Problems using native query Active Directory connector v 9.1

Similar Questions

• OBIEE 11.1.1.7.0 works is not after you have configured to use authentication MSAD (Active Directory)

  Hi all

  I'm trying to configure OBIEE 11 g to use the MSAD (Active Directory) authentication. I followed the instructions of Configuration Oracle BI with Oracle Internet Directory , but after a restart all services, I do not get connect OBIEE. I've hearded that there is a bug in this version (11.1.1.7.0) when you rearrange the suppliers and put the new (that you created) as the frist, followed by DefaultAuthenticator and DefaultIdentityAsserter providers.

  Someone had this problem? How to resolve that? Is there a URL or DocID teach how this is set correctly?

  Thanks in advance,

  Concerning

  is even if you have 10 k + users it will show only 1000, this is the limitation, but you can still find the users from the top by clicking on customize the table, it options you give the criteria in filter and view display, you can select the column by which you can search for example: by using the name or description, or Provider(AD or Default) in this path , you can search for specific users you want to see or Alvaro * so it will give u the list whose name start with Alvaro

  I hope it helps brand if not

• Is Active Directory Connector supports the following features in IOM

  Hi all
  
  In the Active Directory Connector (9.1.1.7) supports the following features in OIM11g.
  
  The AD administration, audit, delegation granular delegation/roles, trash, power of Attorney ad
  
  Thanks in advance.

  The ADC supports only user management.

  I don't know what you expect as "" AD administration, audit, delegation granular delegation/roles, trash, power of Attorney ad "»

  With connector AD media can create/delete/edit/disable/enable/add role to the user of the user/remove groups of levels/manage/Group Manager

  See the connector AD for more details

• How to call "run the dbms_utility" using native query?

  Hello

  I need compile my invalid object using APP.

  In my EJB, I have a method that does this:

  	Query query = em.createNativeQuery ("execute dbms_utility.compile_schema ('CGBDEV8', false) '");
  	int irslt = query.executeUpdate ();

  But the executeUpdate is a failure.

  Can you provide me with a solution on how it can be done.

  Thanks in advance

  Emile

  Yes, but as I said, jdbc has some restrictions, you cannot use boolean etc types.

  Have you tried statement proposed in my previous answer: em.createNativeQuery ("call dbms_utility.compile_schema ('CGBDEV8', some_util_pck.int2bool (0))" "");   ?

  "According to the docs, second parameter in dbms_utility.compile_schema () is optional if even this should work: em.createNativeQuery (call dbms_utility.compile_schema ('CGBDEV8')" ")";

  Dario

• Active directory Connector log file rotation

  Hello

  The connector server log file size increased up to 25 GB in size. Is there a way to log file rotation. I read on the rotation of log file in the documentation of the connector AD.

  Search for listeners of <>and < / listeners > elements and replace the text between these elements with the following:

  < name = "Default" / >

  < name = "FileLog".

  Type = "Microsoft.VisualBasic.Logging.FileLogTraceListener, Microsoft.VisualBasic,

  Version = 8.0.0.0, Culture = neutral, PublicKeyToken = b03f5f7f11d50a3a"

  initializeData = "FileLogWriter."

  traceOutputOptions = "DateTime".

  BaseFileName = "ConnectorServerDaily."

  Location = "Custom".

  CustomLocation = "C:\ConnectorServerLog\."

  LogFileCreationSchedule = 'Daily' >

  < type = "System.Diagnostics.EventTypeFilter filter"

  initializeData = 'Information' / >

  < / add >

  
  

  
  

  I did not understand what he's going to do? could you please explain a little bit above?

  
  

  
  

  Thank you
  

  It removes the default log configuration and adds a personalized journal config FileLog.

  The two items, you can change are:

  CustomLocation = "C:\ConnectorServerLog\."

  LogFileCreationSchedule = "daily".

  These specify where the newspapers to go and how often they rotate.

• The Active Directory Connector - create user SUCCESS response code

  Details of the environment: Oracle® Fusion Middleware 11 g Release 2 (11.1.2.2.0)

  Build IAM_11.1.2.2.0_GENERIC_131230.2258

  I have a task of personalized process that puts into service a right to the user and notifies the credentials of the user to the Manager.

  These tasks are conditional and configured to be triggered only when Create User returns the response as a SUCCESS code.

  The more bizarre behavior, these process tasks are triggered before (update of the value of the UID in the form of process OR before the response code defines SUCCESS) AND after (the user is created in AD).

  Anyone seen this?

  Questions: Email Notifications are going very well, but when set up right, account was not created in IOM.

  Share your ideas-thank you

  Try to set the task of the user to create a previous task for each of the other ones that must run first.  You can also add additional tasks that must be completed first too.

  -Kevin

• Unable to update the password on Active Directory

  Hello
  
  We have configured IOM 11.1.1 to connect to MS Active Directory for user configuration tasks. While operations are performed smoothly, for a limited number of users, we have a problem to update their password on Active Directory. Whenever users update their password on IOM, their password on Active Directory update fails with the following exception on the Active Directory Connector server. What could be the possible reasons?
  
  06/05/2013 10:48:23 < INFORMATION >: class-> ActiveDirectoryUtils-> GetDirectoryEntry method, Message-> create a directory with path: LDAP: / / * / CN = *, OR = users, OU = tax investigation, DC = *, DC = *, DC = *, DirectoryAdminName = *------*, DirectoryAdminPassword = *, authtype = Secure
  06/05/2013 10:48:23 < VERBOSE >: class-> ActiveDirectoryUtils,-> GetDirectoryEntry method, Message-> setting of the Option of chasing referral as ALL for the path: LDAP: / / * / CN = Deodatus Kato, OR = users, OU = tax investigation, DC = *, DC = *, DC = *.
  06/05/2013 10:48:23 < INFORMATION >: class-> ActiveDirectoryUtils,-> GetDirectoryEntry method, Message-> output of the method. The directory entry created for the way back = LDAP: / / * / CN = Deodatus Kato, OR = users, OU = tax investigation, DC = *, DC = *, DC = *.
  06/05/2013 10:48:23 < VERBOSE >: class-> ActiveDirectoryUtils, the-> GetDirectoryEntryFromUid method, the Message-> output of the method. Return value is entered with the path of the directory: LDAP: / / * / CN = Deodatus Kato, OR = users, OU = tax investigation, DC = *, DC = *, DC = *.
  06/05/2013 10:48:23 < INFORMATION >: class-> ActiveDirectoryConnector, method-> update, Message-> got a host directory entry: * with UID: Org.IdentityConnectors.Common.ReadOnlyList'1 [System.Object]
  06/05/2013-10:48:23 < VERBOSE >: class-> ActiveDirectoryUtils, the-> UpdateADObject method, the Message-> method entered. Parameter: oclass = MESSAGE_OBJECT_CLASS___ACCOUNT__, DirectoryEntry, attributes, type is REPLACE, ActiveDirectoryConfiguration
  06/05/2013-10:48:23 < VERBOSE >: class-> ActiveDirectoryUtils, the-> UpdateADObject method, the Message-> Auxiliary Classes for handling
  06/05/2013-10:48:23 < VERBOSE >: class-> ActiveDirectoryUtils, the-> AddAndRemoveAuxClasses method, the Message-> method entered. Parameters: UpdateType = REPLACE, attributes, DirectoryEntry
  06/05/2013 10:48:23 < VERBOSE >: class-> ActiveDirectoryUtils, the-> AddAndRemoveAuxClasses method, the Message-> output of the method.
  06/05/2013 10:48:23 < VERBOSE >: class-> ActiveDirectoryUtils, the-> UpdateADObject method, the Message-> handling update for the class of the object: __ACCOUNT__
  06/05/2013 10:48:23 < VERBOSE >: class-> ActiveDirectoryUtils, the-> UpdateADObject method, the Message-> set the user password
  06/05/2013 10:48:23 < VERBOSE >: class-> ActiveDirectoryUtils, the-> UpdateADObject method, the Message-> current password is null. Set the password by using the password manager
  ConnectorServer.exe error: 0: System.Runtime.InteropServices.COMException (0 x 80072035): the server is unwilling to process the request. (Exception from HRESULT: 0 x 80072035)
  at ActiveDs.IADsUser.SetPassword (String NewPassword)
  to Org.IdentityConnectors.ActiveDirectory.PasswordChangeHandler.changePassword (DirectoryEntry directoryEntry, GuardedString gsNewPassword) in c:\ADE\aime_oimcp\idc\bundles\dotnet\ActiveDirectory\ActiveDirectoryConnector\PasswordChangeHandler.cs:line 398
  to Org.IdentityConnectors.ActiveDirectory.ActiveDirectoryUtils.UpdateADObject (ObjectClass oclass, DirectoryEntry directoryEntry, ICollection 1 attributes, type UpdateType, ActiveDirectoryConfiguration config) in c:\ADE\aime_oimcp\idc\bundles\dotnet\ActiveDirectory\ActiveDirectoryConnector\ActiveDirectoryUtils.cs:line 342
  at Org.IdentityConnectors.ActiveDirectory.ActiveDirectoryConnector.Update (type UpdateType, oclass ObjectClass, ICollection 1 attributes, OperationOptions options) in 1639 c:\ADE\aime_oimcp\idc\bundles\dotnet\ActiveDirectory\ActiveDirectoryConnector\ActiveDirectoryConnector.cs:line
  to Org.IdentityConnectors.Framework.Impl.Api.Local.Operations.UpdateImpl.Update (ObjectClass objclass, Uid uid, ICollection 1 replaceAttributes, OperationOptions options) in 1377 c:\ADE\aime_icf\icf\framework\dotnet\FrameworkInternal\ApiLocalOperations.cs:line
  at Org.IdentityConnectors.Framework.Impl.Api.Local.Operations.ConnectorAPIOperationRunnerProxy.Invoke (object proxy, method MethodInfo, Object [] args) in c:\ADE\aime_icf\icf\framework\dotnet\FrameworkInternal\ApiLocalOperations.cs:line 244
  to ___proxy1. Update (ObjectClass, Uid, ICollection 1, OperationOptions)
  to Org.IdentityConnectors.Framework.Impl.Server.ConnectionProcessor.ProcessOperationRequest (request OperationRequest) in c:\ADE\aime_icf\icf\framework\dotnet\FrameworkInternal\Server.cs:line 609
  
  DateTime = 2013-05-06 T 07: 48:23.6474785Z
  
  --
  UZ

  what the password to format existing in active directory? (alfanumeric/no, password length, etc.)
  I always thought like that because I have updated the password does not match the format in Active Directory password

• Active Directory groups can be put into service in the FDMEE places?

  Hi experts FeeDMEE:

  We are upgrading to HFM/FDMEE 11.1.2.4.    We would like to use only the Active Directory groups for our security in Shared Services.

  I did a lot of audit looking at whether we can use security location FDMEE ad groups.  So far, the only way I found to make the security location uses the native approach (settings / security settings / security location...) Security by location, click on keep usergroup to set up groups).    But it doesn't seem to be an option if you create groups such as native or ad groups (FDMEE them creates only natively).

  Does anyone know if it is possible in FDMEE to use security of the location ad groups?

  Thank you
  Mark Smith

  I discovered that it is more possible for FDMEE create Aboriginal groups for the security of the location.

  However, Active Directory groups can be added as members of indigenous groups.   In this way, users should only be added to Active Directory groups.    The only maintenance is to add or remove groups active directory to or from the indigenous groups of FDMEE.

• Error of IDM to connect the port 636 to Active Directory

  Hello friends,
  I have a question about the configuration of the Active Directory Connector, I installed the certificate in one of the directories active I use as a target and import this certificate the server of Oracle Identity Manager 9.1.0.2, IDM of this server try to connect by Ldap Browser and port 636 to Active Directory without success.
  How else can I validate that there is communication with SSL?
  
  I need to do additional configuration in Active Directory.
  
  Thank you

  You can write a piece of code JNDI just to create the connection via the SSL protocol and use JXplorer or LDAP browsers.

  Also check diagnostic Dashborad that provides you to check connectivity via the SSL protocol.

• Install failure Azure Module Active Directory for Windows PowerShell (64-bit version)

  Hi ServiceDesk,

  I am Windows 7 64 bit users. I had a problem to install the Active Directory plug-in (64-bit), Windows Azure and I have already installed the Microsoft Online Services Sign-In Assistant for professional IT RTW success, and here's the installed error screenshot1 below:

  screenshot - 1-

  

  screenshot - 2 - because that not installed service then the "connect-msolservice" command not found

  

  Please advice, thank you

  This issue is beyond the scope of this site (for consumers) and to be sure, you get the best (and fastest) reply, we have to ask either on Technet (for IT Pro) or MSDN (for developers)
  http://social.technet.Microsoft.com/forums/en-us/home s/fr-U.S./Accueil
  http://social.msdn.Microsoft.com/Forum
  
  
  If you give us a link to the new thread we can point to some resources it

• By integrating wireless deployment Active Directory User Group

  I'm discovering best practices in deploying a WLAN for users in the environment to cooperate, who uses their company active directory integrated mobile to join the WLAN.

  I know that this can be done easily using certificates, but I just want to find a way to deploy without certificates and only based on the users AD Group. Maybe a Radius Server + integration solution LDAP server would be great.

  Please advice. Thank you.

  See you soon

  Lal Antony

  www.lalantony.com

  The best way to deply is with a Microsoft Toolbox, it has everything you need included, manuals, scripts to install and configure components on the server side and it is very easy to use. You can get it here:

  http://www.Microsoft.com/downloads/en/details.aspx?FamilyId=60c5d0a1-9820-480e-AA38-63485eca8b9b&displaylang=en

  It is based on Win2003 Server but I was advised by MS should it be OK on Win2008.

• Collecting additional fields in Active Directory

  How is it difficult to extend the Active Directory Connector to extract data from fields for additional resources?  I need complete my contact records with the data stored in the employeeID field in Active Directory, but it is not currently available.  I have never tried the box connectors output change.  What is involved beyond adding in games of fields and questions section of the Infra.Connector.LDAP.AD.icnf file?

  SenseiTX welcome!

  Fortunately, we had the same requirement earlier. And it is relatively easy to implement - just a few lines in a configuration file.

  Attach the file you need to extract and place it in the folder % VSM_SYSTEM%\Config. You do not have to rename the file - the custom file extends / replaces only sections of system requirements.

  I do not remember if you must parse (less likely) queries, restarting IIS or VSM services (most likely), but you try each action if you will see no difference.

  You can compare this file with the original to see what changed.

  Concerning

  Gytis

• Create Active Directory accounts for vSphere 5.1 Services

  To put in place the pieces of vSphere management, I need to have an account or accounts created in Active Directory.  I need to figure out how to create and what permissions they need.

  In authentication single server, I need to choose an account that vCenter server will use when it connects to the PSO.  I can use a default admin@system-domainvalue.  Or I can add an account configured in Active Directory.  Or, I can also use a group active directory instead of an individual user.  What is the best way to do it and if I use an AD account, what permissions need at the domain level and at the local level on the SSO Server?  (I use multisite mode, so I can't use local accounts)

  In SQL Server, I need to choose an account to use for the SQL server service.  This account or an active directory account or a local user account?  If so, what are the permissions should be assigned to the account in Active Directory and the permissions that should be assigned to the it on the local computer?  This group of ads, if no it should be part of?  Should what local authorities?

  In vCenter Server, I need to choose an account to run the "vCenter Server Service" in.  It is best to use the default "system" account or use an Active Directory account or a local account?

  I'm trying to get an overview of account/group AD use policy which covers the main parts of vSphere management - vCenter Server, Single Sign on, inventory Service, Web customer service.

  For example, create a group called 'vSphere Services', then create separate accounts for each element of the management and assign them specific permissions on specific systems.  Or create separate groups for each element of the management and assign permissions to the groups.  Is it better to consolidate some of these user names or split out them?  Experiences / suggestions welcome.  Thank you.

  Hello

  For general services, I use a specific service account in the ad. That was before the SSO and I use the same after SSO. SSO is used by only two services that I know not yet (the inventory Service and perhaps vCloud). However, there are several other service accounts to be created. You want an account by service and I use AD to do so, this way I can create a group of service accounts and give it appropriate roles and privileges. For example, I have service accounts for:

  • VMware View
  • XenDesktop
  • vCops
  • HPSIM
  • SolarWinds
  • VMTurbo
  • NetApp
  • etc.

  A service, a service account, each with a general role or a custom role according to the requirements of access to vCenter.

  For SSO, I have to wait on general information, but I created mine enough basically to cover only the resources that use SSO. Given that the vast majority of the items to not use the SSO, the rule still applies.  Once the SSO is supported by more than one or two tools, you always have to maintain this separation.

  Then I say yes, tie SSO to AD and do everything in one place, unfortunately, is not very clear, or at least wasn't for me and these issues SSO are either beng fixed, documented, or both.

  Best regards

  Edward L. Haletky aka Texiwill

• Autenticateing Oracle with Active Directory database

  I installed Oracle database 11.2.0.3.0 on Windows 2008 Server R2 64 bit. The company uses Microsoft Active Directory and I need to set up access to the Oracle database for users that are stored in Active Directory. Do I need another product in addition to the database to do? If so, what version of the product would need?

  To bind the user to Oracle database for users that are stored in Active Directory, and you must create the Oracle schema objects and an Oracle context.

  You can see the chapter on "Requirements for using Oracle with Active Directory database"
  http://docs.Oracle.com/CD/B28359_01/win.111/b32010/active_dir.htm#CDECHCBC

• MRI / sealing server / authentication / Active Directory

  Hello
  
  I want to use 11g "Sealing Server" to unsealing documents.
  
  Documentation:
  "The current version supports basic HTTP authentication.
  http://download.Oracle.com/docs/CD/E17904_01/user.1111/e12326/isvsealedcontent002.htm#sthref46
  
  Is it posible to use authentication Windows Active Directory with "sealing Server?
  
  
  Thank you.

  Hello

  The authentication scheme supported only for sealing services is basic authentication.

  Kind regards
  Frank.