Using groups on external authentication.

Similar Questions

• the use of afcs.php to implement external authentication

  We tried to follow the examples in the Cocomo Developer Guide and the sample application to start the implementation of an external authentication solution.  Our request for logon or the sample provided in the SDK work for us.  Both fail when you try to connect with the same errors in the server log:

  PHP Fatal error: Eception exception 'AFCSError '...

  We found an example for how the call of our test server command-line and were preparing to get a picture more complete of how it is a failure. The answer: < = result code "unauthorized" > seems to us that the service does not allow our adobe account authenticate:

  PHP afcs.php - debug - host = http://ConnectNow.Acrobat.com OurAdobeAccount <OurUsername> <Ourpassword>

  $Revision: #4 $ - $Date: $2009/09/28

  http_get: http://ConnectNow.Acrobat.com/ OurAdobeAccount? mode = xml & accountonly = true &

  < result code = "unauthorized" >

  " < baseURL href = ' https://na2.connectnow.acrobat.com:443 / "/>

  " < authentication href = ' https://services.Acrobat.com/account/WSAPI/auth/v1 "/ > "

  < / result >

  http_post: https://services.Acrobat.com/account/WSAPI/auth/v1 < application > < user name > OurUsername < / username > < password > Ourpassword < / password > < / request >

  Table

  (

  [Content-Type] = > text/xml

  )

  Error: exception 'AFCSError' in /usr/local/apache2/htdocs/rg/afcs.php:575

  Stack trace:

  #0 usr/local/apache2/htdocs/rg/afcs.php(64): CAA-> http_post (Object (SimpleXMLElement), ' < application > < usern...', Array)

  #1 usr/local/apache2/htdocs/rg/afcs.php(229): AFCSAuthenticator-> login ('OurUsername', 'Ourpassword', Array)

  #2 usr/local/apache2/htdocs/rg/afcs.php(636): AFCSAccount-> login ('OurUsername', 'Ourpassword')

  #3 {hand} >

  We have searched through the forums and it does not look like other users have the same problem.  We tried two different accounts of Adobe and these two not in the same way.
  You can provide any help would be greatly appreciated

  Line 575 in afcs.php is:

  573: $fp is fopen ($url, 'r', false, $context);.

  574: if (! $fp)

  575: throw new AFCSError("connection-failed");

  This means that the POST for the authentication service did not pass. I think you should be able to find more information about the actual error in the PHP error log, but my guess is that you haven't installed SSL module (this is a common mistake, since SSL is disabled by default). Now I can not find how to properly configure PHP to POST https URL right, but if you still need it I can get this information in the future.

  Meanwhile, check your PHP error log and see if it's the actual error.

• ACS5: method of different external authentication for each user account

  ACS4 I could specify a different external authentication for each user account. I'm trying to find a way to do the same thing to the ACS 5? When I go under identity in Access Services, I see the system requirement: username I can use to identify the user who logs in, so that I can directly to a source of different identity, but the separate political configuration for each user is very inconvinient and would require hundreds of policies, in our case.

  I was hoping that we can create a kind of attribute for each user. SysAdmin > Configuration > dictionaries > identity > internal users. I created the new attribute called 'Storage of identity' with the enumeration type, which has 4 values: internal, Entrust Token, Token RSA, counts AD and checked the box "add a political Condition." I can then go under each user and select the storage of identity for each user. But now I can't find where I can use under part of identity of an access policy. I can use it under "Group mapping" but that maps to one group and not to an identity store. I need to use it under the identity somehow, but I can't find how.

  Hello Roman,

  The attribute you created will be available when the user is authenticated through internel ID store, so that you cannot use to select the store ID.

  The best way to do this would be to use other attributes to differentiate the identity store.
  Allows you to create a sequence of identity store so that for each user, ACS will try to authenticate by using multiple identity store.

  For example, you can use these:

  Network status

  > End Station filter

  > Device filter

  > Devide filter Ports

  Here you can import filters from a file and it would therefore be more scalable.

  Hope this helps.

• the external authentication server configuration

  What is the difference with option 'a' (compared to the 'b' option) what configuration of an external authentication server?

  a. configuration | System | Servers | Authentication

  b. configuration | User management | Groups | Authentication servers

  Is it correct to assume that the 'b' option allows for the configuration of external servers for specific groups? Why should I use option 'a '? Thanks in advance.

  OK, option b allows you to set a server authentication for a specific group, while option 1 defines a server authentication for all groups. If option b is set then this server is used for authentication to this group only and overrides whatever it is defined in the option. If it is not set, then the option is used.

• Essbase security Migration to native mode for external authentication

  Hello!!
  
  I want advice on security setting, all users are currently in usermode native and Aboriginal groups.
  Now we want to migrate in external mode, the current version of hyperion is 11.1.1.3, the steps in
  that direction would be really useful.
  
  
  What is the best way of migration of the huge user base of native implementation for external authentication directory,
  It is the first step for the time of the native code for the external authentication, if anyone who did this will be useful.
  
  the installation procedure, maxl based migration will be useful or utility based.
  
  Thank you

  For services sharerd mode conversion to have a read of - http://download.oracle.com/docs/cd/E12825_01/epm.111/eashelp/sec_mode.htm

  To configure shared services to use an external directory have a reading of - http://download.oracle.com/docs/cd/E12825_01/epm.111/epm_security/frameset.htm?ch05.html

  For mass provision that you could use LCM or the utility CSSImportExport to export the provisioning of native users, update the file exported to include provisioning of users ad, then import them.
  LCM - http://download.oracle.com/docs/cd/E12825_01/epm.111/epm_lifecycle_management/launch.htm
  CSSImportExport utility - http://download.oracle.com/docs/cd/E12825_01/epm.111/epm_security/ch09s08.html

  See you soon

  John
  http://John-Goodwin.blogspot.com/

• Grouping of external midi channels

  Hello

  I'm trying to combine two external midi channels, but it does not work.

  I can put them in the same group, I have check the volume, but it still moves only a fader when I'm not touching her.

  I tried to stack them, but the created VCA group does not send the midi volume information

  Is there a way to do this?

  Thank you

  Be careful with the external MIDI in general channel strips. In the mixer, they resemble other Types of Channel Strip, but they are not. External MIDI channel strips don't "carry" any audio signal, the only signal of MIDI. I guess that's maybe the reason why the Faders group.

  It's a bit of a (misleading) confused situation, because there is no indication in this regard. The other grouping settings, however, work on all the channel strips: editing, automation Mode, Record, color, Zoom, track to hide track.

  Don't use Solo and Mute for groups or external MIDI channel strips, they are incompatible between buttons on the tracks and channel strips.

  Here's the group settings that you can use on external channel strip

  

  Hope that helps

  Edgar Rothermich - LogicProGEM.com

  (Author of "Graphically improved manuals")

  http://DingDingMusic.com/manuals/

  "I could receive some form of compensation, financial or otherwise, my recommendation or link."

• Only specific groups should get authenticated on ISE instead of the entire announcement

  Hello friends,

  I have integrated ISE to RFA, but all users of the AD are get authenticated against my network devices and get landed in exec mode, if these users have privileges to perform the configuration, network admins are able to do it because I defined the names of groups admin in the authorization policy, now I want to set only the names of specific groups in the authentication instead of the name of ads policy is it possible to do?

  Thanks in advance.

  Best regards / Tash

  This does not work, have you added the groups you wan't to check for membership in the menu external identity Sources / Active Directory/AD-name/groups? Those that you add, you should see when you press on the + sign next to 'if' and select the name you gave your definition of external advertising.

• Security server - several external authentication methods (RSA/Anakam)

  We are in the process of setting up a server security for testing purposes.

  I know that reading other posts to you will use a method such as the RSA for external authentication, you need two different authentication servers (one for internal, external).  Currently, we use a mixture of RSA and Anakam for external authentication.

  My question is that it will take two separate security servers, one for the RSA, one for Anakam?  Or both methods can exist on a server security?

  The authentication method is configured on each connection to the server and applies to all connections to this server connection.

  A joint deployment to support local access and remote access must have one or more servers dedicated to each connection. If you have two connection (CS1 and CS2) servers, it is installed as a standard instance and the other is installed as a replica. CS1 could be for internal and configured users to authenticate password only (default) AD. CS2 could be for remote users and can be configured for SecurID authentication.

  Another advantage to dedicate servers to connect in this way is for the configuration of the 'Tag' or 'Limited' rights where you can decide that some pools funds access should be allowed from the internal network. For example, you can assign a label of 'Internal' to CS1 and CS2 "Internet" and then when you make payments, you can restrict some "Internal" only pools.

  Details on the use of multiple connection for internal and external access servers can be found in the video here http://communities.vmware.com/docs/DOC-14974 (combat 18 mins is an example of exactly this Setup).

  I hope this helps.

  Select this option.

• Problems with external authentication!

  Hi all!

  I tried to experiment with external authentication with PHP using the examples provided with the LCCS SDK Navigator.

  I changed the page "index.php" to include all my account info. and checked twice!  However, when I download on my server, I get the following error every time I click on the button send the form:

  Warning: fopen() [function.fopen]: URL file-access is disabled in the server configuration in /home/tueslcom/public_html/LoginTest2/lccs.php on line 690

  Warning : fopen (https://collaboration.adobelivecycle.com/myusername? mode = xml & accountonly = true &) [function.fopen]: failed to open stream: no suitable wrapper could be found in/home/tueslcom/public_html/LoginTest2/lccs.php on line 690

  Fatal error : Eception exception 'RTCError' with the message "connection failed" in /home/tueslcom/public_html/LoginTest2/lccs.php:695 trace stack: #0 home/tueslcom/public_html/LoginTest2/lccs.php(587): RTC::http_get('https://collabo...', Array) #1 home/tueslcom/public_html/LoginTest2/lccs.php(254): RTCAccount-> do_initialize() #2 home/tueslcom/public_html/LoginTest2/index.php(33): RTCAccount-> __construct ('https://collabo...') #3 {main} thrown in /home/tueslcom/public_html/LoginTest2/lccs.php on line 695

  I have some experience with PHP, however, through lccs.php and trying to reverse engineer everything to know what is happening is a bit beyond my skill level!  Any idea what could be past/missing here?  It seems that this should be a no-brainer!

  Thanks in advance for any help that anyone can give.

  Matt

  No, it's really that on a certain system curl works and waterways only and on some curl does not work.

  I chose the 'flow' as a default way because that's what worked on my machine

  There is really no difference in how the two methods work, they are all two the same way https requests and curl is one of the best clients available http anyway.

  -Raffaele

• Setting up external authentication

  In Section 6.4 of the LCC Developer Guide, under the description of the workflow, step 3 States: "Develop scripts as described in the documentation of the script."

  Specifically, what documentation is meant here?

  Thank you.

  Hello

  This is so the documentation refers to the documentation for the scripting language specific, you use external authentication.

  If you unpack our application, you will find a folder named ServerIntegration with libraries of supply required to implement external authentication of different scripts such as php, ruby, python, coldfusion and so on. Each of these script file contained the respective script as well as the README files on the way to setting points and so on.

  In addition, you will find examples of the use of our API server to Server (external authentication being communication Server2Server) with these different scripts under sampleApps/Server2Server/folder. These examples also have the README files for installation.

  The answer to your question are all these README files.

  Hope this helps

  Thank you

  Hironmay Basu

• PHP external authentication problem

  Try to connect to the CAA connection using external authentication.

  PHP file generates a key properly and everything seems fine until I get the wrench inside flex.

  at the stage of connection I get the following error in the console of the library connect call trace

  As much as I can say that everything is just... How can I tell what is the problem with the authentication key?

  AFCS Beta Build #: 1.1
  requestInfo https://ConnectNow.Acrobat.com/ {roomname}? exx = 2Qx jcm9iYXQuY29tL2hpaW50ZXJmYWNlL2RtOjEwMDo4N2NmNWUwMjIzZTVhMmFkYzI2MmY4MDVlNWJmMWVlM2Y4OTJlY eDp7dXRmOF9lbmNvZGUoZGFyaXVzKX06OmRtOmFnZW50ZG06aHR0cHM6Ly9jb25uZWN0bm93LmF & mode = x & xml = 0.2519759591668844
  Bad ERROR # key authentication #THROWING

  There are a few errors in the key. There are a few PHP 'code' in it (expansion of the evil chain?) and that you use a URL full instead of the name of the room.

  If you want more details, send me a private message, but you should check how you call the method to get authentication token.

• Creation of rooms with external authentication

  My application works like this: each user has its own bathroom, and I needed to let them publish and subscribe, but do not have (and does so not sup rooms). So they connect on my site, get an auth token of LCC, and then create a ConnectSession with this authentication token. But unless I have getAuthenticationToken with 100 owner privileges, it fails with

  not sufficient permissions to create a new CollectionNode. You must be the OWNER of the room to add new multiuser features to it. Connect with the developer credentials to do this.

  So what I need to know is how

  (A) create a room for the user by using external authentication

  (B) allow the user to connect to this room with Publisher privileges after obtaining an auth token.

  (C) allow other users to connect to this room with Publisher privileges after having received the same authentication token.

  Any help greatly appreciated and samples of code please!

  
  

  Hello

  That certainly should not. We will ignore all aspects of authentication

  here and just assumed that you always come as an EDITOR, since this

  should be able to work.

  I just crossed the workflow using the Console from the room and was able to

  get this to work. A couple of control points:

  (1) can you log in the templateroom room in the Console room and check on

  the Explorer tab it has a CollectionNode put in place for the cat? (it will be

  named "xxx_SimpleChat")

  (2) I am reading this right, you have named the new model

  "templateroom" as well? Maybe try to name "templateapp" instead?

  (3) once you have created a templateapp in the Console room, try adding a new

  room to it via the Console (the button "Add" in the column of rooms). Sign in to

  the new room, you just created and check his tab Explorer - just it

  with the collectionNode you saw in your style room?

  I'm sure that we will find explanations - thank you for hanging there!

  Nigel

• External authentication via the PHP script failed

  I'm not a PHP genius - in fact I'm not a backend coder so I'm kinda struggeling with the sample scripts - I still hope for a sample of CF....
  
  I'm trying to run and connect to the CAA via the command line (Terminal). I'm not sure what I'm doing wrong - this is what I'm passing:
  PHP f /Applications/MAMP/htdocs/afcs.php args - debug - host = my_pass, http://connectnow.acrobat.com, fcguru, my_login
  
  The username and password I spend are correct. However, I get this response:
  Error: message exception 'AFCSError' with ' < State response 'error' = >
  < error code = "AUTH_FAILED" >
  < msg > failed authorization < / msg >
  < / error >
  < / answer >
  ' in /Applications/MAMP/htdocs/afcs.php:86
  
  Really struggeling with this. Once again I get this working from the command line, I don't know how to call it from a script instead. I use CF on the backend, no PHP.
  
  Kind regards
  
  Stefan
  
  

  Thank you, this is very useful. It seems that I can now connect from the Terminal so that's a good start. Also, I did not see external authentication in PHP for example - I must have been blind.
  I'll see how far I get with that. What I'm trying to do is spawn new rooms based on a template on the fly, and I have some doubts, I'll be able to understand this myself.

• Mail has stopped allowing me to use Group addresses

  I'm under El Cap 10.11.6.

  Mail left allowing me to use Group addresses. I tried manually, type the group name in the address bar, add the group by using the + function and click and drag.

  When I use the + function, the group is displayed but cannot be selected.

  What is the solution?

  Plot thickens: when I manually add recipients to the BCC line, the email will send but is never received by anyone on any address line.

  I sent from iPad and a Mac, same result. question about iCloud?

• After using groups of tabs earlier today, now whenever I close FF with more than 1 open tab, FF don't ask me to confirm before closing

  After using groups of tabs earlier today, now whenever I close FF with more than 1 open tab, FF don't ask me to confirm prior to closing. FF always asked me to confirm in the past and no settings have been changed before you try tab groups. Then when I open FF it again all the tabs I had open are still there. I tried refreshing FF and erase history, but that did not work. It's almost as if FF think windows and tabs I have open are a group of tabs, and he won't let me get rid of this group. How to stop groups of tabs now that I have them? Or is there something else? None of this was going on until this morning, I played with tab groups. I was curious what it was - it's going to make me kill one of these days lol.

  Note that using "show my windows and tabs from last time" as the start setting will also prevent Firefox to display an alert when you close the window.

  • https://support.Mozilla.org/KB/Options+window+-+General+Panel