I'm creating a VBS to create a user from our HR-systems.
Most of it worked; but I noticed the domain field stays blank (the field on the right of the logon name in the dsa.msc tool; the second part of the User Principal Name).
you can see it in this screenshot as "#Entcert2.com"
I can't find any information on this on the internet.
There is basically only one value possible, but it's blank after the user creation.
The NETBIOS-domain name is filled in correctly.
What's the correct fieldname for this to fill in the value using vbs?
You just forget to fill the userPrincipalName attribute.
Related
Since my 2 post about the LDAP Authentication (first post, second post), we created our own custom authentication scheme and function to connect to the application using our Active Directory credentials.
We can successfully log in the application. However, we have a second function which retrieves the group of the user in the AD. Here's the code when I'm trying to retrieve the group into a Text Field (P1_GROUP) :
ourschema.ldap_get_group_apex_from_user(
p_username => v('APP_USER'),
p_password => 'thepassword')
As you can see, this is working, because the password is in static text. This leads me to my main question :
How to retrieve the user's password in Oracle Apex, and what is the most secure way ?
I tried to set a Branch or a Process in the Log-In page while redirecting the user's the the home page, and Set Value of the :P9999_PASSWORD field to the home page text field P1_PWD.
So, I tried to adapt my code with the text field
ourschema.ldap_get_group_apex_from_user(
p_username => v('APP_USER'),
p_password => :P1_PWD)
Unfortunately, this doesn't seems secure because the password would be visible in the HTML code of the page (right click + inspect and there it is. Moreover, sometimes it gives me an error
Error computing item source value for page item P1_GROUP
It seems like the application cannot execute the function because the password is still not initialized.
Is there a way to retrieve :P9999_PASSWORD or to transfer it from the login page to a global variable/global page or a text field ? Or is there a function to retrieve the current user's password ?
Thank you again for your time, do not hesitate to ask for more details as this is a very specific case,
Thomas
I don't think your approach is correct. Ideally, even an administrator of your system should not be able to decrypt a user's passwords; they should be stored as hashes.
You're trying to look up the user's group memberships? You don't need the user's own credentials to do that. Use a dedicated account that has access to your Active Directory system and store that password encrypted in your database. Use that account to search for and look up the user's group memberships. That way, even if your system is compromised, only that account is exposed.
Thank you all for your answers and your advices on my case, and for taking the time to help.
We found a solution that we think is reliable, here's what we did if that could help other people.
We created a global variable G_GROUP, which will receive the group of the user
On the login page, we created a process before the login process.
Set the Source of the Process to PL/SQL Code :
:G_GROUP := pdbadmin.ldap_get_group_apex_from_user( --our custom function to retrieve groups
p_username => :P9999_USERNAME,
p_password => :P9999_PASSWORD); -- the function get the username and password in the fields
If i want to display the group of the user in the main page, let's create a Text Field P1_GROUP which as for Source the PL/SQL Expression :G_GROUP
Our group is initialized, and the password is not shown in any field.
Let me know what you think about it, and if you guys think this could be improved.
I'm building a little application using Oracle Application Express Online. I'd like to send automatically email when an user inserts into the database a row.
I created an Item, called Email, in which I put the address of the user of the application:
Select User.Email from Users wher Users.Username=:APP_USER
Query works, because in the application I see right email.
Then I create a process in the way you see in the screen I'll post here. But nothing happens. Can you help me, please?
As you see, in the centre of the photo there are 2 items: one has to go into the database to store a new row, the second one is the email that is in the process. But, as I said early, nothing happens.
If you click on any attribute in APEX, and click the "Help" tab, you get some very useful information - in this case, that the field expects a substitution syntax for this scenario.
To
Enter the email recipients by specifying one or more email addresses.
For multiple email addresses, use a comma-separated list. Use
substitution syntax if you want to use a dynamic value.
Examples
john.doe#test.com, jane.doe#test.com
John Doe <john.doe#test.com>, Jane Doe <jane.doe#test.com>
&P6_TO.
I am trying to write a VBscript for auto login for a particular url,but the problem is that i am not able to automatically enter the password .
The unique property for password(I used Object Spy) is WebEdit:WebEdit(Property:Value). Webedit is not getting identified by Object Repository even if i am adding to it.
So my question how do i automate the password input , if the attributes have no "ID","Name",and only webedit as unique property.
If there is no ID or name property, look for someother unique property like CSS class name etc (css class names need not be unique always. It could be in some cases)
As you are trying to access password field, you can use the 'type' property.
type=text ==> It is normal textboxes
type=password ==> It is a password field
Ordinal identifiers can be used as well.
index=0 It identifies the first textbox
index=1 It identifies the second textbox etc..
Identify the Unique Property for the password field, if not getting identifying give all the properties
even though it is not getting identified then go for index , by changing the index value like 0,1.... etc at some value the object will get identified
Thanks
I am trying to add a set of PFUsers in the Data browser with emails, validated, passwords and usernames so that I can test a feature in my iOS app. But as I add the users, the passwords are lost and the validated field will not stay as 'YES'.
How can I add users for testing?
The process I've found success with is:
Adding a row.
Double clicking the appropriate cell to add a username then pressing enter.
Doing the same for password.
At the point it generates an ObjectId and I know the user has been stored.
In terms of a validated field, is that a column you added yourself or are you referring to the emailVerified column?
EDIT: In the case of emailVerified, you should be able to double click in the appropriate cell and it should present a drop-down of Boolean values that you can select.
In my application I have an administrator who can create Tournament objects. When the object is created the service also creates a user (based on the tournament director's info which was entered at creation). The username for the user is the director's e-mail, the password is randomly generated and then mailed to the director.
When the director logs on with his e-mail address and password, I need to be able to link him to his own tournament, in order to only allow him to edit his own tournament's details. I have tried to find a way to store the TournamentId in the default ASP Net Users database, but was unsuccessful.
I had a look at this SO question which would certainly help me, but I can't figure out how it would apply to my problem. When the user logs on, I can't put the TournamentId in the userdata seeing as I don't know it.
Should I then do a lookup in the Tournament table to see which ID corresponds to the email address entered at login and store that in the userData? It seems quite unelegant this way.
I guess you should have a CreatedBy column in your Tournament table where you store the ID of the user who created the tournament. Then when the user logged in, get his id ( may be from session ,if you store it there), Do a select query where CreatedBy=loggedInUserId .That should do the trick.