In order to use the OU the user is in in LDAP as part of the OAM Authorization Policies, the Store Name must reference an IDS Profile and not a regular OAM ID Store.
In an Authorization Policy, add a Condition:
Type: Identity
Click Add->Search Filter
Store Name: IDSProfile-OID-Profile
Search Filter: ou:dn:=external
Click Test Filter and users should return if any are under that OU.
If you reference an Identity Store of Type OAM ID Store then you’ll get this error when clicking Test Filter:
Failure locating user with search base: null. filter: ou:dn:=external and arguments: OIMIDStore, for idstore oracle.igf.ids.IDSException: Operations error: entity=cn=Users,dc=ovd,dc=mycompany,dc=com op=search mesg= AdditionalInfo: LDAP Error 1 : [LDAP: error code 1 - Error during search:java.lang.NullPointerException] with exception {4}
Tuesday, March 14, 2017
Tuesday, February 14, 2017
iPhone Restore from Backup - Beware!
I ran across this issue this weekend trying to help a friend recover their family member's iCloud password after upgrading from an iPhone 4 to an iPhone 5S.
Long story short, a change needs to be made to Apple's "Restore from Backup" process using iTunes.
According to this Apple Support article: https://support.apple.com/en-us/HT204184 there is no prompt for the iCloud/Apple ID password in the backup/restore process.
Here's the issue: what if the phone you have the backup for has an iCloud account that you don't know the password for and can't recover. The process will let you restore the backup without a prompt for an iCloud password. Then, on your new phone, any time you try to install a new App you will not be able to due to the unknown password for the Apple ID/iCloud account. Even worse, if Find My iPhone was enabled, the new phone is now worthless to you.
Instead, Apple should prompt you for the iCloud/Apple ID password used on the phone either during backup or during restore or, at the least, give some sort of warning message regarding this limitation.
My friend's family member still has no solution to recover their password and now has a phone that is hardly usable.
If they had been aware that they didn't know their Apple ID password BEFORE restoring it to their new phone, they could've decided to set it up as a new phone with a new Apple ID/iCloud account.
Long story short, a change needs to be made to Apple's "Restore from Backup" process using iTunes.
According to this Apple Support article: https://support.apple.com/en-us/HT204184 there is no prompt for the iCloud/Apple ID password in the backup/restore process.
Here's the issue: what if the phone you have the backup for has an iCloud account that you don't know the password for and can't recover. The process will let you restore the backup without a prompt for an iCloud password. Then, on your new phone, any time you try to install a new App you will not be able to due to the unknown password for the Apple ID/iCloud account. Even worse, if Find My iPhone was enabled, the new phone is now worthless to you.
Instead, Apple should prompt you for the iCloud/Apple ID password used on the phone either during backup or during restore or, at the least, give some sort of warning message regarding this limitation.
My friend's family member still has no solution to recover their password and now has a phone that is hardly usable.
If they had been aware that they didn't know their Apple ID password BEFORE restoring it to their new phone, they could've decided to set it up as a new phone with a new Apple ID/iCloud account.
Subscribe to:
Posts (Atom)