Search Results

Search found 4884 results on 196 pages for 'ad hoc distribution'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 36/196 | < Previous Page | 32 33 34 35 36 37 38 39 40 41 42 43  | Next Page >

  • Is there a way to customise PPD distribution of printer drivers effectively with Mac Os X server?

    - by glenstorey
    Hi, we have two network printers shared via our 10.5.8 Mac Os Server machine. They have drivers provided by the manufacturer that allow job logging (printing with a print code). I've installed said drivers on the server, but when we distribute the printer on our Mac Os clients (using add printer via bonjour) it deploys older drivers that don't support Job Logging. Is there a way to update the store of print drivers (cups drivers?) on the server so it distributes the updated drivers, rather than the older one?

    Read the article

  • migrating innodb ib* files to different server and distribution.

    - by 3molo
    One of our customers had a break in on an old centos 4.4 machine, so I booted a debian live cd and copied the whole /var/lib/mysql. I then, on a new debian, copied the desired database and ibdata+iblogfiles, and removed the "autoextend" bits from my.cnf - restarted mysql. But I get 'Incorrect information in file'. Paths are the same as the old centos server, and permissions and ownership is correct. What am I missing?

    Read the article

  • How to I create a user that is allowed to only add/remove users to distribution lists in Active Directory?

    - by Sorin Sbarnea
    I do have a third party product (Jira) that has Active Directory integration via LDAP. I want to enable Jira administrators to edit group memberships and have them syncronized inside Active Directory. This currently works but I needed to use a Domain Administrator service account in order to do this. The question is how can I do this without giving the entire Domain Administrator permission to the service account.

    Read the article

  • How to create an Universal Binary for iTunes Connect Distribution?

    - by balexandre
    I created an app that was rejected because Apple say that my App was not showing the correct iPad window and it was showing the same iPhone screen but top left aligned. Running on simulator, I get my App to show exactly what it should, a big iPad View. my app as Apple referees that is showing on device: my app running the simulator (50% zoom only): my code in the Application Delegate is the one I published before - (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launchOptions { // The default have the line below, let us comment it //MainViewController *aController = [[MainViewController alloc] initWithNibName:@"MainView" bundle:nil]; // Our main controller MainViewController *aController = nil; // Is this OS 3.2.0+ ? #if __IPHONE_OS_VERSION_MAX_ALLOWED >= 30200 if (UI_USER_INTERFACE_IDIOM() == UIUserInterfaceIdiomPad) // It's an iPad, let's set the MainView to our MainView-iPad aController = [[MainViewController alloc] initWithNibName:@"MainView-iPad" bundle:nil]; else // This is a 3.2.0+ but not an iPad (for future, when iPhone/iPod Touch runs with same OS than iPad) aController = [[MainViewController alloc] initWithNibName:@"MainView" bundle:nil]; #else // It's an iPhone/iPod Touch (OS < 3.2.0) aController = [[MainViewController alloc] initWithNibName:@"MainView" bundle:nil]; #endif // Let's continue our default code self.mainViewController = aController; [aController release]; mainViewController.view.frame = [UIScreen mainScreen].applicationFrame; [window addSubview:[mainViewController view]]; [window makeKeyAndVisible]; return YES; } on my target info I have iPhone/iPad My question is, how should I build the app? Use Base SDK iPhone Simulator 3.1.3 iPhone Simulator 3.2 my Active Configuration is Distribution and Active Architecture is arm6 Can anyone that already published app into iTunes Connect explain me the settings? P.S. I followed the Developer Guideline on Building and Installing your Development Application that is found on Creating and Downloading Development Provisioning Profiles but does not say anything regarding this, as I did exactly and the app was rejected.

    Read the article

  • Columnstore Case Study #2: Columnstore faster than SSAS Cube at DevCon Security

    - by aspiringgeek
    Preamble This is the second in a series of posts documenting big wins encountered using columnstore indexes in SQL Server 2012 & 2014.  Many of these can be found in my big deck along with details such as internals, best practices, caveats, etc.  The purpose of sharing the case studies in this context is to provide an easy-to-consume quick-reference alternative. See also Columnstore Case Study #1: MSIT SONAR Aggregations Why Columnstore? As stated previously, If we’re looking for a subset of columns from one or a few rows, given the right indexes, SQL Server can do a superlative job of providing an answer. If we’re asking a question which by design needs to hit lots of rows—DW, reporting, aggregations, grouping, scans, etc., SQL Server has never had a good mechanism—until columnstore. Columnstore indexes were introduced in SQL Server 2012. However, they're still largely unknown. Some adoption blockers existed; yet columnstore was nonetheless a game changer for many apps.  In SQL Server 2014, potential blockers have been largely removed & they're going to profoundly change the way we interact with our data.  The purpose of this series is to share the performance benefits of columnstore & documenting columnstore is a compelling reason to upgrade to SQL Server 2014. The Customer DevCon Security provides home & business security services & has been in business for 135 years. I met DevCon personnel while speaking to the Utah County SQL User Group on 20 February 2012. (Thanks to TJ Belt (b|@tjaybelt) & Ben Miller (b|@DBADuck) for the invitation which serendipitously coincided with the height of ski season.) The App: DevCon Security Reporting: Optimized & Ad Hoc Queries DevCon users interrogate a SQL Server 2012 Analysis Services cube via SSRS. In addition, the SQL Server 2012 relational back end is the target of ad hoc queries; this DW back end is refreshed nightly during a brief maintenance window via conventional table partition switching. SSRS, SSAS, & MDX Conventional relational structures were unable to provide adequate performance for user interaction for the SSRS reports. An SSAS solution was implemented requiring personnel to ramp up technically, including learning enough MDX to satisfy requirements. Ad Hoc Queries Even though the fact table is relatively small—only 22 million rows & 33GB—the table was a typical DW table in terms of its width: 137 columns, any of which could be the target of ad hoc interrogation. As is common in DW reporting scenarios such as this, it is often nearly to optimize for such queries using conventional indexing. DevCon DBAs & developers attended PASS 2012 & were introduced to the marvels of columnstore in a session presented by Klaus Aschenbrenner (b|@Aschenbrenner) The Details Classic vs. columnstore before-&-after metrics are impressive. Scenario Conventional Structures Columnstore ? SSRS via SSAS 10 - 12 seconds 1 second >10x Ad Hoc 5-7 minutes (300 - 420 seconds) 1 - 2 seconds >100x Here are two charts characterizing this data graphically.  The first is a linear representation of Report Duration (in seconds) for Conventional Structures vs. Columnstore Indexes.  As is so often the case when we chart such significant deltas, the linear scale doesn’t expose some the dramatically improved values corresponding to the columnstore metrics.  Just to make it fair here’s the same data represented logarithmically; yet even here the values corresponding to 1 –2 seconds aren’t visible.  The Wins Performance: Even prior to columnstore implementation, at 10 - 12 seconds canned report performance against the SSAS cube was tolerable. Yet the 1 second performance afterward is clearly better. As significant as that is, imagine the user experience re: ad hoc interrogation. The difference between several minutes vs. one or two seconds is a game changer, literally changing the way users interact with their data—no mental context switching, no wondering when the results will appear, no preoccupation with the spinning mind-numbing hurry-up-&-wait indicators.  As we’ve commonly found elsewhere, columnstore indexes here provided performance improvements of one, two, or more orders of magnitude. Simplified Infrastructure: Because in this case a nonclustered columnstore index on a conventional DW table was faster than an Analysis Services cube, the entire SSAS infrastructure was rendered superfluous & was retired. PASS Rocks: Once again, the value of attending PASS is proven out. The trip to Charlotte combined with eager & enquiring minds let directly to this success story. Find out more about the next PASS Summit here, hosted this year in Seattle on November 4 - 7, 2014. DevCon BI Team Lead Nathan Allan provided this unsolicited feedback: “What we found was pretty awesome. It has been a game changer for us in terms of the flexibility we can offer people that would like to get to the data in different ways.” Summary For DW, reports, & other BI workloads, columnstore often provides significant performance enhancements relative to conventional indexing.  I have documented here, the second in a series of reports on columnstore implementations, results from DevCon Security, a live customer production app for which performance increased by factors of from 10x to 100x for all report queries, including canned queries as well as reducing time for results for ad hoc queries from 5 - 7 minutes to 1 - 2 seconds. As a result of columnstore performance, the customer retired their SSAS infrastructure. I invite you to consider leveraging columnstore in your own environment. Let me know if you have any questions.

    Read the article

  • Ad Server does not serve ads in Firefox, but works fine in Chrome, IE, & Safari!?

    - by HipHop-opatamus
    I'm having a strange (likely JavaScript) related issue. I'm running Open X Ad Server ( http://www.openx.org ) which serves ads to the website http://upsidedowndogs.com . The ads load fine every time when visiting the site via Chrome, IE, or Safari, but sometimes don't load at all in FireFox - Hence, it is a client side issue, which leads me to believe its something up with the javascript. The fact that the problem is intermittent, and does not through any error codes to FireBug, also doesn't make it any easier to diagnose and address. Any ideas how to diagnose / address this issue? Thanks! Here is the code generated by OpenX (it goes in the page header - additional code is then used in each ad unit, as seen on the page) if (typeof(OA_zones) != 'undefined') { var OA_zoneids = ''; for (var zonename in OA_zones) OA_zoneids += escape(zonename+'=' + OA_zones[zonename] + "|"); OA_zoneids += '&amp;nz=1'; } else { var OA_zoneids = escape('1|2|3|4'); } if (typeof(OA_source) == 'undefined') { OA_source = ''; } var OA_p=location.protocol=='https:'?'https://ads.offleashmedia.com/server/www/delivery/spc.php':'http://ads.offleashmedia.com/server/www/delivery/spc.php'; var OA_r=Math.floor(Math.random()*99999999); OA_output = new Array(); var OA_spc="<"+"script type='text/javascript' "; OA_spc+="src='"+OA_p+"?zones="+OA_zoneids; OA_spc+="&amp;source="+escape(OA_source)+"&amp;r="+OA_r; OA_spc+=(document.charset ? '&amp;charset='+document.charset : (document.characterSet ? '&amp;charset='+document.characterSet : '')); if (window.location) OA_spc+="&amp;loc="+escape(window.location); if (document.referrer) OA_spc+="&amp;referer="+escape(document.referrer); OA_spc+="'><"+"/script>"; document.write(OA_spc); function OA_show(name) { if (typeof(OA_output[name]) == 'undefined') { return; } else { document.write(OA_output[name]); } } function OA_showpop(name) { zones = window.OA_zones ? window.OA_zones : false; var zoneid = name; if (typeof(window.OA_zones) != 'undefined') { if (typeof(zones[name]) == 'undefined') { return; } zoneid = zones[name]; } OA_p=location.protocol=='https:'?'https://ads.offleashmedia.com/server/www/delivery/apu.php':'http://ads.offleashmedia.com/server/www/delivery/apu.php'; var OA_pop="<"+"script type='text/javascript' "; OA_pop+="src='"+OA_p+"?zoneid="+zoneid; OA_pop+="&amp;source="+escape(OA_source)+"&amp;r="+OA_r; if (window.location) OA_pop+="&amp;loc="+escape(window.location); if (document.referrer) OA_pop+="&amp;referer="+escape(document.referrer); OA_pop+="'><"+"/script>"; document.write(OA_pop); } var OA_fo = ''; OA_fo += "<"+"script type=\'text/javascript\' src=\'http://ads.offleashmedia.com/server/www/delivery/fl.js\'><"+"/script>\n"; document.write(OA_fo);

    Read the article

  • Is there a way in IE9 on a Virtual Machine to do AD auth in IE9 without the machine being added to the domain but the host machine is?

    - by Micah Armantrout
    I have a virtual machine that is running IE 9 and windows 7 Latest Updates that I want to use to test my intranet site (ASP.Net Application). I can't add the virtual machine to the domain and I don't want to have to type my ad cruds everytime I load the site up. Is there a way for the IE on the virtualbox to Authenticate as my AD Cruds on the host machine so I don't have to always put my username and password in ? I guess I can just have IE on the virtual machine remember my username and password but other than that is there another way to do this ?

    Read the article

  • Ads in whole app iPhone problem

    - by lars
    I am using mobclix together with admob. The code is to big to add it in all classes. So i created a new class: Ads Everytime i want an ad in a view, i have to send the view to the ad class: - (void)initAd:(UIView *) pView { NSLog(@"ads init"); self.loadedView = pView; ..... To create an ad in a class: Ad* ad = [Ads new]; [ad initAd:self.view]; I dont know if thats the right way. I have to create a new Ads object everytime i change a view (or class). Is there a way to always have an Ads instance running, or is there another better way? Thanks alot!!

    Read the article

  • How can I combine result and subquery for IN comparison (mysql)

    - by user325804
    In order for a school project i need to create the following situation within one mysql query. The situation is as such, that a child's tags and a parent's tags need to be combined into one, and compared to a site's tags, depending on a few extra simple equals to lines. For this to happen I only see the option that the result of a subquery is combined with a sub query within that query, as such: SELECT tag.*, (SELECT group_concat(t1.id, ',', (SELECT group_concat(tag.id) FROM adcampaign INNER JOIN adcampaign_tag ON adcampaign.id = adcampaign_tag.adcampaign_id INNER JOIN tag ON adcampaign_tag.tag_id = tag.id WHERE adcampaign.id = 1)) FROM ad, ad_tag, tag AS t1 WHERE ad.id = ad_tag.ad_id AND ad_tag.tag_id = t1.id AND ad.adcampaign_id = 1 AND ad.agecategory_id = 1 AND ad.adsize_id = 1 AND ad.adtype_id = 1) as tags FROM tag WHERE tag.id IN tags But the IN comparison only returns the first result because now the tags aren't a list but a concanated string. Anyone got any suggestion on this? I really need a way to combine it into one array

    Read the article

  • Rails - Create form fields dynamically and save them

    - by Frexuz
    Im building an ad-system where users can dynamically create 'fields' for each ad type. My models and example values: AdType: | id | name |----|----- | 1 | Hotel | 2 | Apartment AdOption: | id | ad_type_id | name |----|------------|----- | 1 | 1 | Star rating | 2 | 1 | Breakfast included? | 3 | 2 | Number of rooms AdValue: (Example after saving) | id | ad_id | ad_option_id | value |----|-------|---------------|------ | 1 | 1 | 1 (stars) | 5 | 2 | 1 | 2 (breakfast) | true Ad: (Example after saving) | id | description | etc.... |----|-----------------|-------- | 1 | very nice hotel | ....... So lets say I want to create a new ad, and I choose Hotel as the ad type. Then I need my view to dynamically create fields like this: (I'm guessing?) [Label] Star rating: [hidden_field :ad_id] [hidden_field :ad_option_id] [text_field :value] [Label] Breakfast included? [hidden_field :ad_id] [hidden_field :ad_option_id] [text_field :value] And also, how to save the values when the ad record is saved I hope this is understandable. If not just ask and I'll try to clarify.

    Read the article

  • Is this a possible way to get Drupal AD SSO?

    - by JollyRogers
    I'm currently building a Drupal website in an Active Directory environment. One of the site's requirements is Single Sign On, which to date seems to be impossible because there is no Kerberos SPNEGO/GSSAPI auth module for drupal. I've come up with an idea on how SSO could be attempted on IIS. Since IIS has the option to require Kerberos authentication, we can let IIS handle authentication and use the AUTH_USER server variable to pass the authorized user name to the an 'improved' LDAP_auth module. The LDAP_auth module would then check the user name (but not password since it doesn't know or need to know the password) against LDAP to get the user's roles. (AD groups) Does anyone know if this is possible? If so, does anyone have any ideas on how to implement this?

    Read the article

  • How to check whether a user belongs to an AD group and nested groups?

    - by elsharpo
    hi guys, I have an ASP.NET 3.5 application using Windows Authentication and implementing our own RoleProvider. Problem is we want to restrict access to a set of pages to a few thousand users and rathern than inputing all of those one by one we found out they belong to an AD group. The answer is simple if the common group we are checking membership against the particular user is a direct member of it but the problem I'm having is that if the group is a member of another group and then subsequently member of another group then my code always returns false. For example: Say we want to check whether User is a member of group E, but User is not a direct member of *E", she is a member of "A" which a member of "B" which indeed is a member of E, therefore User is a member of *E" One of the solutions we have is very slow, although it gives the correct answer using (var context = new PrincipalContext(ContextType.Domain)) { using (var group = GroupPrincipal.FindByIdentity(context, IdentityType.Name, "DL-COOL-USERS")) { var users = group.GetMembers(true); // recursively enumerate return users.Any(a => a.Name == "userName"); } } The original solution and what I was trying to get to work, using .NET 3.5 System.DirectoryServices.AccountManagement and it does work when users are direct members of the group in question is as follows: public bool IsUserInGroup(string userName, string groupName) { var cxt = new PrincipalContext(ContextType.Domain, "DOMAIN"); var user = UserPrincipal.FindByIdentity(cxt, IdentityType.SamAccountName, userName); if (user == null) { return false; } var group = GroupPrincipal.FindByIdentity(cxt, groupName); if (group == null) { return false; } return user.IsMemberOf(group); } The bottom line is, we need to check for membership even though the groups are nested in many levels down. Thanks a lot!

    Read the article

  • SQL Server service accounts and SPNs

    - by simonsabin
    Service Principal Names (SPNs) are a must for kerberos authentication which is a must when using sharepoint, reporting services and sql server where you access one server that then needs to access another resource, this is called the double hop. The reason this is a complex problem is that the second hop has to be done with impersonation/delegation. For this to work there needs to be a way for the security system to make sure that the service in the middle is allowed to impersonate you, after all you are not giving the service your password. To do this you need to be using kerberos. The following is my simple interpretation of how kerberos works. I find the Kerberos documentation rediculously complex so the following might be sligthly wrong but I think its close enough. Keberos works on a ticketing system, the prinicipal is that you get a security token from AD and then you can pass that to the service in the middle which can then use that token to impersonate you. For that to work AD has to be able to identify who is allowed to use the token, in this case the service account.But how do you as a client know what service account the service in the middle is configured with. The answer is SPNs. The SPN is the mapping between your logical connection to the service account. One type of SPN is for the DNS name for the server and the port. i.e. MySQL.mydomain.com and 1433. You can see how this maps to SQL Server on that server, but how does it map to the account. Well it can be done in two ways, either you can have a mapping defined in AD or AD can use a default mapping (this is something I didn't know about). To map the SPN in AD then you have to add the SPN to the user account, this is documented in the first link below either directly or using a tool called SetSPN. You might say that is complex, well it is and thats why SQL Server tries to do it for you, at start up it tries to connect to AD and set the SPN on the account it is running as, clearly that can only happen IF SQL is running as a domain account AND importantly it has permission to do so. By default a normal domain user account doesn't have the correct permission, and is why so many people have this problem. If the account is a domain admin then it will have permission, but non of us run SQL using domain admin accounts do we. You might also note that the SPN contains the port number (this isn't a requirement now in sql 2008 but I won't go into that), so if you set it manually and you are using dynamic ports (the default for a named instance) what do you do, well every time the port changes you need to change the SPN allocated to the account. Thats why its advised to let SQL Server register the SPN itself. You may also have thought, well what happens if I change my service account, won't that lead to two accounts with the same SPN. Possibly. Having two accounts with the same SPN is definitely a problem. Why? Well because if there are two accounts Kerberos can't identify the exact account that the service is running as, it could be either account, and so your security falls back to NTLM. SETSPN is useful for finding duplicate SPNs Reading this you will probably be thinking Oh my goodness this is really difficult. It is however I've found today in investigating something else that there is an easy option. Use Network Service as your service account. Network Service is a special account and is tied to the computer. It appears that Network Service has the update rights to AD to set an SPN mapping for the computer account. This then allows the SPN mapping to work. I believe this also works for the local system account. To get all the SPNs in your AD run the following, it could be a large file, so you might want to restrict it to a specific OU, or CN ldifde -d "DC=<domain>" -l servicePrincipalName -F spn.txt You will read in the links below that you need SQL to register the SPN this is done how to use Kerberos authenticaiton in SQL Server - http://support.microsoft.com/kb/319723 Using Kerberos with SQL Server - http://blogs.msdn.com/sql_protocols/archive/2005/10/12/479871.aspx Understanding Kerberos and NTLM authentication in SQL Server Connections - http://blogs.msdn.com/sql_protocols/archive/2006/12/02/understanding-kerberos-and-ntlm-authentication-in-sql-server-connections.aspx Summary The only reason I personally know to use a domain account is when you can't get kerberos to work and you want to do BULK INSERT or other network service that requires access to a a remote server. In this case you have to resort to using SQL authentication and the SQL Server uses its service account to access the remote service, and thus you need a domain account. You migth need this if using some forms of replication. I've always found Kerberos awkward to setup and so fallen back to this domain account approach. So in summary to get Kerberos to work try using the network service or local system accounts. For a great post from the Adam Saxton of the SQL Server support team go to http://blogs.msdn.com/psssql/archive/2010/03/09/what-spn-do-i-use-and-how-does-it-get-there.aspx 

    Read the article

  • Active Directory, Linux, and User Private Groups

    - by larsks
    We're in the process of moving from NIS on our Linux systems to binding everything to Active Directory. The NIS environment follows the common standard used by many Linux distributions that a user's primary group is a group of the same name as the user (and of which the user is typically the only member). I have been informed that in the Active Directory environment, you may not have a group name with the same name as a user (specifically, that no two AD security objects may have the same name). This would seem to complicate the process of moving our group definitions into AD. It looks like we could maintain the NIS group information in AD using only POSIX attributes (e.g., not an actual AD security object), but that seems like a suboptimal fix (because we do really want to have the same view of group membership in both the Unix and AD worlds). Have you moved a large legacy NIS environment into Active Directory? How did you handle this situation?

    Read the article

  • How to change the default domain controller when querying AD in a different site?

    - by Linefeed
    We have 2 different locations, and at both site we have multiple domain controllers (Win2008). In our application we use Serverless Binding to execute our LDAP queries http://msdn.microsoft.com/en-us/library/ms677945(v=vs.85).aspx. If we look at de DnsHostName of the LDAP://RootDse on site B we always get the default domain controller of site A. Therefor all LDAP queries go much slower. Is there a way to change the default domain controller per site ?

    Read the article

  • Using Google Analytics tracking URLs in Facebook ads

    - by Ted
    I generated the following Google Analytics tracking URL to use in a Facebook ad: https://www.somewebsite.org/?utm_source=facebook&utm_medium=cpc&utm_term=schools&utm_content=newsfeed&utm_campaign=facebookad3 I know the ad is being clicked (Facebook ad manager data) but the referred traffic is not appearing in my site's Google Analytics data. I think it's because Facebook is doing some weird redirect URL modifying. Any ideas?

    Read the article

  • How can I recreate root dnsNode objects and their RootDNSServers folder in AD after they are deleted?

    - by TonyD
    A few days ago I was trying to permanently remove root hints from my DNS server. After much ado, I decided to go a different route and am now trying to put everything back as it was. During the original process, I opened ADUC, clicked ViewAdvanced Features, and then browsed to System MicrosoftDNS and deleted the folder RootDNSServers. Now in ADUC, I cannot create a folder here to replace the one I deleted. I can run adsiedit and load DomainDNSZones for my domain. Under there, I see MicrosoftDNS, RootDNSServers, with all of the objects still inside of it. Is there a way for me to undo what I did? Can I recreate these objects in ADUC? Can I do something else to cause them to show back up there? Thanks!

    Read the article

  • active directory servers synchronization

    - by Mit Naik
    I have 3 AD servers with windows server 2008 R2 at 3 different places, main server is at datacenter and 2 are in our local office which are at 2 different place. I want to synchornize all the 3 server together, were datacenter server should be central server and rest 2 servers should synch with the datacenter server. Please provide us the steps or tutorial to do this. Also we want that once the changes are done in 1 of the AD server the changes are automatically done in all the servers. For example if I change the password of user in our local server it should be updated in our main AD server and other branch server too. Please provide us the steps or tutorial to do this asap. I have one more question I have already created main datacenter AD as domain.local and other domains as xyz.local and abc.local, how can I replicate the additional AD domains with main datacenter DC, also do we require VPN connection, is there any other way to replicate the servers without using VPN connection?

    Read the article

  • WNA Configuration in OAM 11g

    - by P Patra
    Pre-Requisite: Kerberos authentication scheme has to exist. This is usually pre-configured OAM authentication scheme. It should have Authentication Level - "2", Challenge Method - "WNA", Challenge Direct URL - "/oam/server" and Authentication Module- "Kerberos". The default authentication scheme name is "KerberosScheme", this name can be changed. The DNS name has to be resolvable on the OAM Server. The DNS name with referrals to AD have to be resolvable on OAM Server. Ensure nslookup work for the referrals. Pre-Install: AD team to produce keytab file on the AD server by running ktpass command. Provide OAM Hostname to AD Team. Receive from AD team the following: Keypass file produced when running the ktpass command ktpass username ktpass password Copy the keytab file to convenient location in OAM install tree and rename the file if desired. For instance where oam-policy.xml file resides. i.e. /fa_gai2_d/idm/admin/domains/idm-admin/IDMDomain/config/fmwconfig/keytab.kt Configure WNA Authentication on OAM Server: Create config file krb.config and set the environment variable to the path to this file: KRB_CONFIG=/fa_gai2_d/idm/admin/domains/idm-admin/IDMDomain/config/fmwconfig/krb.conf The variable KRB_CONFIG has to be set in the profile for the user that OAM java container(i.e. Wbelogic Server) runs as, so that this setting is available to the OAM server. i.e. "applmgr" user. In the krb.conf file specify: [libdefaults] default_realm= NOA.ABC.COM dns_lookup_realm= true dns_lookup_kdc= true ticket_lifetime= 24h forwardable= yes [realms] NOA.ABC.COM={ kdc=hub21.noa.abc.com:88 admin_server=hub21.noa.abc.com:749 default_domain=NOA.ABC.COM [domain_realm] .abc.com=ABC.COM abc.com=ABC.COM .noa.abc.com=NOA.ABC.COM noa.abc.com=NOA.ABC.COM Where hub21.noa.abc.com is load balanced DNS VIP name for AD Server and NOA.ABC.COM is the name of the domain. Create authentication policy to WNA protect the resource( i.e. EBSR12) and choose the "KerberosScheme" as authentication scheme. Login to OAM Console => Policy Configuration Tab => Browse Tab => Shared Components => Application Domains => IAM Suite => Authentication Policies => Create Name: ABC WNA Auth Policy Authentication Scheme: KerberosScheme Failure URL: http://hcm.noa.abc.com/cgi-bin/welcome Edit System Configuration for Kerberos System Configuration Tab => Access Manager Settings => expand Authentication Modules => expand Kerberos Authentication Module => double click on Kerberos Edit "Key Tab File" textbox - put in /fa_gai2_d/idm/admin/domains/idm-admin/IDMDomain/config/fmwconfig/keytab.kt Edit "Principal" textbox - put in HTTP/[email protected] Edit "KRB Config File" textbox - put in /fa-gai2_d/idm/admin/domains/idm-admin/IDMDomain/config/fmwconfig/krb.conf Cilck "Apply" In the script setting environment for the WLS server where OAM is deployed set the variable: KRB_CONFIG=/fa_gai2_d/idm/admin/domains/idm-admin/IDMDomain/config/fmwconfig/krb.conf Re-start OAM server and OAM Server Container( Weblogic Server)

    Read the article

  • Windows Server 2012 Migration (DNS/AD DS Standard Eval to Essentials OEM) P2V -> Do I need a Secondary Domain Controller during migration?

    - by Aubrey Robertson
    This is my first post on this exchange (although not my first on stack exchange), so please have patience. I am a 3rd year student intern, and I have been tasked with virtualizing the server systems at the company I work for. I have come a long way, and I am almost ready to install the VM Server in migration mode. Here is some information: Source Server: Windows Server 2012 Standard Evaluation DNS Server (local only) Advanced Directory Domain Services File and Storage stuff A few other server roles Destination Server: Windows Server 2012 Essentials OEM (Hyper-V client) Running under a temporary Hyper-V host (will migrate the Hyper-V host back to the old machine after the original server is virtualized as a client). Sitting currently at the "Select Installation Mode" screen. I have been following the guides on Microsoft tech net, and today I spent most of the day getting rid of issues in the Best Practices Analyser on the source machine. I have 3 remaining issues (which are all related): ERROR: DNS: DNS servers on Ethernet (adapter name) should include the loopback address, but not as the first entry (flavour text indicates that, during migration, the DNS server may not be found) WARNING: All domains should have at least two domain controllers for redundancy. WARNING: DNS: Ethernet should be configured to use both a preferred and an alternate DNS Server. All of these issues can be resolved by deploying a secondary domain controller, but I have never done that before (see my concerns below). The main issue here that I am concerned with for installing in migration mode is the FIRST one (the error). If I try and set-up the new server deployment, and the adapter domain controller is listed as localhost, then this may cause the installation to fail. (at least, this is what the Microsoft documentation suggests). But I do not have another IP address to enter here as I have no other local domain controllers. So I did the first obvious thing that came to my mind, and tried to use Google DNS servers as my alternates. That did not work because they couldn't recognize other computers in the "forest". Now I'm no expert when it comes to DNS, so please forgive my ignorance. This DNS server is concerned only with Active Directory stuffs for the local network. If I go ahead with migration, and it fails, then I will just have to go ahead and install a secondary DNS server I suppose. The problem I have here is that I am limited by the amount of Windows Server keys I have available (I have 2); however, I do have access to a Linux box running Debian Wheezy that I set-up two weeks ago as a Mantis server. I could install Windows Server 2012 as a secondary DNS (I think) in a VM and use that, but then it seems like I will be wasting time, and probably the Windows key too, and if there's another way to do it with Linux that would be much better. Even better still, do I even need a secondary DNS server for migration at all? The hints said that during migration the original machine "might" not be found. Thank you for your time and consideration.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 32 33 34 35 36 37 38 39 40 41 42 43  | Next Page >