Best practices with LDIF Development for RBAC?

Similar Messages

• Best practice with WCCP flows for WAAS

  Hi,
  I have a WAAS SRE 910 module in a 2911 router that intercepts packets from this router with WCCP.
  All packets are received by external interface (gi 2/0, connected to a switch with port configured in WCCP vlan), and are sent back to the router via internal interface (gi 1/0 directly connected to the router) :
  WAAS# sh interface gi 1/0
  Internet Address                    : 10.0.1.1
  Netmask                             : 255.255.255.0
  Admin State                         : Up
  Operation State                     : Running
  Maximum Transfer Unit Size          : 1500
  Input Errors                        : 0
  Input Packets Dropped               : 0
  Packets Received                    : 20631
  Output Errors                       : 0
  Output Packets Dropped              : 0
  Load Interval                       : 30
  Input Throughput                    : 239 bits/sec, 0 packets/sec
  Output Throughput                   : 3270892 bits/sec, 592 packets/sec
  Packets Sent                        : 110062
  Auto-negotiation                    : On
  Full Duplex                         : Yes
  Speed                               : 1000 Mbps
  WAAS# sh interface gi 2/0
  Internet Address                    : 10.0.2.1
  Netmask                             : 255.255.255.0
  Admin State                         : Up
  Operation State                     : Running
  Maximum Transfer Unit Size          : 1500
  Input Errors                        : 0
  Input Packets Dropped               : 0
  Packets Received                    : 86558
  Output Errors                       : 0
  Output Packets Dropped              : 0
  Load Interval                       : 30
  Input Throughput                    : 2519130 bits/sec, 579 packets/sec
  Output Throughput                   : 3431 bits/sec, 2 packets/sec
  Packets Sent                        : 1580
  Auto-negotiation                    : On
  Full Duplex                         : Yes
  Speed                               : 100 Mbps
  The default route configured in WAAS module is 0.0.0.0/0 to 10.0.1.254 (router interface).
  Would it be better that packets leave WAAS module by the external interface (in place of the internal interface) ?
  Is there a best practice recommended by Cisco on this ?
  Thanks.
  Stéphane

  Hi Stephane,
  We usually advise the following in such scenario with an internal module:
  "ip wccp 61 redirect in" the LAN interface.
  "ip wccp 61 redirect in" on the WAN one.
  "ip wccp redirect exclude in" on the internal interface between the WAAS and the router.
  That way, we are sure that no loops are created because of the WCCP redirection.
  Regards,
  Nicolas

• Looking for best practice on J2EE development environment

  Hi,
  We are starting to develope with J2EE. We are looking for best practice on J2EE development environment. Our concern is mainly on code sharing and deployment.
  Thanks, Charles

  To support "code sharing" you need an integrated source code control system. Several options are out there but CVS (https://www.cvshome.org/) is a nice choice, and it's completely free and it runs on Windows, Linux, and most UNIX variants.
  Your next decision is on IDE and application server. These are usually from a single "source". For instance, you can choose Oracle's JDeveloper and Deploy to Oracle Application Server; or go with free NetBeans IDE and Jakarta Tomcat; or IBM's WebSphere and their application server. Selection of IDE and AppServer will likely result in heated debates.

• Best practice: team based development with JDeveloper and CVS?

  Hi all!
  I was wondering of what is the best way to work with Jdev 9i and cvs on a same project with 5 developers whereas
  all developers use the same JPRs and JWS?
  Which of the files should be checked in to the central CVS repository, which should be remained on the local machine of each developer?
  I assume, all java and xml files might be stored in the cvs repository. But how can we make sure that new files written by a member of the team will be added to my project?
  If we also check in the JPR and CFG files the merge of concurrent JPRs will fail and our project will be shreddered ;-)
  My question: what is your best experience with simultanous development on same projects?
  Any idea?
  Many thanks,
  Stefan

  1. Put everything that your project needs under CVS control:
  - buildscripts
  - BC4J jarfiles
  - BC4J generated files (java, xml, xcfg, jpx, cpx)
  - .properties, package.html, gif, ...
  - docu
  - install scripts
  - starter batch or exec, ...
  2. Each developer should have a own JPR and JWS file. In a seperate location those files could be checked in frequently to easy allow the setup of a new Developer workstation
  3. Use a sourcecode formatter (e.g. jalopy) on the BC4J generated java files to reduce merge conflicts because of empty lines generated by JDev dialogs
  4. Adding new files is no problem:
  - if you add new BC4J objects (AM, VO, ASC, EO, VL) also checkin the bc4j package XML so new files will be added.
  - set in project settings common / input paths - "Scan source path ..."
  5. Deleting BC4J files is a problem, because JDev does not automatically remove them from the project. So if someone deletes BC4J objects, you should close the project and delete it manually from the jpr file
  6. Close the project before making a CVS update wih external tool like Tortoise because of JDev caches
  Regards, Markus

• Best practices to reduce downtime for Database releases(rolling changes)

  Hi,
  What are best practices to reduce downtime for database releases on 10.2.0.3? What DB changes can be rolling and what can't?
  Thanks in advance.
  Regards,
  RJiv.

  I would be very dubious about any sort of universal "best practices" here. Realistically, your practices need to be tailored to the application and the environment.
  You can invest a lot of time, energy, and resources into minimizing downtime if that is the only goal. But you'll generally pay for that goal in terms of developer and admin time and effort, environmental complexity, etc. And you generally need to architect your application with rolling upgrades in mind, which necessitates potentially large amounts of redesign to existing applications. It may be perfectly acceptable to go full-bore into minimizing downtime if you are running Amazon.com and any downtime is unacceptable. Most organizations, however, need to balance downtime against other needs.
  For example, you could radically minimize downtime by having a second active database, configuring Streams to replicate changes between the two master databases, and configure the middle tier environment so that you can point different middle tier servers against one or the other database. When you want to upgrade, you point all the middle tier servers against database A other than 1 that lives on a special URL. You upgrade database B (making sure to deal with the Streams replication environment properly depending on requirements) and do the smoke test against the special URL. When you determine that everything works, you configure all the app servers to point at B and have Streams replication process configured to replicate changes from the old data model to the new data model), upgrade B, repeat the smoke test, and then return the middle tier environment to the normal state of balancing between databases.
  This lets you upgrade with 0 downtime. But you've got to license another primary database. And configure Streams. And write the replication code to propagate the changes on B during the time you're smoke testing A. And you need the middle tier infrastructure in place. And you're obviously going to be involving more admins than you would for a simpler deploy where you take things down, reboot, and bring things up. The test plan becomes more complicated as well since you need to practice this sort of thing in lower environments.
  Justin

• Best practice on Oracle VM for Sparc System

  Dear All,
  I want to test Oracle VM for Sparc System but I don't have new model Server to test it. What is the best practice of Oracle VM for Sparc System?
  I have a Dell laptop which has spec as below:
  -Intel® CoreTM i7-2640M
  (2.8GHz, 4MB cache)
  - Ram: 8GB DDR3
  - HDD: 750GB
  -1GB AMD Radeon
  I want to install Oracle VM VirtualBox on my laptop and then install Oracle VM for Sparc System in Virtual Box, is it possible?
  Please kindly give advice,
  Thanks and regards,
  Heng

  Heng Horn wrote:
  How about computer desktop or computer workstation with the latest version has CPU supports Oracle VM or SPARC?Nope. The only place you find SPARC T4 processors is in Sun Servers (and some Fujitsu servers, I think).

• IPS Tech Tips: IPS Best Practices with Cisco Remote Management Services

  Hi Folks -
  Another IPS Tech Tip coming up and this time we will be hearing from some past and current Cisco Remote Services members on their best practice suggestions. As always these are about 30 minutes of content and then Q&A - a low cost high reward event.
  Hope to see you there.
  -Robert
  Cisco invites you to attend a 30-45 minute Web seminar on IPS Best   Practices delivered via WebEx. This event requires registration.
  Topic: Cisco IPS Tech Tips - IPS Best Practices with Cisco Remote Management   Services
  Host: Robert Albach
  Date and Time:
  Wednesday, October 10, 2012 10:00 am, Central Daylight Time (Chicago,   GMT-05:00)
  To register for the online event
  1. Go to https://cisco.webex.com/ciscosales/onstage/g.php?d=203590900&t=a&EA=ralbach%40cisco.com&ET=28f4bc362d7a05aac60acf105143e2bb&ETR=fdb3148ab8c8762602ea8ded5f2e6300&RT=MiM3&p
  2. Click "Register".
  3. On the registration form, enter your information and then click   "Submit".
  Once the host approves your registration, you will receive a confirmation   email message with instructions on how to join the event.
  For assistance
  http://www.webex.com
  IMPORTANT NOTICE: This WebEx service includes a feature that allows audio and   any documents and other materials exchanged or viewed during the session to   be recorded. By joining this session, you automatically consent to such   recordings. If you do not consent to the recording, discuss your concerns   with the meeting host prior to the start of the recording or do not join the   session. Please note that any such recordings may be subject to discovery in   the event of litigation. If you wish to be excluded from these invitations   then please let me know!

  Hi Marvin, thanks for the quick reply.
  It appears that we don't have Anyconnect Essentials.
  Licensed features for this platform:
  Maximum Physical Interfaces       : Unlimited      perpetual
  Maximum VLANs                     : 100            perpetual
  Inside Hosts                      : Unlimited      perpetual
  Failover                          : Active/Active  perpetual
  VPN-DES                           : Enabled        perpetual
  VPN-3DES-AES                      : Enabled        perpetual
  Security Contexts                 : 2              perpetual
  GTP/GPRS                          : Disabled       perpetual
  AnyConnect Premium Peers          : 2              perpetual
  AnyConnect Essentials             : Disabled       perpetual
  Other VPN Peers                   : 250            perpetual
  Total VPN Peers                   : 250            perpetual
  Shared License                    : Disabled       perpetual
  AnyConnect for Mobile             : Disabled       perpetual
  AnyConnect for Cisco VPN Phone    : Disabled       perpetual
  Advanced Endpoint Assessment      : Disabled       perpetual
  UC Phone Proxy Sessions           : 2              perpetual
  Total UC Proxy Sessions           : 2              perpetual
  Botnet Traffic Filter             : Disabled       perpetual
  Intercompany Media Engine         : Disabled       perpetual
  This platform has an ASA 5510 Security Plus license.
  So then what does this mean for us VPN-wise? Is there any way we can set up multiple VPNs with this license?

• Chatting Best Practices with Large Groups

  We have a large group (125) people who are involved in a 4-hour training each month.  What best practices would you suggest for managing chatting with this large of group.  Perhaps layout options, polling options, any best practices would be appreciated.

  I would leave chat alone with a group that large. You can provide that functionality to have an open communication between participants and possibly presenters/hosts for quick exchanges, but don't rely on it for question and answer functionality. The Q & A pod will queue up all the questions that are asked in it and you (or other presenters/hosts) can answer them while keeping the answers associated with the question and have the ability to reply publicly or privately. All questions are asked privately and are not seen by other participants, so duplicate or inappropriate questions can be easily removed or ignored.
  Polling is also good to keep the responses in a controlled evironment.

• Best practice to define length for varchar field of table in sql server

  What is best practice to define length for a varchar field in table
  where field suppose Remarks By Person  varchar(max) or varchar(4000)
  Could it affect on optimization in future????
  experts Reply Must ... 
  Dilip Patil..

  Hi Dilip,
  Varchar(n/max) is a variable-length, non-unicode character data. N defines the string length and can be a value from 1 through 8,000. Max indicates that the maximum storage size is 2^31-1 bytes (2 GB). The storage size is the actual length of the data entered
  + 2 bytes. We always use varchar when the sizes of the column data entries vary considerably. While if the filed data size might exceed 8,000 bytes in some way, we should use varchar(max).
  So the conclusion is just like Uri said, use varchar(max) or varchar(4000) is depends on how much characters we are going to store.
  The following document about varchar in SQL Server is for your reference:
  http://technet.microsoft.com/en-us/library/ms176089.aspx
  Thanks,
  Katherine Xiong
  Katherine Xiong
  TechNet Community Support

• Which PC is recommended by Microsoft that ACTUALLY meet the requirements to work with software development for kinect for windows?

  My PC serves the minimum requirements described in the kinect page, but when installing the device, the software says that the computer does not meet the minimum requirements and therefore will not work with efficiency. Alternatively, theorize buy a new
  computer.
  Which PC is recommended by Microsoft that ACTUALLY meet the requirements to work with software development for kinect for windows?

  Getting a definitive answer from Microsoft will be difficult as to my understanding, requirements are still subject to change; and unless it's their brand of PC  I doubt they will give free advertisement to buy a specific make/model.
  There are other threads where people discuss specific machines that work with the Kinect V2.  
  The only compatibility problems I've had with getting it to work are: It has to be run Windows 8; It has to have a compatible USB 3.0;  The 'Compatible' USB 3.0 requirement seems to be the most difficult.

• Best practice with respect to wcf configuration files for SSIS

  So after reading a lot of posts and blogs on how to configure SSIS to read from configuration files , I am still not clear and would like any expert to provide a definitive stance. In my case the WCF service consumption is wrapped into a separate assembly.
  I am referencing the assembly in an embedded C# script within my SSIS package.
  When I make the helper class call to the webservice , I get the endpoint not found WCF exception.
  Keep in mind I am running this from VS 2012 IDE and did the following to make sure the WCF call works:
  1. Googled and found that you need to have config entries in DtsDebugHost.exe.config file. But it still did not work
  2. Had the same entries in the associated app.config file for C# script but it still did not work.
  It seems like SSIS is very fragile w.r.t consuming WCF entires in a config file. Is the best practice to just have the end point created in code and externalize the end point as a SSIS variable / xml file or is there really a way to get these config files working.
  Attached is the wcf snippet of my config file.
  <system.serviceModel>
  <bindings>
  <basicHttpBinding>
  <binding name="ITransactionProcessor">
  <security mode="TransportWithMessageCredential" />
  </binding>
  </basicHttpBinding>
  </bindings>
  <client>
  <endpoint address="https://ics2wstest.ic3.com/commerce/1.x/transactionProcessor" binding="basicHttpBinding" bindingConfiguration="ITransactionProcessor" contract="CyberSource.ITransactionProcessor" name="portXML" />
  </client>
  </system.serviceModel>
  SM

  I have the code working without use of config files. I am just disappointed that it is not working using the configuration files. That was one of the primary intents of my code re-factoring. 
   Katherine
  Xiong , If you are proposing this as an answer then does this imply that Microsoft's stance is not to use configuration files with SSIS?? Please answer.
  SM

• Which are the best practices with mail for machos and any email client for PC

  I got some mac`s at the office, and I want make a best practices manual for my users, like, please open the clip to attach the file intead of drag and drop, beacuse the pc users see the photo embedded into the message body.
  could someone helpme?

  Why not print out Mail's Help files?

• Best Practices or Project Template for Rep/Version

  I have installed the Repository 6i (3) and created the users successfully, even though it has taken a lot of effort to make sure each step is correct.
  However, on setting up the workareas and importing the project files, I have been trying back and force to figure out where things go, and who has what access.
  Is there something like a best practice or a project template for setting up a basic repository/version control system, that provides
  1. the repository structure,
  2. corresponding file system structure (for different developers, build manager, etc)
  3. access grants, and
  4. work scenarios, etc.
  The Technet demos and white papaers are either too high-level (basic), or too individual function oriented. I can't get a clear picture of the whole thing, since there are so many concepts and elements that don't easily go together.
  Considering that I am a decent DBA and developer, it has taken me 2 weeks, and I am still not ready to sign up other developers to use this thing. How do you expect any small development teams to ever use it? It's one thing to design it to be scalable and all-possible, it's another to make it easily usable. I have been suggested to use MS VSS. The only reason I am still trying Ora-Rep is its promise to directly support Designer and Oracle objects.

  Andy,
  I have worked extensively with the Repository over the last year and a half. I have collected some of my experiences and the derived guidelines on using the Repository in real life in a number of papers that I will be presenting at ODTUG 2001, next week in San Diego. If you happen to be there (see www.odtug.com), come and see me and we could talk through your specific situation. If you are not and you are interested in those papers, drop me an Email and I could send them to you (they probably will also become available on OTN right after the ODTUG conference).
  best regards,
  Lucas

• Best practices with sequences and primary keys

  We have a table of system logs that has a column called created_date. We also have a UI that displays these logs ordered by created_date. Sometimes, two rows have the exact same created_date down to the millisecond and are displayed in the UI in the wrong order. The suggestion was to order by primary key instead since the application uses an oracle sequence to insert records so the order of the primary key will be chronological. I felt this may be a bad idea as a best practice since the primary key should not be used to guarantee chronological order although in this particular application's case, since it is not a multi-threaded environment, it will work so we are proceeding with it.
  The value for the created_date is NOT set at the database level (as sysdate) but rather by the application when it creates the object which is persisted by Hibernate. In a multi-threaded environment, thread A could create the object and then get blocked by thread B which is able to create the object and persist it with key N after which control returns to thread A it persists it with key N+1. In this scenario thread A has an earlier timestamp but a larger key so will be ordered before thread B which is in error.
  I like to think of primary keys as solely something to be used for referential purposes at the database level rather than inferring application level meaning (like the larger the key the more recent the record etc.). What do you guys think? Am I being too rigorous in my views here? Or perhaps I am even mistaken in how I interpret this?

  >
  I think the chronological order of records should be using a timestamp (i.e. "order by created_date desc" etc.)
  >
  Not that old MYTH again! That has been busted so many times it's hard to believe anyone still wants to try to do that.
  Times are in chronological order: t1 is earlier (SYSDATE-wise) than t2 which is earlier than t3, etc.
  1. at time t1 session 1 does an insert of ONE record and provides SYSDATE in the INSERT statement (or using a trigger).
  2. at time t3 session 2 does an insert of ONE record and provides SYSDATE
  (which now has a value LATER than the value used by session 1) in the INSERT statement.
  3. at time t5 session 2 COMMITs.
  4. at time t7 session 1 COMMITs.
  Tell us: which row was added FIRST?
  If you extract data at time t4 you won't see ANY of those rows above since none were committed.
  If you extract data at time t6 you will only see session 2 rows that were committed at time t5.
  For example if you extract data at 2:01pm for the period 1pm thru 1:59pm and session 1 does an INSERT at 1:55pm but does not COMMIT until 2:05pm your extract will NOT include that data.
  Even worse - your next extract wll pull data for 2pm thru 2:59pm and that extract will NOT include that data either since the SYSDATE value in the rows are 1:55pm.
  The crux of the problem is that the SYSDATE value stored in the row is determined BEFORE the row is committed but the only values that can be queried are the ones that exist AFTER the row is committed.
  About the best you, the user (i.e. not ORACLE the superuser), can do is to
  1. create the table with ROWDEPENDENCIES
  2. force delayed-block cleanout prior to selecting data
  3. use ORA_ROWSCN to determine the order that rows were inserted or modified
  As luck would have it there is a thread discussing just that in the Database - General forum here:
  ORA_ROWSCN keeps increasing without any DML

• What's 'best-practice' with external hard drives?

  Hello folks,
  I just got myself a 500GB LaCie d2 'Quadra' hard drive, and it works great - just as I was led to expect. Now I've connected it to my iMac with a FW400 cable. I've a few questions regarding general usage and 'best practice' when using an external hard drive like this:
  1. Do I need to disconnect it (pull out the cable from my iMac) every time I Shutdown - and reconnect on Startup? Or can I leave it it and pretty much just forget about it?
  2. Can I turn it 'on' and 'off' any number of times (using the on/off switch on the back) when working on the iMac? I might like to switch it off if I'm not using it for an extended period of time while still working on the computer. Is this okay?
  3. When I'm not using the drive and the drive switch is 'off', can the drive still remain connected to 'mains' power? Or is it necessary to disconnect it from the 'mains' entirely?
  4. I understand it's best to disconnect when 'Repairing Permissions?' Can this be confirmed?
  Thanks so much.
  Cheers!
  Steve.

  1. Do I need to disconnect it (pull out the cable from my iMac) every time I Shutdown - and reconnect on Startup? Or can I leave it it and pretty much just forget about it?
  What I do is shut down my Mac, leaving it connected to the mains: the external HD, external speakers and other peripherals are all connected to a mains switch and I turn these off. There's no need to disconnect the cable: some disks spin down when the computer is shut down, some don't. It probably wouldn't hurt to leave it spinning anyway, though I prefer to shut it off at the mains. Incidentally I shouldn't disconnect the computer from the mains when you shut down: doing this will run down the PRAM battery and hasten the day it needs replacing, which is expensive.
  2. Can I turn it 'on' and 'off' any number of times (using the on/off switch on the back) when working on the iMac? I might like to switch it off if I'm not using it for an extended period of time while still working on the computer. Is this okay?
  I shouldn't do this: the most strain on a hard disk is when it is starting up, not when it is running: I should leave it running all the time the Mac is on. If you do switch it off, make sure to unmount it first (drag it to the trash) otherwise you will have all sorts of problems.
  3. When I'm not using the drive and the drive switch is 'off', can the drive still remain connected to 'mains' power? Or is it necessary to disconnect it from the 'mains' entirely?
  No: I see no problem in leaving it plugged in to the mains: the 'off' switch disconnects it anyway.
  4. I understand it's best to disconnect when 'Repairing Permissions?' Can this be confirmed?
  I've never heard this, and I can't see that there's any neccesity: the repairing process will be confined to the disk you have nominated to work on in any case.