-5.0.1.GA\server\cm
    Contract Management 13.0 SettingsAuthentication/ModeLDAP
    Contract Management 13.0 SettingsAuthentication/LDAP/Connection Information/LDAPHostsrv-dc.my-domain.com
    Contract Management 13.0 SettingsAuthentication/LDAP/Connection Information/LDAPPort389
    Contract Management 13.0 SettingsAuthentication/LDAP/Connection Information/LDAPUserName"alias name of my-domain"\MyAccount1
    Contract Management 13.0 SettingsAuthentication/LDAP/Connection Information/LDAPPassword*************
    Contract Management 13.0 SettingsAuthentication/LDAP/Connection Information/LDAPBaseDNOU=Project 1,OU=Network Services,OU=Infrastructure and Support,OU=Informatics Dept.,OU=Resources Logistics Vice Presidency,OU=T-HQ and Groups,DC=my-domain,DC=com
    Contract Management 13.0 SettingsAuthentication/LDAP/Connection Information/SSL Certificate Store
    Contract Management 13.0 SettingsAuthentication/LDAP/Connection Information/SSL Store Password
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/LDAP Attribute
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/Mapped Database FieldEMAIL
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/LDAP Attribute
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/Mapped Database FieldEXTENTION
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/LDAP Attribute
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/Mapped Database FieldFAX
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/LDAP Attribute
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/Mapped Database FieldFIRST_NAME
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/LDAP Attribute
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/Mapped Database FieldFULL_NAME
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/LDAP Attribute
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/Mapped Database FieldJOB_TITLE
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/LDAP Attribute
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/Mapped Database FieldLAST_NAME
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/LDAP Attributesamaccountname
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/Mapped Database FieldLOGIN_NAME
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/LDAP Attribute
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/Mapped Database FieldMOBILE
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/LDAP Attribute
    Contract Management 13.0 SettingsAuthentication/LDAP/FieldMaps/FieldMap/Mapped Database FieldTELEPHONE
    Contract Management 13.0 SettingsAuthentication/LDAP/LastSearch

    By the way, is it possible that using service pack solves the problem?

    Please help me friends

    Edited by: 974470 on Dec 3, 2012 7:27 AM

  • RELEVANCY SCORE 2.62

    DB:2.62:Ldap Configuration Issues zx



    Dear All,

    This is my first interaction with VCeneter Orchestrator and Im facing a major problem in configuring the LDAP configuration. It looks strait forward to me but it keep says Ldap configuration successfully saved, but the configuration is in error.

    Error:LDAP connection successful but no users found. Please check LDAP paths.

    Error Admin group not found

    I dont know what I did wrong so if anyone could guide me to set this configuration in the right way.

    I entered the Domain controller name and tested the connectivity using Telnet and everything was fine. Than the root using distinguished name format exported from the Active directory using DSQuery command.

    the resource used was VM_ Orc. configuration guide.

    Your accesnance is highly appreciated.

    Thanks.

    Ahmed Salah

    DB:2.62:Ldap Configuration Issues zx

    geddam wrote:
    Check this out....

    http://www.systemsarchitech.com/?q=node/117

    That was exceptionally helpful for me. Logging into my Win2k8R2 domain controller and running the command dsquery to get the LDAP paths. Thank you for including the command switches and examples. If I had points to award you - I would.

  • RELEVANCY SCORE 2.61

    DB:2.61:Ldap - Ad - Referral Following Yielded No Result 19



    Hi,I have some problems with LDAP Queries.I want to querie my Active Directory on port 389 from our Ironport C350 which stands in the DMZ. Firewall has been opened for this connection.When I configure the LDAP accept querie an test it, I get an error"Referral following yielded no result".Does anyone know what this means and how I can solve this problem?FyI:I have configured our Ironport in our LAN with exactly the same configuration. This works fine.RegardsAndre

    DB:2.61:Ldap - Ad - Referral Following Yielded No Result 19


    Great, LDAP Queries are working now.I have configured the query as you described in 1.Thanks for your advise!

  • RELEVANCY SCORE 2.61

    DB:2.61:Thread: Dhcp Migration Problem ff


    I have according to the documentation migrated my dhcp server from NetWare

    6.5 SP6 to OES2 Linux but if I start the dhcp server with rcdhcpd start I

    get this error message:

    -' + '-' + '-' + '-' + '-' + '-' + '-' + '-' + '-' + '-' + '-

    Error: Cannot find LDAP entry matching ((objectClass=dhcpServer

    (cn=DHCP_TARGET))

    Configuration file errors encountered -' + '- exiting

    -' + '-' + '-' + '-' + '-' + '-' + '-' + '-' + '-' + '-' + '-

    This is my /etc/dhcpd.conf file

    ldap-server 172.16.0.11;

    ldap-port 636;

    ldap-ssl on;

    ldap-base-dn ou=sys,o=triples;

    ldap-method dynamic;

    ldap-debug-file /var/log/dhcp-ldap-startup.log;

    ldap-dhcp-server-cn DHCP_TARGET;

    ldap-referrals off;

    ldap-tls-reqcert never;

    If I look with ConsoleOne in sys.triples there is also a DHCP_TARGET object

    and in the java DHCP Console I can also see the Object.

    DB:2.61:Thread: Dhcp Migration Problem ff

    Thanks, now it works :-)

    Anders Bengtsson wrote:

    Go into iManager (DHCP options) and change the OESDHCP_scope server to

    your new OES2 DHCP_TARGET-object.

    Then you can start dhcpd.

    Do not forget to copy the dhcpd.leases to /var/lib/dhcp/db, you can find

    them under /var/opt/novell/dhcp/leases/DHCP_oldservername.leases AFTER

    successfully migration!

    GL

    Hello Peter,

    I have according to the documentation migrated my dhcp server from

    NetWare

    6.5 SP6 to OES2 Linux but if I start the dhcp server with rcdhcpd

    start I

    get this error message:

    -' + '-' + '-' + '-' + '-' + '-' + '-' + '-' + '-' + '-' + '-

    Error: Cannot find LDAP entry matching ((objectClass=dhcpServer

    (cn=DHCP_TARGET))

    Configuration file errors encountered -' + '- exiting

    -' + '-' + '-' + '-' + '-' + '-' + '-' + '-' + '-' + '-' + '-

    This is my /etc/dhcpd.conf file

    ldap-server 172.16.0.11;

    ldap-port 636;

    ldap-ssl on;

    ldap-base-dn ou=sys,o=triples;

    ldap-method dynamic;

    ldap-debug-file /var/log/dhcp-ldap-startup.log;

    ldap-dhcp-server-cn DHCP_TARGET;

    ldap-referrals off;

    ldap-tls-reqcert never;

    If I look with ConsoleOne in sys.triples there is also a DHCP_TARGET

    object and in the java DHCP Console I can also see the Object.

  • RELEVANCY SCORE 2.60

    DB:2.60:Nls Language xz


    Hi list,

    I have installed a database as a repository for EMGC installation , my enviroment is German ,ie i will support databases with german languages, so the
    nls_language is German and nls_charachterset is WE8MSWIN1252 of the repository database.

    My question does this make any problem because the nls_language of the repository expected to be American and nls_characterset AL32UTF8 ?
    what made me confused is that on our old system with EMGC 10g we have the nls_language of the repository is American and nls_characterset AL32UTF8 so i want to know which langauge and characterset to chose.

    DB version 11.2
    Windows 2008

    Best wishes

    DB:2.60:Nls Language xz

    Duplicate thread. NLS language of repsository

    I have not seen any recommendation on db char set for OMS repository database. Refer to MOS for relevant support notes (e.g. as mentioned the install guides).

    Please close this and continue in the proper forum, where you first posted.

  • RELEVANCY SCORE 2.60

    DB:2.60:Wwc-41400 Error In Login Server Configuration With Ldap zs


    Hi,

    I have configured Login Server with LDAP. All the step shave
    gone thru fine . But I am getting the Unexpected error: WWC-
    41400 when trying to login .
    Please help me if you have any answers to this problem.

    Thanks in advance,
    Abhishek

    DB:2.60:Wwc-41400 Error In Login Server Configuration With Ldap zs

    Hi,

    I have configured Login Server with LDAP. All the step shave
    gone thru fine . But I am getting the Unexpected error: WWC-
    41400 when trying to login .
    Please help me if you have any answers to this problem.

    Thanks in advance,
    Abhishek

  • RELEVANCY SCORE 2.60

    DB:2.60:Ldap Configuration 8x


    Dear All,
    I configured LDAP configuration for my cisco Voip phone it's working fine and sync with my ADS there is no problem .My server windows ADS server windows 2008 x64SP1 .I have a problem wheni had changed my administrator password to my domain controller
    i couldn't login to my cisco CCx administrator server what is the link my domain controller and my cisco ccx administrator server .

    Rergards
    Subash

    DB:2.60:Ldap Configuration 8x

    Hello,
    I think, your LDAP Manager Distinguished Name use old Password in LDAP Directory Information. If you change Password, LDAP can not work and sync.
    Please read this links:
    CUCM and Active Directory Integration
    CUCM and Active Directory Integration
    Users and Authentication for Cisco UC

    Regards

  • RELEVANCY SCORE 2.60

    DB:2.60:Ardbc Ldap Configuration (Arerr 303) a3



    When I attempt to access either of the following, I get an error message:

    LDAP - ARDBC ConfigurationLDAP - AREA Configuration

    There error I get is "ARDBC LDAP Configuration (ARERR 303)". Is there a fix for this problem?

    Thanks,

    Kevin

    DB:2.60:Ardbc Ldap Configuration (Arerr 303) a3


    Thanks NeoM,

    It turns out that the LDAP features were never installed. Installing them now.

    -Kevin

  • RELEVANCY SCORE 2.60

    DB:2.60:Why "Unable To Load Configuration '/Var/Ldap/Ldap_Client_File' ? 1c


    Hi
    I'm setting up LDAP Authentication by DS6.3 and solaris 10 client . I've set the DS 6.3 server and initiated the client , but after i rebooted the client solaris , the error I met as "Unable to load configuration '/var/ldap/ldap_client_file' " .

    bash-3.00# ldaplist passwd
    ldaplist: LDAP configuration problem (Unable to load configuration '/var/ldap/ldap_client_file' ('').)
    bash-3.00#

    what's wrong with the problem ? I did't change anything except rebooting .

    thanks
    Justin

    DB:2.60:Why "Unable To Load Configuration '/Var/Ldap/Ldap_Client_File' ? 1c

    Hi
    I'm setting up LDAP Authentication by DS6.3 and solaris 10 client . I've set the DS 6.3 server and initiated the client , but after i rebooted the client solaris , the error I met as "Unable to load configuration '/var/ldap/ldap_client_file' " .

    bash-3.00# ldaplist passwd
    ldaplist: LDAP configuration problem (Unable to load configuration '/var/ldap/ldap_client_file' ('').)
    bash-3.00#

    what's wrong with the problem ? I did't change anything except rebooting .

    thanks
    Justin

  • RELEVANCY SCORE 2.60

    DB:2.60:Deploy .Ear Using Oem Results In Jazn-Error pa


    Our .ear file works well on the standalone OC4J. It has an LDAP Jazn-provider for user authentications.

    But deploying the same ear using OEM fails, giving an error about wrong credentials.

    Does anybody know the reason?

    I guess the OEM tries to log in the LDAP to check it, but it's user "ias_admin", is not known to LDAP, but it shouldn't have to be, because anonymous logon should be enough to read the LDAP-rights.

    Now I could create a ias_admin user on LDAP, with read rights, but how do I do that, and... is it the cause of the problem?

    I also tried to deploy with XML Ldap-provider, and change it's configuration after deployment. It almost worked, it showed the users and roles, but I couldn't login the application.

    Any suggestions?

    Regards,
    Eelco Aartsen

    DB:2.60:Deploy .Ear Using Oem Results In Jazn-Error pa

    If you are using a 9iAS infrastructure install (assume you are, for the ldap) then the DCM operation performed by OEM requires that DCM retrieve the DCM DB repository login credentials from OiD. It may be that your OiD is not available during the operation?

  • RELEVANCY SCORE 2.60

    DB:2.60:Scansafe Ldap Resultcode: 49 Invalid Credentials. Default Usergroup Applied After Users Samaccount Authentication Fails After Binding. Filters Are Useless. Need Serious Help! xa



    I have a serious problem  with LDAP, for the purpose of Scansafe, on a 3945 ISR with IOS 15 (C3900-UNIVERSALK9-M). LDAP  binding to the LDAP Server (Active Directory on Win Srv 2008 R2) when authenticating any domain user, except  for the default Scansafe Bind Root-DN user, is failing.
     
    The testing of any user's sAMAccount name, is failing, and it defaults to the default Scansafe usergroup.

     

    # test aaa group ldap group name userid pwd new-code

    User Rejected

     

    # sh ldap server all   (the output is correct when checking to see if any LDAP server exists)

     

    My config is exactly as Scansafe's configuration guide:

     

    http://www.cisco.com/en/US/docs/security/web_security/ISR_SS/ISR_ScanSafe_SolutionGuide.pdf

     

    I am using NTLM ACTIVE AUTHENTICATION and I have the LDAP  attribute map for mapping the sAMAccount name to the user's username.

     

    In that PDF, on the bottom of page 12, there is this paragraph that describes exactly what is happening to my Scansafe.

     
    "Configuring a Default User Group
    You can configure a default user group to assign to each client when the ISR cannot determine the
    credentials for a user. Define a default user group using the following CLI command:
    [no] user-group default name
     
    The ISR uses the default user group name here to identify all clients connected to a specific interface on  the ISR when it cannot determine the user’s credentials. You might want to define a default user group  so that all traffic redirected to the ScanSafe proxy servers are assigned a user group so particular  ScanSafe policies can be applied appropriately. For example, you might want to create a default user       group for guest users on the wireless network.Only one user group can be defined per interface."
     

    Now,  what does this problem affect? I cannot enforce the  application of  filters from the Scansafe site to specific user groups.  Users can use  the internet under the default usergroup. Everyone  defaults to the  default filter. I have a filter established for say  Purchasing, allowing  them extra leeway on what they can access, but the  members of that group  cannot authenticate, and thus their filter is not  applied.

     
    Application of filters is essential to Scansafe, without, it defeats the purpose
     

    I appreciate all the help I can get on this.
     Here is what my logs show regarding LDAP BINDING OPERATION, from # debug ldap all:

     

     

    -- Testing with jltestuser (this is just any random user, as all users are failing anyway)

     

     

    barra-gate#

    051646: Aug 23 23:10:34.983 BRST: LDAP: LDAP: Queuing AAA request 0 for processing

    051647: Aug 23 23:10:34.983 BRST: LDAP: Received queue event, new AAA request

    051648: Aug 23 23:10:34.983 BRST: LDAP: LDAP authentication request

    051649: Aug 23 23:10:34.983 BRST: LDAP: Invalid hash index 512, nothing to remove

    051650: Aug 23 23:10:34.983 BRST: LDAP: New LDAP request

    051651: Aug 23 23:10:34.983 BRST: LDAP: Attempting first  next available LDAP server

    051652: Aug 23 23:10:34.983 BRST: LDAP: Got next LDAP server :Removed server name...

    051653: Aug 23 23:10:34.983 BRST: LDAP: First Task: Send bind req

    051654: Aug 23 23:10:34.983 BRST: LDAP: Authentication policy: bind-first

    051655:  Aug 23 23:10:34.983 BRST: LDAP: Bind:  User-DN=cn=jltestuser,CN=Users,DC=removed,DC=removed,DC=com  ldap_req_encode

    Doing socket write

    051656: Aug 23 23:10:34.983 BRST: LDAP:  LDAP bind request sent successfully (reqid=92)

    051657: Aug 23 23:10:34.983 BRST: LDAP: Sent transit request to server

    051658: Aug 23 23:10:34.983 BRST: LDAP: LDAP request successfully processed

    051659: Aug 23 23:10:35.539 BRST: LDAP: Received socket event

    051660: Aug 23 23:10:35.539 BRST: LDAP: Process socket event for socket = 0

    051661: Aug 23 23:10:35.539 BRST: LDAP: Conn Status = 4

    051662: Aug 23 23:10:35.539 BRST: LDAP: Non-TLS read event on socket 0

    051663: Aug 23 23:10:35.539 BRST: LDAP: Found socket ctx

    051664: Aug 23 23:10:35.539 BRST: LDAP: Receive event: read=1, errno=11 (Resource temporarily unavailable)

    051665: Aug 23 23:10:35.539 BRST: LDAP: Passing the client ctx=1855243Cldap_result

    wait4msg (timeout 0 sec, 1 usec)

    ldap_select_fd_wait (select)

    ldap_read_activity lc 0x1AADABD8

     

    Doing socket read

    LDAP-TCP:Bytes read = 110

    ldap_match_request succeeded for msgid 7 h 0

    changing lr 0x11A14BFC to COMPLETE as no continuations

    removing request 0x11A14BFC from list as lm 0x1AAB8494 all 0

    ldap_msgfree

    ldap_msgfree

     

    051666: Aug 23 23:10:35.539 BRST: LDAP: LDAP Messages to be processed: 1

    051667: Aug 23 23:10:35.539 BRST: LDAP: LDAP Message type: 97

    051668: Aug 23 23:10:35.539 BRST: LDAP: Got ldap transaction context from reqid 92ldap_parse_result

     

    051669: Aug 23 23:10:35.539 BRST: LDAP: resultCode:    49     (Invalid credentials)

    051670: Aug 23 23:10:35.539 BRST: LDAP: Received Bind Responseldap_parse_result

    ldap_err2string

     

    051671: Aug 23 23:10:35.539 BRST: LDAP: Ldap Result Msg: FAILED:Invalid credentials, Result code =49

    051672:  Aug 23 23:10:35.539 BRST: LDAP: LDAP Bind operation result : failed   -----------------------LOOK!!!!!

    051673: Aug 23 23:10:35.539 BRST: LDAP: Connection REMOVED...0 already exist for reuseldap_msgfree

     

    051674: Aug 23 23:10:35.539 BRST: LDAP: Closing transaction and reporting error to AAA

    051675: Aug 23 23:10:35.539 BRST: LDAP: Transaction context removed from list [ldap reqid=92]

    051676: Aug 23 23:10:35.539 BRST: LDAP: Notifying AAA: REQUEST FAILED

    051677: Aug 23 23:10:35.539 BRST: LDAP: Received socket event

     

     

     

    --- Testing with the scansafe assigned user that binds to the Bind DN. This is the only user that succeeds authentication!!!!

     

     
     
    barra-gate#

    051684: Aug 23 23:13:57.664 BRST: LDAP: LDAP: Queuing AAA request 0 for processing

    051685: Aug 23 23:13:57.664 BRST: LDAP: Received queue event, new AAA request

    051686: Aug 23 23:13:57.664 BRST: LDAP: LDAP authentication request

    051687: Aug 23 23:13:57.664 BRST: LDAP: Invalid hash index 512, nothing to remove

    051688: Aug 23 23:13:57.664 BRST: LDAP: New LDAP request

    051689: Aug 23 23:13:57.664 BRST: LDAP: Attempting first  next available LDAP server

    051690: Aug 23 23:13:57.664 BRST: LDAP: Got next LDAP server :Removed server name...

    051691: Aug 23 23:13:57.664 BRST: LDAP: First Task: Send bind req

    051692: Aug 23 23:13:57.664 BRST: LDAP: Authentication policy: bind-first

    051693:  Aug 23 23:13:57.664 BRST: LDAP: Bind: User-DN=cn=Userid  removed,CN=Users,DC=removed,removed,DC=comldap_req_encode

    Doing socket write

    051694: Aug 23 23:13:57.664 BRST: LDAP:  LDAP bind request sent successfully (reqid=93)

    051695: Aug 23 23:13:57.664 BRST: LDAP: Sent transit request to server

    051696: Aug 23 23:13:57.664 BRST: LDAP: LDAP request successfully processed

    051697: Aug 23 23:13:58.164 BRST: LDAP: Received socket event

    051698: Aug 23 23:13:58.164 BRST: LDAP: Process socket event for socket = 0

    051699: Aug 23 23:13:58.164 BRST: LDAP: Conn Status = 4

    051700: Aug 23 23:13:58.164 BRST: LDAP: Non-TLS read event on socket 0

    051701: Aug 23 23:13:58.164 BRST: LDAP: Found socket ctx

    051702: Aug 23 23:13:58.164 BRST: LDAP: Receive event: read=1, errno=11 (Resource temporarily unavailable)

    051703: Aug 23 23:13:58.164 BRST: LDAP: Passing the client ctx=1855243Cldap_result

    wait4msg (timeout 0 sec, 1 usec)

    ldap_select_fd_wait (select)

    ldap_read_activity lc 0x1AADABD8

     

    Doing socket read

    LDAP-TCP:Bytes read = 22

    ldap_match_request succeeded for msgid 8 h 0

    changing lr 0x11A14BFC to COMPLETE as no continuations

    removing request 0x11A14BFC from list as lm 0x1AAB9D14 all 0

    ldap_msgfree

    ldap_msgfree

     

    051704: Aug 23 23:13:58.164 BRST: LDAP: LDAP Messages to be processed: 1

    051705: Aug 23 23:13:58.164 BRST: LDAP: LDAP Message type: 97

    051706: Aug 23 23:13:58.164 BRST: LDAP: Got ldap transaction context from reqid 93ldap_parse_result

     

    051707: Aug 23 23:13:58.164 BRST: LDAP: resultCode:    0     (Success)

    051708: Aug 23 23:13:58.168 BRST: LDAP: Received Bind Responseldap_parse_result

     

    051709: Aug 23 23:13:58.168 BRST: LDAP: Ldap Result Msg: SUCCESS, Result code =0

    051710:  Aug 23 23:13:58.168 BRST: LDAP: LDAP Bind successful for  DN:cn=removedCN=Users,DC=removed,DC=removed,DC=com

     

     
    Thank You!

    DB:2.60:Scansafe Ldap Resultcode: 49 Invalid Credentials. Default Usergroup Applied After Users Samaccount Authentication Fails After Binding. Filters Are Useless. Need Serious Help! xa


    I had this issue but managed to resolve it.

    The issue was with

    bind authenticate root-dn CN=,CN=Users,DC=mydomain,DC=com password

    The is the Display Name i.e. (FirstName and Last Name) of the user in AD, and this has to have NO SPACES.  For example I created a user with a Display Name called ScansafeAdmin.

    Oncre the binding takes place, you can use the following test:for any other user in your LDAP/AD.

    test aaa group new-code

    where is the User Login Name in AD not the Display Name i.e. in my case the Login Name was scansafe

    I also removed the following command authentication bind-first

  • RELEVANCY SCORE 2.60

    DB:2.60:Thread: Ldap Contextless Login Hangs With Ssl Enabled And ... jp


    hi,

    LDAP Contextless Login hangs with SSL enabled and login to Workstation/Windows only.This only happens with Windows XP/SP2 workstations.Trying the same with Windows 2000 workstations with no problems.

    No problems after disabled SSL in LDAP Contextless Login configuration or login to the network using Windows XP/SP2.Has anybody seen this problem?

    It\'s Novell Client 4.91/SP3/SP4.

    Thank You for any help.

    Regards

    Klaus

    DB:2.60:Thread: Ldap Contextless Login Hangs With Ssl Enabled And ... jp

    Hi Adam,

    I did some testings today (and hundreds of reboots...) to see what happened

    if using DNS-Names.

    The good thing was that the Workstation-Only login never failed :-) great!

    The bad thing was that sometimes login to the network failed because the certificate not found error. I assume that must be some kind of timing problem maybe not all the services are completely present (i.e. DNS) when I started login. Then after waiting about 15 seconds login to the network again was successful. All in all I think that the using of SSL here (if using it with Windows XP) is not really reliable.

    This problem happens only with Windows XP. I tried SSL with Windows 2000and had no problems that\'s strange.

    Regards

    Klaus

  • RELEVANCY SCORE 2.60

    DB:2.60:Agent 11.1 Configuration Destroyed How To Autodiscover z9


    Agent 11.1
    Database 11.2 with Grid Infrastructure

    Hi,
    I played around with EMGC in case of the bug SCAN listeners are not shown after migration...anyway.
    Its not a product database just my testing cluster two nodes.

    So I delete the SCAN listeners and some other credentials from EMGC.
    After that I decide to reinstall the agents. And now from the agents no credentials are shown in OMGC.

    How to restart the process of auto discovery for an agent ?
    Tryed using emctl with reload, upload, start / stop but without any result

    Thanks *T

  • RELEVANCY SCORE 2.59

    DB:2.59:Arerr 3377 Ldap Issue k3


    Hi All,

    We are in way of implementing the LDAP authentication with AD for Remedy login. As part of this I have developed the necessary forms and workflow and we have completed necessary configuration/ and settings as per the documents provided by BMC with the help of my AD team.

    How ever I am getting the error message as attached after all configuration.

    ERROR:

    The LDAP operation has failed: Operations error(LDAPERR 1)000020D6:

    SvcErr:DSID-031006CC. problem 5012 (DIR_ERROR), data 0

    (ARERR 3377)

    Kindly Assist.

    Thanks and Regards,

    Ramya S

    DB:2.59:Arerr 3377 Ldap Issue k3


    Hi,

    You won't find information on this site.

    The underlying error is AD, not from ARS.

    I suggest you have your AD team look at the config info again, especially the base DN supplied for seaching.

    Cheers

    Paul

  • RELEVANCY SCORE 2.59

    DB:2.59:Accessing The Embedded Ldap In Wls kc



    Has anyone used Netscape's (or IE for that matter) address book to connect to an
    embedded LDAP within WLS?

    I can't seem to come up with the correct configuration. Perhaps there is a problem
    with LDAP versions. Any info would be helpful.

    pat

    DB:2.59:Accessing The Embedded Ldap In Wls kc


    "Pat Bumpus" patrick.bumpus@lmco.com wrote in message
    news:3eb1a4fa$1@newsgroups.bea.com...

    Has anyone used Netscape's (or IE for that matter) address book to connectto an
    embedded LDAP within WLS?

    I can't seem to come up with the correct configuration. Perhaps there isa problem
    with LDAP versions. Any info would be helpful.By default, the aci's for the embedded ldap server limit access. See the
    Managing the
    Embedded LDAP Server section

    http://e-docs.bea.com/wls/docs81/secmanage/ldap.html

    pat

  • RELEVANCY SCORE 2.59

    DB:2.59:Idm Spe 7.1 Configuration - Link Resource cp


    Hi,
    we have an idm spe installation and we face the following issues

    Client's users have accounts in two different branches in client's LDAP Server. we have used one
    branch as the SPE-User Directory and the other one as an LDAP resource (named LDAP) which is linked to the SPE-User Directory through custom correlation and confirmation rule. The problem is that when we assign the LDAP resource to a SPE user account LDAP attributes are not populated and we cannot save the account with the LDAP assignment.

    The only case that link runs as we expexted is when we fill in LDAP attributes with values and save the user form (second branch is updated properly and xml attribute of SPE-User Directory resource must be updated because from this point this account's view is being populated with attributes from both resources).

    any ideas?

    thanks in advance.

    DB:2.59:Idm Spe 7.1 Configuration - Link Resource cp

    Hi,
    we have an idm spe installation and we face the following issues

    Client's users have accounts in two different branches in client's LDAP Server. we have used one
    branch as the SPE-User Directory and the other one as an LDAP resource (named LDAP) which is linked to the SPE-User Directory through custom correlation and confirmation rule. The problem is that when we assign the LDAP resource to a SPE user account LDAP attributes are not populated and we cannot save the account with the LDAP assignment.

    The only case that link runs as we expexted is when we fill in LDAP attributes with values and save the user form (second branch is updated properly and xml attribute of SPE-User Directory resource must be updated because from this point this account's view is being populated with attributes from both resources).

    any ideas?

    thanks in advance.

  • RELEVANCY SCORE 2.59

    DB:2.59:Ldap Netgroup Problem ks


    i have some trouble configuring a solaris 10 clients to use netgroups.
    if i change my nsswitch.conf to:

    passwd: compat
    passwd_compat: files ldap
    shadow: files ldap

    and add a netgroup to /etc/passwd, i can not see any ldap users on my system.
    if i change it to:

    passwd: files ldap

    the ldap users are there, and can log in.
    we have several solaris 9 boxes that work with this configuration.
    any hints are welcome.
    thanks

    DB:2.59:Ldap Netgroup Problem ks

    Hi,

    I am also facing the same issue,

    If you can suggest,

    what are the modifications you did to fix the case sensitive issue. It would be really helpful

    thanks

    Selvan

  • RELEVANCY SCORE 2.59

    DB:2.59:Unity Connection 8.6 - Problem With Importing Users From Ldap 7d



    Hi,

    I have got a problem with importing LDAP (MS Active Directory) users into Unity Connection 8.6.2ES44.

    At the beginning of configuration of CUC, I have created LDAP synchronization and authentication. Then I have imported several users from LDAP into CUC for the purposes of testing. Then I have changed various templates, auth. rules, CoS, installed HA node, configured LiveRecord and Visual Voicemail etc. After complete testing I decided to recreate users mailboxes again because of changed templates and user settings.

    So I've deleted (from LDAP synchronized) users in CUC and I wanted to create their mailboxes again. But problem is, that after that I can't find previously deleted users in LDAP (Users - Import users) so I can't import them. I can find any user in LDAP which has not been imported before, so synchronization with LDAP is without any problems. I've tried to disable LDAP synchronization and recreate it, but it is still the same.

    User account in LDAP still exists, because I can log into CUCM user web pages with username/password of LDAP user and I can still use Jabber (CUCM/CUPS is synch and auth with LDAP).

    If I try to create a new user (not synchronized with LDAP or CUCM) I get error message "The Alias has already been assigned to another object in this VMS Location", but there is no user with this alias shown in CUC among users.

    Does anyone know, why I cant find LDAP users previously synchronized from LDAP and deleted in CUC?

    Thanks

    DB:2.59:Unity Connection 8.6 - Problem With Importing Users From Ldap 7d


    My db commands were:

    admin:run sql select pkid,firstname, lastname, userid, telephonenumber FROM EndUser u WHERE userid= pkid                                 firstname lastname userid    telephonenumber

  • RELEVANCY SCORE 2.59

    DB:2.59:(Another) Ldap V2 Installation Problem f3


    I'm trying to setup an iPlanet ldap server v5.0 with WL6.1.
    The instructions in the document:
    http://edocs.bea.com/wls/docs61/adminguide/cnfgsec.html#1071872
    under the "Configuring an LDAP Realm V2" section, Step 1 2 say to:

    1. Go to the Security-Realms node in the left pane of the Administration
    Console.
    2. Choose the LDAP server you want to use with WebLogic Server. The
    following options are available:

    a.. defaultLDAPRealmforOpenLDAPDirectoryServices

    b.. defaultLDAPRealmforNovellDirectoryServices

    c.. defaultLDAPRealmforMicrosoftSiteServer

    d.. defaultLDAPRealmforNetscapeDirectoryServer
    Select a LDAP server and the configuration window for the chosen LDAP
    server appears.

    My problem is that I don't see these options under the "Security-Realms"
    node. Instead I see the following: (see attached picture)

    Does anyone know if I have something configured incorrectly that would
    prevent the LDAP options noted in the documentation from appearing in my
    console window?

    Thanks

    -Tim

    [console.jpg]

    DB:2.59:(Another) Ldap V2 Installation Problem f3

    Figured it out....when I created my new domain, I was not aware that I
    needed to copy the "CustomRealm..../ entries from the mydomain config.xml
    file.
    -Tim

    "Tim Vattima" tvattima@answerthink.com wrote in message
    news:3b7969c3@newsgroups.bea.com...
    I'm trying to setup an iPlanet ldap server v5.0 with WL6.1.
    The instructions in the document:
    http://edocs.bea.com/wls/docs61/adminguide/cnfgsec.html#1071872
    under the "Configuring an LDAP Realm V2" section, Step 1 2 say to:

    1. Go to the Security-Realms node in the left pane of the Administration
    Console.
    2. Choose the LDAP server you want to use with WebLogic Server. The
    following options are available:

    a.. defaultLDAPRealmforOpenLDAPDirectoryServices

    b.. defaultLDAPRealmforNovellDirectoryServices

    c.. defaultLDAPRealmforMicrosoftSiteServer

    d.. defaultLDAPRealmforNetscapeDirectoryServer
    Select a LDAP server and the configuration window for the chosen LDAP
    server appears.

    My problem is that I don't see these options under the "Security-Realms"
    node. Instead I see the following: (see attached picture)

    Does anyone know if I have something configured incorrectly that would
    prevent the LDAP options noted in the documentation from appearing in my
    console window?

    Thanks

    -Tim

  • RELEVANCY SCORE 2.59

    DB:2.59:Coverity 6 Ldap Configuration Using E-Mail Addresses As Usernames? kj



    I'm using Coverity 6 Connect (aka Integrity Manager). I'd like to create a Coverity LDAP configuraiton that will allow users to login with their e-mail address.
    I can set the Coverity configuration to associate Coverity username to our LDAP email attribute. It works as expected from the "Test" buttons on the Coverity LDAP Configuration screen.However, users are not able to login and the cim.log shows:INFO CovAuthenticationManager,http-bio-9002-exec-30:226 - [10002]Not a LDAP account
    The problem doees not occur for non-email attributes. For example, if I associate the Coverity username to our LDAP employee number field it works fine. (Unfortunately, that's not an acceptable way for us to track/identify Coverity users.)

    Any suggestions for using LDAP e-mail addresses as Coverity usernames?

  • RELEVANCY SCORE 2.58

    DB:2.58:Issue With Group Search Filter In Ldap Configuration Properties 7s



    How can we set value of group search filter in LDAP server configuration properties for selecting multiple groups?

    DB:2.58:Issue With Group Search Filter In Ldap Configuration Properties 7s


    How can we set value of group search filter in LDAP server configuration properties for selecting multiple groups?

  • RELEVANCY SCORE 2.58

    DB:2.58:Ldap Configuration f3


    Does anyone knows how to configure web logic with Novell e directory LDAP Server?

    Thanks in Advance!!!!!

    DB:2.58:Ldap Configuration f3

    I suggest asking in the weblogic security forum. They can provide better help on troubleshooting security providers. WebLogic Server - Security

  • RELEVANCY SCORE 2.58

    DB:2.58:Ldap Configuration Un Upm Under Site Fails With Correct Info jk



    After TS for hrs, we discovered that basically the LDAP (optional) configuration fails for no good reason, since we finally gave up with UPM and configured CUCM for LDAP, and it worked like a champ.           

    DB:2.58:Ldap Configuration Un Upm Under Site Fails With Correct Info jk


    Were you ever able to make any headway with this? I have a similar situation. I opened a case with TAC. They escalated it but it has been quite a while with no answer.

  • RELEVANCY SCORE 2.58

    DB:2.58:Acs 3.0 And Ldap jd



    Hi,

    We want to authenticate RAS users using LDAP queries on a Windows 2000 AD. We also setup a unknown user policy authenticating users using LDAP.

    With this configuration we are running in the problem, that all users defined in the LDAP can access our network.

    My question:

    Is there a way to gain access only if the user is in a particular group.

    thxs Michael

    DB:2.58:Acs 3.0 And Ldap jd


    Thxs. It works pretty much.

    Regards Michael

  • RELEVANCY SCORE 2.58

    DB:2.58:Problem With Multiple Ldap Configuration cz



    Hallo to all.

    I have a problem with multiple ladap configuration on Remedy 7.0.1 patch 9I try to explain it.The server remedy is enable to authentication by a AD (LDAP). When I configure one host (AD) to authentication person no problem, when I add another host (multiple ldap) occurs a strange behaviour.After a indefinite time, the server start to work slowly until login refuse. I not found another solution in comparison of removing the second ldap host and restar a server remedy.

    Have you a idea for fixed this problem?Thanks in advance.

    Best RegardsFrancesco Mazza

    DB:2.58:Problem With Multiple Ldap Configuration cz


    Hi

    The log file is very large (4,13 MB)

    Is there a way to attach a file on the forum?

    Thanks

  • RELEVANCY SCORE 2.58

    DB:2.58:Ldap Problem? 7k


    Hi,I have created ther LDAP configuration and the job for synchronization is also running successfully.I am using Active directory.I am able to see groups same as in the Active directory but not able to see users in those groups.So i want to know with LDAP synchronization whether this thing is possible.Individually I am able to see users but not in the groups.Any help regarding this will be appreciated.Regardssk

    DB:2.58:Ldap Problem? 7k

    HI,In ldap configuration object you need to select import type users and groups.probabely you selected users only.

  • RELEVANCY SCORE 2.58

    DB:2.58:Repository Configuration Failed: dm


    while installing EMGC 11g, "Repository Configuration" Failed

    log files:

    INFO: oracle.sysman.top.oms: action logger path calculated finally: /export/home/oracle/Oracle/Middleware_1032v/oms11g/sysman/log/schemamanager/m_101410_0756_PM/m_101410_0756_PM.TRANSX/
    INFO: oracle.sysman.top.oms:The transx command execution is completed with the status 0
    INFO: oracle.sysman.top.oms:process_id:1dh4pzuderxtx
    INFO: oracle.sysman.top.oms:Failure...
    INFO: oracle.sysman.top.oms:1 error(s) happened in performing the action:
    INFO: oracle.sysman.top.oms:1):
    ORA-00955: name is already used by an existing object
    File:/export/home/oracle/Oracle/Middleware_1032v/oms11g/sysman/admin/emdrep/sql/core/latest/availability/availability_synonyms.sql
    Statement:CREATE PUBLIC SYNONYM MGMT_AVAILABILITY FOR MGMT_AVAILABILITY

    INFO: oracle.sysman.top.oms:The plug-in Repository Configuration has failed its perform method

    Thanks.

    DB:2.58:Repository Configuration Failed: dm

    This solution worked for me after a defunct install due to unsupported version of weblogic.

  • RELEVANCY SCORE 2.58

    DB:2.58:Thread: Gwia Ldap Problem sf


    Greetings:

    Testing SLES9

    Im trying to install GWIA7

    *My edir is configure: ndsconfig new -t ISP -n o=suse -a

    cn=admin.o=suse

    *

    In Groupwise Internet Agent configuration process

    IP: public ip

    dns hostname: dmx.domain.com

    mtp port: 7102

    send outbound mail directly

    user@domain.com

    LDAP Authentication

    LDAP server ip add: public ip

    port: 390 -' + '-' + '- i change it coz 389 is already being used

    Username in LDAP format

    cn=admin,o=suse

    Password: *******

    1. Why I cant logon? It says: LDAP Login Failed...I type my password

    correctly.

    2. Can I configure my gwia without using LDAP?

    3. Is there something wrong with my LDAP format? Pls correct it

    4. Is there any components I forgot to install?

    I need help.

    -' + '-

    micro_xii

    DB:2.58:Thread: Gwia Ldap Problem sf

    micro_xii,

    It appears that in the past few days you have not received a response to your

    posting. That concerns us, and has triggered this automated reply.

    Has your problem been resolved? If not, you might try one of the following options:

    - Do a search of our knowledgebase at http://support.novell.com/search/kb_index.jsp

    - Check all of the other support tools and options available at

    http://support.novell.com.

    - You could also try posting your message again. Make sure it is posted in the

    correct newsgroup. (http://support.novell.com/forums)

    Be sure to read the forum FAQ about what to expect in the way of responses:

    http://support.novell.com/forums/faq_general.html

    If this is a reply to a duplicate posting, please ignore and accept our apologies

    and rest assured we will issue a stern reprimand to our posting bot.

    Good luck!

    Your Novell Product Support Forums Team

    http://support.novell.com/forums/

  • RELEVANCY SCORE 2.58

    DB:2.58:Isa550 - Ldap Authentication Configuration Problem df



    Hi all,

    I'm trying to configure LDAP connection to authenticate VPN user with IPSec security. between my new ISA550 device and

    Unfortunatly, it's impossible to launch a LDAP request from the router to my DC (Active Directory Win 2008 R2 with classic LAN configuration for a small company).

    DC is configured on LAN port with 10.10.2.1 IP address. Maybe 10 user accounts are created into User container without schema modification and some security groups created.

    I used the following configuration into User User Authentication : LDAP + local database

    I retreive always same error message : Server time out....

    Please help me.

    Thanks.

    DB:2.58:Isa550 - Ldap Authentication Configuration Problem df


    You could use Radius, the credentials are secured with the shared secret.

    No high security, but ok for this.

    Michael Please rate all helpful posts

  • RELEVANCY SCORE 2.57

    DB:2.57:Ldap Server Was Moved Does Any Configuration Need To Be Done On Server xx


    our office moved and we had Open LDAP configured on it along with our oracle databse... do I need to make some configuration to the Open LDAP server to access it from my LDAP editor

    DB:2.57:Ldap Server Was Moved Does Any Configuration Need To Be Done On Server xx

    our office moved and we had Open LDAP configured on it along with our oracle databse... do I need to make some configuration to the Open LDAP server to access it from my LDAP editor

  • RELEVANCY SCORE 2.57

    DB:2.57:Setup View Failing In Label - Emgc_Main_Linux.X64_130914 ap


    HI,The setup view is failing for the label - EMGC_MAIN_LINUX.X64_130914.I have an open transaction in this label.The gmake build went through fine.It is failing with an error message. In the file - /ade/ptatwawa_bug_17294970_remove_ref_main/emgc/triage/work/setupview.log09/23/13 04:17:12 PDTEXECUTING Script /ade/ptatwawa_bug_17294970_remove_ref_main/emdev/test/triage/test/src/label_evaluator.kshView configuration has failed.COMPLETED Script /ade/ptatwawa_bug_17294970_remove_ref_main/emdev/test/triage/test/src/label_evaluator.kshI tried further debugging, It is checking for bad_label in a script and it fails if it finds a bad label.As my gmake build is going through fine, I am clueless why this is failing. please help.ThanksPranav

  • RELEVANCY SCORE 2.57

    DB:2.57:Chargeback Ldap Problem 7s



    Hello,

    we manage our chargeback login via ldap.

    On first configuration we added a standard ldap server (Port 389 ect.). We added ldap groups and all works fine.

    On working we change the permission and would use other groups - so we edit the ldap server (change port number to global catalog ect. - use universal domain groups).

    Now i can not remove the first ldap group i added because "unable to retrieve the object".

    When i change the ldap settings back to old configuration - i can browse the group in the "create" dialog in chargeback - UsersRoles - Users.

    When i would add the group, the message "already exists" comes up (thats ok and right). But i can not delete the group.

    Anybody have an idea?

    (i test to delete the ldap server, because i hope lost all ldap groups i added with this ldap server, but there comes up the message "unable to retrieve the object" and i can not delete)

    thx

    Thomas

    DB:2.57:Chargeback Ldap Problem 7s

    Hi Thomas,
    Could you please attach logs so as to debug further?

    Regards,
    Hemanth

  • RELEVANCY SCORE 2.57

    DB:2.57:Re: Emctl Start Agent / Emctl Start Suagent 3a


    hello oradba again. you always help me! :-)

    oops,

    [oracle@oractrl bin]$ which emctl
    /oracle/emgc/OracleHomes/oms10g/bin/emctl
    [oracle@oractrl bin]$

    hmm, interesting.
    do you know how to force the /oracle/emgc/OracleHomes/agent10g/bin/emctl to work, when i'm issuing "start agent"? i have .emgc in my oracle user home directory with the preconf. environmrnts:

    # .emgc

    # User specific aliases and functions

    # Source global definitions
    if [ -f /etc/bashrc ]; then
    . /etc/bashrc
    fi

    # Oracle Grid Control 10gR3
    export ORACLE_DB=emgc
    export ORACLE_SID=emgc
    export ORACLE_BASE=/oracle
    export ORACLE_HOME=/oracle/emgc/OracleHomes/db10g
    export ORACLE_OMS=/oracle/emgc/OracleHomes/oms10g
    export ORACLE_AGENT=/oracle/emgc/OracleHomes/agent10g
    export PATH=$PATH:/usr/X11R6/lib:$ORACLE_HOME/bin:/sbin:$ORACLE_HOME:$ORACLE_OMS:$ORACLE_AGENT:$ORACLE_HOME/bin:$ORACLE_OMS/bin:$ORACLE_OMS/opmn/bin:$ORACLE_AGENT/bin:$ORACLE_HOME/OPatch
    ~

    please, advise.
    Thanks a lot!

    DB:2.57:Re: Emctl Start Agent / Emctl Start Suagent 3a

    hi bazzza, thanks for writing to me.

    i know that one prefers to make scripts, but like i said earlier i have couple of env. files, like .bash, .bashrc and .ORACLE_SID which contain all needed variables. they take effect depending on what user connects to the server. i have this profiles on all my database servers (~20) and on each machine it works fine. it also works here, on Grid, without any problems. strange for me was the fact that $ORACLE_AGENT was lost, or somehow became inactive during this particular session. when i reconnected to the server, oracle user got his env. as it should be.
    i don't know exactly what happened, but the fact is that it's working now.

    thanks for everybody and especially for oradba as usual. hi is my invisible mentor :-))))

  • RELEVANCY SCORE 2.57

    DB:2.57:Document On Cloning Emgc Image ax


    Dear Experts
    I want to create a clone of an OVM guest image that is running EMGC 10.2.0.5 , and then set that up the new one with a different IP and hostname. Please point out any relevant document for doing this.

    Regards

    DB:2.57:Document On Cloning Emgc Image ax

    itsakc wrote:
    Thanks Avi , I would still want to give a shot at reconfiguring a cloned image, if not through script then manually, any pointers would be helpful.Grab the EMGC Template and check what it does when it boots. You can check the /etc/sysconfig/oraclevm-template file to see what the RUN_TEMPLATE_CONFIG script is. This is the script that gets run on boot. Then, evaluate that script to determine how it changes the configuration. I still believe that the template doesn't reconfigure an existing EMGC installation. Rather it does the initial configure on an unconfigured installation.

    You may have to open an SR on how to change the IP address/hostname for an existing EMGC installation and script that instead into your template. You can use the same /etc/sysconfig/oraclevm-template options and replace the RUN_TEMPLATE_CONFIG script with your own. Then, before you create the template from the image, set RUN_CONFIG=true in the same file. This will trigger the on-boot reconfiguration to occur.

  • RELEVANCY SCORE 2.56

    DB:2.56:Thread: Iprint Errors Caused By Ldap With Simple Anonymous Binds Disabled 3f


    Hi I discovered an error trying to upload iprint drivers if you disable simple anonymous binds on the ldap server, if the broker you\'re trying to install the drivers to is located on the same server as the ldap server. The error in iPrint client 4.05 says http 401 - unauthorized. Using iPrint client 4.11 the error is more cryptic: Exception reading resource print drivers configuration: NDPS Library Error Category: 1060004h. Other Error: FFFFFC55h as described in TID 10090590 (a useless TID). Enabling simple anonymouse binds fixed the problem.

    My question is: how do I disallow simple anonymous binds on the ldap server without causing the iPrint errors when trying to upload drivers to the broker? Should it fail over to nds authentication if ldap fails?

    Thanks,

    Mike

    DB:2.56:Thread: Iprint Errors Caused By Ldap With Simple Anonymous Binds Disabled 3f

    You could use AuthLDAPBindDN in conjunction with AuthLDAPBindPassword

    but then you have to provide the users password in the conf file or another

    file you reference...

    This way the user you specify with AuthLDAPBindDN would be used to bind to

    the ldap server instead of anonymous.

    See on www.apache.org

    On 9/16/2005 at 10:26:20 am, in message

    MmCWe.8198$h61.6998@prv-forum2.provo.novell.com,

    MMIMMI_nospam@athletics.wisc.edu wrote:

    Hi I discovered an error trying to upload iprint drivers if you disable

    simple anonymous binds on the ldap server, if the broker you\'re trying to

    install the drivers to is located on the same server as the ldap server.

    The error in iPrint client 4.05 says http 401 - unauthorized. Using

    iPrint client 4.11 the error is more cryptic: Exception reading

    resource print drivers configuration: NDPS Library Error Category:

    1060004h. Other Error: FFFFFC55h as described in TID 10090590 (a

    useless TID). Enabling simple anonymouse binds fixed the problem.

    My question is: how do I disallow simple anonymous binds on the ldap

    server without causing the iPrint errors when trying to upload drivers to

    the broker? Should it fail over to nds authentication if ldap fails?

    Thanks,

    Mike

  • RELEVANCY SCORE 2.56

    DB:2.56:Rsa Authentication With Ldap Group Mapping 31


    Greetings,

    I'm trying to set up RSA authentication with LDAP group mapping with ACS Release 4.2(1) Build 15 Patch 3.

    The problem I'm having is that my users are in multiple OU's on our AD tree.  When I only put our base DN in for User Directory Subtree on ACS, it fails with a "External DB reports about an error condition" error.  If I add an OU in front of it, then it will work fine.

    As far as I know, you can only use one LDAP configuration with RSA.

    Any thoughts on this?

    DB:2.56:Rsa Authentication With Ldap Group Mapping 31


    @Tarik

    I believe your suggestion is the only way i'm going to get this to work. I ran across a similar method just this week that I have been working on.

    I was hoping for dynamic mapping with the original method, but I haven't found any way to make it happen.  I have resorted to creating a Radius profile on the RSA appliance for each access group I need.  Using the Class attribute, I then pass the desired Group name to the ACS, i.e. OU=Admins, and that seems to work.

    Thankfully, I have a small group of users that I am attempting to map.  I will only map those who need elevated priviliges to narrow down how many profiles I will have to manually create.  Likewise, our Account Admin will have to determine who gets assigned a particular access group.

    I would still prefer to do this dynamically.

    Scott

  • RELEVANCY SCORE 2.56

    DB:2.56:Ldap Configuration 1d



    LDAP Configuration

    DB:2.56:Ldap Configuration 1d


    Have a look at:http://wiki.jboss.org/wiki/Wiki.jsp?page=LdapLoginModule

  • RELEVANCY SCORE 2.56

    DB:2.56:Thread: Ldap Login Failed In Internet Agent Configuration kj


    Hello,

    When I enter the information request by the GWIA Configuration specifically to LDAP Authentication When I enter the required data (LDAP server IP address, port and Username in LDAP format) throws me the error LDAP Login Failed.

    What I put is:

    LDAP server IP address: 200.2.107.185 (ip of my server is installed eDirectory WHERE + GrowpWise 8)

    Username in LDAP formtat: cn = admin, o = INFORMATICA

    My configuration tree:

    Tree: Tree

    admin name with context: admin.INFORMATICA

    Server DN: linux-gw8-informatica

    Admin DN: admin.INFORMATICA

    Domain: Domain

    How am I wrong?

    Thanks.

    DB:2.56:Thread: Ldap Login Failed In Internet Agent Configuration kj

    * diegoverab wrote, On 04/13/2011 10:36 PM:

    Thanks. Complete the installation.

    Yay! :-)

    Uwe

    -' + '-

    Novell Knowledge Partner (NKP)

    Please don\'t send me support related e-mail unless I ask you to do so.

  • RELEVANCY SCORE 2.56

    DB:2.56:Problem With Ldap Authorization am



    After configuring rhq for Open LDAP server in 'LDAP Configuration Properties' section on screen 'Administration-System Configuration-Settings', authentication works fine, but not authorization.

    I tried the ldap settings test application, et i get the same problem. When i go into the java source code of the test application, i figure out that the the program looks for the user's "DN" in the "group member filter", that's not our case, we've a flat ldap schema. All users are in the same ldap node, et the user reference ldap attribute contains the value of the user login (uid).

    When i replace the "group member filter" value with the full DN value, it works.

    Is it possible to tell to RHQ server's to look for user's name and don't look for the full DN ? Is this a limitation of the RHQ ?

    We don't have the problem with Nexus server who has an extra parameter (group member format) :

    Group Member Attribute : memberUidGroup Member Format : ${username}

    With the DN format, Nexus use a format like this : "uid=${username},ou=users,dc=sonatype,dc=com"

    The problem that it's difficult for us to change our LDAP schema, and we don't want to manage roles management manualy.

    Our configuration is "GroupMemberFilter : memberUid".

    Best regards

    DB:2.56:Problem With Ldap Authorization am


    The RHQ ldap integration assumes that customers will use the concept of LDAP groups as the standard way of organizing and subdividing the set of all LDAP users in the system. If I understand your post correctly, your company has a use case where there is no need for grouping of ldap users and you have a 'flat' ldap schema. Two questions:

    i)Can you elaborate a little further on your specific use case? We may need to create an enhancement request for this new functionality if the existing standard approaches are indeed insufficient.

    ii)I'm not extremely familiar with the Open LDAP server, but it should not be an ldap schema change to create ldap groups which bundle some or all of the existing ldap users. Have you attempted this with the Open LDAP server? This is the simplest solution to try if you have not already.

  • RELEVANCY SCORE 2.56

    DB:2.56:Problem About Authentication With Active Directory xx


    Hi,

    i want to protect my webservice by using active directory for authentication.
    (i am using jdeveloper 10.1.3.1 and bundled OC4J)

    i follow the document web service developer guide (section External LDAP Security Providers) and set up the LDAP security provider...

    i use the default setting provided by oracle's configuration
    wizard for active directory
    (
    User:
    LDAP User Name Attribute: sAMAccountName
    LDAP User Object Class : inetOrgPersion
    User Search Scope: subtree
    User Search Base: dc=xxx, dc=com

    Groups:
    LDAP Group Name Attribute: cn
    LDAP Group Object Class: group
    LDAP Group Member Attribute: member
    Group Search Scope: subtree
    Group Membership Search Scope: direct
    Group Search Base: dc=xxx, dc=com
    )

    in the OC4J web admin security page...i have press the 'test ldap authorization'
    button to CONFIRM the ldap connection is correctly set.

    the user id /password i provided for connecting to active directory do have
    right to do searching (with this user id / password, i am able to search the
    active directory using other tools)

    but when i call the web service, deployed in that OC4J container,
    operation fail with the following message :

    javax.xml.rpc.soap.SOAPFaultException: UnsupportedCallbackException: oracle.security.jazn.callback.IdentityCallback@19f410 not available to gather authentication information from the user
    at oracle.j2ee.ws.client.StreamingSender._raiseFault(StreamingSender.java:568)
    at oracle.j2ee.ws.client.StreamingSender._sendImpl(StreamingSender.java:396)
    at oracle.j2ee.ws.client.StreamingSender._send(StreamingSender.java:112)
    at test.proxy.ws1.runtime.MyWebService1SoapHttp_Stub.getUserNameYY(MyWebService1SoapHttp_Stub.java:134)
    at test.proxy.ws1.MyWebService1SoapHttpPortClient.getUserNameYY(MyWebService1SoapHttpPortClient.java:50)
    at test.proxy.ws1.MyWebService1SoapHttpPortClient.main(MyWebService1SoapHttpPortClient.java:33)

    do my configuration correct?

    could anybody help me.

    thank you very much

    DB:2.56:Problem About Authentication With Active Directory xx

    I'm having the exact same problem. I setup a web service via JDeveloper and configured OC4J 10.1.3.1 for an ActiveDirectory. Using the 'Test Web Service' and WS-Security header, I get the following:

    007-05-15 15:27:34.437 ERROR OWS-04005 An error occurred for port: {http://samplews2/}MyWebService1SoapHttpPort: oracle.j2ee.ws.common.soap.fault.SOAP1
    eption: UnsupportedCallbackException: oracle.security.jazn.callback.IdentityCallback@1c882db not available to gather authentication information from th
    7/05/15 15:27:34 oracle.j2ee.ws.common.soap.fault.SOAP11FaultException: UnsupportedCallbackException: oracle.security.jazn.callback.IdentityCallback@1c
    available to gather authentication information from the user
    7/05/15 15:27:34 at oracle.security.wss.interceptors.AbstractSecurityInterceptor.throwSOAPFaultException(AbstractSecurityInterceptor.java:225)
    7/05/15 15:27:34 at oracle.security.wss.interceptors.AbstractSecurityInterceptor.handleInbound(AbstractSecurityInterceptor.java:149)
    7/05/15 15:27:34 at oracle.security.wss.interceptors.ServiceInterceptor.handleRequest(ServiceInterceptor.java:60)
    7/05/15 15:27:34 at oracle.j2ee.ws.common.mgmt.runtime.InterceptorChainImpl.handleRequest(InterceptorChainImpl.java:124)
    7/05/15 15:27:34 at oracle.j2ee.ws.common.mgmt.runtime.AbstractInterceptorPipeline.handleRequest(AbstractInterceptorPipeline.java:87)
    7/05/15 15:27:34 at oracle.j2ee.ws.server.JAXRPCProcessor.executeInterceptorRequestChain(JAXRPCProcessor.java:474)
    7/05/15 15:27:34 at oracle.j2ee.ws.server.WebServiceProcessor.processRequest(WebServiceProcessor.java:112)
    7/05/15 15:27:34 at oracle.j2ee.ws.server.JAXRPCProcessor.processRequestSerialized(JAXRPCProcessor.java:148)
    7/05/15 15:27:34 at oracle.j2ee.ws.server.JAXRPCProcessor.doService(JAXRPCProcessor.java:132)
    7/05/15 15:27:34 at oracle.j2ee.ws.server.WebServiceServlet.doPost(WebServiceServlet.java:177)
    7/05/15 15:27:34 at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
    7/05/15 15:27:34 at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
    7/05/15 15:27:34 at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:711)
    7/05/15 15:27:34 at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:368)
    7/05/15 15:27:34 at com.evermind.server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:866)
    7/05/15 15:27:34 at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:448)
    7/05/15 15:27:34 at com.evermind.server.http.HttpRequestHandler.serveOneRequest(HttpRequestHandler.java:216)
    7/05/15 15:27:34 at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:117)
    7/05/15 15:27:34 at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:110)
    7/05/15 15:27:34 at oracle.oc4j.network.ServerSocketReadHandler$SafeRunnable.run(ServerSocketReadHandler.java:260)
    7/05/15 15:27:34 at oracle.oc4j.network.ServerSocketAcceptHandler.procClientSocket(ServerSocketAcceptHandler.java:239)
    7/05/15 15:27:34 at oracle.oc4j.network.ServerSocketAcceptHandler.access$700(ServerSocketAcceptHandler.java:34)
    7/05/15 15:27:34 at oracle.oc4j.network.ServerSocketAcceptHandler$AcceptHandlerHorse.run(ServerSocketAcceptHandler.java:880)
    7/05/15 15:27:34 at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:298)
    7/05/15 15:27:34 at java.lang.Thread.run(Thread.java:595)
    7/05/15 15:27:34 Caused by: FAULT CODE: FailedAuthentication FAULT MESSAGE: UnsupportedCallbackException: oracle.security.jazn.callback.IdentityCallbac
    not available to gather authentication information from the user
    7/05/15 15:27:34 at oracle.security.wss.UsernameTokenProcessor.getSubject(UsernameTokenProcessor.java:152)
    7/05/15 15:27:34 at oracle.security.wss.WSSecurity.process(WSSecurity.java:1105)
    7/05/15 15:27:34 at oracle.security.wss.interceptors.AbstractSecurityInterceptor.handleInbound(AbstractSecurityInterceptor.java:131)
    7/05/15 15:27:34 ... 23 more
    7/05/15 15:28:15 FINER: AdminMgrBean.ejbRemove AdminMgrBean remove: oracle.j2ee.jmsrouter.ejb.AdminMgrBean@1667df0

  • RELEVANCY SCORE 2.55

    DB:2.55:Ldap Configuration sz



    Hi Experts

    Pls do needful

    How to configure LDAP in portal .If there is any PDFon configuring LDAP with any one please send.

    Regards

    Krishna

    DB:2.55:Ldap Configuration sz


    The user management component of the Enterprise Portal leverages your existing landscape by using a corporate LDAP directory server as its central user data repository. It accesses any existing data schema by allowing you to map the attributes used in the schema.

    In this step, you will connect to your LDAP server as an alternate user data source.

    Log on to the Portal as Administrator

    1.Navigate to System Administration System Configuration UMEConfiguration.

    2.Choose the Modify Configuration button.

    3.In Data Source, use the drop list to select the LDAP system of your landscape.

    4.Choose the LDAP Server tab.

    5.Enter the following values in the fields as follows

    Server Name :Host Name of the Directory Server for example Idap.sap.corp

    Port:Port of the LDAP directory server. for example 389

    User:Distinguished name (DN) of user that is used to connect (bind) to the LDAP directory server.

    cn=Directory Manager

    For example: newuser@sap.corp

    Password:Password of the user

    User Path(Only required if you have a flat hierarchy)

    Distinguished name of branch of directory where information about users is stored.

    ou=CorporateUsers,c=us,o=mycompany

    For example: DC=sap, DC=corp

    User Group:If you have a flat hierarchy, enter the distinguished name of the branch of your directory where information about the groups of portal users is stored.

    If you have groups in a tree hierarchy, enter the distinguished name of the branch of your directory where information about portal users and groups is stored.

    ou=CorporateGroups,c=us,o=mycompany

    6.Choose Save All Changes to save the entire configuration. Otherwise, choose Restore All Changes to undo all data you have entered only on this tab.

    7.After changing settings using the configuration tool, you must restart the J2EE Engine.

  • RELEVANCY SCORE 2.55

    DB:2.55:Ldap Authentication Problem.. d3



    Dears,

    I have a problem with LDAP settings with i want to make an integration with MWG 7.1.

    i had the previous version (WG 6) and it is working well with LDAP.. i took it's configuration and tried it but it is not work.

    here are a snapshots of my tested configuration.

    Can you please provide me information on how to set this up properly, I could not find any information in the product guide and in the KBs about this. Thanks a lot..

    regards.

    DB:2.55:Ldap Authentication Problem.. d3


    Great to hear that you had success! Thanks for letting us know.

    Michael

  • RELEVANCY SCORE 2.55

    DB:2.55:Acs 4.0 User Authentication With Ad Using Ldap Ext Db ff



    Hello,

    I've not yet understood if with ACS 4.0 is possible to configure external database authentication using Generic LDAP to connect to Windows 2003 Server Active Directory.

    I spent more than 3 weeks searching for docs telling how to do this but nothing seems to be available.

    Could anyone please be so kind to address me to the right way?

    In detail my problem is:

    when I try to connect to LDAP server (doesn't matter how I configure the connection parameters) to configure group mapping I always get "LDAP Server not Reachable. Please check the configuration"

    Consider that I've checked the connection parameters making a test connection using Softerra LDAP Browser and it works fine!

    I have Windows 2003 Standard Edition SP1 and Cisco ACS 4.0(1) Build 27

    Any help would be greatly appreciated.

    DB:2.55:Acs 4.0 User Authentication With Ad Using Ldap Ext Db ff


    I don't think those suggested parameters for AD are correct. I've just been trying to get this to work myself and have found that these values work for our AD.

    UserObjectType samaccountname

    UserObjectClass user

    GroupObjectType dn

    GroupObjectClass group

    Group Attribute Name member

    It's a real pain that ACS error messages aren't properly descriptive for external LDAP. 'Cannot connect to LDAP server actually' translates to 'I'm not coded to scale easily to large directories with alot of groups'.

    Can I put in a feature request to help future users of the product by having some drop down menus that fill in some defaults for popular LDAP directories like AD and E-Directory. . . . or at least some coherent documentation about it.

    Without running non encrypted LDAP queries and using Wireshark I'd be nowhere.

  • RELEVANCY SCORE 2.55

    DB:2.55:Portal Doesn't Start With Ldap Server Down jf



    Hello,

    for our Portal (7.0 SP12) we have configured Kerberos authentication against LDAP servers (MS AD) in two different domains. Everything works fine and as configured.

    Now we had the problem that one of the LDAP servers was not available, and the Portal wouldn't start, though the other LDAP server is available.

    Is there any place in the configuration to have the Portal come up though one of the two LDAP servers is not available?

    Thanks,

    Ingrid

    DB:2.55:Portal Doesn't Start With Ldap Server Down jf


    Holger,

    thanks again. Yes, we would have to change the krb5.conf file and if possible I didn't want to do this. It shouldn't be a big problem if SSO is not working for a short period of time as long as userid/password login is still possible.

    Thanks,

    Ingrid

  • RELEVANCY SCORE 2.55

    DB:2.55:Ldap With Ssl For Sap App Running On Nwce 7.1 f3



    Hi Experts - We installed NWCE 7.11 SP7. Afterwards we deployed SAP Sourcing 7.0 on the NWCE instance. We want to use an LDAP for the external Sourcing users. This LDAP is not the UME for the NWCE instance. We were able to configure the Sourcing app to access the LDAP and add users, but there was a problem with password update so we are now trying to configure the LDAP connection to use SSL. But we are seeing connection issues after converting the LDAP connection to SSL. The NWCE has sapcryptolib and unlimited strength policy files.

    - I changed the Sourcing application to use the LDAP SSL port.

    - I imported the LDAP server's SSL cert and the CA cert into NWCE NWA Key Storage service.

    - I restarted the NWCE.

    After all of these steps, the sourcing application can no longer connect to the LDAP.

    I verified that I can access the LDAP via SSL using the same server/CA certs via a third-party LDAP tool on my workstation.

    Are there any steps I am missing in NWCE configuration? Any help would be appreciated. Best Regards - Jeff

    DB:2.55:Ldap With Ssl For Sap App Running On Nwce 7.1 f3


    Hi Horia - Our problem was solved once we found out where the SSL certificates needed to be stored. As it turns out, they must be stored in the default keystore (cacerts) of the JVM that is used by the NWCE. For us this was rather unusual, since we normally use the Netweaver NWA utilities. Apparently storing the certs using the NWA Keystore Utility did not work.

    Since this is our first NWCE project we do not know if htis is typical for the CE environment or not.

    Best Regards - Jeff

  • RELEVANCY SCORE 2.55

    DB:2.55:Openldap And Asa ps



    Folks,

    We have a requirement here

    Integration of openldap with Cisco ASA for SSL VPN users acting openldap and primary authentication and firewall local database as secondary (if openldap fails)

    We have below configuration

    aaa-server ldap1 protocol ldapaaa-server ldap1 (AB) host AUTH-SERVER1 ldap-base-dn dc=testgroup,dc=com ldap-scope subtree ldap-naming-attribute cn ldap-login-password * ldap-login-dn cn=Manager,dc=testgroup,dc=com ldap-over-ssl enable server-type openldap authentication-server-group ldap1 LOCAL authentication-server-group (AB) ldap1 LOCAL

    In openldap, we have seven different groups created.

    Similarly in firewall seven groups are created for SSL VPN access and users are binded with

    Here is the problem description

    1. Users are able to authen

  • RELEVANCY SCORE 2.55

    DB:2.55:Acs 5.3 Ldap Bindresponse Use Ldap Error Codes sm



    Hello,

    I work on a project with Radius ACS and LDAP identity store,

    When I try to authenticate a user with account Disabled or Expired, the LDAP server re-send a bindResponse with specific LDAP Error Codes Example:

    LDAP   167       bindResponse(1) invalidCredentials (80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 533, v1db1)

    In this example “data 533” Indicates an ACCOUNT_DISABLED.

    Is it possible to use this LDAP Error Codes in ACS configuration to send to a Radius client specific response with radius attribute?

    Thank you in advance

    Regards,

    Romain

    DB:2.55:Acs 5.3 Ldap Bindresponse Use Ldap Error Codes sm


    No, is not so easy, my firewall is a checkpoint firewall and i need ACS because I have to authenticate 2 different populations in 2 different identity store.

    My objective is to generate different errors on fw authentication page if the account user is disable or expired or the loginpwd is invalid.

    Romain,

  • RELEVANCY SCORE 2.54

    DB:2.54:Cisco Rv042 Ssl Vpn Integration With Ldap mk



    Can we integrate Cisco RV042 VPN router SSL VPN authentication with LDAP server ? If so, can some one please help me with configuration

    DB:2.54:Cisco Rv042 Ssl Vpn Integration With Ldap mk


    Hello,

     

    RV042 does not support SSL VPN, only IPSec and PPTP VPN

     

    Regards,

    Kremena

  • RELEVANCY SCORE 2.54

    DB:2.54:How To Drop Em Express 12c ax


    I want to install EMGC repository in a database 12c with EM Express. In 11g, I remembered the DB Console repository must drop. How to do it with 12c?

    DB:2.54:How To Drop Em Express 12c ax

    Yes Ivica. I misread this sentence of OP I want to install EMGC repository in a database 12c with EM ExpressI guess the answer is already given by you and Salman for it!Thanks for the correction.Aman....

  • RELEVANCY SCORE 2.54

    DB:2.54:Thread: Dns Ldap Support 79


    When configuring DNS in YaST, when I check off LDAP support Active, I

    get the error message :

    Invalid LDAP configuration - cannot use LDAP

    LDAP appear to be running and was installed and configured with

    eDirectory.

    DB:2.54:Thread: Dns Ldap Support 79

    http://www.novell.com/documentation/...dmin_guide.pdf

    this should be for sles9, running openldap

    if running edir, i think you need the schema extension

    sles9 dns/dhcp is not the netware, completly different product

    Marc

    Steve Babcock sbabcock@hillhouse.ca wrote in message

    news:44117FCC.774E26D7@hillhouse.ca...

    When configuring DNS in YaST, when I check off LDAP support Active, I

    get the error message :

    Invalid LDAP configuration - cannot use LDAP

    LDAP appear to be running and was installed and configured with

    eDirectory.

  • RELEVANCY SCORE 2.54

    DB:2.54:Authentication Problem With Acs 5.2 Using Ldap k7



    HI!

    I want to use LDAP for connecting to active directory but I get this  Error from ACS 5.2 ( 22056 subject not found in the applicable identity stores).Is there anyone who can HELP me?

    I used this configuration in ACS 5.2:

    Users and Identity Stores / External identity store / ldap / Directory Organization

    Subject ObjectClass : User

    Subject Name attribute ; sAMAccountName

    Group ObjectClass : Group

    Group Map Attribute : MemberOf

    DB:2.54:Authentication Problem With Acs 5.2 Using Ldap k7


    HI!

    I want to use LDAP for connecting to active directory but I get this  Error from ACS 5.2 ( 22056 subject not found in the applicable identity stores).Is there anyone who can HELP me?

    I used this configuration in ACS 5.2:

    Users and Identity Stores / External identity store / ldap / Directory Organization

    Subject ObjectClass : User

    Subject Name attribute ; sAMAccountName

    Group ObjectClass : Group

    Group Map Attribute : MemberOf

  • RELEVANCY SCORE 2.54

    DB:2.54:Ep 6.0 Sp11 - Ldap Configuration 8d



    All, a quick question on a vexing problem.

    Can someone tell me what port is typically used when configuring your LDAP Server connection in EP60 SP11 to a Microsoft Active Directory LDAP?

    I've reached out to our Active Directory Admins but have not heard anything back.

    Thanks in advance for your help!

    ~Henry

    (PS - they did provide us with a user to connect to the LDAP. Thank again).

    DB:2.54:Ep 6.0 Sp11 - Ldap Configuration 8d


    - It depends on how your users are stored in the LDAP. We use the flat hierarchy, because our users are all over the place and we use security groups to manage them.

    - In addition, I don't see in your post that you have specified the user path and the group path in your LDAP. Once you do, and once you have a dedicated service user to esstablish the connection between your portal and LDAP, just restart the J2EE engine and you are set.

    Gabor

  • RELEVANCY SCORE 2.54

    DB:2.54:Asa Vpn Issue With Different Open Ldap Groups m3



    Hi, I have following issue. I am using an  OpenLDAP server to authenticate IPSec VPN Client users. It works to authentivate against an OpenLdap server.  But my problem is, that I want to have two different Group Policies depending on the LDAP group users belonging to. And users not belonging to vpnusr group should not be allowed to establish a VPN at all. I've created a VPN group on the LDAP server,  cn=vpnusr,ou=Groups,dc=example,dc=com. and ou=Users dc=example,dc=com.

    I found a lot examples for Microsoft AD with memberOf but did not get it running with Open LDAP. On the ASA, I have tried this (Admin_Users is on of the Policy Groups):

    ldap attribute-map OpenLDAP  map-name  memberOf IETF-Radius-Class  map-value memberOf cn=vpnusr,ou=Groups,dc=example,dc=com Admin_Users  aaa-server ldapserver protocol ldapaaa-server ldapserver (outside) host x.x.x.x ldap-base-dn dc=example,dc=com ldap-naming-attribute uid server-type openldap ldap-attribute-map OpenLDAP

    If I go to the command line and do a debug ldap 255, and then do a  test authorization, the ASA checks the server, but there's no mention anywhere  of group memberships - it's not checking at all. What have I missed? Does anyone can help me with an example?

    Thanks a lot in advance!!!!

    ASA version is 8.0(4), ASDM is 6.1(5)51.

    Nachricht geändert durch gutekunst

    Now I tried it with this configuration (I guess ldap attribute-map should be the problem)...

    aaa-server LDAP protocol ldapaaa-server LDAP (outside) host x.x.x.x timeout 5 ldap-base-dn ou=IES,dc=organisation,dc=company,dc=de ldap-group-base-dn ou=IES,dc=organisation,dc=company,dc=de ldap-scope subtree ldap-naming-attribute uid server-type openldap ldap-attribute-map CISCOMAP

    tunnel-group vpngroup type ipsec-ratunnel-group vpngroup general-attributes authentication-server-group LDAP password-managementtunnel-group vpngroup ipsec-attributes pre-shared-key test123

    group-policy sapusers internalgroup-policy sapusers attributes vpn-tunnel-protocol IPSec !vpn-filter value acl1_name split-tunnel-policy tunnelspecified split-tunnel-network-list value SAP_Users_splitTunnelAcl

    group-policy adminusers internalgroup-policy adminusers attributes vpn-tunnel-protocol IPSec split-tunnel-policy tunnelspecified split-tunnel-network-list value Admin_Users_splitTunnelAcl

    no ldap attribute-map CISCOMAP

    ldap attribute-map CISCOMAP  map-name  cn=sapvpn IETF-Radius-Class  map-value cn=sapvpn "ou=vpnusr,cn=sapvpn,ou=Users,dc=organisation,dc=company,dc=de" sapusers  map-value cn=sapvpn "CN=vpnadm,ou=Groups,dc=organistaion,dc=company,dc=de" adminusers

    (tried two ways therefore different values)

    DB:2.54:Asa Vpn Issue With Different Open Ldap Groups m3


    Hi,

    Thanks for that info.

    Am thinking about using Radius as a middleman myself now as memberOf overlays have me pulling my hair out.

    Cisco ACS is a new bit of hardware isn't it? I'm thinking about using freeradius on Ubuntu to serve the same purpose. Is that a bit crazy in your opinion?

    Cheers,

    c:)

  • RELEVANCY SCORE 2.54

    DB:2.54:Errors In Ldap Configuration With Shared Services k1


    Dear sirs,

    we are getting errors in LDAP configuration with Shared Services.

    Base DN is ou=Grupos,cn=East,o=SSGH,c=br,o=Grupo East

    The group cn is cn=AH

    In LDAP log you can see the applications is searching the group:
    "ou=Grupos,cn=East,o=SSGH,c=br,o=Grupo"

    When it should be:
    ou=Grupos,cn=East,o=SSGH,c=br,o=Grupo East

    We think the problem is with space in Base DN "o=Grupo East", it is not properly considered.

    Error Codes
    ---------------------------------------------------
    EPMCSS-05145

    Thanks in advance

    DB:2.54:Errors In Ldap Configuration With Shared Services k1

    Hi.
    Could you try to define the Base DN as :
    ou=Grupos,cn=East,o=SSGH,c=br,o=Grupo\ East
    I don't know if will work fine.. but you can use special characteres using with the "\"
    Good luck.
    Best regards!

  • RELEVANCY SCORE 2.53

    DB:2.53:Wwc-41400 Error In Login Server Configuration With Ldap kp


    Hi,

    I have configured Login Server with LDAP. All the step shave
    gone thru fine . But I am getting the Unexpected error: WWC-
    41400 when trying to login .
    Please help me if you have any answers to this problem.

    Thanks in advance,
    Abhishek

    DB:2.53:Wwc-41400 Error In Login Server Configuration With Ldap kp

    a few things to check...

    #1

    Check to make sure PLSExtProc listener is up and running on
    login server....

    2: Library linkage dll (ssoxldap.dll) not set...

    as portal30_sso,
    create or replace library auth_ext
    as 'library_file_name_with_fully qualified_os_path'
    /
    commit;

    3: External Library File in incorrect path in the login server

    copy %PORTAL_HOME%\portal30\admin\plsql\sso\ssoxldap.dll
    %ORACLE_HOME%\bin\ssoxldap.dll

  • RELEVANCY SCORE 2.53

    DB:2.53:Ldap And Mobile Accounts dx


    I'm having a problem with using an LDAP authentication source and enabling Mobile Account on that LDAP user for credential caching on a laptop - has anyone been successful with this sort of configuration and Leopard? It worked fine under Tiger

    DB:2.53:Ldap And Mobile Accounts dx

    Leopard and Tiger aren't the same here. Go ask on the Tiger forums

  • RELEVANCY SCORE 2.53

    DB:2.53:Iab Installation Problem j8


    Dear all,

    I have try to install iAB6.0 SP1 with iAS on NT4.0 workstation
    servcie pack 6. The installation is smooth, but it can't connect to the
    ldap server on last part. But the ldap have already started.

    i have also try to install on the other machine (with same
    configuration), it was successful. Can you tell me what is the
    connectively problem of the ldap? Thanks!

    Angus

    DB:2.53:Iab Installation Problem j8

    Dear all,

    I have try to install iAB6.0 SP1 with iAS on NT4.0 workstation
    servcie pack 6. The installation is smooth, but it can't connect to the
    ldap server on last part. But the ldap have already started.

    i have also try to install on the other machine (with same
    configuration), it was successful. Can you tell me what is the
    connectively problem of the ldap? Thanks!

    Angus

  • RELEVANCY SCORE 2.53

    DB:2.53:Ldap Work With Documentum sd


    Do you have any idea for LDAP authentication?Our group already config the content server. How to config the content server point to LDAP server ?PS :Another group own the LDAP server administration. We don't change the LDAP server configuration!!

    DB:2.53:Ldap Work With Documentum sd

    Hello,In Documentum Administrator Help you can find a step by step procedure on how to create a LDAP configuration.Regards.

  • RELEVANCY SCORE 2.53

    DB:2.53:Removing Ldap Group cz



    Hi,

    i've got a little problem witch i cant handle, after hours spent on searching the web i decided to ask here for help.

    SAP BO 4.1 sp4 installation.

    One day one of administrators configured LDAP, and created some groups from that ldap (it was his private LDAP, standing under his desk). The LDAP is now disabled and its configuration is unknown.

    How to remove that groups from BO? (when group is clicked with right button there is no option to 'DELETE' - its not even gray, there is no such option).

  • RELEVANCY SCORE 2.53

    DB:2.53:How To Export Emgc Configuration? 9f


    Hi All,

    I have a EMGC setup, which I am using for monitoring our project's development environment. On this EMGC setup I have created lot of UDMs, metrics and reports. My EMGC runs on a single linux machine, so to recover from a crash I want to take a backup of entire EMGC configuration (UDMs,reports etc.) but I could not see any such option in UI console. So I am planning to take EMGC repository dump using DB export and planning to use that dump for any crash recovery. Is that the correct solution or do we have any better solution. Please let me know.
    --
    Regards,
    Ashok Kumar Chava

    DB:2.53:How To Export Emgc Configuration? 9f

    See Oracle Enterprise Manager Backup, Recovery, and Disaster Recovery
    (Best Practices for Backup and Recovery and Best Practices for Disaster Recovery)
    http://download-uk.oracle.com/docs/cd/B19306_01/em.102/b40002/sizing.htm#CEGBICIG

  • RELEVANCY SCORE 2.53

    DB:2.53:How Do I Verify The Standby Db Is Current? 83


    I installed EMGC (10g) and made a physical standby configuration.
    The "Data Guard Status" is Normal with a green check mark. So I
    wanted to check a few tables to "prove" to myself that it is working.

    When I use sqlplus, I cannot do any queries because the DB is in
    the MOUNTED state. So I receive the "database not open" errors.

    Is this how its suppose to be? Is there any way that I can "check"
    the data on the standby to make sure the process is working okay?

    Thanks,
    Scott

    DB:2.53:How Do I Verify The Standby Db Is Current? 83

    You can also open your database for read only if you want to query it.Perfect. Thanks for the link. It worked great, now I'm happy. :)

    Thanks,
    Scott

  • RELEVANCY SCORE 2.53

    DB:2.53:Ciscos Network Registrar And Ldap (Tcl Script) sf



    Hi all,I use CNR version 7.1. I use ldap for authentication user. I have a problem if ldap server not available. I want with tcl script to know what ldap not available and send to user default configuration (ip,dns)  How I can transfer in tcl a script that the server ldap isn't accessible? where i can found error code for this ?

    Thanks

    Roman

    DB:2.53:Ciscos Network Registrar And Ldap (Tcl Script) sf


    Hi all,I use CNR version 7.1. I use ldap for authentication user. I have a problem if ldap server not available. I want with tcl script to know what ldap not available and send to user default configuration (ip,dns)  How I can transfer in tcl a script that the server ldap isn't accessible? where i can found error code for this ?

    Thanks

    Roman

  • RELEVANCY SCORE 2.53

    DB:2.53:Configuration Ldap - Remedy cp



    I am configuring LDAP with remedy.

    SO REMEDY : Linux

    SO LDAP : Linux

    I need to know what parameters should I use to configure the LDAP with the remedy to authenticate users.

    I have set as shown in ar.conf

    AREA-LDAP-Bind-Password: GcJWTAxWR0lM9LfsZZsAzzd9VGdNB8mkYz2eSxg8a4JXchL1MfcGm6OWXNImC8diNvvaN0UsRanXc0HJlkeWDzQCgrrW8y8KVgfA4N/DEL+ENycokVyeWA==AREA-LDAP-Bind-User: cn=proactive,ou=People,DC=company,DC=gob,DC=ecAREA-LDAP-Port: 389AREA-LDAP-Hostname: 192.168.10.200AREA-LDAP-Use-Groups: 0AREA-LDAP-User-Base: DC=company,DC=gob,DC=ecAREA-LDAP-User-Filter: $\USER$AREA-LDAP-Chase-Referral: FAREA-LDAP-UseSSL: FCrossref-Blank-Password: TAuthentication-Chaining-Mode: 3

    Users can not authenticate

    DB:2.53:Configuration Ldap - Remedy cp


    Well you need to add the server queue.

    You should also double-check the configuration with an LDAP browser like Apache Directory Studio.

    Besides, have you read the "integration" guide regarding AREA LDAP configuration ? There is more than one way to configure the external authentication.