Search Results

Search found 1336 results on 54 pages for 'ou'.

Page 18/54 | < Previous Page | 14 15 16 17 18 19 20 21 22 23 24 25 | Next Page >

Oracle vous invite à un atelier découverte Oracle Coherence composé d’une présentation du produit et de ses concepts, suivi par des exercices pratiques.

- by mseika

Oracle vous invite à un atelier découverte Oracle Coherence composé d’une présentation du produit et de ses concepts, suivi par des exercices pratiques. Objectifs : Cet atelier est destiné aux populations suivantes : architectes, développeurs, ainsi que les responsables de projets. Le format retenu (1 journée) pour cet atelier vous permettra de mesurer ce qu’Oracle Coherence peut apporter à votre entreprise ou vos clients au travers de quelques exercices. Cette journée de prise en main vous permettra de mieux comprendre : Le positionnement d’Oracle Coherence au travers des différents cas d’utilisation rencontrés sur le marché français Les concepts technique d’Oracle Coherence Création d’une grille de données distribuée Insérer et lire des données dans un cache distribué Effectuer une requête sur un cache distribué Effectuer une aggrégation sur un cache distribué Etc… En fonction de votre niveau il y aura toujours un exercice supplémentaire à réaliser… Pré-requis :Matériel : Pour la session, chaque participant doit disposer de son pc portable avec un minimum de 4Go de RAM (idéalement Windows XP ou 7). Sur le PC on doit trouver déjà installés les éléments suivants : un Jdk 6, Eclipse dans une version récente, et Coherence 3.7. Technique : Eclipse et Programmation Java niveau débutant (vous devez être à l’aise pour créer un projet Java, utiliser des librairies, compiler, exécuter, créer des configurations de lancement Eclipse, etc…). Durée : 1 jour L'équipe Enablement Oracle France.NB: Merci de prévoir les frais liés au déjeuner qui n'est pas pris en charge par Oracle

Read the article
INCLUDE ON YOUR SOLUTION ORACLE'S BUSINESS INTELLIGENCE SOFTWARE / 22 Fev 11

- by Claudia Costa

Convidamo-lo a assistir à sessão ISV Partner Embedded BI que decorrerá no prximo dia 22 de Fevereiro nas instalações da Oracle, em Porto Salvo. Não perca esta oportunidade de descobrir como pode modernizar a sua aplicação através da inclusão do Oracle Business Intelligence (OBI 11g). Durante esta sessão, ficará a saber como tornar os seus relatórios e a informação de apoio à gestão mais competitivos, e em simultâneo como pode proporcionar aos seus clientes informação de gestão com um visual apelativo. Qual a importância que esta temática tem para si? Ao encorporar a solução Oracle BI na sua aplicação, poderá mais rapidamente endereçar oportunidades de mercado, acrescentando valor ao seu produto. Poderá também baixar o custo total de propriedade (TCO) e proporcionar um retorno de investimento maior. Em caso de dúvida ou eventual esclarecimento, por favor contacte Claudia Costa - Telf: 21 4235027 ou email: [email protected]. Contamos com a sua presença! Agenda 09:15 Registo 09:30 Boas Vindas e Introdução - Paulo Costa, ISV Manager Oracle Portugal 09:40 The BI&EPM Market and Oracle's Strategic Position - Mike Hallet, BI and EPM Director Oracle EMEA 10:00 Oracle Business Intelligence 11g - Most Complete, Open, Integrated and Embeddable solution - Guy Ernoul, Master Principal Sales Consultant 11:00 Coffee Break 11:20 Introduction to the embedded BI program for ISV partners - Mike Hallet, BI and EPM Director Oracle EMEA 12:00 Partner showcase of an Oracle Embedded BI solution 13:00 Lunch 14:00 Technical Presentation - Guy Ernoul, Master Principal Sales Consultant OBI Administration: Architecture Creating & Manage the (Presentation, Model, Physical) Layer Administration using FMW control Diagnostic and performance for Enterprise Manager Demonstration OBI Utilization: Analyse & Dashboard Reports Action Framework Map & Scorecard APIs for Embedding OBI 11g (Go, Xml, ADF) Demonstration 16:00 Encerramento22 Fevereiro de 2011 9.30 a.m. - 4.00 p.m. Instalações Oracle Showroom Lagoas Park - Edf 8 Porto SalvoAssista a este evento exclusivo Inscrições Gratuitas. Lugares Limitados!Registe-se já!

Read the article
ODF (Open Document Format) para ISVs - 16/Dez/10

- by Paulo Folgado

Os ISVs (Independent Software Vendors) sentem frequentemente necessidade de incluir nas suas aplicações uma funcionalidade de exportação de informação - uma carta, uma tabela com dados financeiros, um gráfico, etc - para que possa ser trabalhada externamente com ferramentas ditas de Produtividade num 'desktop' (também designadas por 'Suites de Office'). Nessas situações são confrontados com a necessidade de elegerem que formato deve ser usado para essa exportação de dados, sendo a escolha mais usual a utilização dos formatos do Microsoft Office. Contudo, se fôr essa a sua única opção, estarão a auto excluir-se de um mercado em crescimento constituído pelos clientes que utilizam outras ferramentas de produtividade, nomeadamente as que são baseadas no standard ISO Open Document Format (ODF), como é o caso do Open Office. Este seminário tem por objectivo dar aos parceiros ISVs da Oracle: Uma visão sobre o mercado actual de 'suites' de Office e dos standards usados pelos principais fornecedores de soluções A estratégia da Oracle para o Open Office Razões para deverem suportar a norma ODF Como suportar ODF nas suas aplicações Agenda O mercado actual das Suites Office Os standards actuais "de facto" e oficiais - MS-Office, OOXML e ODF Que produtos usam o ODF hoje Estratégia Oracle para o Open Office Porquê suportar ODF nas aplicações Como adaptar as aplicações actuais à utilização de ODF Local: Oracle - Lagoas ParkData: 16 de DezembroDuração: 1/2 diaHorário: 9:30 - 12:00 Inscrições: Email, ou pelo telefone 211929708 Para mais informações, por favor contacte Claudia Costa via Email ou telefone 214235027.

Read the article
Setup a Autoreply Only Account

- by dabrain

For some very good reason you might would like to setup a 'autoreply' only account, without storing the incoming mail into a mailbox. If not already done, create an account via Delegated Admin Gui or commadmin Commandline Tool. Example: /opt/sun/comms/da/bin/commadmin user create -D admin -d vmdomain.tld -w enigma -F Mike -l mparis -L Paris -W tester -E [email protected] -S mail -H mars.vmdomain.tld Setup mailDeliveryOption to autoreply mode only, so no email will be stored in the user mailbox, skip this step if you want incoming emails stored in the mailbox. ldapmodify -D "cn=Directory Manager" -w enigma -f /tmp/modfile [/tmp/modfile] dn: uid=mparis,ou=People,o=vmdomain.tld,o=red changetype: modify replace: mailDeliveryOption mailDeliveryOption: autoreply Setup mailSieveRuleSource with the autoreply text and 'do-not-reply' From address. The "Thank you ..." part becomes the subject. The next string in quotes is the body part of the message. The ":hours 0" denotes that we want a reply sent for every message. Finally, the \n is used because of the wanted newlines in the body. ldapmodify -D "cn=Directory Manager" -w enigma -f /tmp/addfile [/tmp/addfile] dn: uid=mparis,ou=People,o=vmdomain.tld,o=red changetype: modify add: mailSieveRuleSource mailSieveRuleSource: require "vacation"; vacation :hours 0 :reply :from "do-not-reply @domain.com" :subject "Thank you for contacting webpost" "Your Mail is being review ed.\nTo access contact information please visit : http://www.domain.com \nPlease do not reply to this e-mail as it is an automated response on your mail being accessed .\n\nPublic Respose Unit.\n"

Read the article
It's Raining Solaris Training

- by rajeshr

That the popularity of Solaris 11 is only growing is clear from how regular the training sessions have been around this product. It's such an excitement to be going around sharing knowledge on Solaris, more so to explore the nitty gritty of many new and evolving features. Trust me, it's only getting better! In the process, just like in the past I stumbled on several individuals, each teaching me a lesson or two. I'm grateful. And if I've managed to get over the laziness to come back to the web logs with a collection of class photos from the last couple of months, it's because of a sense of gratitude to all 'em in the picture below. Solaris 11 Network Administration Pilot Teach in Bangalore. Sun Identity Manager (n.k.a Oracle Waveset IDM) Deployment Fundamentals Training. I'm missing from the snap because these delegates sat well over 10,000 Kms away from where I taught this class from, but were kind enough to help me associate a face with the voice by sending me a group photograph. If you want to attend one such OU program cutting down the travel, try OU's Live Virtual Class (a.k.a LVC) . Transition to Solaris 11 in Mumbai. Solaris 11 Advanced Administration Session in Bangalore. Transition to Solaris 11 in Mumbai. Attending Gary Riseborough's Exadata Training at Singapore. Solaris 11 Advanced Administration Session in Bangalore. If only the participants of each LVC session belonged to the same location, there would've been additional three group photographs occupying this space! Thank you everyone for many many memorable moments.

Read the article
How to configure ubuntu ldap client to get password policies from server?

- by Rafaeldv

I have a ldap server on CentOS, 389-ds. I configured the client, ubuntu 12.04, to authenticate on that base and it works very well. But it don't gets the password policies from server. For example, if i set the policy to force user to change the password on first login, ubuntu ignores it and logs him in, always. How can i setup the client to get the policies? Here are the client files: /etc/nsswitch.conf passwd: files ldap group: files ldap shadow: files ldap hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4 networks: files protocols: db files services: db files ethers: db files rpc: db files netgroup: nis sudoers: ldap files common-auth auth [success=2 default=ignore] pam_unix.so nullok_secure auth [success=1 default=ignore] pam_ldap.so use_first_pass auth requisite pam_deny.so auth required pam_permit.so auth optional pam_cap.so common-account account [success=2 new_authtok_reqd=done default=ignore] pam_unix.so account [success=1 default=ignore] pam_ldap.so account requisite pam_deny.so account required pam_permit.so common-password password requisite pam_cracklib.so retry=3 minlen=8 difok=3 password [success=2 default=ignore] pam_unix.so obscure use_authtok try_first_pass sha512 password [success=1 user_unknown=ignore default=die] pam_ldap.so use_authtok try_first_pass password requisite pam_deny.so password required pam_permit.so password optional pam_gnome_keyring.so common-session session [default=1] pam_permit.so session requisite pam_deny.so session required pam_permit.so session optional pam_umask.so session required pam_unix.so session optional pam_ldap.so session optional pam_ck_connector.so nox11 session optional pam_mkhomedir.so skel=/etc/skel umask=0022 /etc/ldap.conf base dc=a,dc=b,dc=c uri ldaps://a.b.c/ ldap_version 3 rootbinddn cn=directory manager pam_password md5 sudoers_base ou=SUDOers,dc=a,dc=b,dc=c pam_lookup_policy yes pam_check_host_attr yes nss_initgroups_ignoreusers avahi,avahi-autoipd,backup,bin,colord,daemon,games,gnats,hplip,irc,kernoops,libuuid,lightdm,list,lp,mail,man,messagebus,news,proxy,pulse,root,rtkit,saned,speech-dispatcher,sshd,sync,sys,syslog,usbmux,uucp,whoopsie,www-data /etc/ldap/ldap.conf BASE dc=a,dc=b,dc=c URI ldaps://a.b.c/ ssl on use_sasl no tls_checkpeer no sudoers_base ou=SUDOers,dc=a,dc=b,dc=c sudoers_debug 2 pam_lookup_policy yes pam_check_host_attr yes pam_lookup_policy yes pam_check_host_attr yes TLS_CACERT /etc/ssl/certs/ca-certificates.crt TLS_REQCERT never

Read the article
port opengl2.x to opengl 3.x

- by user46759

I'm trying to port opencloth example to OpenGL 3.x. I've mostly done it to the shaders but I'm not sure of this part : glEnableClientState(GL_VERTEX_ARRAY); glBindBuffer(GL_ARRAY_BUFFER, vboID); glVertexPointer(4, GL_FLOAT, 0,0); glEnableClientState(GL_TEXTURE_COORD_ARRAY); glBindBuffer(GL_ARRAY_BUFFER, vboTexID); glTexCoordPointer(2, GL_FLOAT,0, 0); glEnableClientState(GL_NORMAL_ARRAY); glBindBuffer(GL_ARRAY_BUFFER, vboNormID); glNormalPointer(GL_FLOAT,sizeof(float)*4, 0); maybe glEnableVertexAttriArray somewhere ? any clue ? thanx edit : maybe something like that ? glEnableVertexAttribArray (2) ; // Ou glEnableVertexAttribArray (positionIndex) ; glBindBuffer(GL_ARRAY_BUFFER, vboTexID); glVertexAttribPointer (2, 2, GL_FLOAT, GL_FALSE, 0, 0) ; glEnableVertexAttribArray (3) ; // Ou glEnableVertexAttribArray (positionIndex) ; glBindBuffer(GL_ARRAY_BUFFER, vboNormID); glVertexAttribPointer (3, 4, GL_FLOAT, GL_FALSE, sizeof (float) * 4, 0) ;

Read the article
openvpn: after changing to server mode, client does not create TUN device

- by lurscher

i had a previously working configuration with the config files used in a previous question However, i've changed this now to the following configuration using server mode, everything on the logs seem fine, however the client doesn't create any tun interface, so i don't have anything to connect to, presumably, i need to add or push some route commands, but i don't have any idea at this point what i need to do. I am posting all my relevant configuration files server.conf: dev tun server 10.8.117.0 255.255.255.0 ifconfig-pool-persist ipp.txt tls-server dh /home/lurscher/keys/dh1024.pem ca /home/lurscher/keys/ca.crt cert /home/lurscher/keys/vpnCh8TestServer.crt key /home/lurscher/keys/vpnCh8TestServer.key status openvpn-status.log log openvpn.log comp-lzo verb 3 and client.conf: dev tun remote my.server.com tls-client ca /home/chuckq/keys/ca.crt cert /home/chuckq/keys/vpnCh8TestClient.crt key /home/chuckq/keys/vpnCh8TestClient.key ns-cert-type server ; port 1194 ; user nobody ; group nogroup status openvpn-status.log log openvpn.log comp-lzo verb 3 the server ifconfig shows a tun device: tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:10.8.117.1 P-t-P:10.8.117.2 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) However the client ifconfig does not show any tun interface! $ ifconfig tun0 tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 POINTOPOINT NOARP MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) the client log says: Tue May 17 23:27:09 2011 OpenVPN 2.1.0 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Jul 12 2010 Tue May 17 23:27:09 2011 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Tue May 17 23:27:09 2011 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Tue May 17 23:27:09 2011 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted> Tue May 17 23:27:09 2011 LZO compression initialized Tue May 17 23:27:09 2011 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ] Tue May 17 23:27:09 2011 TUN/TAP device tun0 opened Tue May 17 23:27:09 2011 TUN/TAP TX queue length set to 100 Tue May 17 23:27:09 2011 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ] Tue May 17 23:27:09 2011 Local Options hash (VER=V4): '41690919' Tue May 17 23:27:09 2011 Expected Remote Options hash (VER=V4): '530fdded' Tue May 17 23:27:09 2011 Socket Buffers: R=[114688->131072] S=[114688->131072] Tue May 17 23:27:09 2011 UDPv4 link local (bound): [undef] Tue May 17 23:27:09 2011 UDPv4 link remote: [AF_INET]192.168.0.101:1194 Tue May 17 23:27:09 2011 TLS: Initial packet from [AF_INET]192.168.0.101:1194, sid=8e8bdc33 f4275407 Tue May 17 23:27:09 2011 VERIFY OK: depth=1, /C=CA/ST=Out/L=There/O=Ubuntu/OU=Home/CN=Ubuntu_CA/name=lurscher/[email protected] Tue May 17 23:27:09 2011 VERIFY OK: nsCertType=SERVER Tue May 17 23:27:09 2011 VERIFY OK: depth=0, /C=CA/ST=Out/L=There/O=Ubuntu/OU=Home/CN=vpnCh8TestServer/name=lurscher/[email protected] Tue May 17 23:27:09 2011 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Tue May 17 23:27:09 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Tue May 17 23:27:09 2011 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Tue May 17 23:27:09 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Tue May 17 23:27:09 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Tue May 17 23:27:09 2011 [vpnCh8TestServer] Peer Connection Initiated with [AF_INET]192.168.0.101:1194 Tue May 17 23:27:10 2011 Initialization Sequence Completed the client status log: OpenVPN STATISTICS Updated,Tue May 17 23:30:09 2011 TUN/TAP read bytes,0 TUN/TAP write bytes,0 TCP/UDP read bytes,5604 TCP/UDP write bytes,4244 Auth read bytes,0 pre-compress bytes,0 post-compress bytes,0 pre-decompress bytes,0 post-decompress bytes,0 END and the server log says: Tue May 17 23:18:25 2011 OpenVPN 2.1.0 x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Jul 12 2010 Tue May 17 23:18:25 2011 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Tue May 17 23:18:25 2011 WARNING: --keepalive option is missing from server config Tue May 17 23:18:25 2011 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet. Tue May 17 23:18:25 2011 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Tue May 17 23:18:25 2011 Diffie-Hellman initialized with 1024 bit key Tue May 17 23:18:25 2011 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted> Tue May 17 23:18:25 2011 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ] Tue May 17 23:18:25 2011 ROUTE default_gateway=192.168.0.1 Tue May 17 23:18:25 2011 TUN/TAP device tun0 opened Tue May 17 23:18:25 2011 TUN/TAP TX queue length set to 100 Tue May 17 23:18:25 2011 /sbin/ifconfig tun0 10.8.117.1 pointopoint 10.8.117.2 mtu 1500 Tue May 17 23:18:25 2011 /sbin/route add -net 10.8.117.0 netmask 255.255.255.0 gw 10.8.117.2 Tue May 17 23:18:25 2011 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ] Tue May 17 23:18:25 2011 Socket Buffers: R=[126976->131072] S=[126976->131072] Tue May 17 23:18:25 2011 UDPv4 link local (bound): [undef] Tue May 17 23:18:25 2011 UDPv4 link remote: [undef] Tue May 17 23:18:25 2011 MULTI: multi_init called, r=256 v=256 Tue May 17 23:18:25 2011 IFCONFIG POOL: base=10.8.117.4 size=62 Tue May 17 23:18:25 2011 IFCONFIG POOL LIST Tue May 17 23:18:25 2011 vpnCh8TestClient,10.8.117.4 Tue May 17 23:18:25 2011 Initialization Sequence Completed Tue May 17 23:27:22 2011 MULTI: multi_create_instance called Tue May 17 23:27:22 2011 192.168.0.104:1194 Re-using SSL/TLS context Tue May 17 23:27:22 2011 192.168.0.104:1194 LZO compression initialized Tue May 17 23:27:22 2011 192.168.0.104:1194 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ] Tue May 17 23:27:22 2011 192.168.0.104:1194 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ] Tue May 17 23:27:22 2011 192.168.0.104:1194 Local Options hash (VER=V4): '530fdded' Tue May 17 23:27:22 2011 192.168.0.104:1194 Expected Remote Options hash (VER=V4): '41690919' Tue May 17 23:27:22 2011 192.168.0.104:1194 TLS: Initial packet from [AF_INET]192.168.0.104:1194, sid=8972b565 79323f68 Tue May 17 23:27:22 2011 192.168.0.104:1194 VERIFY OK: depth=1, /C=CA/ST=Out/L=There/O=Ubuntu/OU=Home/CN=Ubuntu_CA/name=lurscher/[email protected] Tue May 17 23:27:22 2011 192.168.0.104:1194 VERIFY OK: depth=0, /C=CA/ST=Out/L=There/O=Ubuntu/OU=Home/CN=Ubuntu_CA/name=lurscher/[email protected] Tue May 17 23:27:22 2011 192.168.0.104:1194 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Tue May 17 23:27:22 2011 192.168.0.104:1194 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Tue May 17 23:27:22 2011 192.168.0.104:1194 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Tue May 17 23:27:22 2011 192.168.0.104:1194 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Tue May 17 23:27:22 2011 192.168.0.104:1194 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Tue May 17 23:27:22 2011 192.168.0.104:1194 [vpnCh8TestClient] Peer Connection Initiated with [AF_INET]192.168.0.104:1194 Tue May 17 23:27:22 2011 vpnCh8TestClient/192.168.0.104:1194 MULTI: Learn: 10.8.117.6 -> vpnCh8TestClient/192.168.0.104:1194 Tue May 17 23:27:22 2011 vpnCh8TestClient/192.168.0.104:1194 MULTI: primary virtual IP for vpnCh8TestClient/192.168.0.104:1194: 10.8.117.6 finally, the server status log: OpenVPN CLIENT LIST Updated,Tue May 17 23:36:25 2011 Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since vpnCh8TestClient,192.168.0.104:1194,4244,5604,Tue May 17 23:27:22 2011 ROUTING TABLE Virtual Address,Common Name,Real Address,Last Ref 10.8.117.6,vpnCh8TestClient,192.168.0.104:1194,Tue May 17 23:27:22 2011 GLOBAL STATS Max bcast/mcast queue length,0 END

Read the article
OpenLDAP and user role based accedss controll (RBAC)

- by Jason

Hello, my company uses an openldap server which stores corporate user information ((username,passwd and some other information like email are stored in ldap).. Till now they only use it for authentication but now we'd like to use for authentication also, this means that we'll create roles (as ldap attributes in a new schema) and assign those roles in the users. My actual question is if there is a best-practice to follow for using openldap for authentication on many applications (most written in php). I understand how to make roles and assign them to users for just one application, but what about the others (each application of course has its own roles). Should I just create an ou=appName,ou=roles,dc=mycompany for each application, put the roles as attributes there and just add each role as an attribute of the user object ? is there any other recommendations ? thanks

Read the article
git push problem -argh!

- by phil swenson

Dunno what's going on, no response from github on this prob so I'm asking here. Tried a git push for the first time in a month or so and got this. Turned on export GIT_CURL_VERBOSE=1 and did a push and get this: localhost:send2mobile_rails phil$ git push Password: * Couldn't find host github.com in the .netrc file; using defaults * About to connect() to github.com port 443 (#0) * Trying 207.97.227.239... * Connected to github.com (207.97.227.239) port 443 (#0) * SSL connection using DHE-RSA-AES256-SHA * Server certificate: * subject: O=*.github.com; OU=Domain Control Validated; CN=*.github.com * start date: 2009-12-11 05:02:36 GMT * expire date: 2014-12-11 05:02:36 GMT * subjectAltName: github.com matched * issuer: C=US; ST=Arizona; L=Scottsdale; O=GoDaddy.com, Inc.; OU=http://certificates.godaddy.com/repository; CN=Go Daddy Secure Certification Authority; serialNumber=07969287 * SSL certificate verify ok. > GET /303devworks/send2mobile_rails.git/info/refs?service=git-receive-pack HTTP/1.1 User-Agent: git/1.7.1 Host: github.com Accept: */* Pragma: no-cache < HTTP/1.1 401 Authorization Required < Server: nginx/0.7.61 < Date: Tue, 01 Jun 2010 10:53:13 GMT < Content-Type: text/html; charset=iso-8859-1 < Connection: keep-alive < Content-Length: 0 < WWW-Authenticate: Basic realm="Repository" < * Connection #0 to host github.com left intact * Issue another request to this URL: 'https://[email protected]/MYUSERHERE/send2mobile_rails.git/info/refs?service=git-receive-pack' * Couldn't find host github.com in the .netrc file; using defaults * Re-using existing connection! (#0) with host github.com * Connected to github.com (207.97.227.239) port 443 (#0) * Server auth using Basic with user '303devworks' > GET /303devworks/send2mobile_rails.git/info/refs?service=git-receive-pack HTTP/1.1 Authorization: Basic MzAzZGVfd29sa3M6Y29nbmwzNzIw User-Agent: git/1.7.1 Host: github.com Accept: */* Pragma: no-cache < HTTP/1.1 200 OK < Server: nginx/0.7.61 < Date: Tue, 01 Jun 2010 10:53:13 GMT < Content-Type: application/x-git-receive-pack-advertisement < Connection: keep-alive < Status: 200 OK < Pragma: no-cache < Content-Length: 153 < Expires: Fri, 01 Jan 1980 00:00:00 GMT < Cache-Control: no-cache, max-age=0, must-revalidate < * Expire cleared * Connection #0 to host github.com left intact Counting objects: 166, done. Delta compression using up to 4 threads. Compressing objects: 100% (133/133), done. * Couldn't find host github.com in the .netrc file; using defaults * About to connect() to github.com port 443 (#0) * Trying 207.97.227.239... * connected * Connected to github.com (207.97.227.239) port 443 (#0) * SSL re-using session ID * SSL connection using DHE-RSA-AES256-SHA * old SSL session ID is stale, removing * Server certificate: * subject: O=*.github.com; OU=Domain Control Validated; CN=*.github.com * start date: 2009-12-11 05:02:36 GMT * expire date: 2014-12-11 05:02:36 GMT * subjectAltName: github.com matched * issuer: C=US; ST=Arizona; L=Scottsdale; O=GoDaddy.com, Inc.; OU=http://certificates.godaddy.com/repository; CN=Go Daddy Secure Certification Authority; serialNumber=07969287 * SSL certificate verify ok. * Server auth using Basic with user 'MYUSERHERE' > POST /303devworks/send2mobile_rails.git/git-receive-pack HTTP/1.1 Authorization: Basic JzAzZGV1d29ya3M6Y25nb29zNzIq User-Agent: git/1.7.1 Host: github.com Accept-Encoding: deflate, gzip Content-Type: application/x-git-receive-pack-request Accept: application/x-git-receive-pack-result Expect: 100-continue Transfer-Encoding: chunked * The requested URL returned error: 411 * Closing connection #0 error: RPC failed; result=22, HTTP code = 411 Writing objects: 100% (140/140), 2.28 MiB | 1.93 MiB/s, done. Total 140 (delta 24), reused 0 (delta 0) ^C localhost:send2mobile_rails phil$

Read the article
How to improve my LDAP schema?

- by asmaier

Hello, I have a OpenLDAP Database and it holds some project objects that look like dn: cn=Proj1,ou=Project,ou=ua,dc=org cn: Proj1 objectClass: top objectClass: posixGroup member: 001ag member: 002ag System: ABEL System: PCx Budget: ABEL:1000000:0.3 Budget: PCx:300000:0.3 One can see that the Budget attribute is a ":"-separated string, where the first part holds the name of the system the budget is for, the second part holds some budget (which may change every month) and the last entry is a conversion factor for the budget of that system. Seeing this, I thought this is bad database design, since attribute values should always be atomic. But how can I improve that in LDAP, so that I can do a direct ldapsearch or a direct ldapmodify of the budget of System "ABEL" instead of writing a script, that will have to parse and split the ":"-separated string?

Read the article
VBScript LDAP: Is there a way to query for physicalDeliveryOfficeName using the email address in Act

- by phill

I'm attempting to utilize VBScript to connect pull the physicalDeliveryOfficeName attribute in Active Directory by providing the email address. I know how to do it with a common name like the following: Set MyUser = GetObject ("LDAP://cn=" & uname & ",ou=" & strname & ",DC=bobdom,DC=net") However only the email address is available. How to do this? I've even tried Set MyUser = GetObject ("LDAP://mail=" & uname & ",ou=" & strname & ",DC=bobdom,DC=net") and that doesn't work.

Read the article
Active Directory validate service account and user accounts

- by Padur

Hello folks I have an issue here, I guess you all know what is AD service account and why it is used for, if not please see the below description ? SSL-Explorer requires a dedicated Active Directory account to use for authenticating AD users. This account serves as a link to your Active Directory database. If the Service Account is not found on your AD database then the SSL-Explorer service will not start. Well I have Active Directory service account details and user submitted login/password details.In the code below I validated service account by giving MEMBER_GRPUP and adminPassword and I check whether the user exists in Active Directory by submitting samaaccountname but my question here is how do I validate the password submitted for that user? I am not sure how to do this, I appreciate if anybody has any suggestions on this. Thanks for your time. public boolean validateUserFromActiveDirectory(String userId) { final String MEMBER_GROUP = "CN=asdadasd,OU=asdasdasd Accounts,OU=adasdas,OU=asdasdas,DC=asdasdas,DC=asdasdas,DC=adasdasd,DC=asdasdasd"; String employeeNumber = ""; final String LDAP_INIT_CTX = "com.sun.jndi.ldap.LdapCtxFactory"; final String LDAP_URL = "ldap://xx-ssssssss.eee.eee.eeeee.eeeee:636"; final String MY_ATTRS[] = { "employeeNumber" }; String adminPassword = "somepassword"; String securityProtocol = "ssl"; boolean isValidUser = false; try { Hashtable env = new Hashtable(); env.put(Context.INITIAL_CONTEXT_FACTORY, LDAP_INIT_CTX); env.put(Context.PROVIDER_URL, LDAP_URL); env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.REFERRAL, "follow"); env.put(Context.SECURITY_PRINCIPAL, MEMBER_GROUP); env.put(Context.SECURITY_CREDENTIALS, adminPassword); env.put(Context.SECURITY_PROTOCOL, securityProtocol); //C:\Documents and Settings\yourusername\Local Settings\Temp File tf = File.createTempFile("adentTruststore", ".jks"); tf.deleteOnExit(); byte buffer[] = new byte[0x1000]; ClassLoader cl = JNDI.class.getClassLoader(); InputStream in = cl.getResourceAsStream( "someTruststore.jks"); FileOutputStream out = new FileOutputStream(tf); int cnt; while ((cnt = in.read(buffer)) != -1) out.write(buffer, 0, cnt); in.close(); out.close(); System.setProperty("javax.net.ssl.trustStore", tf .getAbsolutePath()); DirContext context = new InitialLdapContext(env, null); SearchControls searchControls = new SearchControls(); searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); NamingEnumeration results = context.search( "XX=ent,XX=abc,XX=aaaaa,XX=aaaa", "(sAMAccountName=" + userId + ")", searchControls); if (results != null && results.hasMore()) { //some logic } } } catch (Exception e) { e.printStackTrace(); } return isValidUser; }

Read the article
C# failing LDAP queries

- by jpkomick

I'm trying to access an LDAP directory via the SearchRequest object in C#. I can make the same calls via an LDAP library running in and iPhone app, as well as directly via a terminal session. However, the C# queries all seem to fail. var search = new SearchRequest("ou=calendar,dc=ualberta,dc=ca", "term=*,course=094398,class=*", System.DirectoryServices.Protocols.SearchScope.Subtree, attributeLst); This returns a list of terms for the course calendar. However, making the following calls won't return results for specific courses var search = new SearchRequest("ou=calendar,dc=ualberta,dc=ca", "term=1330,course=094398", System.DirectoryServices.Protocols.SearchScope.Subtree, attributeLst); The attributeLst object has proper attribute names included, but the query always returns with zero results. Any suggestions anyone has would be greatly appreciated. Thanks.

Read the article
Seria possível distorcer a imagem de um texto de forma que um miope pudesse ler sem os óculos?

- by Tom Brito

..ou, melhor ainda, já existe um software que faça isso?

Read the article
cannot create new object in ActiveDirectory

- by Humanier

Hi. I'm trying to add new object to existing organisational unit in Active Directory. Following code is used to do this. It runs without errors. But new object is not created after this. Please advise what I'm doing wrong here. using System.DirectoryServices; using System.DirectoryServices.ActiveDirectory; namespace TestAdObjectCreation { class Program { static void Main(string[] args) { DirectoryEntry root = new DirectoryEntry("LDAP://servername/OU=Services,OU=PCX,DC=q2q,DC=xenyq,DC=com", "Administrator", "pass"); DirectoryEntry newItem = root.Children.Add("test_node", "valid_schema_class_name"); root.CommitChanges(); root.Close(); root.Dispose(); } } }

Read the article
jquery .get/.post not working on ie 7 or 8, works fine in ff

- by Samutz

I have basically this on a page: <script type="text/javascript"> function refresh_context() { $("#ajax-context").html("Searching..."); $.get("/ajax/ldap_search.php", {cn: $("#username").val()}, function(xml) { $("#ajax-context").html($("display", xml).text()); $("#context").val($("context", xml).text()); }, 'xml'); } $(document).ready(function() { $("#username").blur(refresh_context); }); </script> <input type="text" name="username" id="username" maxlength="255" value="" /> <input type="hidden" name="context" id="context" value=""/> <div id="ajax-context"></div> What it should do (and does fine on Firefox) is when you type a username in to the #username field, it will run /ajax/ldap_search.php?cn=$username, which searches our company's ldap for the username and returns it's raw context and a formatted version of the context like this: <result> <display>Staff -> Accounting -> John Smith</display> <context>cn=jsmith,ou=Accounting,ou=Staff,ou=Users,o=MyOrg</context> </result> The formatted version (display) goes to the div #ajax-context and goes to the hidden input #context. (Also, the - are actually - "& g t ;" (without spaces)). However, on IE the div stays stuck on "Searching..." and the hidden input value stays blank. I've tried both .get and .post and neither work. I'm sure it's failing on the .get because if I try this, I don't even get the alert: $.get("/ajax/ldap_search.php", {cn: $("#username").val()}, function() { alert("Check"); }); Also, IE doesn't give me any script errors. Edit: Added "$(document).ready(function() {", the .blur was already in it in my code, but I forgot to include that in my post. Edit 2: The request is being sent and apache2 is receiving it: 10.135.128.96 - - [01/May/2009:10:04:27 -0500] "GET /ajax/ldap_search.php?cn=i_typed_this_in_IE HTTP/1.1" 200 69

Read the article
Problem Disabling Roaming Profiles on Grouped Users

- by user43207

I'm having some serious issues getting a group of users to stop using roaming profiles. As expected, I have roaming profiles enabled accross the domain. - But am doing GPO filtering, limiting the scope. I originally had it set to authenticated users for Roaming, but as the domain has branched out to multiple locations, I've limited the scope to only people that are near the central office. The GPO that I have linked filtered to a group I have created that include users that I don't want to have roaming profiles. This GPO is sitting at the root of the domain, with the "Forced" setting enabled, so it should override any setting below it. *On a side note, it is the ONLY GPO that I have set to "Forced" right now. I know the GPO is working, since I can see the original registy settings on a user that logged in under roaming profiles - and then that same user logging in after I made the Group Policy changes, the registry reflects a local profile. But unfortunately, even after making those settings - the user is given a roaming profile on one of the servers. A gpresult of that same user account (after the updated gpo) is listed in the code block below. You can see right at the top of that output, that it is infact dealing with a roaming profile. - And sure enough, on the server that's hosting the file share for roaming profiles, it creates a folder for the user once they log in. For testing purposes, I've deleted all copies of the user's profile, roaming and local. But the problem is still here. - So I'm aparently missing something in the group policy settings on a wider scale. Would anybody be able to point me in the direction of what I'm missing here? *gpresult /r*** Microsoft (R) Windows (R) Operating System Group Policy Result tool v2.0 Copyright (C) Microsoft Corp. 1981-2001 Created On 5/15/2010 at 8:59:00 AM RSOP data for ** on * : Logging Mode OS Configuration: Member Workstation OS Version: 6.1.7600 Site Name: N/A Roaming Profile: \\profiles$** Local Profile: C:\Users*** Connected over a slow link?: No USER SETTINGS CN=*****,OU=*****,OU=*****,OU=*****,DC=*****,DC=***** Last time Group Policy was applied: 5/15/2010 at 8:52:02 AM Group Policy was applied from: *****.*****.com Group Policy slow link threshold: 500 kbps Domain Name: USSLINDSTROM Domain Type: Windows 2000 Applied Group Policy Objects ----------------------------- ForceLocalProfilesOnly InternetExplorer_***** GlobalPasswordPolicy The following GPOs were not applied because they were filtered out ------------------------------------------------------------------- DAgentFirewallExceptions Filtering: Denied (Security) WSAdmin_***** Filtering: Denied (Security) NetlogonFirewallExceptions Filtering: Not Applied (Empty) NetLogon_***** Filtering: Denied (Security) WSUSUpdateScheduleManualInstall Filtering: Denied (Security) WSUSUpdateScheduleDaily_0300 Filtering: Denied (Security) WSUSUpdateScheduleThu_0100 Filtering: Denied (Security) AlternateSSLFirewallExceptions Filtering: Denied (Security) SNMPFirewallExceptions Filtering: Denied (Security) WSUSUpdateScheduleSun_0100 Filtering: Denied (Security) SQLServerFirewallExceptions Filtering: Denied (Security) WSUSUpdateScheduleTue_0100 Filtering: Denied (Security) WSUSUpdateScheduleSat_0100 Filtering: Denied (Security) DisableUAC Filtering: Denied (Security) ICMPFirewallExceptions Filtering: Denied (Security) AdminShareFirewallExceptions Filtering: Denied (Security) GPRefreshInterval Filtering: Denied (Security) ServeRAIDFirewallExceptions Filtering: Denied (Security) WSUSUpdateScheduleFri_0100 Filtering: Denied (Security) BlockFirewallExceptions(8400-8410) Filtering: Denied (Security) WSUSUpdateScheduleWed_0100 Filtering: Denied (Security) Local Group Policy Filtering: Not Applied (Empty) WSUS_***** Filtering: Denied (Security) LogonAsService_Idaho Filtering: Denied (Security) ReportServerFirewallExceptions Filtering: Denied (Security) WSUSUpdateScheduleMon_0100 Filtering: Denied (Security) TFSFirewallExceptions Filtering: Denied (Security) Default Domain Policy Filtering: Not Applied (Empty) DenyServerSideRoamingProfiles Filtering: Denied (Security) ShareConnectionsRemainAlive Filtering: Denied (Security) The user is a part of the following security groups --------------------------------------------------- Domain Users Everyone BUILTIN\Users BUILTIN\Administrators NT AUTHORITY\INTERACTIVE CONSOLE LOGON NT AUTHORITY\Authenticated Users This Organization LOCAL *****Users VPNAccess_***** NetAdmin_***** SiteAdmin_***** WSAdmin_***** VPNAccess_***** LocalProfileOnly_***** NetworkAdmin_***** LocalProfileOnly_***** VPNAccess_***** NetAdmin_***** Domain Admins WSAdmin_***** WSAdmin_***** ***** ***** Schema Admins ***** Enterprise Admins Denied RODC Password Replication Group High Mandatory Level

Read the article
Les spécifications de Java SE 7 et 8 proposées par Oracle sont adoptées « à une écrasante majorité » par le Comité Exécutif du JCP

Les spécifications de Java SE 7 et 8 proposées par Oracle sont adoptées « A une écrasante majorité » par le Comité Exécutif du JCP Mise à jour du 07/12/10 Oracle vient d'annoncer que ses propositions pour les spécifications des deux prochaines versions de la plate-forme Java (ses « Java Specification Requests » ou (JSR)) ont été adoptées après un vote du Comité Exécutif du JCP. Oracle précise que ce vote, concernant les JSR 336 et 337, s'est soldé par une « écrasante majorité » en sa faveur, sans autres précision sur les chiffres du scrutin. La feuille de route, désormais approuvée, prévoit une standardisation de...

Read the article
Am?lioration du Search MOSS: synonyme et Best Bet - La gestion des synonymes dans MOSS Search

Le moteur de recherche de MOSS permet la configuration d'une liste de synonymes. Nous verrons donc dans cet article comment effectuer cette tache et ce que cela peut apporter ? vos utilisateurs. Nous verrons aussi comment automatiser un peu plus cette configuration par l'utilisation de code ou d'outils sp?cifiques.

Read the article
Interview de James Reinders d'Intel au sujet de l'Intel Software Conference 2010, par Loïc Joly

Bonjour, Suite à l'Intel Software conférence à laquelle j'étais invité au nom de developpez.com, j'ai rédigé deux articles racontant ce que j'ai pu y apprendre : - Une interview de James Reinders, le gourou d'Intel sur le sujet - Un compte rendu plus général de la conférence N'hésitez pas à faire part ici de ce que vous avez pensé de ces articles (ou à poser des questions si des clarifications sont nécessaires) !...

Read the article
Windows Azure : « La confidentialité est un enjeu fondamental dans le Cloud Public », entretien avec le responsable France d'Azure

Windows Azure : « La confidentialité est un enjeu fondamental dans le Cloud Public » 3 questions à Julien Lesaicherre, Responsable de la plateforme, Microsoft France Azure, la plateforme Cloud dédiée aux développeurs, a connu des changements importants et des améliorations majeures lors de ce mois de juin. Developpez.com s'est donc entretenu avec Julien Lesaicherre, responsable de l'offre chez Microsoft France, pour faire le point sur trois sujets clefs : pourquoi aujourd'hui choisir Azure, la confidentialité et le succès (ou non) de l'offre auprès des développeur...

Read the article
Une interface holographique pour le futur Android, Google sort la première vidéo de présentation de « Honeycomb »

Une interface holographique pour le futur Android Google sort une vidéo de présentation de « Honeycomb » Dans une vidéo publiée sur son blog mobile, Google a levé le voile sur la future version d'Android (3.0 ou 2.4) alias « Honeycomb ». Cette prochaine version sera dotée de plusieurs nouvelles fonctionnalités. Google affirme avoir mit l'accent sur l'amélioration de l'expérience utilisateur, notamment en dotant Honeycomb d'une UI virtuelle et holographique. Plusieurs fonctionnalités existantes ont été revues, parmi lesquelles le traitement multi-tâches, le système de notification - qualifié « de plus élégant », l'écran d'accueil (avec désormais des effets 3D et des Widgets...

Read the article
« Le TDD est mort » pour le créateur de Ruby on rails, une position qui divise la communauté agile

Le TDD est mort ? Non, pas vraiment, peut-être que oui La communauté agile taraudée par un débat autour du TDD« Le TDD est mort ? Ou pas ? » Telle est la question qui taraude l'esprit de la communauté agile en ce moment, vu l'importance du TDD (Test Driven Development ? Développement piloté par les tests) dans l'une des méthodes agiles les plus réputées : la méthode XP.À l'origine de ce débat houleux, David Heinemeier Hansson (DHH) auteur de Ruby on rails et fondateur du Basecamp et ses deux posts...

Read the article
Google intègre CoreOS à sa plateforme cloud, « un hôte idéal pour les systèmes distribués » estime Brandon Philips

Google intègre CoreOS à sa plateforme cloud, « un hôte idéal pour les systèmes distribués » estime Brandon Philips Google rallonge la liste des distributions Linux pouvant être prises en charge par Google Compute Engine. Ainsi, CoreOS, qui était déjà disponible en preview depuis décembre dernier, fait désormais part entière des offres de la plateforme au même titre que Debian, RedHat ou encore Suse. Les entreprises pourront la tester et l'utiliser facilement pour leurs clusters et leurs applications...

Read the article

< Previous Page | 14 15 16 17 18 19 20 21 22 23 24 25 | Next Page >