Aging Policy Problem

Similar Messages

• Aging policy

  how can i define aging policy on any cache group?
  my cache group consists of one table only.
  I've followed these steps:
  Command> call ttaginglruconfig (0.75,0.90,60);
  < .7500000, .9000000, 60 >
  1 row found.
  Command>
  Command>
  Command> call ttaginglruconfig();
  < .7500000, .9000000, 60 >
  1 row found.
  Command>
  Command> call ttagingschedulenow ('tblradiuscdr');
  2996: Cannot start aging on table without aging policy
  The command failed.

  Absolutely - time-based aging is covered in the Operations Guide under "Implementing aging in a cache group". Here's an example taken from the Create Cache Group section I mentioned before:
  Example 5.47
  Create a cache group with time-based aging. Specify AgeTimestamp as the column for aging. LIFETIME 2 hours, CYCLE 30 minutes. Aging state is not specified, so the default setting (ON) is used.
  CREATE READONLY CACHE GROUP AgingCacheGroup
  AUTOREFRESH
  MODE INCREMENTAL
  INTERVAL 5 MINUTES
  STATE PAUSED
  FROM
  CUSTOMER (CustomerId NUMBER NOT NULL,
  AgeTimestamp TIMESTAMP NOT NULL,
  PRIMARY KEY (CustomerId))
  AGING USE AgeTimestamp LIFETIME 2 HOURS CYCLE 30 MINUTES;
  Command> describe customer;
  Table USER.CUSTOMER:
  Columns:
  *CUSTOMERID                      NUMBER NOT NULL
  AGETIMESTAMP TIMESTAMP (6) NOT NULL
  AGING USE AgeTimestamp LIFETIME 2 HOURS CYCLE 30 MINUTES ON
  1 table found.
  (primary key columns are indicated with *)
  With regard to adding time-based aging to a production system, the following points may be salient:
  - For the time-based aging policy, you cannot add or modify the aging column. This is because you cannot add or modify a NOT NULL column.
  - The aging policy cannot be added, altered, or dropped for an autorefresh cache group while the cache agent is active. Stop the cache agent first.

• Messages Deleted in Outlook do not get permanently deleted by aging policy

  Our message aging policy is setup to permanently delete messages asap. It works ok when a user does a delete from the phone but when the user deletes from MS Outlook, the messages linger forever.
  When checked from a phone, the Outlook deleted messages are in the old items folder and are labeled deleted messages. If these messages are then deleted via the phone, they do go away and the messages count in the CUC Edit>Mailbox>Mailbox Information does go to zero finally.
  Any ideas why the Aging policy doesn't work with Outlook? Is there a way to permanently delete the deleted items in the mailboxes of all users?
  Here is our default system policy which is used on all mailboxes:
  Enabled - checked
    Move new messages to the saved folder in 7 days - unchecked
    Move saved messages to the deleted folder in 14 days - checked
       Number of days alert is sent priot to moving saved messages - 3
    Permanently delete messages in the deleted folder in 1 day
       Send alert to user prior to deleting messages - unchecked
       Number of days alert is sent prior to deleting messages - 3
    Secure rules are both unchecked
  CUCM 8.5.1.12018-1
  CUC 8.6.1.10000-109

  Hi Bill,
  I just wanted to add this reference to the great tips from Jonathan (+5 "J-Man")
  I don't see your version in the "fixed-in" releases;
  CSCtr43597 - UC 8.5.1ES16.11900-16 Message Aging Does Not Work
  Description
  Symptom:UC 8.5 message aging policy set to purge deleted messages after one day and it does not purge messages.
  Conditions:The root cause is known:If the difference between the MessageModificationtime+DeleteAgingRuleNumDay and the SystemCurrentTime is more than 99 days, the exception" Overflow occurred on a datetime or interval operation" is thrown by Informix as part of SELECT query on VIEW vw_MessageAging.And the MessageAging procedure is aborted.
  Workaround:None
  Details
  1st Found-in:                          (1)
  8.5
  More
  Less
  Status:
  Fixed
  Last Modified:
  Feb 27,2012
  Known Affected Versions:
  More
  Less
  Fixed-in:                          (6)
  8.6(2.10000.30), 8.6(1.98000.53), 8.6(1.98000.126)8.6(1.64), 8.5(1.13031.1), 8.5(1)ES56
  More
  Less
  Product:
  Cisco Unity Connection
  Platform:
  Dependent
  Severity:
  3 - moderate
  Customer Reported:                          (17)
  Cheers!
  Rob

• Unity mail box aging policy

  I need to change the current Mail box aging policy for an existing system. If I reduce the current set up how does it effect existing "deleted" messages? Does it delete all existing ones or does it only delete new ones from the date of the change as with changes in Template/COS?
  Also I need to change the alarm threshold is there a best practice based upon the size of the hard drive- % wise ?
  thanks

  Hi -
  The default mailbox message aging policy is Enabled for Deleting voice messages automatically in the Deleted Items folder. "Permanently Delete Messages in the Deleted Items Folder in 15 Days"     
  So unless you have disabled this rule, voice messages are already getting deleted.  You may want to check here.
  When you enable the policy for a specific number of days, the timestamp of the message is used for calculating, based on
  how the user marked the message as new, resaved the message, deleted the message, or restored a deleted message as saved from the phone interface, called the "modification time".  So if you change it to 90 days, voice messages older than 90 days will be deleted the next time the scheduled task "Clean Deleted Messages" runs, which is every day, every 30 minutes.  From Cisco's Unity Connection 8.5 System Admin guide, "If you only need one set of message aging rules, you can change the specifications for the default message aging policy and assign that one policy to all users and all templates. If you need to allow some users to retain messages longer than other users, you can create additional policies and assign different policies to user templates and to individual users. If you want to send message aging alerts to some users and not to others, you can create additional policies that include aging alerts. (Message Aging Alerts are available only in Cisco Unity Connection 8.5 and later.)". You might have "privileged" users, i.e. Managers that you want to protect and configure a different policy for these users.
  Hope this helps!  Ginger

• Unity Message Aging Policy

  All,
  is there anyway to customize the Message aging policy beyond the options that are present?  As an example any way to move a message from New Directly to Deleted Folder after 10 days but bypass the Move to Saved folder?
  Thanks,
  All replies rated.

  Hi Trevor,
  One nice way with Unity Connection is with the use of this excellent tool from the great suite of Unity Tools (use the ** reset" feature **).
  Unity Connection Bulk User Delete   
  For resetting users you have the option of emptying the mailbox,  resetting greetings, deleting voice names,  resetting passwords,  removing private lists and a number of other  options you may choose.   For installations where the user base “changes  over” frequently such as  schools this may be a nicer option.  This  option is also allowed for  CoRes installations since it does not involve  the removal of user  objects from the Connection database.
  http://www.ciscounitytools.com/Applications/CxN/BulkUserDelete/BulkUserDelete.html
  Cheers!
  Rob
  Please support CSC helps Kiva
  https://supportforums.cisco.com/blog/12122171/cisco-support-community-helps-kiva

• Cisco Unity Aging Policy Not workin as intended

       HI ,
        We have cisco unity connection 8.5 integrated with call manager 8.5. We face issue on the aging policy values set. Permanently delete all secure message that are older than _ days, value has been set and is not working as intended,Once's the value have changed should the connection agent service to be restarted? Have any 1 faced such issue ?
  Thanks,
  Rahul

  I just noticed that we are having this issue as well.  What was the resolution that Cisco gave to you?  I'm curious.
  Thanks,
  Josh

• Message aging policy

  Dear folks,
  I need to create message aging policy (based on the age of the message) and mbox aging policy( if there is no login /incoming message in n number of days).
  The users that are affected by these policies will be based on an private LDAP attribute. Is there a way that I can incoopperate this LDAP attribute value to setup the aging policy filter?
  Thanks,
  T Dang

  Dear Jay,
  mboxutil is your friend, here. I suggest writing something that calls mboxutil, and parses the output. These are not orphaned, unless they've been deprovisioned in ldap, not something you mentin.I can use "mboxutil -l" for the ZERO size case.
  But for the inactivity case, the comand "mboxutil -l" ==> list of mbox which include the time of last msg. For mail box without message, no date returned ... I guess that since your earlier post, you have indicated that there is no way to determine the time of the last login (activity)
  mbox -o -t n ==> I guess I won't be able to use this option, since this will output only orphan mail boxes.
  Thanks,
  T Dang
  Message was edited by:
  tindang

• Fine-Grained Password Policy problem

  Hi All,
  I'm testing a Fine-Grained Password Policy for a group of users.
  I created a test PSO using ASDI Edit and applied the PSO to a global security group.
  Test user has been added to this group.
  The PSO settings include "Enforce password history: 5"
  The user has changed the password.
  After 24h when I logged in as the user and changed the password - for example: Password1.
  After another 24 hours I changed the password to Password2.
  One day later I've been asked to change the password again.
  In theory I shouldn't be able to use any of the 5 previous passwords (password history = 5) but when I entered Password1 it was accepted.
  Do you know where can be the problem ?
  System info: Windows Server 2008 R2 (forest/domain level is also 2008)
  Regards,
  Marcin

  This is very interesting. I don't have any lab to repro though... So I can't look at it closer.
  From an LDAP perspective, when you change your password on AD, you have to comply with the password history policy. This requirement is send by the server to the client thanks to the supported control: LDAP_SERVER_POLICY_HINTS_OID that you can see just by
  looking at the RootDSE of one of your DC (http://msdn.microsoft.com/en-us/library/cc223320.aspx Used with an LDAP operation to enforce password history policies during password set). I am
  aware of issues with AD-LDS not honoring it, but not AD... I am not sure if the situation described with FIM here matches your issue:
  http://support.microsoft.com/kb/2443871 in this article:
  "The "Enforce password history" and "Minimum password age" Group Policy settings do not work when you reset the password for a Windows Server 2008 R2-based or a Windows Server 2008-based computer."
  But it would mean that it also affects users not having a FGGP (because this isn't specific to FGGP), ad the minimum password age as well. If you have a chance to try this in a lab, let us now... In the mean time, if you can share logs or code from your
  app? Like the section that does the password change?
  Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

• Customer (or Vendor) Ageing Report Problem

  Dear Experts,
  Firstly, Glad to be before you.
  Here, we have developed tht ageing report for Customers and Vendors.In which the Partial payment line item (let us say A) against an Invoice (lets say X) is not being shown under the same age of Invoice Line Item.
  For example:
  Scenario 1)
  Let me say that the Payment Terms 'Z001' under which the line Items fall due only after 30 days.
  I have posted an invoice on 01.09.2011 with Rs. 20000
  If we run the Ageing as on 16.12.2011, the output is projected as follows:
  ============================================Days in Arrears
  0-20--20-4040-60--
  60-80
  Line Item X (Invoice)----
  20000
  Total Balance agewise:--000--
  20000
  Here for Invoice NO PROBLEM is being raised, as the Invoice Posting Date is taken as the Baseline Date from which the Ageing will be calculated based on Payment terms assigned to Customer in the master data.
  But the Proble is when we do partial payment:
  Scenario 2)
  Let me Take the same example:
  Let me say that the Payment Terms 'Z001' under which the line Items fall due only after 30 days.
  I have posted an invoice on 01.09.2011 with Rs. 20000 (Due by 77 days as on 16.12.2011)
  We have received payment of 8000 against the invoice, on 22.09.2011 (due by 55 days as on 16.12.2011)
  now the Ageing report is ran on same 16.12.2011, for which the output is as follows:
  ============================================Days in Arrears
  0-20--20-4040-60--
  60-80
  Line Item X (Invoice) -
  20000
  Line Item Y (Partial Pyment)----
  (8000)
  Total Balance agewise:--00(8000)--
  20000
  As per Technical logic whats happenning is correct. Because the Base Line date of the partial payment line Item is being picked from the posting date of the same. BUT NOW, THE REQUIREMENT IS AS FOLLOW:
  The wants to see the related Partial payment items also in the same AGE in the report. i.e., we should make the system pick the Baseline date of the partial payment line item(Y) from the posting date(01.09.2011) of the other line item(X) i.e., from the Invoice(X) which is being partial cleared. Can you please suggest me a logic?
  Ramana.Gottipati

  Change the base line date of partial payment document to 01.09.2011 after receiving payment.
  Standard SAP will not automatically change the base line date of partial payment document to a back date and you develop with above logic
  Or you need to change manually
  Srinivas

• Implementing own Policy - Problems occur.

  I am implementing my own Policy class (via the -Xbootclasspath and
  java.security file). (Using jdk 1.4)
  I have two problems:
  1. My Policy class is not instantiated unless I call Policy.getPolicy()
  a. I have run the app as such:
  java -Djava.security.manager -Xbootclasspath:d:\JavaProjects;d:\jdk1.4\jre\l
  ib\rt.jar -Djava.security.policy=d:\javaprojects\com\zeno\security\policy\po
  licyfile.policy  MyAppb. I have set (in java.security):
  policy.provider=com.MyTest.SecurityPolicy
  c. I have in the constructor: System.out.println("Policy Instanitated");
  d.When I run the app, I do not get "Policy Instantiated" until AFTER I
  call Policy.getPolicy() (and I never get it if I don't call getPolicy())
  2. For some reason, when I do the following, it never calls getPermissions()
  or implies() on my Policy file:
      FileInputStream fis = new FileInputStream("d:\\testfile.txt");
      int ch;
      while ( (ch = fis.read()) != -1 )
          System.out.println(ch);
      }a. Inside my Policy class' methods I have a System.out.println() for
  each one, and they're never called.
  Thank you

  I am experiencing almost exactly the same problem. The documentation seems a little spotty on this, so we're probably missing something. I am using the following syntax:
  java -Djava.security.manager -Dpolicy.provider=security.MyPolicy -Xbootclasspath/a:c:\jdk1.3.0_02\jre\classes -Djava.security.policy=java.policy security.Test
  The -Xbootclasspath/a: option appends (at the beginning) instead of replacing, so you don't have to specify rt.jar. I put my custom Policy class (security.MyPolicy) in c:\jdk1.3.0_02\jre\classes, thinking that this path was searched by default (b/c that's what the documentation claims.) But, my Test class was not able to instantiate it directly until I specifically added the -Xbootclasspath option, but even then my Policy class is not used. In fact, it seems to still be using the default Policy implementation and still respects entries in the java.policy file even though my custom security.MyPolicy class does not do this.
  In general, the behavior I'm seeing (we're seeing?) is consistent with the -Dpolicy.provider being ignored completely. I get the same behavior if I set this to "asdf". So this must be wrong somehow, even though it is consistent with all the documentation I can find...

• CX Policy Problems

  Hello,
  I am in the process of implementing content filtering on the ASA CX module. I have a lot of problems unfortunetly and I have TAC and my account team engaged but I also want to reach out to the community and see who else is using CX and what their experiences have been.
  For the sake of this post I will pose the follwoing question:
  I have a "working" policy that is atleast  taking appropriate action and filtering some of the users I specified filtering for in an identity object that is an AD group. This group is my test group and my AD account is a member of that group. Filtering worked for me 100% the time until a code upgrade to 9.2.1.1-48. No I am ot filtered and the events associated for my user show an implicit allow policy. I can't find this implicit allow policy but I assume this is a the default policy. It doesn't seem like the CX module has any problem identifying my user ID but maybe it doesn't see me as a group memeber or maybe my identity object has been currupted. I just setup and got my hands on this product so I'm a bit out of my element. I have high hopes for using this product but I need to prove it can actually work first!
  Anyone have any suggestions or experiences with CX they would like to share?
  Regards,
  -Dan   

  Thanks for the reply Collin,
  I did fix this issue a few days ago by blowing away and re-configuring the rule. I use the ADA for AD auth and I have not seen any problems with CX identifying users.
  Collin, do you use the CX in a large production environment? How long have you been using it to filter content? Would love to chat with you a bit out of band if you have time let me know.
  Regards,
  -Dan

• Aging Policy Output From Stored

  Hello,
  I am currently making some changes to our SPAM cleanup policy. After the changes have been done and have done stop-msg, start-msg, I decided to test out of things looks right. I am running "stored -c -n -v" and looking at some of the output, it looks like more than just SPAM/Trash/Deleted folders are getting processed. Is this normal output? What I am seeing is a NOTICE that stored is
  "processing mailbox 'user/joeuser/INBOX'" when I thought I would only see folder names that I have specified in the expirerule settings. Here's what I have for the SPAM folders - policies for Trash/Deleted are similar:
  store.expirerule.purgespam.exclusive = false
  store.expirerule.purgespam.folderpattern = user/*/SPAM
  store.expirerule.purgespam.foldersizebytes = 524288
  store.expirerule.purgespam.messagecount = 50
  store.expirerule.purgespam.messagedays = 1
  store.expirerule.purgespam.messagesize = 262144
  store.expirerule.purgespam.messagesizedays = 1
  Your help and comments will be appreciated.
  Keith

  Hi Keith,
  As usual please supply version information (./imsimta version) -- expire/aging support has changed lots during the various versions/hotfixes etc.
  I am currently making some changes to our SPAM
  cleanup policy. After the changes have been done and
  have done stop-msg, start-msg, I decided to test out
  of things looks right. I am running "stored -c -n -v"
  and looking at some of the output, it looks like more
  than just SPAM/Trash/Deleted folders are getting
  processed. Is this normal output? Why are you using "-c" as well ?
  This is a very specific operation to erase expunged messages, which is different to testing expiration rules.
  A better test-run command is:
  ./stored -n -vv
  What I am seeing is
  a NOTICE that stored is
  "processing mailbox 'user/joeuser/INBOX'" when I
  thought I would only see folder names that I have
  specified in the expirerule settings. The stored expire run will process all folders for a match to the folderpattern and as part of the cleanup-cycle (checking for store.exp). If this pattern doesn't match or if the mailbox is empty (no store.idx) then it will not action the expire rule(s).
  Regards,
  Shane.

• RMI application policy problem..

  Hi;
  Because i am very new in eclipse and java i will ask you an easy question which is realy hard to find out for me.
  I created an RMI project in eclipse and i put the codes inside. When i am trying to run it is says
  Security Manager loaded
  Exception in thread "main" java.security.AccessControlException: access denied (java.net.SocketPermission 127.0.0.1:1099 connect,resolve)
  I searched a solution and they are saying create a policy file with same code inside and run with it .
  But i got no clue about how i will write
  java -Djava.security.policy=policy.all SampleServerImpl
  java -Djava.security.policy=policy.all SampleClient
  in eclipse to run code . And i put the policy inside of project folder but id didn't recognize it automaticly.
  Thank you ...
  Edited by: seray.uzgur on Jul 10, 2008 6:55 AM

  Hi,
  What i could see the solution to your problem is.
  create a file name policy.all having the code
  grant {
  // Allow everything for now
  permission java.security.AllPermission;
  & when u call a client call like if u r calling a client through Ant
  do llike this
  <target name="run" >
            <java classname="test.Sample" fork="yes" failonerror="true">
                 <jvmarg value="-Djava.security.manager"/>
       <jvmarg value="-Djava.security.policy=policy.all"/>
                 <classpath refid="src.classpath" />
            </java>
       </target>
  See if that works for you.

• WS Policy problem for encryption

  Hello,
  1- I'm using osb 10g3 and I have problems to configure ws policy for encryption.
  I have configured weblogic realm security to provide my keystore and also certificat path provider to register my trusted key
  and PKI credential mapper .but I have always the same soap fault :
  java.security.cert.CertPathBuilderException: [Security:090686]The CertificateRegistry could not build a certificate path for the subject key identifier
  My certif X509V3 public key
  . This indicates that either someone is trying to access the server with an untrusted subject key identifier or that the administrator has forgotton to register a certificate with this subject key identifier in the CertificateRegistry.
  Someone can help me to configure this step ?
  (i'm using soapui and for testing my proxy and the policy used is encrypt.xml policy
  Edited by: user11144716 on Jul 28, 2009 6:19 AM

  Can you post more details, like the annotations you used or the policy?

• WS Policy problem for encryption at proxy side

  Hello ,
  I'm using osb - weblogic 10g3 and I have problem to configure ws policy for encryption in my proxy.
  I have configured weblogic reaml security to provide my keystore, also certificat path to register my trusted key
  and PKI credential mapper .but I have always the same soap fault :
  Trace:
  java.security.cert.CertPathBuilderException: Security:090686The CertificateRegistry could not build a certificate path for the subject key identifier
  My certif X509V3 public key
  . This indicates that either someone is trying to access the server with an untrusted subject key identifier or that the administrator has forgotton to register a certificate with this subject key identifier in the CertificateRegistry.
  Someone can help me to configure this step ?
  The policy is enable at the proxy side. and the the registry is set to trust my certificate (.pem).
  Thanks !

  Hello ,
  I'm using osb - weblogic 10g3 and I have problem to configure ws policy for encryption in my proxy.
  I have configured weblogic reaml security to provide my keystore, also certificat path to register my trusted key
  and PKI credential mapper .but I have always the same soap fault :
  Trace:
  java.security.cert.CertPathBuilderException: Security:090686The CertificateRegistry could not build a certificate path for the subject key identifier
  My certif X509V3 public key
  . This indicates that either someone is trying to access the server with an untrusted subject key identifier or that the administrator has forgotton to register a certificate with this subject key identifier in the CertificateRegistry.
  Someone can help me to configure this step ?
  The policy is enable at the proxy side. and the the registry is set to trust my certificate (.pem).
  Thanks !