Active Directory Integration and Drive mapping
We currently have a lab with 20 Mac Pro machines, and an Xserve.. all running 10.5+. We are looking at integrating the existing users, through AD, into the Xserve. We have been able to do simple authentication and drive mapping to the windows share easily enough. However what we would like to be able to do is mount a share from the Xserve for only the Macs for the students that will be in there, while keeping the Home directory from AD intact and still being mounted.
Is that possible or I am going outside of what I am able to do?
Thank you
If I understand what you are asking, then you will need to bind the Xserve to AD, then promote it to an OD master. This will allow you to manage the AD groups without schema modification to AD, basically allowing the storage of Apple MCX attributes. You can then create a group in OD and add the AD group to it. Then, manage the OD group and set login preferences to automount a share. Check the box to allow unique user credentials to be sent. Since you are in a Kerberos/Single sign on environment, you will be able to pull this off very easily.
During the workstation bind, make sure the UNC home path option is select and that you are choosing the correct protocol (SMB or AFP). That will allow the AD defined windows home folder to mount. Then follow the OD MCX stuff above to handle the mount of the share. You might also want to look into augmented records if you need to get management to the user level. I've had no need for this yet so I've not used it. Manage by nest AD group has always been enough because everyone gets the same stuff.
Hope this helps
Similar Messages
-
Help with Active Directory Integration and kerberos
Hello,
Im encountering a bug preventing me to use Active Directory integration with kerberos :
Our domain name is CORP.DOMAIN.COM.
When we request the GC in this domain :
bash-3.00# nslookup -query=any gc.tcp.corp.domain.com
Server: 1.2.1.6
Address: 1.2.1.6#53
** server can't find gc.tcp.corp.domain.com: NXDOMAIN
there is no answer.
But when we request without corp, we find the servers :
bash-3.00# nslookup -query=any gc.tcp.domain.com | grep sis
gc.tcp.domain.com service = 0 100 3268 serveur02.corp.domain.com.
gc.tcp.domain.com service = 0 100 3268 serveur01.corp.domain.com.
bash-3.00#
Is-it possible to add the possibility to enter the domain name where reside the gc.tcp ?
Thank you.Hello
the domain.com domain exist, but it's not our domain.
so, when I put domain.com, it search with no result (nothing appends).
our kdc.conf :
[kdcdefaults]
kdc_ports = 88,750
[realms]
CORP.DOMAIN.COM = {
profile = /etc/krb5/krb5.conf
database_name = /var/krb5/principal
admin_keytab = /etc/krb5/kadm5.keytab
acl_file = /etc/krb5/kadm5.acl
kadmind_port = 749
max_life = 8h 0m 0s
max_renewable_life = 7d 0h 0m 0s
default_principal_flags = +preauth
krb.conf
[libdefaults]
default_realm = CORP.DOMAIN.COM
default_checksum = rsa-md5
[realms]
CORP.DOMAIN.COM = {
kdc = dc01.corp.domain.com
kdc = dc02.corp.domain.com
[domain_realm]
.corp.domain.com = CORP.DOMAIN.COM
corp.domain.com = CORP.DOMAIN.COM
in every domain, I think the GC are in corp.domain.com. but in my company, it's in domain.com...
Thank you, -
Active Directory Integration and home folder mounting
Hello,
I've set up a G4 tower with Tiger 10.4.4 and bound it to our AD domain. Authentication works perfectly, however the home directories of the users (on smb shares on windows servers) do not mount consistently. At first I thought that it was working for administrative users but not for regular users, but one of our test accounts which has no admin priv's works perfectly. It does seem to work consistently for admins, though.
Most regular users are given a local home directory. Has anyone seen this? Any thoughts? Is there any particular log file that I might check for clues?
I'll try get in a little later to post the output of dsconfigad -show , which might help...
Anyhow any help will be appreciated..... thanks!
-JonathanI have been working on doing this as well. If I set the 'mount home directoy' property in the user in Active Directory Users and Computers it has worked for all users and I did not have to specify anything in the AD connector on the Macs.
Robert -
MS Active Directory (LDAP) and SAP Integration
Hi all!
don't know if I'm right here in this forum, but:
I'm using MS Windows Server 2003 and installed Active Directory as LDAP-System on the one hand side, on the other I'm using a 6.20 ABAP Web AS.
I'd like to synchronize the User Storage on these two systems.
Does anyone have experience in doing this? I'm facing a tricky exception in depth of my customizing too complex to explain right now. The problem concerns the mapping of LDAP-Fields and SAP-Fields.
Thankx,
ChristophHi Christoph,
This is the mySAP ERP forum. Perhaps you can post your question in the Web AS forum (SAP NetWeaver Application Server).
For now: here is a link to a video regarding SAP Active Directory integration:
https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/documents/a1-8-4/sap active directory integration,%20SSO%20and%20User%20Management%20Webinar.wrf
I found it by searching on Active Directory here on sdn:
https://www.sdn.sap.com/sdn/search.sdn?contenttype=url&content=/irj/servlet/prt/portal/prtroot/pcd!3aportal_content!2fSDN!2fiViews!2fFramework!2fcom.sap.sdn.advsearch%3Fprttheme%3DCSIN%26QueryString=active%20directory%26searchDatasource=SDNContent
Cheers,
Noel -
Active Directory integration: Invalid Token Error in Verification Service
I'm having problems with Active Directory integration. I'm able to browse users in the task routing slip in JDeveloper. But I'm unable to login to the worklist application.
Getting an "Invalid Token Error in Verification Service" error. Any pointers?
<2007-06-12 21:40:36,843> <ERROR> <default.collaxa.cube.services> <PCException::<init>> Identity Service Configuration error.
<2007-06-12 21:40:36,843> <ERROR> <default.collaxa.cube.services> <PCException::<init>> Identity Service Configuration file has error.
<2007-06-12 21:40:36,859> <ERROR> <default.collaxa.cube.services> <PCRuntimeException::<init>> Identity Service Configuration error.
<2007-06-12 21:40:36,859> <ERROR> <default.collaxa.cube.services> <PCRuntimeException::<init>> Identity Service Configuration file has error.
<2007-06-12 21:40:36,859> <ERROR> <default.collaxa.cube.services> <::> WorkflowService:: VerificationService.destroyContext: invalid token: c9pHcmBFtc4q7/EY3xGAv/6hhfa6Hf5tllCb8ZYKtdSA/8/y0exRcwpjy0vWiWGgBPzuIh5Ur+l+ZHDNe0PKb9KiFScsKAG3JK1y+nIJtC827Rljhn8E+/BoF+ZIN6GFYn/iyo/6Mrlmz02Pg4QtetftO7eHJ01rEV5MmZFTXsg8iV6LQPnkAPjqmmsq+5bVYGGfSFpHX7FXk/0FrSabClKy6DKiwt/1Kp2Ldbj2RY8=
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::> ORABPEL-30503
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::>
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::> Invalid Token Error in Verification Service.
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::> Invalid Token Error in Verification Service. Received invalid token c9pHcmBFtc4q7/EY3xGAv/6hhfa6Hf5tllCb8ZYKtdSA/8/y0exRcwpjy0vWiWGgBPzuIh5Ur+l+ZHDNe0PKb9KiFScsKAG3JK1y+nIJtC827Rljhn8E+/BoF+ZIN6GFYn/iyo/6Mrlmz02Pg4QtetftO7eHJ01rEV5MmZFTXsg8iV6LQPnkAPjqmmsq+5bVYGGfSFpHX7FXk/0FrSabClKy6DKiwt/1Kp2Ldbj2RY8= in destroyContext
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::> Check the underlying exception and correct the error. Contact oracle support if error is not fixable.
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::>
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::> at oracle.bpel.services.workflow.verification.impl.VerificationService.destroyContext(VerificationService.java:667)
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::> at oracle.bpel.services.workflow.query.impl.TaskQueryService.destroyWorkflowContext(TaskQueryService.java:161)
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::> at worklistapp.servlets.Logout.handleRequest(Logout.java:66)
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::> at worklistapp.servlets.BaseServlet.doGet(BaseServlet.java:142)
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::> at javax.servlet.http.HttpServlet.service(HttpServlet.java:743)
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::> at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::> at com.evermind.server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:64)
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::> at oracle.security.jazn.oc4j.JAZNFilter$1.run(JAZNFilter.java:396)
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::> at java.security.AccessController.doPrivileged(Native Method)
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::> at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::> at oracle.security.jazn.oc4j.JAZNFilter.doFilter(JAZNFilter.java:410)
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::> at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:621)
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::> at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:368)
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::> at com.evermind.server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:866)
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::> at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:448)
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::> at com.evermind.server.http.HttpRequestHandler.serveOneRequest(HttpRequestHandler.java:216)
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::> at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:117)
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::> at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:110)
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::> at oracle.oc4j.network.ServerSocketReadHandler$SafeRunnable.run(ServerSocketReadHandler.java:260)
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::> at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303)
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::> at java.lang.Thread.run(Thread.java:595)
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::> Caused by: BPEL-10555
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::>
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::> Identity Service Configuration error.
<2007-06-12 21:40:36,890> <ERROR> <default.collaxa.cube.services> <::> Identity Service Configuration file has error.Hi Adina,
thank you for your answer (questions)!
We use 10.1.3.1 SOA Suite and the default jazn.com Security Provider and what we set at java.naming.security.principal property is oc4jadmin.
It is interesting, we deployed again out EAR and now it works again! There is not Invalid Token Error exception, but we didn't change almost anything...
Can we debug it somehow?
Where does this bug come from?
Thanks!
ric -
Tutorial: Azure Active Directory integration with Igloo Software
Click reply and tell us what you think:
Tutorial: Azure Active Directory integration with Igloo Software
Markus Vilcinskas, Knowledge Engineer, Microsoft CorporationHello
Can you be little clear, what you have tested with Airwatch MDM cloud?.. which scenarios?..
1) Device Enrollment ?
2) Access to Airwatch console?
3) Access to Airwatch self service portal?
By following the steps We do not get it working at all. by the way some of the steps in this tutorial are unclear and outdated;
I finally personally figured out how things should look like, and make it work but only with Device Enrollment scenarios from the mobile devices itself. not from the pc and browsers or from the Access panel. -
Active directory Integration with OBIEE
Hi all,
Can any one send me a link for active directory integration with OBIEE.
I have imported the users succesfully and I was able to login to analytics as an AD user.
But SSO is not possible. Kindly help me over this.
Thanks,
Haree.Thanks for reply veeravalli.
Me too followed the same link and successfully imported all the users from AD into OBIEE and login in is also possible.
But my requirement is to have Single Sign On ie.., users may log on to their Windows PCs and access Oracle BI EE via a standard web browser with no further authentication required on their part.
Thanks,
Haree -
Workspace integration and Database Mapping
Hi there folks,
I have a couple of questions about Forte.
1 - When you integrate a workspace into the repository it takes all the
changes you have made in that workspace and 'saves' them to the
repository. However, what if you have a workspace which has a half
finished project as well as another project which you make a small but
important change to. The small change must go back because other
developers need the 'fix', but the half finished project will essentially be
'broken' if it is integrated at this stage. Is there any way to integrate
only specific projects? If not, how do you stop the half finished project
being copied into the other developers' workspaces when they do an
'Update'.
2 - We have designed a class called 'Criteria' which contains several
attributes, each of which are a class called 'Criterion'. The Criterion
class contains the attributes "Active", "From" and "To" which are simple
data types. Now if the 'Criteria' class is used for attributes in two other
classes (Say "ClassA" and "ClassB"), how can you match these
classes to RDBMS tables? I realise you could explicitly name columns
and attributes in SQL Select, Insert and Update statements, but that
has now defeated the purpose of creating the 'Criteria' class in the first
place. Namely, ease of future maintenance. Am I missing something
here?
Thanks in advance for any help.
Cheers,
Duncan Kinnear,
McCarthy and Associates, Email: [email protected]
PO Box 764, McLean Towers, Phone: +64 6 834 3360
Shakespeare Road, Napier, New Zealand. Fax: +64 6 834 3369
Providing Integrated Software to the Meat Processing Industry for over 10 years
To unsubscribe, email '[email protected]' with
'unsubscribe forte-users' as the body of the message.
Searchable thread archive <URL:http://pinehurst.sageit.com/listarchive/>Duncan,
1. There is no way to integrate a part of your workspace/class and not the other. So, before you integrate you have to make sure that it compiles and also your changes do not break what others are doing when they update. The only way to do it is to export the half finished projects/classes, integrate the good workspace and then import it back and continue your work.
It is important that there is some discipline and lot of unit testing as your application grows bigger and code larger and you go towards deployment. This will reduce the possibility of breaking others code (after you integrate and others update).
2. From what I have seen, compared to lot of tools Forte goes very far in providing a good and easy mapping from objects (rather object attributes) to table column mapping. All said and done there is a mismatch between pure objects and an RDBMS table. We have to live with it until we get to a stage where we can have OODBMSes which are still in its infancy compared RDBMSes. In forte you can map attributes of an object whose names are same as the column names. Another option is to alias the column names to match the attribute names in the SQL.
Now for my pet discussion of mapping objects to tables - It is easier and simple if you map an object to a table. OO purists might argue with me and say that is not very OOriented. That is right but we are dealing with a mismatch here. It is just that we are impedance matching by trying to persist an object into an RDBMS table.The other possibilities are to map 1 to many from object to a table and vice versa. Choose whatever is right for you. Eventually keep the performance in mind when you choose an approach.
Hope this helps.
Nirmal
Nirmal P Uppalapati Phone: (203) 622-5386
VP-US Operations (203) 359-3992
PSI Data Systems Ltd. Mobile: (203) 912-1302
Suite 406 Fax: (203) 359-4662
One Bank Street Email : [email protected]
Stamford, CT 06901 USA Web: http://www.psi.soft.net
-----Original Message-----
From: Duncan Kinnear [SMTP:[email protected]]
Sent: Wednesday, October 14, 1998 6:02 PM
To: [email protected]
Subject: Workspace integration and Database Mapping
Hi there folks,
I have a couple of questions about Forte.
1 - When you integrate a workspace into the repository it takes all the
changes you have made in that workspace and 'saves' them to the
repository. However, what if you have a workspace which has a half
finished project as well as another project which you make a small but
important change to. The small change must go back because other
developers need the 'fix', but the half finished project will essentially be
'broken' if it is integrated at this stage. Is there any way to integrate
only specific projects? If not, how do you stop the half finished project
being copied into the other developers' workspaces when they do an
'Update'.
2 - We have designed a class called 'Criteria' which contains several
attributes, each of which are a class called 'Criterion'. The Criterion
class contains the attributes "Active", "From" and "To" which are simple
data types. Now if the 'Criteria' class is used for attributes in two other
classes (Say "ClassA" and "ClassB"), how can you match these
classes to RDBMS tables? I realise you could explicitly name columns
and attributes in SQL Select, Insert and Update statements, but that
has now defeated the purpose of creating the 'Criteria' class in the first
place. Namely, ease of future maintenance. Am I missing something
here?
Thanks in advance for any help.
Cheers,
Duncan Kinnear,
McCarthy and Associates, Email: [email protected]
PO Box 764, McLean Towers, Phone: +64 6 834 3360
Shakespeare Road, Napier, New Zealand. Fax: +64 6 834 3369
Providing Integrated Software to the Meat Processing Industry for over 10 years
To unsubscribe, email '[email protected]' with
'unsubscribe forte-users' as the body of the message.
Searchable thread archive <URL:http://pinehurst.sageit.com/listarchive/>
To unsubscribe, email '[email protected]' with
'unsubscribe forte-users' as the body of the message.
Searchable thread archive <URL:http://pinehurst.sageit.com/listarchive/> -
Can Microsoft active directory integrated with Oracle Applications
Hi,
Can anyone provide me any document on Microsoft Active Directory Integration with Oracle Applications(12.0.6)
ManishHi,
It is possible, please refer to the following documents for details.
Note: 376811.1 - Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Note: 415007.1 - Oracle Application Server with Oracle E-Business Suite Release 12 FAQ
Regards,
Hussein -
Windows 2008 Server - Cannot run Active Directory Users and Computers
Hi,
I am running Windows 2008 Server with latest windows updates installed. Directory Services Role also.
I attempt to open Active Directory Users and Computers tool and I get a;
Microsoft Visual C++ Runtime Library error;
"The Application has requested the runtime to terminate it in a unusual way. Please contact the application's support team for more information"
I click ok, then get the following debug info;
Problem signature:
Problem Event Name: APPCRASH
Application Name: mmc.exe
Application Version: 6.0.6001.18000
Application Timestamp: 47919524
Fault Module Name: msvcrt.dll
Fault Module Version: 7.0.6001.18000
Fault Module Timestamp: 4791ad6b
Exception Code: 40000015
Exception Offset: 0000000000029b06
OS Version: 6.0.6001.2.1.0.272.7
Locale ID: 3081
Additional Information 1: 43aa
Additional Information 2: cf3a46656318492c1997480001b6b0e0
Additional Information 3: 3837
Additional Information 4: 92f72e0d0589ff77cef51e0a413aeff6
Read our privacy statement:
http://go.microsoft.com/fwlink/?linkid=50163&clcid=0x0409
If someone could please assist, it would be very much appreciated.
Regards
B
Hi,
To solidly troubleshoot this kind of issue, we need to debug dump file. A suggestion would be to contact Microsoft Customer Service and Support (CSS) via telephone so that a dedicated Support Professional can assist with your request.
To obtain the phone numbers for specific technology request please take a look at the web site listed below:
http://support.microsoft.com/default.aspx?scid=fh;EN-US;OfferProPhone#faq607
However, I am also glad to share my research.
Some third party applications may lead to this error. Please check if you install other third party applications on Windows server 2008?
Also, please follow the article below to perform necessary steps to see how it's going?
FIX: You receive an "invalid page fault in module MSVCRT.DLL" error message after you install the run-time libraries from Visual C++ 6.0
http://support.microsoft.com/kb/190536/en-us
Hope this helps.
Best wishes
Morgan Che -
How to create "folders" in Active Directory Users and Computers?
Hello Community
In Windows Server 2008R2 when you go to Active Directory Users and Computer
you will see icons of folders such as:
- Builtin has a folder icon
- Computers has a folder icon
- ForeignSecurityPrinicpals has a folder icon
- Domain Controller as a folder icon
- Managed Service Accounts has a folder icon
- Users has a folder icon
All of the above folders are visually identical.
If you right click and select “File” – “New”
on any of the selections the icon
will not look like the folder icon they have their own icons which look different
from the "Folder" icon.
I would like to create a “Folder” that looks just visually exactly like the ones
mentioned above, how can I create those types of Folders in Active Directory User
and Computers?
Note: I would like to put users in the folders.
Thank you
ShabeautHi,
you should use OUs (an OU is they type of object (folder) that is available for you to easily create.
The object type you are asking about is a "container", and there are various reasons why an OU is more flexible (applying GPO, etc).
Refer: Delegating Administration by Using OU Objects
http://technet.microsoft.com/en-us/library/cc780779(v=ws.10).aspx
and the sub-articles:
Administration of Default Containers and OUs
http://technet.microsoft.com/en-us/library/cc728418(v=ws.10).aspx
Delegating Administration of Account and Resource OUs
http://technet.microsoft.com/en-us/library/cc784406(v=ws.10).aspx
Also: http://technet.microsoft.com/en-us/library/cc961764.aspx
Don
(Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
This helps the community, keeps the forums tidy, and recognises useful contributions. Thanks!) -
Not able to open active directory user and computer in windows server 2008r2
Hi All techies,
i would like to know one issue which i am facing mostly, i have created 5 virtual machine all with window server2008r2 and one windows 7 on vm-ware now when ever i start my virtual machines everything going rite but when i try to open active directory user/
computer or domain and trust i get a following error "data from active directory user and computers is not available from dc(null) bcoz unspecified error" even when i chk in events log its give me no help, and after 15-30 min everything works good
Please let me know the cause of it and really appreciate it .
Thanks
AtulYou need to ensure that
1. group policy that says "wait for network before logon" is applied to all computers including servers and workstations is applied
2. DNS record exists for all DCs in DNS
3. If there are multiple Domain Controllers in Forests, then they point them as secondary DNS server. This way they will be able to resolve IPs if local DNS server service takes time to start.
As Chris mentioned, you need to start all DCs first, give a time of 5 minutes and then start member servers and workstations for successful logon.
- Sarvesh Goel - Enterprise Messaging Administrator -
Active directory users and computers wont start on a dc, "the server is not operational"
In our environment, we have 3 dc's
two which run server 2008 (they work perfectly)
and one never off branch dc that runs server 2008 r2.
We have been having some problems where we feel the replication isnt up too speed(stuff could take up to 24 hours to replicate) and now when i tried opening active directory users and computers i am met with this error window:
We have a third party DNS solution.
How do i troubleshoot this issue?dc01 (which replicates perfectly with dc02, and vise versa)
dcdiag /test:dns
C:\Users\adminuser>dcdiag /test:dns
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Hostingpartner\ourdc01
Starting test: Connectivity
......................... ourDC01 passed test Connectivity
Doing primary tests
Testing server: Hostingpartner\ourdc01
DNS Tests are running and not hung. Please wait a few minutes...
Running partition tests on : ForestDnsZones
Running partition tests on : DomainDnsZones
Running partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : int
Running enterprise tests on : int.domain.com
Starting test: DNS
Test results for domain controllers:
DC: ourdc01.int.domain.com
Domain: int.domain.com
TEST: Delegations (Del)
Error: DNS server: ourdc02.int.domain.com. IP:xx.xx.xx.32 [Broken delegated domain domaindnszones.int.domain.com.]
Error: DNS server: ourdc02.int.domain.com. IP:xx.xx.xx.32 [Broken delegated domain forestdnszones.int.domain.com.]
Summary of test results for DNS servers used by the above domain controllers:
DNS server: xx.xx.xx.32 (ourdc02.int.domain.com.)
2 test failures on this DNS server
Delegation is broken for the domain domaindnszones.int.domain.com. on the DNS server xx.xx.xx.32
Delegation is broken for the domain forestdnszones.int.domain.com. on the DNS server xx.xx.xx.32
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
Domain: int.domain.com
ourdc01 PASS PASS PASS FAIL n/a PASS n/a
......................... int.domain.com failed test DNS
dcdiag on dc01(which can replicate with dc02)
C:\Users\adminuser>dcdiag
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: hostingpartner\ourdc01
Starting test: Connectivity
......................... OURDC01 passed test Connectivity
Doing primary tests
Testing server: hostingpartner\ourdc01
Starting test: Replications
[Replications Check,OURDC01] DsReplicaGetInfoW(PENDING_OPS) failed with error 8453,
Win32 Error 8453.
......................... OURDC01 failed test Replications
Starting test: NCSecDesc
......................... OURDC01 passed test NCSecDesc
Starting test: NetLogons
[OURDC01] User credentials does not have permission to perform this operation.
The account used for this test must have network logon privileges
for this machine's domain.
......................... OURDC01 failed test NetLogons
Starting test: Advertising
......................... OURDC01 passed test Advertising
Starting test: KnowsOfRoleHolders
......................... OURDC01 passed test KnowsOfRoleHolders
Starting test: RidManager
......................... OURDC01 passed test RidManager
Starting test: MachineAccount
......................... OURDC01 passed test MachineAccount
Starting test: Services
......................... OURDC01 passed test Services
Starting test: ObjectsReplicated
......................... OURDC01 passed test ObjectsReplicated
Starting test: frssysvol
......................... OURDC01 passed test frssysvol
Starting test: frsevent
......................... OURDC01 passed test frsevent
Starting test: kccevent
......................... OURDC01 passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0xC0002719
Time Generated: 04/04/2013 15:04:29
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002719
Time Generated: 04/04/2013 15:04:50
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002719
Time Generated: 04/04/2013 15:10:56
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002719
Time Generated: 04/04/2013 15:11:17
(Event String could not be retrieved)
......................... OURDC01 failed test systemlog
Starting test: VerifyReferences
......................... OURDC01 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : int
Starting test: CrossRefValidation
......................... int passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... int passed test CheckSDRefDom
Running enterprise tests on : int.domain.com
Starting test: Intersite
......................... int.domain.com passed test Intersite
Starting test: FsmoCheck
......................... int.domain.com passed test FsmoCheck
The problematic dc03:
Dcdiag gives the same output as dcdiag /test:dns
C:\Users\adminuser>dcdiag
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = OURDC03
Ldap search capabality attribute search failed on server NTSDC03, return
value = 81
We have an infoblox dns server on ip address xxx.y.y.251.
first error in event logs on dc03:
error 1863
This is the replication status for the following directory partition on this directory server.
Directory partition:
CN=Configuration,DC=int,DC=domain,DC=com
This directory server has not received replication information from a number of directory servers within the configured latency interval.
Latency Interval (Hours):
24
Number of directory servers in all sites:
2
Number of directory servers in this site:
2
The latency interval can be modified with the following registry key.
Registry Key:
HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Replicator latency error interval (hours)
To identify the directory servers by name, use the dcdiag.exe tool.
You can also use the support tool repadmin.exe to display the replication latencies of the directory servers. The command is "repadmin /showvector /latency <partition-dn>".
i have also go several warning 2088, 2093, 2087.
And errors 1863 pointing to different directory partitions like schema/configuration/domaindnszones/forestdnszones -
Active Directory Users and Computer not displaying column data?
I am running Windows 8.1 Enterprise with RSAT installed. My Domain controllers are Server 2008 R2.
I am having and issue with Active Directory Users and Computers. Typically I will turn on Advanced Features and then add Columns for Email address and Display Name. This for example allows me to easily export lists of users and there email
addresses among other things.
The issue is that on my Windows 8.1 client, the columns for Email and Display Name are empty. It simply will not display this information. It only displays Name, TYpe and Description.
If I use a Windows 7 client, the information displays correctly.
Has anyone run into this issue or heard of this problem when using ADUC on Windows 8.1?ADUC is an AD tool that is no longer being improved, with Microsoft now focusing on ADAC (Administrative Center). In 8.1, it has improved quite a bit since 7. You can also just try using the
ActiveDirectory PowerShell Module, which is easy to use and fairly powerful. It can be simple to export lists, and the module for AD is included with RSAT tools.
Example:
Import-Module ActiveDirectory
Get-ADUser -Filter {Manager -eq "John.Smith"} -Properties DisplayName,Mail | Export-Csv dump.csv -NoTypeInformation
So, recommendation: either use ADAC, or PowerShell -- ADUC is part of the wave of deprecation. -
Re: Workspace integration and Database Mapping
Subject: Re: Workspace integration and Database Mapping
>
1. I aggree with you that this is a weak point of Forte. A possible workaround is
to have a Workspace 'BugFixes' where you fix your bugs without affecting the rest
of your code.
1 - When you integrate a workspace into the repository it takes all the
changes you have made in that workspace and 'saves' them to the
repository. However, what if you have a workspace which has a half
finished project as well as another project which you make a small but
important change to. The small change must go back because other
developers need the 'fix', but the half finished project will essentially be
'broken' if it is integrated at this stage. Is there any way to integrate
only specific projects? If not, how do you stop the half finished project
being copied into the other developers' workspaces when they do an
'Update'.
Hi Forte'rs
I just would like to express my deep appreciation for the way integrating
workspaces works in Forte.
This makes it a lot safer to work with, because you can only test the
COMPLETE set of code and not just the 'few' changes you just made...
I, at least, always make quite a few changes in a bunch of classes, so it would be
a complete mess to try to sort out which changes to integrate and which to keep
in my workspace only.
Now I also have been frustrated not being able to make a quick (and dirty) fix - but
in hindsight - it is clear that you cannot be sure that the fix works in the real world
(you know: the stuff outside your own heavily modified workspace).
So while I agree with everyone that got frustrated by not been able to integrate
just a few changes, I am also happy that this is not allowed!
may the forte be with you all
Jens Chr Juul Jensen
KAD/Denmark
To unsubscribe, email '[email protected]' with
'unsubscribe forte-users' as the body of the message.
Searchable thread archive <URL:http://pinehurst.sageit.com/listarchive/>Subject: Re: Workspace integration and Database Mapping
>
1. I aggree with you that this is a weak point of Forte. A possible workaround is
to have a Workspace 'BugFixes' where you fix your bugs without affecting the rest
of your code.
1 - When you integrate a workspace into the repository it takes all the
changes you have made in that workspace and 'saves' them to the
repository. However, what if you have a workspace which has a half
finished project as well as another project which you make a small but
important change to. The small change must go back because other
developers need the 'fix', but the half finished project will essentially be
'broken' if it is integrated at this stage. Is there any way to integrate
only specific projects? If not, how do you stop the half finished project
being copied into the other developers' workspaces when they do an
'Update'.
Hi Forte'rs
I just would like to express my deep appreciation for the way integrating
workspaces works in Forte.
This makes it a lot safer to work with, because you can only test the
COMPLETE set of code and not just the 'few' changes you just made...
I, at least, always make quite a few changes in a bunch of classes, so it would be
a complete mess to try to sort out which changes to integrate and which to keep
in my workspace only.
Now I also have been frustrated not being able to make a quick (and dirty) fix - but
in hindsight - it is clear that you cannot be sure that the fix works in the real world
(you know: the stuff outside your own heavily modified workspace).
So while I agree with everyone that got frustrated by not been able to integrate
just a few changes, I am also happy that this is not allowed!
may the forte be with you all
Jens Chr Juul Jensen
KAD/Denmark
To unsubscribe, email '[email protected]' with
'unsubscribe forte-users' as the body of the message.
Searchable thread archive <URL:http://pinehurst.sageit.com/listarchive/>
Maybe you are looking for
-
Kindly refer to Case Id No. 525700065 in India.I have talked to various people on my case for more than 5 hours ( Total talk time) The people give various different answers and aim really fed up now. What do i do? Many apple phone users are especiall
-
Hi. I have a problem..
Hi there. One month later I bought a second hand iPhone, everything worked fine, i was able to create my icloud account, to activate find my phone, to locate it on map, full iCloud and iPhone features, but after one month i wanted to gift it so i did
-
Currently I am using POI HSSF to convert data from Excel to mysql database. But sometime when the excel file is using large, the jvm generate a error (that is about not having enought memory), so is there any way to set the memory limit for jvm? Than
-
App World Login Error Download file
Hello all, When i'm making the login on the appworld website, after clicinkg the sign in button, I receive a message that IE cannot donwload the file. This is not allowing me even to acess my appworld account once it stays blocked in this error. Any
-
Constantly updating Facebook...
I have Aperture 3.2.2 It is constantly updating Facebook and Mobile Me. I've tried to go to preferences but when I get to the web tab the 'spinning beach ball of death' appears every single time. Then all I can do is force quit. Please help!!