Best Practice for certificate management for security

Similar Messages

• Best practice to define length for varchar field of table in sql server

  What is best practice to define length for a varchar field in table
  where field suppose Remarks By Person  varchar(max) or varchar(4000)
  Could it affect on optimization in future????
  experts Reply Must ... 
  Dilip Patil..

  Hi Dilip,
  Varchar(n/max) is a variable-length, non-unicode character data. N defines the string length and can be a value from 1 through 8,000. Max indicates that the maximum storage size is 2^31-1 bytes (2 GB). The storage size is the actual length of the data entered
  + 2 bytes. We always use varchar when the sizes of the column data entries vary considerably. While if the filed data size might exceed 8,000 bytes in some way, we should use varchar(max).
  So the conclusion is just like Uri said, use varchar(max) or varchar(4000) is depends on how much characters we are going to store.
  The following document about varchar in SQL Server is for your reference:
  http://technet.microsoft.com/en-us/library/ms176089.aspx
  Thanks,
  Katherine Xiong
  Katherine Xiong
  TechNet Community Support

• Best practice on Oracle VM for Sparc System

  Dear All,
  I want to test Oracle VM for Sparc System but I don't have new model Server to test it. What is the best practice of Oracle VM for Sparc System?
  I have a Dell laptop which has spec as below:
  -Intel® CoreTM i7-2640M
  (2.8GHz, 4MB cache)
  - Ram: 8GB DDR3
  - HDD: 750GB
  -1GB AMD Radeon
  I want to install Oracle VM VirtualBox on my laptop and then install Oracle VM for Sparc System in Virtual Box, is it possible?
  Please kindly give advice,
  Thanks and regards,
  Heng

  Heng Horn wrote:
  How about computer desktop or computer workstation with the latest version has CPU supports Oracle VM or SPARC?Nope. The only place you find SPARC T4 processors is in Sun Servers (and some Fujitsu servers, I think).

• Best practices to reduce downtime for Database releases(rolling changes)

  Hi,
  What are best practices to reduce downtime for database releases on 10.2.0.3? What DB changes can be rolling and what can't?
  Thanks in advance.
  Regards,
  RJiv.

  I would be very dubious about any sort of universal "best practices" here. Realistically, your practices need to be tailored to the application and the environment.
  You can invest a lot of time, energy, and resources into minimizing downtime if that is the only goal. But you'll generally pay for that goal in terms of developer and admin time and effort, environmental complexity, etc. And you generally need to architect your application with rolling upgrades in mind, which necessitates potentially large amounts of redesign to existing applications. It may be perfectly acceptable to go full-bore into minimizing downtime if you are running Amazon.com and any downtime is unacceptable. Most organizations, however, need to balance downtime against other needs.
  For example, you could radically minimize downtime by having a second active database, configuring Streams to replicate changes between the two master databases, and configure the middle tier environment so that you can point different middle tier servers against one or the other database. When you want to upgrade, you point all the middle tier servers against database A other than 1 that lives on a special URL. You upgrade database B (making sure to deal with the Streams replication environment properly depending on requirements) and do the smoke test against the special URL. When you determine that everything works, you configure all the app servers to point at B and have Streams replication process configured to replicate changes from the old data model to the new data model), upgrade B, repeat the smoke test, and then return the middle tier environment to the normal state of balancing between databases.
  This lets you upgrade with 0 downtime. But you've got to license another primary database. And configure Streams. And write the replication code to propagate the changes on B during the time you're smoke testing A. And you need the middle tier infrastructure in place. And you're obviously going to be involving more admins than you would for a simpler deploy where you take things down, reboot, and bring things up. The test plan becomes more complicated as well since you need to practice this sort of thing in lower environments.
  Justin

• Best practice in Waste management configuation

  Hello,
  I am looking for best practices in Waste management and configuration documents.
  Thanks

  Hi Paddy..,
  Please check in this URL it may help you.
  http://help.sap.com/bp_bblibrary/600/BBlibrary_start.htm
  regards.

• How to handle multiple site to site IPsec vpn on ASA, any best practice to to manage multiple ipsec vpn configrations

  how to handle multiple site to site IPsec vpn on ASA, any best practice to to manage multiple ipsec vpn configurations
  before ver 8.3 and after version 8.3 ...8.4.. 9 versions..

  Hi,
  To my understanding you should be able to attach the same cryptomap to the other "outside" interface or perhaps alternatively create a new crypto map that you attach only to your new "outside" interface.
  Also I think you will probably need to route the remote peer ip of the VPN connection towards the gateway IP address of that new "outside" and also the remote network found behind the VPN connection.
  If you attempt to use VPN Client connection instead of L2L VPN connection with the new "outside" interface then you will run into routing problems as naturally you can have 2 default routes active at the sametime (default route would be required on the new "outside" interface if VPN Client was used since you DONT KNOW where the VPN Clients are connecting to your ASA)
  Hope this helps
  - Jouni

• How do I get to the certificate manager for my firefox browser so I can manage the certificates of sites I frequently visit?

  It looks like my firefox browser is using an old facebook security certificate dated 2-28-14. How do I get to my certificate manager in my firefox browser so I can see if there's an updated security certificate (4-18-14 or after) and get that in place? Be specific with steps for me to follow please.

  I think what you are looking for is<BR><BR>
  '''Firefox Options > Advanced > Certificates.'''

• Best Practice setting up NICs for Hyper V 2008 r2

  I am looking at some suggestions for best practice for setting up a hyper V 2008 r2 at a remote location with 5 nics, one for managment vlan and other 4 on the data vlan.  This server will host  2 virtual machines, one is a DC and the other
  is a member local DHCP server.  The server is setup now with one nic on the management Vlan and the other nic's set to get there ip from the local dhcp server on on the host.   We have the virtual networks setup in Hyper V to
  point to each of the nics using the "external connection".  The virtual servers 'DHCP and AD" have there own ip set within them.  Issues we are seeing,  when the site looses external connections for a while they cannot get ip
  addresses from the local dhcp server anymore.
  1. NIC on management Vlan -- IP Static -- Physical host
  2. NIC on the Data network Vlan -- DHCP linked as a connection "external" in Hyper V  -- virtual server DHCP
  3. NIC on the Data network Vlan -- DHCP linked as a connection "external" in Hyper V -- Virtual server domain controller
  4. NIC on the Data network Vlan -- DHCP linked as a connection "external" in Hyper V -- extra
  5. NIC on the Data network Vlan -- DHCP linked as a connection "external" in Hyper V -- extra
  Thanks in advance

  Looks like you may be over complicating things here.  More and more of the recommendations from Microsoft at this point would be to create a Logical Switch and then layer on Logical Networks for your management layers, but here is what I would do for
  you simple remote office.  
  Management NIC:  Looks good (Teaming would be better, but only if you had 2 different switching to protect against link failures at the switch level.  Doesn't seem relevant in this case however.
  NIC for Data Network VLAN:  I would use one NIC in your case if you can have the ability to Trunk multiple VLANs at the switch level to the NIC.  That way you are setting the VLAN on the VMs NIC that you want to access and your
  Virtual Switch configuration is very simple.  On this virtual switch however, I would uncheck IPv4 and IPv6.  There is no need to give this NIC an address as you are just passing traffic through them from the VMs that are marked with VLAN tags.  Again,
  if you have multiple physical switches in the building teaming could be an option, but probably adds more complexity than is necessary for a small office. 
  Even if you keep your Virtual Switches linked to separate NICs unchecking IPv4 and IPv6 makes sense. 
  Disable all the other NICs
  Beyond that, check your routing.  Can you ping between all hosts when there is not interruption? What DHCP server are they getting there addresses on normally?  Where are your name resolution servers (DNS, WINS)?  
  No silver bullet here, but maybe a step in the right direction.
  Rob McShinsky (VirtuallyAware.com)
  VirtuallyAware - Experiences in a Virtual World (Microsoft MVP - Virtual Machine)

• Best Practices: iPad/MacBookPro synching for video production in education

  My organization just bought 14 Macbook Pros and 14 iPads Minis. Our goal is to have students in single-day classes use the iPads to film something, then synch/export the video to a MacBook Pro where they can then edit that video in iMovies. Once that single-day class is over, all of the video will (likely) be deleted and new students come in a couple days later and start fresh. I'm trying to figure out the best practices for this to make it as painless as possible for all involved.
  So, matching AppleIDs for each pair? One AppleID for all devices and manual synch through iTunes? Dropbox/cloud synching instead of iTunes?
  All of these devices are brand new. I have already started prepping the MacBook Pros, but have not even turned on the iPads since I'm not sure which AppleID I should attach to the iPads -- I assume the first AppleID on an iPad will accept the iLife apps much the same way they do on the MacBook Pros.
  Any help is appreciated.
  Thanks
  Jack

  well the most important fact to accept is that ALL DRIVES WILL FAIL.  It's just a matter of when.  I can tell you about a nightmare situation with g-drives (before Hitachi bought them).   What format are you shooting?  If you shoot on tape, you can always recapture as long as you captured with abort clips on dropped frames on make new clip on timecode break are enabled.  But that's gonna take "real time."  If you shot on a chip based format, backing up the chips in multiple places (and I mean multiple) can provide a sense of security.  But if you need to be able to get back to work immediately if you have a drive fail, having a back up of your media or if you've stored it on a redundant raid is crucial.  I also seriously recommended having a clone of your startup drive so if your startup (boot) drive fails, you can get back to work quickly. 
  https://discussions.apple.com/docs/DOC-2494

• Best Practices or Project Template for Rep/Version

  I have installed the Repository 6i (3) and created the users successfully, even though it has taken a lot of effort to make sure each step is correct.
  However, on setting up the workareas and importing the project files, I have been trying back and force to figure out where things go, and who has what access.
  Is there something like a best practice or a project template for setting up a basic repository/version control system, that provides
  1. the repository structure,
  2. corresponding file system structure (for different developers, build manager, etc)
  3. access grants, and
  4. work scenarios, etc.
  The Technet demos and white papaers are either too high-level (basic), or too individual function oriented. I can't get a clear picture of the whole thing, since there are so many concepts and elements that don't easily go together.
  Considering that I am a decent DBA and developer, it has taken me 2 weeks, and I am still not ready to sign up other developers to use this thing. How do you expect any small development teams to ever use it? It's one thing to design it to be scalable and all-possible, it's another to make it easily usable. I have been suggested to use MS VSS. The only reason I am still trying Ora-Rep is its promise to directly support Designer and Oracle objects.

  Andy,
  I have worked extensively with the Repository over the last year and a half. I have collected some of my experiences and the derived guidelines on using the Repository in real life in a number of papers that I will be presenting at ODTUG 2001, next week in San Diego. If you happen to be there (see www.odtug.com), come and see me and we could talk through your specific situation. If you are not and you are interested in those papers, drop me an Email and I could send them to you (they probably will also become available on OTN right after the ODTUG conference).
  best regards,
  Lucas

• SAP Best Practices on assigning roles for Auditors

  Dear Gurus,
  We need to set up SAP roles for auditors in or system for SRM ECC & BI.
  Could you please suggest on wich roles should be granted to the auditors as best practice to follow on?
  I will really apprecciate your help.
  Best Regards,
  Valentino

  Hi Martin,
  Thanks for your interest. I would be very happy to work with folks like you to slowly improve such roles as we find improvement possibilities for them, and all benefit from the joint knowledge and cool features which go into them. I have been filing away at a set of them for years now - they are not evil but still usefull and I give them to an auditor without being concerned as long as they can tell me approximately what they have been tasked to look into.
  I then also show them the corresponding user menu of my role for these tasks and then leave them alone for a while... 
  Anyway... SAP told me that if we host the content on SDN for the collaboration and documentation to the changes in the files, then version management of the files can be hosted externally for downloading them (actually, SAP does not have an option because their software does not support it...).
  I will rather host them on my own site and add the link in the SDN wiki and a sticky forum post link to it than use a generic download service, at least to start with. Via change management to the wiki, we can easily map this to version management of the files on a monthly periodic update cycle once there are enough changes to the wiki.
  How about "Update Tuesday" as a maintenance cycle --> config updates each second Tuesday of the month... to remove authorizations to access backdoors which are more than "just display"...
  Cheers,
  Julius

• Best Practice : Creating Custom Renderer for Standard Component

  I've been reading the docs and a few threads about Custom Renderers. The best practice seems to be to create a Custom Component where you need a Custom Renderer. Is this the case?
  See [this post|http://forums.sun.com/thread.jspa?forumID=427&threadID=520422]
  I've created several Custom Renderers to override the HTML provided by the Standard Components, however I can't see the benefit in also creating a Custom Component when the behaviour of the standard component is just fine.
  Thanks,
  Damian.

  It all depends on what you are trying to accomplish. Generally speaking if all you need is for the user interface output to be changed then a renderer will work just fine. A new component is usually made in order to provide some fundamental change in server side functionality not related to the user interface. - Ponderator

• Best Practice Advice - Using ARD for Inventorying System Resources Info

  Hello All,
  I hope this is the place I can post a question like this. If not please direct me if there is another location for a topic of this nature.
  We are in the process of utilizing ARD reporting for all the Macs in our district (3500 +/- a few here and there). I am looking for advice and would like some best practices ideas for a project like this. ANY and ALL advice is welcome. Scheduling reports, utilizing a task server as opposed to the Admin workstation, etc. I figured I could always learn from those with experience rather than trying to reinvent the wheel. Thanks for your time.

  hey, i am also intrested in any tips. we are gearing up to use ARD for all of our macs current and future.
  i am having a hard time with entering the user/pass for each machine, is there and eaiser way to do so? we dont have nearly as many macs running as you do but its still a pain to do each one over and over. any hints? or am i doing it wrong?
  thanks
  -wilt

• BPC 5 - Best practices - Sample data file for Legal Consolidation

  Hi,
  we are following the steps indicated in the SAP BPC Business Practice: http://help.sap.com/bp_bpcv151/html/bpc.htm
  A Legal Consolidation prerequisit is to have the sample data file that we do not have: "Consolidation Finance Data.xls"
  Does anybody have this file or know where to find it?
  Thanks for your time!
  Regards,
  Santiago

  Hi,
  From [https://websmp230.sap-ag.de/sap/bc/bsp/spn/download_basket/download.htm?objid=012002523100012218702007E&action=DL_DIRECT] this address you can obtain .zip file for Best Practice including all scenarios and csv files under misc directory used in these scenarios.
  Consolidation Finance Data.txt is in there also..
  Regards,
  ergin ozturk

• Best practices when carry forward for audit adjustments

  Dear experts,
  I would like to know if someone can share his best practices when performing carry forward for audit adjustments.
  We are actually doing legal consolidation for one customer and we are facing one issue.
  The accounting team needs to pass audit adjustments around April-May for last year.
  So from January to April / May, the opening balance must be based on December closing of prior year.
  Then from May / June to December, the opening balance must be based on Audit closing of prior year.
  We originally planned to create two members for December period, XXXX.DEC and XXXX.AUD
  Once the accountants would know their audit closing balance, they would have to input it on the XXXX.AUD period and a business rule could compute the difference between the closing of AUD and DEC periods and store the result on an opening flow.
  The opening flow hierarchy would be as follow:
  F_OPETOT (Opening balance Total)
      F_OPE (Opening balance from December)
      F_OPEAUD (Opening balance from the difference between closing balance of Audit and December periods)
  Now, assume that we are in October, but for any reason, the accountant run a carry forward for February, he is going to impact the opening balance because at this time (October), we have the audit adjustments.
  How to avoid such a thing? What are the best practices in this case?
  I guess it is something that you may have encounter if you did a consolidation project.
  Any help will be greatly appreciated.
  Thanks
  Antoine Epinette

  Cookman and I have been arguing about this since the paleozoic era. Here's my logic for capturing everything.
  Less wear and tear on the tape and the deck.
  You've got everything on the system. Can't tell you how many times a client has said "I know that there was a better take." The only way to disabuse them of this notion is to look at every take. if it's not on the system, you've got to spend more time finding the tape, and adding "wear and tear on the tape and the deck." And then there's the moment where you need to replace the audio for one word from another take. You can quickly check all the other takes (particularly if you've done a thorough job logging the material - see below)_.
  Once it's on the system, you still need to log and learn the material. You can scan thru material much faster once it's captured. Jumping around the material is much easier.
  There's no question that logging the material before you capture makes you learn the material in a more thorough way, but with enough selfdiscipline, you can learn the material as thoroughly once it's been captured.