Add an OS user dba and oinstall group

Similar Questions

• Some dba and the associated operating system confusion

  Hi all

  I have some doubts related to the database and from the perspective of the OS. Could pelase let someone delete my those doubts and clarify below questions:

  Qus1: Can we have two with the same default port number 1521 listener.ora file?

  Qus2: Why create two groups 'dba' and 'oinstall' during the installation of oracle database?

  Qus3: If my database is using newspaper archive and in case the archiver process is killed and then redo will be archived or not otherwise what will happen?

  Qus4: If I have the catalogue for RMAN metadata database. And in the case of catalogue database broke down. I will be able to use RMAN backupsets to restore the database?

  Qus5: What is needed to run the script "some_path/root.sh" during the installation of the oracle at the last step database?

  Qus6: How can we know what are the database running in my server level operating system itself means if no database is down or crashed, can we get to know on these data base level operating system itself? If Yes, then please specify the command?

  Qus7: How can configure us UDP protocol for my interlocutor?

  Qus: If I update a table and query update happens. Between the two OS gets stop then when he is back my transaction will be rolledback. Please let me know how TI happenes means is there any process to do this or something else?

  Please clarify the issues above.

  Kind regards

  Michel

  fb767351-A660-4b18-9a9f-73bc141f6a0c wrote:

  Hi all

  I have some doubts related to the database and from the perspective of the OS. Could pelase let someone delete my those doubts and clarify below questions:

  Qus1: Can we have two with the same default port number 1521 listener.ora file?

  Qus2: Why create two groups 'dba' and 'oinstall' during the installation of oracle database?

  Qus3: If my database is using newspaper archive and in case the archiver process is killed and then redo will be archived or not otherwise what will happen?

  Qus4: If I have the catalogue for RMAN metadata database. And in the case of catalogue database broke down. I will be able to use RMAN backupsets to restore the database?

  Qus5: What is needed to run the script "some_path/root.sh" during the installation of the oracle at the last step database?

  Qus6: How can we know what are the database running in my server level operating system itself means if no database is down or crashed, can we get to know on these data base level operating system itself? If Yes, then please specify the command?

  Qus7: How can configure us UDP protocol for my interlocutor?

  Qus: If I update a table and query update happens. Between the two OS gets stop then when he is back my transaction will be rolledback. Please let me know how TI happenes means is there any process to do this or something else?

  Please clarify the issues above.

  Kind regards

  Michel

  Michel, you must work on your technique of learning. In the Oracle environment, "If in doubt - try it". This applies to three of your questions:

  1. try to start two listeners, listening on the port and the same address. Then, try different addresses.

  3 kill the archiver process. You'll see the result soon enough.

  4. yet once, test it.

  You have also some questions of documentation:

  2. There is a chapter on this in the installation guide, but I guess that's a little vague on the 'why '. You need to think about the situation where you have multiple databases on a machine with different databases, and you should restrict DBA access to their own DB only.

  7. the Net Services Administrator's guide describes the configuration of the supported protocols.

  8. the Guide of Concepts a chapter describing the background process that will be answered.

  That leaves two:

  5. I don't understand what you're asking.

  6. If I understand correctly it is y no definitive answer on Unix, if you can deduce by looking at files such as oratab or the contents of your directories of dbs. Under Windows, look at the Windows services

• No Add button in the users section and groups on LenovoEMC Storage Manager 1.4.4.14439

  I just install my new Iomega PX4 - 300 d and have enabled security. When I go to the users section and groups, there is no Add button to create new users or groups.

  The Add button is available in other sections and I created with success of new volumes/shares.

  I read the instructions and following the guides online without success.

  Is there another setting that I missed?

  He solved.

  I disabled the security and then reactivated it.

  The add users/groups button reappears.

• How can I add and synchronize groups and AD users after a successful installation?

  Hello

  Maybe I don't see the wood from the trees.

  I have successfully installed a working environment of the Horizon.

  Now, I would like to add a few new users and AD groups, so that they would be synchronized with Horizon Workspace.

  If I am logged on as admin-account on the portal of the workspace, and I can see the tab "users and groups".

  There, I also see synchronized users during the installation, I added.

  But how can I add and synchronize the users in my ad?

  Kind regards

  André

  AD synchronization is done automatically on the schedule that you specified during the Setup installation ad part. You can change it and thus force a manual synchronization. But it is done on the connector and not the ordinary administration portal. You access your connector by using https:// Connector_URL:8443

• Script to add a domain user to the local Administrators group raises the error "the network path is not found."

  I have a Windows Server 2008 R2 domain and a Windows XP Pro workstation that has been attached to the domain and then disconnected. I am trying to create a VBS script to add a domain user to the local Administrators group.

  I log on my computer as a local administrator and run the following script:

  Dim oNetwork: Set oNetwork = WScript.CreateObject ("WScript.Network")
  StrPC Dim: strPC = oNetwork.ComputerName
  Dim OGroup: Set oGroup = GetObject ("WinNT: / /" & strPC & "/ directors")
  Dim OUser: Set oUser = GetObject ("WinNT://domainname/username")
  oGroup.Add (oUser.ADsPath)

  This script returns the error "the network path is not found."

  However, I am able to go into control panel > user accounts > enter the user name and the domain name > click Next... > choose the administrators of the 'other' group and the user name will be added to the local Admin group.

  The same script runs without error if it is launched after logon on the workstation with a domain administrator account.

  How can I get my script runs without error, when you are logged into the workstation as a local administrator?

  Best regards, Andy

  The code that I used came from here. If the syntax of the Add method is passed to oUser.ADsPAth to "WinNT: / /" & domainname & "/" & username, the script works correctly.

  Therefore, the modified script:

  Dim oNetwork: Set oNetwork = WScript.CreateObject ("WScript.Network")
  StrPC Dim: strPC = oNetwork.ComputerName
  Dim OGroup: Set oGroup = GetObject ("WinNT: / /" & strPC & "/ directors")
  Dim strUser: strUser = "WinNT://domainname/username."
  oGroup.Add strUser

  Thanks to Qasim Zaidi to show the code of work here.

  Best regards, Andy

• Difference between variable interface user layout and presentation of the add() method UI?

  Hello

  What is the difference between a variable user interface layout and presentation of the add() method UI?

  Presentation of the variable user interface is something like this:

  var windowResource = "palette {  \
      orientation: 'column', \
      alignChildren: ['fill', 'top'],  \
      preferredSize:[300, 130], \
      text: 'ScriptUI Window - palette',  \
      margins:15, \
      \
      bottomGroup: Group{ \
          cd: Checkbox { text:'Checkbox value', value: true }, \
          cancelButton: Button { text: 'Cancel', properties:{name:'cancel'}, size: [120,24], alignment:['right', 'center'] }, \
          applyButton: Button { text: 'Apply', properties:{name:'ok'}, size: [120,24], alignment:['right', 'center'] }, \
      }\
  }";
  
  var win = new Window(windowResource);
  
  win.show();
  

  presentation of the UI Add() method is something like this:

  var w = new Window('dialog', 'Random Number Generator');
  var btn_group = w.add('group'),
      btn_ok = btn_group.add('button', undefined, 'Ok');
  
  w.show();
  

  Thank you!

  Since the Guide Javascript Tools on the specifications of the resource (you're high example on the page):

  You can create one or more UI both elements by using a resource specification. This specially formatted string provides a simple and compact of the creation of an element, including any container element and its constituent elements. The resource-specification string is passed as a parameter to the constructor function Window() or add().

  The general structure of a resource specification is a specification of item type (for example, dialog box).

  followed by a pair of curly braces surrounding one or more property definitions.

  myResource var = 'dialogue {control_specs} ";

  var myDialog is new window (myResource);.

  The controls are defined as properties in windows and other containers. For each control, give the name of the control class, followed by the properties of the control between braces.

  I had trouble getting the resource specifications to work - probably just didn't make the time to understand. A few differences is that some of the properties that they put in the resource specifications in brackets after the element will not work in the other method, if you do it this way. You normally have to make a second line and add this property. I'm not sure of the first method, but the second is the function object, and you can use the structure of the object (object, nextProperty, etc.) or set a variable to represent the object. In most of the scripts that I write, I use variables and give them a name such as:

  myCheckBox var = dlg.inSomeGroup.add ('checkbox', undefined, "text box '");

  myCheckBox.name = "maCaseACocher";

  By doing this, I can create a recursive function that goes through the entire user interface and retrieves the values of the elements and writes this information to an xml file. Including the names allows the script to identify which variable to control / it is in the xml file, so that it can be reassigned to proper control. I have not tried this with the method of specifications for resources, so I don't know if it will work with it.

• Control Panel is not on the list. Users and local groups does not appear in computer management.

  1. click on start, and then point to setting, control panel is not on the list.  When you try to get to the Panel of control via a link in Help and Support, had an error, "operation has been cancelled due to restrictions in effect on this computer.  Contact your system administrator. »

  2. local Users and Groups does not appear in computer management.

  There is only one profile on the PC, the OS is XP Home.  It seems lost his administrator privileges somehow my user profile.  Could you please suggest how to solve this problem?  Thanks in advance.

  Hi PJohnson,

  You can access the link below and follow the steps in the article to create a new user account and copy the data to the new account.

  http://support.Microsoft.com/kb/811151

  I hope this helps. Let us know the result.

  Thank you and best regards,

   

  Srinivas R

  Microsoft technical support.

  Visit our Microsoft answers feedback Forum and let us know what you think.

• How can I add items to the Menu of the button lock, I don't, change user, close and lock. I want to add 'restart '.

  How can I add items to the Menu of the button lock, I don't, change user, close and lock. I want to add 'restart '.

  How can I add items to the Menu of the button lock, I don't, change user, close and lock. I want to add 'restart '.

  This tutorial should do what you want. Use method 2.
  http://www.Vistax64.com/tutorials/105003-shutdown-options-start-menu.html

  Please read all notes caefully, not only the parts of the statement.

  t-4-2

• Base - Add the user name and password in script?

  Hello

  Scripting is not my thing, I run the script below in order to get the use of the data store space and it requires user name and password for vcenter, how do I add it in the script, then I can run as a scheduled task on my Windows Server that has installed PowerCli?

  # These are the properties assigned to the table via the ConvertTo-HTML cmdlet.

  $tableProperties = '< style >.

  $tableProperties = $tableProperties + "TABLE {border-width: 1px;}. border-style: solid; border-color: black ;} »

  $tableProperties = $tableProperties + "TH {border-width: 1px;}. padding: 5px; border-style: solid; border-color: black ;} »

  $tableProperties = $tableProperties + "TD {text-align: center;} '. border-width: 1px; padding: 5px; border-style: solid; border-color: black ;} »

  $tableProperties = $tableProperties + ' < / style >.

  ##The script will automatically connect to the server if necessary. The $server variable must

  #be changed if the server name changes.

  $server = "192.168.132.1".

  If (!) () to connect-viserver $server - ErrorAction SilentlyContinue). IsConnected)

  {

  Write-Host "connection to the server: ' $server

  to connect-viserver $server - ErrorAction SilentlyContinue err - ErrorVariable

  If ($Err)

  {

  Write-Host "Connection to the server error, please check server name." - ForegroundColor Red

  breaking

  }

  Write-Host "Full" - ForegroundColor Green

  }

  # cmdlet to retrieve information from data warehouses.

  # variable $rep stores all the information for each data store.

  $rep = @)

  Get-Datastore. Sort-Object-property name. {ForEach-Object

  $Datastore = $_

  $Report = "" | Select-Object - property Datastore, CapacityGB, FreeSpaceGB, PercFreeSpace

  $Report.Datastore = $Datastore.Name

  $Report.CapacityGB = [math]: tour ($_.) CapacityMB / 1 KB, 0)

  $Report.FreeSpaceGB = [math]: tour ($_.) FreeSpaceMB / 1 KB, 0)

  $Report.PercFreeSpace = [math]: Round (((100 * ($_.))) FreeSpaceMB)) / ($_.) (CapacityMB)), 0)

  $rep += $Report

  }

  # Formats date, file name, etc. #.

  #Write - Host "Generating report".

  $date = get-date

  $datefile = get-date - uformat ' %d-%m - Y % - hour %M ' %S

  $filename = "C:\vmware\powercli\reports\VMwareDatastoreUsage_" + $datefile + ".htm".

  # Generates vsphere datastore usage report #.

  Write-Host "Full" - ForegroundColor Green

  Write-Host "Generating datastore usage report".

  $rep | Sort PercFreeSpace | ConvertTo-HTML-head $tableProperties - body ' < th > < font style = ' "color: #000000 '" > < big > < b > VMware Datastore using < /b > < / big > < / font > < /th > | Out-file $filename

  Write-Host "Full" - ForegroundColor Green

  Write-Host "usage of your data store report has been saved to: ' $filename

  ##Send email with attached generated report #.

  #Write - Host "sending email with report:" $filename + "attached".

  Send-MailMessage-to "vmware-reports < . " [email protected] >"-subject 'vSphere datastore use' - to ' Andy White < [email protected] > "-body" VMware report attached: use of the data store "- attachment $filename - high - dno onSuccess, onFailure - smtpServer 192.168.13.3

  The connection is made in this line

  SE connect-VIServer $server - ErrorAction SilentlyContinue err - ErrorVariable

  You can add the user and password parameters of the cmdlet Connect-ViServer . But you want to have this info hardcoded in the script?

  An alternative is to use the credentials store.

  There are other alternatives to store the credentials.

• How can I add a form with the user name and password

  I would like to add a registration form with the user name and password. Are there any embedded html or widget for this

  Hello

  Here you will find a similar description:

  https://forums.Adobe.com/message/6078030

  https://forums.Adobe.com/message/6141887

  Thank you

  Sanjit

• Add a new user of Runtime

  I googled and was looking for a documentation with a few images/image of how to add a new user to tide but some not found. I was wondering if any of you can give me a screenshot of how to add a new user to tide. my access does not add/edit a runtime user.

  Thank you very much
  Warren

  Hey Warren,

  You should communicate with a person with security privileges to grant you access to adding/changing user tide

  Administration - users.jpg

  

  Once granted, you should then be able to add users - start clicking on the box with the Green more on top to add a new user.

  User/group name = user/group name

  Full name = family name, first name

  Domain = AD, empty if Unix, or domain name

  Then select security policy: Super users, Runtime user only or other

  Users of runtime tab to specify which TIME users access the user/group, the agent tab to specify which users DURATION agent has access. Another tab allows you to specify the telephone number, electronic address of the group/user. If the runtime user needs to connect to a Windows agent, then the windows / FTP password field must be filled in the password tab. And if the runtime user needs to connect to a Unix agent, then the password fields can be left white.

  user - definition.jpg

  

  Just give it a try.

  ARO

  The Derrick

• LDAP attribute on user card match no group

  We currently have Anyconnect (client based) up and running on our ASA 5515 X 9.5 (1) running. I use AD LDAP for authentication and configuration of LDAP attribute maps and assigned to our LDAP on the ASA server config. Like many, we use these cards to allow ASA assign a group policy to a user based on the AD group membership. Basically I have one AD Group for regular of VPN users and a group for users Admin VPN advertising. It works pretty well, but there are cases where the user profile specific related to group policy 'Regular users of VPN' does not work for all users of this ad group. I was trying to find a way to adjust the settings for certain users based on the user name. Say the user needs setting up VPN from an RDP session, but I'm not all users have that so I would attribute a group different local\Configuration user profile based on the AD username that would allow the VPN from a RDP session. Still, the rest of the users would be blocked to the RDP VPN. Here is my map to attribute LDAP database:

  map-attribute LDAP
  name of the memberOf Group Policy map
  map-value memberOf "LDAP path."
  msRADIUSFramedIPAddress IETF-RADIUS-Framed-IP-Address card name

  Now I could do here with the above configuration, I think it's to create a new group policy on the SAA for a certain group of users and then create a new value of the card with a new LDAP path that would point to a new group in AD, say "RDP VPN users". I then add the users I want Anyconnect group policies\user specific profiles for this particular ad group. But the question is that I would prefer not to have to create as many groups in AD.

  I want to know is if there is a way to have a path of card value of LDAP attribute to a certain username AD somehow. As if the LDAP path was something like "CN =, OU = users, DC =, DC ='.»» This way I could affect a group policy to the majority of users in the group "Regular users of VPN" AD, but then assign a different policy to some users who require slightly different settings. That would allow me to match on a certain user, not one ad group? The Group cisco-attribute-name strategy addresses a user as if it were an ad group? I guess not, but not sure. I looked through the list of names of attributes-cisco - but didn't see anything that looked like it worked for AD user names.

  Also, if anyone knows a better way please let me know I am open to suggestions. I hope that makes sense. Thanks in advance to the community for help.

  I think that you need a completely different approach - DAP (dynamic access policies).

  DAP allows a lot of motion of things, and you can create additive strategies.  So if you are a member of the group 'A' you add to this URL.  If you are also a member of the group 'B' you add this ACL.  If it can also do other things, like checking the registry keys, etc.

  The Guide deployment of DAP.

  https://supportforums.Cisco.com/document/7691/ASA-8X-dynamic-access-policies-DAP-deployment-guide

  I pretty much don't use DAP now (and no attribute is mapped) due to the significant increase in flexibility.

• ISE ERS user access to some groups?

  Hello

  I am trying to create a simple operational interface for ISE 1.4 for the helpdesk people add mac addresses from endpoint to endpoint internal DB via REST.

  I would like to have the filtered helpdesk access (so that they can only create endpoints in a group given, not all groups), but it seems that the RBAC in ISE control for users of the RHS is all or nothing.

  I created a Custom Data Access Menu permissions then defined that a user in a group ERS Helpdesk would have access to it. On RBAC policy, I can not only specify a data access authorization, the system always makes me choose a permission to access the Menu as first option.

  If so I said that to the endpoint Group X, to access the data for a group of ERS Custom Data Access, the ERS user gets access denied to the DB.

  Only when I put the user on the RHS Admin by default, the default Super Admin Data Access group, it is able to have access to the DB.

  I would like to ask if anyone of you has managed to control the data set that is at HIA outside access or read access and if so, how.

  Thank you

  Gustavo Novais

  PS: ERS debug logs:

  2015-09-19 09:38:47, 172 DEBUG [ers-http-pool732] [cpm.ers.app.web.PAPFilter] -:-#--> getPathInfo = PAPFilter.doFilter / endpointgroup
  2015-09-19 09:38:47, 172 DEBUG [ers-http-pool732] [cpm.ers.app.web.PAPFilter] -:-# PAPFilter.doFilter--> getMethod = GET
  2015-09-19 09:38:47, 172 DEBUG [ers-http-pool732] [cpm.ers.app.web.PAPFilter] -:-# PAPFilter.doFilter--> getRequestURL =https://10.1.156.136:9060 / ers/config/endpointgroup
  2015-09-19 09:38:47, 172 DEBUG [ers-http-pool732] [cpm.ers.app.web.PAPFilter] -:-# PAPFilter.doFilter--> getRemoteHost = 10.2.10.63
  2015-09-19 09:38:47, 174 DEBUG [ers-http-pool732] [cpm.ers.app.web.PAPFilter] -:-# PAPFilter.doFilter--> passing the filter!
  2015-09-19 09:38:47, 174 DEBUG [ers-http-pool732] [cpm.ers.app.web.AtnAtzFilter] -:-#--> getPathInfo = AtnAtzFilter.doFilter / endpointgroup
  2015-09-19 09:38:47, 174 DEBUG [ers-http-pool732] [cpm.ers.app.web.AtnAtzFilter] -:-# AtnAtzFilter.doFilter--> getMethod = GET
  2015-09-19 09:38:47, 174 DEBUG [ers-http-pool732] [cpm.ers.app.web.AtnAtzFilter] -:-# AtnAtzFilter.doFilter--> getRequestURL =https://10.1.156.136:9060 / ers/config/endpointgroup
  2015-09-19 09:38:47, 174 DEBUG [ers-http-pool732] [cpm.ers.app.web.AtnAtzFilter] -:-# AtnAtzFilter.doFilter--> getRemoteHost = 10.2.10.63
  2015-09-19 09:38:47, 174 DEBUG [ers-http-pool732] [cpm.ers.app.web.AtnAtzFilter] -:-# AtnAtzFilter: adminName = RHS
  2015-09-19 09:38:47, 174 INFO [ers-http-pool732] [cpm.ers.app.web.AtnAtzFilter] -:-AtnAtzFilter 401Blocked: user is not authorized to access the requested resource.
  2015-09-19 09:38:47, 175 DEBUG [ers-http-pool732] [cpm.ers.app.web.MaxThreadsLimiterFilter] -:-# RateLimitFilter Servlet => continue with the response of the RHS, the current number of bucket: 49
  2015-09-19 09:39:15, 992 INFO [admin-http-pool279] [api.services.server.role.RoleImpl] -: admin:455184AE2B954C78C9EAD7AAECD913F8:-extract the list of roles for entityFQN Information: NAC group: NAC
  2015-09-19 09:39:20, 328 INFO [admin-http-pool295] [api.services.persistance.dao.UserDAO] -: admin:455184AE2B954C78C9EAD7AAECD913F8:-update of user as user name information: NAC Group: NAC:ers
  2015-09-19 09:39:20, 330 INFO [admin-http-pool295] [api.services.persistance.dao.MappingDAO] -: admin:455184AE2B954C78C9EAD7AAECD913F8:-creating new mapping with rolebundle ' Global: Default "context" Global Context context: Global ' user ' NAC Group: NAC:ers' role ' NAC Group: NAC:RBACGroups:ERS Admin»
  2015-09-19 09:39:20, 333 INFO [admin-http-pool295] [api.services.server.mapping.MappingImpl] -: admin:455184AE2B954C78C9EAD7AAECD913F8:-removing users from role with the name ' NAC Group: NAC:RBACGroups:ERS filters under contextFQN "Global Context context: Global", bundle Global role: by default "with transactional 'false' is
  2015-09-19 09:39:34, 682 INFO [ers-http-pool732] [cisco.cpm.nsf.impl.UserIdentityManagement] -:-the internal authentication method to check if the policies in correspondence of the user groups duration is 7
  2015-09-19 09:39:34, 691 DEBUG [ers-http-pool732] [cpm.ers.app.web.MaxThreadsLimiterFilter] -:-#--> getPathInfo = MaxThreadsFilter.doFilter / endpointgroup
  2015-09-19 09:39:34, 691 DEBUG [ers-http-pool732] [cpm.ers.app.web.MaxThreadsLimiterFilter] -:-# MaxThreadsFilter.doFilter--> getMethod = GET
  2015-09-19 09:39:34, 691 DEBUG [ers-http-pool732] [cpm.ers.app.web.MaxThreadsLimiterFilter] -:-# MaxThreadsFilter.doFilter--> getRequestURL =https://10.1.156.136:9060 / ers/config/endpointgroup
  2015-09-19 09:39:34, 691 DEBUG [ers-http-pool732] [cpm.ers.app.web.MaxThreadsLimiterFilter] -:-# MaxThreadsFilter.doFilter--> getRemoteHost = 10.2.10.63
  2015-09-19 09:39:34, 691 DEBUG [ers-http-pool732] [cpm.ers.app.web.MaxThreadsLimiterFilter] -:-# RateLimitFilter Servlet => continue with the request of the RHS, the current number of bucket: 49
  2015-09-19 09:39:34, 691 DEBUG [ers-http-pool732] [cpm.ers.app.web.PAPFilter] -:-#--> getPathInfo = PAPFilter.doFilter / endpointgroup
  2015-09-19 09:39:34, 691 DEBUG [ers-http-pool732] [cpm.ers.app.web.PAPFilter] -:-# PAPFilter.doFilter--> getMethod = GET
  2015-09-19 09:39:34, 691 DEBUG [ers-http-pool732] [cpm.ers.app.web.PAPFilter] -:-# PAPFilter.doFilter--> getRequestURL =https://10.1.156.136:9060 / ers/config/endpointgroup
  2015-09-19 09:39:34, 691 DEBUG [ers-http-pool732] [cpm.ers.app.web.PAPFilter] -:-# PAPFilter.doFilter--> getRemoteHost = 10.2.10.63
  2015-09-19 09:39:34, 693 DEBUG [ers-http-pool732] [cpm.ers.app.web.PAPFilter] -:-# PAPFilter.doFilter--> passing the filter!
  2015-09-19 09:39:34, 693 DEBUG [ers-http-pool732] [cpm.ers.app.web.AtnAtzFilter] -:-#--> getPathInfo = AtnAtzFilter.doFilter / endpointgroup
  2015-09-19 09:39:34, 693 DEBUG [ers-http-pool732] [cpm.ers.app.web.AtnAtzFilter] -:-# AtnAtzFilter.doFilter--> getMethod = GET
  2015-09-19 09:39:34, 693 DEBUG [ers-http-pool732] [cpm.ers.app.web.AtnAtzFilter] -:-# AtnAtzFilter.doFilter--> getRequestURL =https://10.1.156.136:9060 / ers/config/endpointgroup
  2015-09-19 09:39:34, 693 DEBUG [ers-http-pool732] [cpm.ers.app.web.AtnAtzFilter] -:-# AtnAtzFilter.doFilter--> getRemoteHost = 10.2.10.63
  2015-09-19 09:39:34, 693 DEBUG [ers-http-pool732] [cpm.ers.app.web.AtnAtzFilter] -:-# AtnAtzFilter: adminName = RHS
  2015-09-19 09:39:34, 693 DEBUG [ers-http-pool732] [cpm.ers.app.web.AtnAtzFilter] -:-# AtnAtzFilter: = RHS adminName is Admin ERS

  He does not seem to have many options when it comes to control access to resource api ers, I ended up doing my own local map in my web application to ad vs access groups groups endpoint.

• local user name and password if the ACS server fails

  Hello

  I have every router and switch configuration for authentication of the connection via the ACS server.  I used these 12 lines below and it works very well.  Each engineer has their own account.

  AAA new-model
  AAA of default login authentication group Ganymede + activate
  the AAA authentication enable default group Ganymede + activate
  AAA authorization exec default authenticated if
  AAA authorization commands 15 default group Ganymede + authenticated if
  AAA accounting exec default start-stop Ganymede group.
  orders accounting AAA 15 by default start-stop Ganymede group.
  Default connection accounting AAA power Ganymede group.
  AAA - the id of the joint session

  RADIUS-server host x.x.x.x
  RADIUS-server application made
  radius-server key, regardless of

  ----------------------------------------------

  I would add to this a local username and password so that if the ACS server was offline engineers have yet to connect with a knowledge of username and default password

  username privilege 15 secret mypassword MYUSERNAME

  line vty 0 4
  local connection

  Q. How do I make ACS a first preference and connection server only local users username and password if the ACS server is down?

  Kind regards

  Kevin

  Now you have the password to enable as the fall back method:

  AAA of default login authentication group Ganymede + activate

  Change 'enable' for 'local' and the local (to the router) database of user names and passwords is used.

  The same works to activate authentication (the second line "authentication, aaa... ("in the config that you posted).

• Verification of the users belonging to the Group spasfic weblogic server

  I built a simple service application web with jdeveloper 11.1.1.7 strategy (Wssp1.2 - 2007-Https-UsernameToken - Plain.xml) and deploy the weblogic 10.3. Everything works very well in both the client side and server.

  The client side is unable to call any method without specifying the username and password properties. The server automatically checks the user in users values define in weblogic server in the following path (summary of the areas of security > myrealm > users and groups). Hereby, the customer can access the system if he takes one of the users in this group even with the default user weblogic/weblogic.

  Question: How to limit the name to username/password check with specific usergroup?. That is, if the client mentions the name of user and password outside of the Group (even if the values are correct) the server rejects the request

  Problem, solved by (user name: Roque)

  in this link: java - verification of users within the spasfic group of weblogic server for the web service application - Stack Overflow

  Here is his answer for your reference:

  If you use the 'default' weblogic for users authentication method, you can follow these steps to set up an access group policy:

  • Connect to the weblogic administration console
  • Click on the links of deployments
  • Select your webservice
  • Click the Security tab
  • Click the sub-tab political
  • Choose your authorization provider in the menu drop-down (looks like by default)
  • Choose Add Conditions-> Group-> Type in the name of the Group
  • Finishing

  Now that the group you added should be able to invoke the web service. All other users should see something like:

  javax.xml.ws.soap.SOAPFaultException: Access denied to operation myWebService