Query on DNS setup for Active Directory for a new data center

Similar Messages

• DNS Setup for Lion.

  I'm a little confused with the DNS setup for Lion Server.
  My scenario is this.
  I have a router, IP 10.0.0.1.
  Server running DNS is manually set to 10.0.0.253.
  FQDN for the server is server1.mycompany.net (it is proper registered and live domain name I have used)
  Externally I use Dyndns to point external folks to mycompany.net, and through the correct ports I can hit the router/gateway with the URL. This confirms that Dyndns is working.
  I have forwarded POrt 80 on the router to 10.0.0.253.
  Currently I have set DNS to have a zone of mycompany.net. Within the zone I have a machine record server1.mycompany.net set to 10.0.0.253
  I think I have set the reverse lookup correctly, but the way it is shown in the DNS record looks strange (IP address looks backwards and says something about ARPA.
  Web Server is running on the server.
  Currently if I go to a web browser inside the LAN and use either www.server1.mycompany.net or www.mycompany.net (or the same without the www) I get an error message. The same occurs outside the lan on an internet connected machine.
  If I enter 10.0.0.253 from inside the lan, I get the Mac WebServer default screen, showing the server is working fine.
  I'm guessing I have made a mess of setting up DNS.
  I'm looking at some point set up a small website, just to prove to myself I can get this working, but I can't work out what I have done wrong.
  Can anyone suggest where to look?
  TIA

  Right now down to diagnostics
  in terminal on server type
  william:~ william$ dig www.wenatcheefirst.org
  below is what i get  copy what you get
  ; <<>> DiG 9.7.3-P3 <<>> www.wenatcheefirst.org
  ;; global options: +cmd
  ;; Got answer:
  ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29412
  ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 6, ADDITIONAL: 0
  ;; QUESTION SECTION:
  ;www.wenatcheefirst.org.                    IN          A
  ;; ANSWER SECTION:
  www.wenatcheefirst.org.          3600          IN          CNAME          wenatcheefirst.org.
  wenatcheefirst.org.          3600          IN          A          205.186.154.164
  ;; AUTHORITY SECTION:
  org.                              126088          IN          NS          a2.org.afilias-nst.info.
  org.                              126088          IN          NS          d0.org.afilias-nst.org.
  org.                              126088          IN          NS          b0.org.afilias-nst.org.
  org.                              126088          IN          NS          a0.org.afilias-nst.info.
  org.                              126088          IN          NS          c0.org.afilias-nst.info.
  org.                              126088          IN          NS          b2.org.afilias-nst.org.
  ;; Query time: 430 msec
  ;; SERVER: 192.168.88.250#53(192.168.88.250)
  ;; WHEN: Fri Apr 13 20:08:06 2012
  ;; MSG SIZE  rcvd: 208

• Query taking long time for EXTRACTING the data more than 24 hours

  Hi ,
  Query taking long time for EXTRACTING the data more than 24 hours please find the query and explain plan details below even indexes avilable on table's goe's to FULL TABLE SCAN. please suggest me.......
  SQL> explain plan for select a.account_id,round(a.account_balance,2) account_balance,
  2 nvl(ah.invoice_id,ah.adjustment_id) transaction_id,
  to_char(ah.effective_start_date,'DD-MON-YYYY') transaction_date,
  to_char(nvl(i.payment_due_date,
  to_date('30-12-9999','dd-mm-yyyy')),'DD-MON-YYYY')
  due_date, ah.current_balance-ah.previous_balance amount,
  decode(ah.invoice_id,null,'A','I') transaction_type
  3 4 5 6 7 8 from account a,account_history ah,invoice i_+
  where a.account_id=ah.account_id
  and a.account_type_id=1000002
  and round(a.account_balance,2) > 0
  and (ah.invoice_id is not null or ah.adjustment_id is not null)
  and ah.CURRENT_BALANCE > ah.previous_balance
  and ah.invoice_id=i.invoice_id(+)
  AND a.account_balance > 0
  order by a.account_id,ah.effective_start_date desc; 9 10 11 12 13 14 15 16
  Explained.
  SQL> select * from table(dbms_xplan.display);
  PLAN_TABLE_OUTPUT
  | Id | Operation | Name | Rows | Bytes |TempSpc| Cost (%CPU)|
  | 0 | SELECT STATEMENT | | 544K| 30M| | 693K (20)|
  | 1 | SORT ORDER BY | | 544K| 30M| 75M| 693K (20)|
  |* 2 | HASH JOIN | | 544K| 30M| | 689K (20)|
  |* 3 | TABLE ACCESS FULL | ACCOUNT | 20080 | 294K| | 6220 (18)|
  |* 4 | HASH JOIN OUTER | | 131M| 5532M| 5155M| 678K (20)|
  |* 5 | TABLE ACCESS FULL| ACCOUNT_HISTORY | 131M| 3646M| | 197K (25)|
  | 6 | TABLE ACCESS FULL| INVOICE | 262M| 3758M| | 306K (18)|
  Predicate Information (identified by operation id):
  2 - access("A"."ACCOUNT_ID"="AH"."ACCOUNT_ID")
  3 - filter("A"."ACCOUNT_TYPE_ID"=1000002 AND "A"."ACCOUNT_BALANCE">0 AND
  ROUND("A"."ACCOUNT_BALANCE",2)>0)
  4 - access("AH"."INVOICE_ID"="I"."INVOICE_ID"(+))
  5 - filter("AH"."CURRENT_BALANCE">"AH"."PREVIOUS_BALANCE" AND ("AH"."INVOICE_ID"
  IS NOT NULL OR "AH"."ADJUSTMENT_ID" IS NOT NULL))
  22 rows selected.
  Index Details:+_
  SQL> select INDEX_OWNER,INDEX_NAME,COLUMN_NAME,TABLE_NAME from dba_ind_columns where
  2 table_name in ('INVOICE','ACCOUNT','ACCOUNT_HISTORY') order by 4;
  INDEX_OWNER INDEX_NAME COLUMN_NAME TABLE_NAME
  OPS$SVM_SRV4 P_ACCOUNT ACCOUNT_ID ACCOUNT
  OPS$SVM_SRV4 U_ACCOUNT_NAME ACCOUNT_NAME ACCOUNT
  OPS$SVM_SRV4 U_ACCOUNT CUSTOMER_NODE_ID ACCOUNT
  OPS$SVM_SRV4 U_ACCOUNT ACCOUNT_TYPE_ID ACCOUNT
  OPS$SVM_SRV4 I_ACCOUNT_ACCOUNT_TYPE ACCOUNT_TYPE_ID ACCOUNT
  OPS$SVM_SRV4 I_ACCOUNT_INVOICE INVOICE_ID ACCOUNT
  OPS$SVM_SRV4 I_ACCOUNT_PREVIOUS_INVOICE PREVIOUS_INVOICE_ID ACCOUNT
  OPS$SVM_SRV4 U_ACCOUNT_NAME_ID ACCOUNT_NAME ACCOUNT
  OPS$SVM_SRV4 U_ACCOUNT_NAME_ID ACCOUNT_ID ACCOUNT
  OPS$SVM_SRV4 I_LAST_MODIFIED_ACCOUNT LAST_MODIFIED ACCOUNT
  OPS$SVM_SRV4 I_ACCOUNT_INVOICE_ACCOUNT INVOICE_ACCOUNT_ID ACCOUNT
  OPS$SVM_SRV4 I_ACCOUNT_HISTORY_ACCOUNT ACCOUNT_ID ACCOUNT_HISTORY
  OPS$SVM_SRV4 I_ACCOUNT_HISTORY_ACCOUNT SEQNR ACCOUNT_HISTORY
  OPS$SVM_SRV4 I_ACCOUNT_HISTORY_INVOICE INVOICE_ID ACCOUNT_HISTORY
  OPS$SVM_SRV4 I_ACCOUNT_HISTORY_ADINV INVOICE_ID ACCOUNT_HISTORY
  OPS$SVM_SRV4 I_ACCOUNT_HISTORY_CIA CURRENT_BALANCE ACCOUNT_HISTORY
  OPS$SVM_SRV4 I_ACCOUNT_HISTORY_CIA INVOICE_ID ACCOUNT_HISTORY
  OPS$SVM_SRV4 I_ACCOUNT_HISTORY_CIA ADJUSTMENT_ID ACCOUNT_HISTORY
  OPS$SVM_SRV4 I_ACCOUNT_HISTORY_CIA ACCOUNT_ID ACCOUNT_HISTORY
  OPS$SVM_SRV4 I_ACCOUNT_HISTORY_LMOD LAST_MODIFIED ACCOUNT_HISTORY
  OPS$SVM_SRV4 I_ACCOUNT_HISTORY_ADINV ADJUSTMENT_ID ACCOUNT_HISTORY
  OPS$SVM_SRV4 I_ACCOUNT_HISTORY_PAYMENT PAYMENT_ID ACCOUNT_HISTORY
  OPS$SVM_SRV4 I_ACCOUNT_HISTORY_ADJUSTMENT ADJUSTMENT_ID ACCOUNT_HISTORY
  OPS$SVM_SRV4 I_ACCOUNT_HISTORY_APPLIED_DT APPLIED_DATE ACCOUNT_HISTORY
  OPS$SVM_SRV4 P_INVOICE INVOICE_ID INVOICE
  OPS$SVM_SRV4 U_INVOICE CUSTOMER_INVOICE_STR INVOICE
  OPS$SVM_SRV4 I_LAST_MODIFIED_INVOICE LAST_MODIFIED INVOICE
  OPS$SVM_SRV4 U_INVOICE_ACCOUNT ACCOUNT_ID INVOICE
  OPS$SVM_SRV4 U_INVOICE_ACCOUNT BILL_RUN_ID INVOICE
  OPS$SVM_SRV4 I_INVOICE_BILL_RUN BILL_RUN_ID INVOICE
  OPS$SVM_SRV4 I_INVOICE_INVOICE_TYPE INVOICE_TYPE_ID INVOICE
  OPS$SVM_SRV4 I_INVOICE_CUSTOMER_NODE CUSTOMER_NODE_ID INVOICE
  32 rows selected.
  Regards,
  Bathula
  Oracle-DBA

  I have some suggestions. But first, you realize that you have some redundant indexes, right? You have an index on account(account_name) and also account(account_name, account_id), and also account_history(invoice_id) and account_history(invoice_id, adjustment_id). No matter, I will suggest some new composite indexes.
  Also, you do not need two lines for these conditions:
  and round(a.account_balance, 2) > 0
  AND a.account_balance > 0
  You can just use: and a.account_balance >= 0.005
  So the formatted query isselect a.account_id,
         round(a.account_balance, 2) account_balance,
         nvl(ah.invoice_id, ah.adjustment_id) transaction_id,
         to_char(ah.effective_start_date, 'DD-MON-YYYY') transaction_date,
         to_char(nvl(i.payment_due_date, to_date('30-12-9999', 'dd-mm-yyyy')),
                 'DD-MON-YYYY') due_date,
         ah.current_balance - ah.previous_balance amount,
         decode(ah.invoice_id, null, 'A', 'I') transaction_type
    from account a, account_history ah, invoice i
  where a.account_id = ah.account_id
     and a.account_type_id = 1000002
     and (ah.invoice_id is not null or ah.adjustment_id is not null)
     and ah.CURRENT_BALANCE > ah.previous_balance
     and ah.invoice_id = i.invoice_id(+)
     AND a.account_balance >= .005
  order by a.account_id, ah.effective_start_date desc;You will probably want to select:
  1. From ACCOUNT first (your smaller table), for which you supply a literal on account_type_id. That should limit the accounts retrieved from ACCOUNT_HISTORY
  2. From ACCOUNT_HISTORY. We want to limit the records as much as possible on this table because of the outer join.
  3. INVOICE we want to access last because it seems to be least restricted, it is the biggest, and it has the outer join condition so it will manufacture rows to match as many rows as come back from account_history.
  Try the query above after creating the following composite indexes. The order of the columns is important:create index account_composite_i on account(account_type_id, account_balance, account_id);
  create index acct_history_comp_i on account_history(account_id, invoice_id, adjustment_id, current_balance, previous_balance, effective_start_date);
  create index invoice_composite_i on invoice(invoice_id, payment_due_date);All the columns used in the where clause will be indexed, in a logical order suited to the needs of the query. Plus each selected column is indexed as well so that we should not need to touch the tables at all to satisfy the query.
  Try the query after creating these indexes.
  A final suggestion is to try larger sort and hash area sizes and a manual workarea policy.alter session set workarea_size_policy = manual;
  alter session set sort_area_size = 2147483647;
  alter session set hash_area_size = 2147483647;

• When I upgraded to ios 5, it asked me a for a new game center name.  How do I use my old game center name, since it makes me start some games over without it?

  When I upgraded to ios 5, it asked me a for a new game center name.  How do I use my old game center name, since it makes me start some games over without it?

  Carefully follow steps 1-9 outlined by wjosten in this post: https://discussions.apple.com/message/13356770#13356770.  This will not, however, avoid wiping any non-purchased media from your phone (ripped CDs, etc.) as this is only synced one way: from your computer to your phone.  You will have to either rebuild your iTunes library with this content and sync again to restore it to your phone, or purchase 3rd party software to copy it from your phone to iTunes prior to syncing (such as Touch Copy).

• ODI 11g 11.1.1.7 with Win64 bit OS : Starange problem : Right click does not work for Create new data server in Topology.

  ODI 11g 11.1.1.7 with Win64 bit OS : Strange problem : Right click does not work for Create new data server in Topology.
  On right click nothing happens at all. I have  reinstall the ODI multiple times with right installer. issue persist.
  Please help.

  Hi,
  Did you use the generic installer or the win32 one ? You should use the former with Win64.
  You can also check that your version of Java is supported in the certification matrix.
  Regards,
  JeromeFr

• Trying to change the APN on my iPad for a new data provider.  Each time it returns to the original. Any suggestions?

  trying to change the APN on my iPad for a new data provider.  Each time it returns to the original. Any suggestions?

  Hi Canberabomber,
  If you are having issues setting or changing the APN on your iPad, you may find the following article helpful (apologies if you have already seen it):
  iOS: About cellular data network settings (viewing or editing the APN)
  http://support.apple.com/kb/ht2283
  Regards,
  - Brenden

• DNS, Certificates, and Active Directory - School Setup Issues

  Our school has been piloting a small iPad depolyment.  I have been struggling with getting Profile Manager to work correctly since August of last year. Here's the setup:
  1. Active Directory DNS/DHCP server (set as "school.local"--yes, I know .local is bad form, but it was set before I got here). I have changed the "Digest" to "Basic" setting
  2. Mac Mini server that has its own external IP and hostname ("mac.school.org") and is also bound to the AD server for user authentication for services (Profile Manager, WebDAV, wiki, etc.). I have a self-signed SSL certificate installed under the name "mac.school.org"
  3. About 90 iPads, and a handfull of Mac desktops
  In a perfect world, users would be able to login (with their AD credentials) to the Profile Manager self-service portal using the external hostname of the mac server ("mac.school.org/mydevices"), install the Trust Profile, and enroll the device (iPad, Mac, etc).
  However, this is not the case.  The setup seems to work for awhile; quite perfectly in fact. But then for reasons unknown to me, everything just "breaks" and Profile Manager ceases to work like it should. Here are some of issues I am seeing:
  a.) DNS service on the Mac server turns itself ON randomly.  DNS should NOT be running this server, correct? All DNS lookups internally are done by the AD server. I've used changeip and everything matches (both say "mac.school.org")
  b.) Whenever we use VPN, and at other seemingly random times, the server's hostname changes from "mac.school.org" to "mac.school.local" I would make the server external only, but it needs to have an internal IP to talk to the AD server.
  c.) AD binding breaks randomly and I have to rebind the server to AD
  d.) When enrolling devices, Profile Manager starts rejecting certificates (not a trusted source, etc.) and I have to destroy OD and PM and start all over again.
  I know this is a lot and I'm not necessarily expecting anyone to answer all of these questions. I guess I'm wondering if anyone could point me in the right direction? I've looked for help with these issues all over the place, but none of the environments I read about are quite like the one I'm in.

  Yes, I am not giving the real domain name here.
  No prob. just checking, sometimes people have weird domain names never know if they are real or they expect them to be real or they put domain names owned by someone else on their internal network eek.
  Not really needed to use mac.school.org internally, that is in local LAN. The thing to understand about DNS is the scope for which a DNS zone is relevant WRT a client machine — inside LAN or on Internet, and which DNS server is authoritative for a domain. Authoritative in the sense of 'the final word'.
  Go to Network Utility on your mac, type in your real domain name (whatever you are changing to school.org to hide it) what comes back. On my server I see the below (I have replaced my real, Internet legal domain, to 'example.com')
  In my setup I have, on the LAN, setup the Mac server to be authoritative for domain 'example.com'. On the Internet however it is another external DNS server.
  So you have set DNS forwarders on the Mac machine?
  I really don't believe that the machine's hostname is changing, it is statically configured. What I believe is happening is that DNS name resolution is telling you different things at different times because you are using different DNS servers.
  On mac machine terminal type $less /etc/resolv.conf and copy paste what it says. In server app Services | DNS right side does it say you have forwarders?
  Still it is not good to have two DNS domains in your internal LAN, there is no need to have school.org on the mac DNS unless it is going to be fully setup to be authoritative in the internal LAN for the domain school.org. You can have school.org on the Internet (Internet scope of users point 1) and school.local on internal machine (LAN scope of users).
  Lookup has started…
  Trying "example.com"
  ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53292
  ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
  ;; QUESTION SECTION:
  ;example.com.                   IN        ANY
  ;; ANSWER SECTION:
  example.com.     10800          IN        SOA          example.com. admin.example.com. 2013010907 3600 900 1209600 86400
  example.com.     10800          IN         NS          server.example.com.
  example.com.     10800          IN         MX          10 server.example.com.
  ;; ADDITIONAL SECTION:
  server.example.com. 10800       IN          A          192.168.1.20
  Received 145 bytes from 127.0.0.1#53 in 2 ms

• I need help with proper DNS setup for 10.5.8 Server

  I'm administering a 10.5.8 server that I sold and setup about a year ago. I'm experiencing issues with getting iCal server to be happy. All of the clients are running 10.5.8, but I'm running 10.6.1. I've heard from others that connecting iCal in 10.6 to a 10.5 iCal Server should be no problem.
  I'm beginning to think that I have DNS issues. Probably because I'm not and never have been 100% certain how to set it up completely correctly. I used to be able to get Kerberos tickets, but now I can't. With the new "Ticket Viewer" in 10.6, it asks for two bits of information. First is "Identity" where I'm guessing I should put [email protected] and then password. When I do this I get an alert dialog that says "Kerberos Error -- cannot resolve network address for KDC in realm example.com"
  The server is a Mac Pro tower with two Ethernet ports. En2 is connected directly to the Internet and has a static IP with a domain name assigned to it. We'll call it "example.com" for the purposes of the discussion. The En1 is connected to the network switch and has a static LAN IP of 192.168.1.250. All clients inside and outside are able to reach the server via domain name for WWW & AFP, no problem.
  nslookup on the static IP address returns "example.com" and nslookup on "example.com" returns the correct static IP address. Open Directory is running and happy including Kerberos. The LDAP search base is "dc=example,dc=com". The LDAP search base is a concept I haven't quite grasped, so I'm just going to assume it's correct.
  The domain name is hosted outside by a service provider that forwards all "example.com" requests to the server with the exception of mail.
  In DNS, I have three "sections" that look like this:
  Name Type Value
  1.168.192.in-addr.arpa. Reverse Zone -
  192.168.1.250 Reverse Mapping example.com.
  000.000.00.in-addr.arpa. Reverse Zone -
  000.000.000.000 Reverse Mapping example.com.
  com. Primary Zone -
  mail.example.com. Alias mail.our-email-isp.com.
  example.com. Machine Multiple values
  www.example.com. Machine Multiple values
  NOTE: the zeros aren't actually zeros, they are the static IP assigned to the server/domain
  When I select the top element "1.168.192.in-addr.arpa." down below "Allows zone transfer" is NOT checked. Nameservers shows the zone as "1.168.192.in-addr.arpa." and the Nameserver Hostname as "ns.example.com."
  When I select the next line down "192.168.1.250", Resolve 192.168.1.250 to: example.com.
  When I select the "000.000.00.in-addr.arpa." element, it has the same settings -- nameservers "000.000.00.in-addr.arpa." and "ns.example.com."
  When I select the next line down (our static IP), Resolve 000.000.000.000 to: example.com.
  When I select "com." the admin email is populated with a valid email address, Allows zone transfer is NOT checked. In nameservers, Zone is "com." and Nameserver Hostname is "example.com." The mail exchangers are mail2.our-email-isp.com. priority 10 and mail.our-email-isp.com. and priority 20.
  When I select the machine "example.com." it shows both the real-world static IP and the 192.168.1.250, same with "www.example.com.".
  Am I doing something wrong with this setup? Should "com." be the primary zone or should that be "example.com." ???
  I've been thinking about getting rid of the DNS entry for the 192.168.1.250 address altogether, but will the clients in the office suffer performance issues??? I do not think that the client workstations are configured to get DNS from the server anyway. Should the "www.example.com." record be a Machine record or should it be an alias record?
  Any help you have to offer is greatly appreciated! Thanks!
  In the meantime, I'm going to look around and see if I can understand "Allows zone transfer" and LDAP Search base a bit better.

  Okay, I found a lovely article at the following address which I think helps me to clarify what I'm doing wrong. Despite that, I'd still like to have any feedback you have to offer.
  http://www.makemacwork.com/configure-internal-dns-1.htm
  Also, when editing DNS entries, Server Admin likes to set the nameserver to "ns." -- whatever your domain is. Should I be overriding that and if so, replace it with what?

• Help with Proper DNS Setup for Leopard Standard Server Setup

  Hello All,
  Problem Description-
  I was reviewing some training today on DNS setup and checking for proper setup with the sudo changeip - checkhostname tool and I seem to have an incorrectly configured DNS setup. So I need some help on correcting it. When I go to the "Server Preferences" tool I cannot log in using apple.ourdomainname.com instead in order to use the tool I have to input localhost as the server name. Now I just thought that the system was broken or something and with the help of my training I now see it's a DNS problem. I thought I had everything proper since I followed the steps of creating proper DNS/RDNS entries with my ISP. Now I am stuck wondering what else isn't working properly due to the DNS issue. Thanks in advance.
  Technical Info-
  My ISP provides us with 5 static IP's and we have asked them to create entries and verified the setup of apple.ourdomainname.com = x.x.x.x which is one of our public IP's assigned currently assigned to the WAN port of our Apple Airport Extreme. We have also had them create a PTR record which also is present, verified and functional. Our MacMini running 10.5.5 is connected directly to one of the ethernet ports on our Apple Airport Extreme which is our NAT/Firewall for the LAN. So during the setup of the Standard Server install the OS configured the Airport with the required ports for chat/web/vpn. And mobile Mac's can VPN in and gain folder access and web works fine too. We don't use the e-mail portion so I can't say how that works. The server is using the DNS of 10.0.200.1 which is the IP of the Airport and the airport is programmed with the DNS of OpenDNS servers 208.67.222.222 and 208.67.220.220. The reason for this whole long shpeal is that I want to give as much technical background as possible for the best possible help.
  Thanks
  DM

  What happens when you use 'Localhost' instead of 'localhost' (i.e. capitalizing the 'L')?

• Proper Configuration of DNS server for our new branch office

  Hi All,
  Our new office will setup a new branch office with a routed network link to our HO. In HO, we have 2 domain controllers configured as AD and DNS just for fail over scenarios.
  How will we configure the DNS server of our 3rd domain controller which we will placed in the new branch office. What would be the proper settings of DNS server integrated to AD to work well especially to have a successful replication and communication to
  the 2 DC's located in HO?

  Hi,
  If you have multiple DC's in that site i would recommend using any of the partner DC's IP addresses as preferred one and secondary DNS IP to pointing to itself. Dont use loopback addresses configure it with actual IP addresses.
  If you have only one server in branch office point itself as the primary DNS and HO DC as secondary and tertiary.
  Make sure that all clients in your branch site are pointing to the branch DC as primary DNS server.
  Regards,
  Rafic
  If you found this post helpful, please give it a "Helpful" vote.
  If it answered your question, remember to mark it as an "Answer".
  This posting is provided "AS IS" with no warranties and confers no rights! Always test ANY suggestion in a test environment before implementing!

• PowerShell Active Directory: Get last logon date of a deleted user

  So, my first post in this noble community. I've been lurking here and I've been getting some good information. Hopefully, you guys can help me in this concern which may be simple to some but I couldn't seem to get around it.
  Is it possible to get the last logon date of a DELETED user in Active Directory?
  I can get the available properties of deleted users using the following:
  Get-ADObject -Filter {samaccountname -eq <account_name> -and ObjectClass -eq "user"} -IncludeDeletedObjects -Properties *
  But the last logon date is not one of the properties available from Get-ADObject. Get-ADUser has the last logon property, but it does not have data on deleted users. Is there anyway this can be achieved? Perhaps convert an ADObject to an ADUser?
  Any information would be much appreciated. Thank you.

  Thanks everyone for your response. It looks like jrv is leading me to the right path, but I'm still having issues. I'm trying to get the lastlogon time by querying all the DCs in our domain, but every query returns a null lastlogon time for all the deleted
  users I tried:
  $DomainControllers = ((Get-ADForest).Domains | %{ Get-ADDomainController -Filter * -Server $_ }).Name
  foreach ($DC in $DomainControllers)
      $dn=(Get-ADObject -Filter {samaccountname -eq <user_account>} -includedeletedobjects -server $DC).DistinguishedName
      $user=[adsi]"LDAP://$dn"
      $user.LastLogon
  It always returns null. Morever, simply executing [adsi]"LDAP://$dn" from each DC gives the following error:
  format-default : The following exception occurred while retrieving member
  "distinguishedName": "There is no such object on the server.
      + CategoryInfo          : NotSpecified: (:) [format-default], ExtendedType
     SystemException
      + FullyQualifiedErrorId : CatchFromBaseGetMember,Microsoft.PowerShell.Comm
     ands.FormatDefaultCommand
  It's a bit surprising to me though, since $user=[adsi]"LDAP://$dn" does return a value for $user (instead of null whenever an error is encountered) of type System.DirectoryServices.DirectoryEntry but it has no members.
  Anyone know what I'm missing?

• How to initialize delta for a new data target

  Hi
  I have an ODS from which there are several other targets getting updated thru an export datasource. The delta initialization happend some 6 months back. I now have a new ODS into which i need to load the data from the original  ODS. How can i initialise the delta to my new target without changing the delta initialization of the other targets and continue the delta for all of them together?
  can i use the same initialization for my new target??
  If i do a full update and then a initialise w/o data transfer, will the further delta bring the data from the correct point, is there a possiblity of data loss??
  Regards,
  Sujai

  Hi Ajay,
  the steps are as follows.
  1 delete the initialization. open infopackage >> menu scheduler >> Initialization options for source systems >> delete the request thats there.
  2. Now go to the Update tab of the infopack >> select option Initialize Delta process >> check the option initialize without Data transfer
  3. Goto Schedule tab and start the job.
  here the data targets will be all the targets the infopack loads.
  4. Create a new infopack
  5. goto Data targets tab >> select data targets >> put a check on your new ODS/Cube
  6. Goto Update tab >> select the option Full update
  7. goto menu Scheduler >> select Repair full request >> put a check on Indicate request as Repair Request >> hit OK
  8. Goto schedule tab >> start the job.
  9. Continue with the existing Delta infopack that was load the old ODS/Cubes  and make sure your new ODS/Cube is also cheked for the delta.
  Regards
  Sujai

• Proper DNS Setup for SLS

  I have a new MacMini SLS and I need to make sure I am doing things right. I have BrightHouse Business Cable service with 5 static and one with RDNS for apple.ourdomain.com pointed at 1 of the IP's which is currently connected to our new AEBS. The AEBS is DHCP for LAN side and has been setup with ISP DNS.
  When setting up SLS, the server finds that it's internet hostname is apple.domain.com as it should but computer hostname is just always set to apple. Once server is running all e-mail sent comes from [email protected] instead of domain.com which is fixed by adding an alias in the hosting section of mail. But the server itself in DNS is set for the domain apple.domain.com instead of domain.com with an NS of apple.domain.com is this ok? If during setup I change apple.domain.com to just domain.com then dns looks funny again as the domain would be right but the ns is then just set to domain.com instead of apple.domain.com so either way in my mind it's wrong. I just want to do it once and right so that the server runs smoothly and I am not sure what to do.

  Works out just fine.
  Primary address = 10.0.200.2
  Current HostName = apple.ourdomain.com
  DNS HostName = apple.ourdomain.com
  The names match. There is nothing to change.
  dirserv:success = "success"

• Help with DNS setup for LAN only

  I have a Mac Mini SNS 10.6.8 as our company's local standalone fileserver.
  Everything has ran great for the past year (still is), but now I want to try and setup DNS for more control and services.
  The server host name is servername (no FQDN), which shows up in Server Admin as servername.local.
  I read and followed Hoffman Labs great step-by-step, but must have missed something, since I still cannot get DNS resolution.
  Here is a brief summary of the Server Admin settings:
            Host Name                    servername
            Host (Server) IP          192.168.4.2
            Router IP (also default public DNS IP) 192.168.4.1
            Bonjour                    Wide Area  =  Not enabled
            Settings                    Accept recursive queries  =  localnets
            Settings                    Forwarder IPs  =  8.8.8.8  &  8.8.4.4  (Google Public DNS)
  now...          Zones                              1 Primary Zone  =  companyname.net (we own the domain)
                                          Primary Zone Name  =  companyname.net
                                          Nameserver Zone  =  companyname.net
                                          Nameserver Host Name  =  servername.companyname.net
                                          2 A Records:
                                          servername          192.168.4.2
                                          user1                    192.168.4.3
                                          Reverse mapping - automatic - OK
  Testing          Ran sudo changeip -checkhostname
                      Results:
                                Primary address          =          192.168.4.2
                                Current hostname          =          servername
                                The DNS hostname is not available. Please repair DNS and re-run this tool.
  I must be doing something wrong, but I don't know what it is.  Please help.

  Did you intend to have both "example.com" and "example.net" listed there?  Are those domains really different?  I'm going to assume that was an obfuscation error.  (This is part of the "fun" of obfuscation, unfortunately.  Of having to differentiate errors in the actual configuration from errors that were introduced during the obfuscation.)
  >Oddly, even though I had manually assigned our Comcast gateway's DNS to Google DNS IPs, the gateway summary still shows up as Comcast's DNS server IPs.  So I removed the manually assigned Google DNS IPs from the gateway.
  The gateway (or whatever you're using as your DHCP server) should be configured with the DNS server address of 192.168.4.2.  All other hosts on your network (if you're planning to use your local DNS everywhere on your LAN) should also reference 192.168.4.2, either through an explicit static configuration, or as the address that was received from the DHCP server.
  And as for IP routing, are all your hosts, network printers, network gateways, DHCP servers, etc., all in the range of 192.168.4.1 to 192.168.4.254?  (They should be, if you're using a /24-class 255.255.255.0 subnet mask.)
  But then I don't know where this configuration has gone off the rails...  (Over the years, I've seen and have made my own configuration errors, I've been "bagged" by DNS caches, and I've hit various bugs in DNS implementations.)  What you have stated here should work.
  I'd start at the top of the DNS configuration article, and not stray from what is written there.   That there has been Google DNS and have had ISP DNS configured at the gateway does mean there were some areas that have strayed from the article.   I'd suggest following the DNS server configuration directions exactly.
  Setting up DNS services with OS X Server isn't difficult, but it can be a little fussy. 
  If you don't understand something that's written in that article -- or if you believe you need to enter something different than what's listed there -- then please stop and ask about it.  Either ask here, or ask over there.  (This feedback also helps improve that article.)
  Straying from what's written in that article is certainly and entirely feasible, but that's something best left until after the adminstrator is more familiar with running a DNS server.  Once you know how and why and where you can stray, there are all sorts of things you can do within a DNS configuration.

• DNS Setup for 11i DR Failover

  HI
  I am implementing a DNS Level DR for 11i Applications. Could please some share the best practices for this type of setup. I will be creating a exact mirror of the primary using Hitache Data Storage.
  regards
  yadava

  Hi
  I think i am not clear with the requirement. I am using mirror copy of the filesystem using HDS and the seconday will up if only the primary goes down using DNS lookup. The secondary will be mirrored every 4 hours.