Directory LDAP authentication scheme does not

I did some research on how to use active directory for authentication and it seems pretty obvious, but it does not for me in the APEX, while trying to authenticate the Works database.

I created a new authentication system

System type: LDAP Directory Service

Host: < < Directory Server Active > >

Port: 389

DN: < < FIELD > > \%LDAP_USER%

Use the distinguished name exactly: Yes

I made sure that the new authentication scheme is underway.

What application is running and I'm trying to connect, debug displays:

... Authentication failed: Invalid Login Credentials < div id = "apex_login_throttle_div" > please wait < span id = "apex_login_throttle_sec" > seconds 30 </span > to log in again. < / div

But, I ran a test database using this code below that I found on the web and it runs without exception, so I don't know my settings, domain, host, port, user and password are correct.  Y at - it a step that I forget?

DECLARE

l_retval PLS_INTEGER;

l_retval2 PLS_INTEGER;

l_session dbms_ldap.session;

l_ldap_host VARCHAR2 (256);

l_ldap_port VARCHAR2 (256);

l_ldap_user VARCHAR2 (256);

l_ldap_passwd VARCHAR2 (256);

l_ldap_base VARCHAR2 (256);

BEGIN

l_retval: = - 1;

dbms_ldap.use_exception: = TRUE;

l_ldap_host: = '< < ad server > > ';

l_ldap_port: = '389';

l_ldap_user: = ' < < MY AREA > >-< < my user > > ';

l_ldap_passwd: = '< < password > > ';

l_session: = dbms_ldap.init (l_ldap_host, l_ldap_port);

l_retval: = dbms_ldap.simple_bind_s(l_session,l_ldap_user,l_ldap_passwd);

dbms_output.put_line (' return value: ' | l_retval);

l_retval2: = dbms_ldap.unbind_s (l_session);

EXCEPTION

WHILE OTHERS THEN

dbms_output.put_line (rpad ('ldap session', 25, ' ') |) ': ' ||

RAWTOHEX (substr (l_session, 1, 8)).

'(retourné depuis init)");

dbms_output.put_line (' error: ' |) SQLERRM | ' ' || SQLCODE);

dbms_output.put_line (' user: ' | l_ldap_user);

dbms_output.put_line (' host: ' | l_ldap_host);

dbms_output.put_line ('port: ' | l_ldap_port);

l_retval: = dbms_ldap.unbind_s (l_session);

END;

Hello

If it works in the database, perhaps it is a typing error in your frame at the APEX?

Create PL/SQL processes "on the charge before the header' on connection and as a PL/SQL block page for this entry process:

begin
  APEX_DEBUG.ENABLE(apex_debug.c_log_level_engine_trace);
end;

Then run application, try to login and check the debug information. Maybe you'll find some clues to solve your problem.

Tags: Database

Similar Questions

  • OAM authentication scheme does not

    Hello

    I see a weird or probably known OAM authentication scheme feature. I added a diagram to a policy, it redirects to the login (authentication based on form) correctly. But, after authenticating successfully, it redirects to oberr.cgi? page, it works when I add the same form:, action: defy the parameters to an another authentication scheme, the policy works fine. It is clear that there is no problem with policies configured, because when replaced already authentication scheme with this one, it works fine. I tried to add a new window altogether after you remove the old. It does work for her as well. Don't know what the problem is. I updated, turn and even rebooted OVD/PM/ASIS, but still he does not accept the authentication scheme.

    Any who came across this type of problem before. Any help is appreciated.

    Although he long ago, I asked this question. The mistake was due to the webgate to Oberror redirect because it was not configured correctly.

    If someone finds this post useful, please try to check all the layers of webgate between.

    Hope that helps.

  • ORA-19007 - schema does not match

    On my database, we have two matching schemas tables in each - one for the active data and the other for data which stands for research in the long term. Both contain a pattern registered XMLType column. However, when I try to insert directly from the assets in the archive, I get the following:

    SQL > insert into eci_archv_schema.rev_item_earn_dtl_archv
    2 Select * from eci_schema.rev_item_earn_dtl
    3 where ROWNUM = 1;
    insert into eci_archv_schema.rev_item_earn_dtl_archv
    *
    ERROR on line 1:
    ORA-19007: http://xmlns.foo.com/1.3.1/ABC.xsd Schema does not match http://xmlns.foo.com/1.3.1/ABC.xsd expected.

    The only way in which I can properly move the data from one to the other is to wrap select it from one of the following:

    1 XMLType.createXML (my_xml_column.getCLOBVal ())
    2 XMLType.createNonSchemaBasedXML (my_xml_column)

    These two taking unusually long to complete and cause my check-in process is very, very slow. Apparently because the patterns were recorded under different database diagrams, they are somehow regarded as incompatible. This is the case or not they actually fit in another way? Is there an easy way to compare?

    FYI: we are 11.2.0.3, but this also happens on 11.2.0.2. Any help would be appreciated.

    What specific information would be useful: the XSD who sign us up?

    Yes, including the one you're importing (if not too big) or a simplified version if possible?

    BTW, it's binary storage object-relational or XML?

  • ORA-20000: Schema does not exist or insufficient privileges

    Salvation of DBA

    I do the upgrade from 9.2.0.6 to 10g database
    I'm following ID. doc. 316889.1 - step 7
    I get the following error while taking backup existing statistics as follows:

    SQL > exec dbms_stats.export_schema_stats ('WMSYS', 'dictstattab', statown = > 'SYS');
    BEGIN dbms_stats.export_schema_stats ('WMSYS', 'dictstattab', statown = > 'SYS'); END;

    *
    ERROR on line 1:
    ORA-20000: WMSYS Schema does not exist or not sufficient to analyze privileges a
    object it contains
    ORA-06512: at "SYS." DBMS_STATS", line 4984
    ORA-06512: at "SYS." DBMS_STATS", line 5007
    ORA-06512: at "SYS." DBMS_STATS", line 5409
    ORA-06512: at line 1

    SQL > exec dbms_stats.export_schema_stats ('XDB', 'dictstattab', statown = > 'SYS');
    BEGIN dbms_stats.export_schema_stats ('XDB', 'dictstattab', statown = > 'SYS'); END;

    *
    ERROR on line 1:
    ORA-20000: XDB Schema does not exist or not sufficient to analyze privileges a
    object it contains
    ORA-06512: at "SYS." DBMS_STATS", line 4984
    ORA-06512: at "SYS." DBMS_STATS", line 5007
    ORA-06512: at "SYS." DBMS_STATS", line 5409
    ORA-06512: at line 1


    SQL > exec dbms_stats.export_schema_stats ('WKSYS', 'dictstattab', statown = > 'SYS');
    BEGIN dbms_stats.export_schema_stats ('WKSYS', 'dictstattab', statown = > 'SYS'); END;

    *
    ERROR on line 1:
    ORA-20000: WKSYS Schema does not exist or not sufficient to analyze privileges a
    object it contains
    ORA-06512: at "SYS." DBMS_STATS", line 4984
    ORA-06512: at "SYS." DBMS_STATS", line 5007
    ORA-06512: at "SYS." DBMS_STATS", line 5409
    ORA-06512: at line 1


    SQL > exec dbms_stats.export_schema_stats ('LBACSYS', 'dictstattab', statown = > 'SYS');
    BEGIN dbms_stats.export_schema_stats ('LBACSYS', 'dictstattab', statown = > 'SYS'); END;

    *
    ERROR on line 1:
    ORA-20000: LBACSYS Schema does not exist or not sufficient to analyze privileges
    an object it contains
    ORA-06512: at "SYS." DBMS_STATS", line 4984
    ORA-06512: at "SYS." DBMS_STATS", line 5007
    ORA-06512: at "SYS." DBMS_STATS", line 5409
    ORA-06512: at line 1


    SQL > exec dbms_stats.export_schema_stats ('DMSYS', 'dictstattab', statown = > 'SYS');
    BEGIN dbms_stats.export_schema_stats ('DMSYS', 'dictstattab', statown = > 'SYS'); END;

    *
    ERROR on line 1:
    ORA-20000: DMSYS Schema does not exist or not sufficient to analyze privileges a
    object it contains
    ORA-06512: at "SYS." DBMS_STATS", line 4984
    ORA-06512: at "SYS." DBMS_STATS", line 5007
    ORA-06512: at "SYS." DBMS_STATS", line 5409
    ORA-06512: at line 1


    SQL > exec dbms_stats.export_schema_stats ('SI_INFORMTN_SCHEMA', 'dictstattab', statown = > 'SYS');
    BEGIN dbms_stats.export_schema_stats ('SI_INFORMTN_SCHEMA', 'dictstattab', statown = > 'SYS'); END;

    *
    ERROR on line 1:
    ORA-20000: SI_INFORMTN_SCHEMA Schema does not exist or insufficient privileges
    to analyze an object it contains
    ORA-06512: at "SYS." DBMS_STATS", line 4984
    ORA-06512: at "SYS." DBMS_STATS", line 5007
    ORA-06512: at "SYS." DBMS_STATS", line 5409
    ORA-06512: at line 1

    Please guide me to solve the problem above.

    Thank you
    SG

    SG,

    You can ignore these errors.

    Note: 359483.1 - upgrade from 9.2.0.6 to 10.1.0.4.2 with Applications 11.5.10.2
    https://metalink2.Oracle.com/MetaLink/PLSQL/ml2_documents.showDocument?p_database_id=not&P_ID=359483.1

    Kind regards
    Hussein

  • LDAP authentication scheme has stopped working

    I have two servers, each with its own DB and APEX applications. To simplity, let's call them A and b. authentication is handled through a LDAP schema - and this regime is the same on both servers. After a few patches on A (I have yet to find out what that this application of fixes) I am no longer able to connect to one of the applications. However, using the same user/pass I can connect fine on server b (not talking dev backend for APEX, just the connection of the ordinary user in an application). Also, I changed absolutely nothing about the applications or the authentication scheme. So for now, I'm running with the idea that something happened during the patch.

    Here are the APEX vs on both servers:

    A: APEX 3.2

    B: APEX 4.0

    Looking at the authentication scheme, trying to detect the differences, the only thing I could find is that B also has a "Use SSL" option. But it is set to N, in any case. Yet once, these worked very well they were until now.

    I decided to test and run the following code on both servers:

    BEGIN
IF APEX_LDAP.AUTHENTICATE(
    p_username =>     'user.name',
    p_password =>     'ultrasecretpassword',
    p_search_base =>  'cn=users dc=my, dc=domain, dc=com',
    p_host =>         'host.my.domain.com',
    p_port => 389) THEN
    dbms_output.put_line('authenticated');
ELSE
    dbms_output.put_line('authentication failed');
END IF;


END;

    Not surprisingly, that said "authenticated" on B, and 'authentication failed' in a.. So, I decided to go a little further and run the following:

    -- Code by Scott Spadofore
-- OTN: https://forums.oracle.com/forums/thread.jspa?threadID=954602
DECLARE
  l_retval PLS_INTEGER;
  l_retval2 PLS_INTEGER;
  l_session dbms_ldap.session;
  l_ldap_host VARCHAR2(256);
  l_ldap_port VARCHAR2(256);
  l_ldap_user VARCHAR2(256);
  l_ldap_passwd VARCHAR2(256);
  l_ldap_base VARCHAR2(256);
BEGIN

  l_retval := -1;
  dbms_ldap.use_exception := TRUE;
  l_ldap_host := 'host.my.domain.com';
  l_ldap_port := '389';
  l_ldap_user := 'cn=user.name,cn=users, dc=my,dc=domain,dc=com';
  l_ldap_passwd := 'ultrasecretpassword';

  l_session := dbms_ldap.init(l_ldap_host, l_ldap_port);
  l_retval := dbms_ldap.simple_bind_s(l_session,
  l_ldap_user,
  l_ldap_passwd);
  dbms_output.put_line('Return value: ' || l_retval);
  l_retval2 := dbms_ldap.unbind_s(l_session);

EXCEPTION
  WHEN OTHERS THEN
    dbms_output.put_line(rpad('ldap session ', 25, ' ') || ': ' ||
    rawtohex(substr(l_session, 1, 8)) || '(returned from init)');
    dbms_output.put_line('error: ' || SQLERRM || ' ' || SQLCODE);
    dbms_output.put_line('user: ' || l_ldap_user);
    dbms_output.put_line('host: ' || l_ldap_host);
    dbms_output.put_line('port: ' || l_ldap_port);

    l_retval := dbms_ldap.unbind_s(l_session);
END;

    VERY surprisingly (or unfortunately), it displays the same thing on both A and B: "return value: 0.

    Go to B and APEX LDAP test, I found that if I enable SSL, auth begins without too much. Clearly, it should be turned off to make it work. I'm picking on it because it's the only difference I could find between the two: A, being an older version does not have any what specifications on whether or not to use SSL (and I guess it's not, because I can't find anything in the docs).

    In the APEX, the DN is:

    cn=%LDAP_USER%,cn=users, dc=my,dc=domain,dc=com

    ... and uses no edit function, or anything like that. It's as simple as the host name, port, DN

    I am at a loss here, so any help would be appreciated! Thanks in advance!

    Finally two thoughts.

    During the ACL test - make sure this isn't a privileged account.   Users like SYS will bypass the ACL and give false positives.

    Second - the script you have above is designed for the APEX 4.1 (APEX_040100).  Make sure you adjust respectively for APEX 3.2 or 4.2.

    Also, if you want a few quick scripts to test / display the ACL settings, there are examples all over the internet.  I've added a few to the pile here: Oracle ACL configuration Scripts. W.P. Hill Tech

    Maybe they will help.

    Good luck.

    -Tim St.

  • 802. 1 x authentication aid does not work

    According to the CEC documents, the following command should be a switch to do authentication for 802. 1 x for users. If this fails, the switch must fall back to no authentication. This prevents users to be locked to the network if the AAA/RADIUS server goes down.

    radius of group AAA dot1x default authentication no

    However, this command does not, at least not on the Catalyst IOS switches. If you disable the RADIUS server, the switch continues to try to use RADIUS regardless of the command above, even if the debugging indicates that the RADIUS server is dead.

    This directly conflicted with the following doc:

    http://www.Cisco.com/en/us/customer/products/hw/switches/ps646/products_command_reference_chapter09186a00801cdf12.html#1995856

    It is quite wrong that anyone who put implement 802. 1 x will be locked out of their network if the RADIUS server fails.

    Wireless access points do not have this problem because they can use a local RADIUS server. But it's a big problem for anyone with 802. 1 x running on cable networks.

    When Cisco will be be to fix this problem?

    Thank you.

    PAUL G.

    This does not work for 802.1 x and Catalyst switches.

    We will fix the documentation.

    In addition, Wireless APs don't have this problem with JUMP.

    Therefore, the challenge with Wired.

    Many EAP types, many types of back-end databases, etc. all need to review.

    We will have a configurable button in the near future to address, but as always, redundancy is recommended.

  • 802. 1 x authentication port does not

    I have trouble to know what is happening here. I'm trying to configure 802. 1 x port authentication based to assign customers to a VLAN. I inherited this mess and his for a long time I used it. I ran a wireshark on the radius of my server and I see no same package from my IP address switch when I plug into a port (I checked communication because pings come in my trace)

    Pass the info:

    SW-ConfB > sho worm

    Cisco IOS software, software of C2960C (C2960c405-UNIVERSALK9-M), Version 12.2 (55) EX3, VERSION of the SOFTWARE (fc2)

    Port config:

    interface FastEthernet0/11

    switchport mode access

    authentication event failure action allow vlan 900

    no response from the authentication event action allow vlan 900

    Auto control of the port of authentication

    dot1x EAP authenticator

    dot1x tx-period 5

    The RADIUS server info:

    key acct-port 1646 1645 auth-RADIUS-server host 10.0.1.52 port 802.1 x!

    A little confused why not package Radius comes even from the switch. Any tips?

    According to debug it, it seems that the supplicant connected on the switch port does not support the dot1x and MAB is not configured on the switchport so no method left to try and you got the vlan COMMENTS.

    3 Mar 04:37:47.963: % AUTHMGR-7-RESULT: authentication result 'no response' of 'dot1x' for the customer (d4be.d907.9637) on the Interface Fa0/11 AuditSessionID 0A000103000000090B4AD0F6
    * 04:37:47.963 3 Mar: % AUTHMGR-7-FAILOVER: failover "dot1x' for the client (d4be.d907.9637) on the Interface Fa0/11 AuditSessionID 0A000103000000090B4AD0F6
    * 04:37:47.963 3 Mar: AUTHMGR-7-NOMOREMETHODS %: exhausted all methods of authentication for the client

    At this point, the RADIUS is not even came into the picture. Please make sure that the end customer is configured correctly for the dot1x parameters.

    Kind regards

    Jatin kone

    * Make the rate of useful messages *.

  • Feature of simple authorisation scheme does not

    I am using an authorization scheme based on a 'function from PL/SQL returning a Boolean' and seem to be running into trouble.

    I have a function (in a package) that verifies users 'role' as specified in the table users and returns true or false for whether or not they are privileged... sounds simple to me...

    The only problem is, when I try this in the APEX (4), it gives the following error.

    ORA-06550: line 2, column 1: PLS-00221: 'APPROVE_ME' is not a procedure or is undefined ORA-06550: line 2, column 1: PL/SQL: statement ignored

    I have checked and double-checked everything is stated correctly and that's it works fine... except with APEX.

    Someone at - it ideas? Or y at - it something that my lack of experience does not happen?

    How did you enter the code in 1 Expression for the authorization scheme?

    return .

    I was able to reproduce your problem by leaving out the "return" statement

    Van
    Trent

  • Custom mouse pointer scheme does not load at startup

    I am running windows vista Home premium and I downloaded a mouse on the internet system. I saved the regime as "smooth" and clicked on apply and it worked. But when I restarted my computer, the system of mouse returns to the plan original windows vista aero. I've tried to stop all non-microsoft msconfig services and disabled all services start and enabled in the well, but yet the scheme has not been loaded.

    balingsta,
    Thank you for visiting the Microsoft Answers community forum.

    If your mouse is a Logitech brand, it deals with the issue.    If this is not the case, let us know what you have the mouse and we will try to help you solve this problem.

    This should solve your problem:

    1. click on start, type "msconfig" in the search box and press ENTER.
    If you are prompted for an administrator password or a confirmation, type your password or click on continue
    2. in the System Configuration dialog box, click the Startup tab
    3. Locate the entries called KHALMNPR or similar and uncheck the box next to each of them.
    4. click OK and restart your computer.
    5. after the restart, change your mouse pointer, the way you want and restart again.  Your mouse settings remain the same.

    Let us know if this information was useful or if you need assistance.
    Thank you

    Gloria
    Microsoft Answers Support Engineer
    Visit our Microsoft answers feedback Forum and let us know what you think.

  • My Windows 7 ultimate is authentic, but does not have the activation key, can somebody help me please?

    I got my school of hollow of W7 and is still viable, had a key that worked very well, until I was stupid enough to try to use the kode to 64-bit upgrade, now it does not turn on and I don't know if I can return the old key. It is a MUST to activate? If so help! AS SOON AS POSSIBLE

    How to activate Windows 7 or Vista manually (activate by phone)
    http://support.Microsoft.com/kb/950929/en-us

    1) click Start and in the search for box type: slui.exe 4
    (2) press the ENTER"" key.
    (3) select your "country" in the list.
    (4) choose the option "activate phone".
    (5) stay on the phone * do not select/press any option * and wait for a person to help you.
    (6) explain your problem clearly to the support person.
    (7) the person must give you a confirmation ID, copy it down on paper,
    (8) check that the ID is correct in reading the support person.
    (9) to enter the ID number, then click 'Next' to complete the activation process.

    ----------------------------  Alternatives -------------------------------------

    To enable the use of the phone
    1. open Activation of Windows by clicking on the Start button, right click on computer, clicking Properties.
    then by clicking on activate Windows now. ?

    2. click on show me other ways to activate.

    3 type your Windows 7 product key, and then click Next.

    4. click on use the automated telephone and then click Next.
    If you are prompted for an administrator password or a confirmation, type the password or provide confirmation.

    5. click on the location nearest you from the drop-down list, and then click Next.

    6. call one of the available phone numbers listed. An automated system will guide you through the activation process.

    7. When prompted, enter the installation ID that is listed on your screen in your phone keypad.

    8 Note the confirmation ID the phone system gives you.

    9. under the terms of step 3, type the confirmation ID in the space provided, click Next, and then follow the instructions.

    10. If the activation is not successful, stay on the line to be transferred to a product activation agent who can help you.

    How to contact a Microsoft Product Activation Center by phone
    http://support.Microsoft.com/kb/950929

    Microsoft Activation centers worldwide telephone numbers:
    http://www.Microsoft.com/licensing/existing-customers/activation-centers.aspx
    (This site is for activating Volume License, but if you call, they will help you)

    The phone number is not working:
    Microsoft Wordwide contacts: http://www.microsoft.com/worldwide/default.aspx

    Register Windows 7
    http://Windows.Microsoft.com/en-us/Windows7/help/register
    Register Windows 7 and you automatically receive a series of three welcome to Windows e-mails
    filled with tips, creative tips and other information to you help get the most out of Windows 7.
    You also get a subscription to the monthly newsletter of Windows Explorer,
    where you will find other tips and tricks, as well as special offers.

    Activation and registration of a Microsoft product
    http://support.Microsoft. com/ ? kbid = 326851
    Windows activation: (888) 571-2048

    Learn about Activation:
    http://TechNet.Microsoft.com/en-us/library/ff793423.aspx

    J W Stuart: http://www.pagestart.com

  • APEX permission scheme does not not after importation

    Hi all

    I work with APEX 4.2. I created a simple application APEX with a diagram of permission on a development server. After export and import on the production server authorization system does not work. However, it is displayed as expected in the IDE. Someone at - it this experience?

    I figured this out. After import, I needed run the access control administration page and set the mode of application of restricted access, and add users to the list of access control.

  • Problem with complex schema does not

    Hello

    I created the fairly complicated pattern: http://i.imgur.com/Wt2Bo7w.png

    And when I'm playing with him (some pathfinder to the cutting edge etc.) Illustrator is "not responding" problem and after a few minutes it comes back to life (with process finished). It's weird because my machine is pretty good and Illustrator, while that "does not" use only 30% of my CPU and about 6 GB of ram (I've got 16 GB). Is there a way to make it faster? What would you recommend?

    Try using fill patterns.

    Or try to use overlays raster graphics

  • Not available user: schema does not exist in the database?

    Hi team,

    I am trying to add to the existing table. Plaintiff mentioned schrma_name and table_name.

    I used under request... to find the schema exists or not.

    Select the username, ACCOUNT_STATUS from dba_users where username = "ABCD_USA_NUM";

    no selected line.

    Please suggest one., average user schema did not exist right did not exist? It is 4 knots of RAC database.

    Thnaks 
    Please suggest any one., User not existed means schema not existed right?. This is 4 nodes RAC Database.

    In your case, Yes.

    Rgds,

    Ahmer

    N.B.: To win a good reputation on the forums, and if you want that your question will be answered in due time. Kindly adopt a used to score your closed questions as soon as you give the answer. and be courteous to people who tries to help.

  • Directory LDAP synch but service not end-users?

    Hi the voices of experts,

    Is it possible to synch CM for directory purposes and not for end users? To clarify, I want to be able to take advantage of Active Directory for the composition between sites, but each site is a separate database of the CM. I am not fully complete each database with my global user list and eat us licenses, but I don't want their global directory.

    Thanks for any help in advance.

    Danny

    The Directory integrated business displays the users that you sync / create as to end-users. So, the answer is no. You need to build your own custom directory to do what you want

    Users of synchronization FYI has nothing to do with licenses

  • Using authentication AD does not not in 4.2 Apex?

    Hello

    We use AD authentication to authenticate on active directory which worked great until the Apex 4.2, however in 4.2 is just comes back with an error message generic user of apex indicating "Invalid Login Credentials.

    What is the cause and how can I get around this?

    Thank you

    This clearly shows the problem:

    error: ORA-24247: network access denied by access control list (ACL), backtrace:ORA - 06512: at "SYS." DBMS_LDAP_API_FFI', line 25 ORA-06512: at "SYS." DBMS_LDAP", line 48 ORA-06512: at"APEX_040200.WWV_FLOW_CUSTOM_AUTH_LDAP", line 45

    You will need to reconfigure the network ACL, as described here: http://docs.oracle.com/cd/E37097_01/doc/install.42/e35123/otn_install.htm#BABBHCID

    Kind regards
    Christian

Maybe you are looking for