Can't bind server to OD, replication broken, users at some sites can't auth

Similar Messages

• Have installed MacOsX Lion has trouble hooking up to my StoraNas server with my usual username and password, some who can help me?

  Have installed MacOsX Lion has trouble hooking up to my StoraNas server with my usual username and password, some who can help me?

  This is a common problam discussed on the Netgear forums.  I have yet to see a solution, just comments that there will need to be a fix from Netgear.  if anyone has heard of a solution or of the update being issued, please let us know.

• HT5621 how can i unlink an iphone from its previous users email so i can turn it on to my own email address, also i cant get in contact with the previous owner

  how can i unlink an iphone from its previous users email so i can turn it on to my own email address, also i cant get in contact with the previous owner

  If you are referring to Activation Lock, the password for the Apple ID signed into the device is required, there is no way around this.  If you do not have the information and cannot contact the previous owner, the device is useless.

• What sites can you go to to replace itunes for free?, what sites can you go to to replace itunes for free?

  what sites can you use to download music for free instead of itunes? I have iphone 4

  This is not an Apple technical support issue. 
  Search google.
  Please review the Terms of Use of this forum that YOU agreed to by posting here if you're unclear as to what is appropriate for this forum.

• Can not bind server stubs.

  Hi All,
  i am strugling for a few days (!) now with a starnge problem
  i have created an rmi application and when i run under windows all is well.
  when i tried running it under Linux (Red Hat 7.2) and the stubs where not packed in a jar file all is well as
  well. BUT - if i pack the stubs in a jar i get an exception :
  java.rmi.UnmarshalException: error unmarshalling arguments; nested exception is:
  java.lang.ClassNotFoundException: (<name of class>...)
  The Exception occour when i try to BIND the stub not when the client is looking for it.
  i have set the policy , classpath , and security manager properly obviously since the appliaction is working
  ok when the stubs are not packed in a jar. the jar file is at the same directory as the unpacked stubs when
  the application is runnig so i dont think it is a classpath issue.
  Can anyone please help ? thanx.

  I don't, sorry. I suppose windows is making a informed guess about the path to the classes. I'm only using linux and Java 1.5 and I have to make sure and expose the interfaces I bind to the rmi registry. Not sure which behavior is supposed to be the correct one.

• Is there any way I can reset an iPad without knowing the previous users password because he can't remember it? When I turn it on it asks to activate it but I don't have any of the information. Please help!!

  I work as a tutor at a junior high. And we are trying to reset our iPads but we need the password in order to do so. Any ideas??

  Any machine that has a ethernet port can go wireless. It may be cheap to buy another computer.
  Ethernet Bridge
  Please note this requires mac os x 10.5 or greater to configure or windows xp to configure.
  Ethernet Bridge  "The versatile Wireless-G Ethernet Bridge can make any wired Ethernet-equipped device a part of your wireless network."  from linksys example: http://www.amazon.com/Linksys-RE1000-Wireless-N-Range-Extender/dp/B005FDXMJS/ref =sr_1_1?ie=UTF8&qid=1314563758&sr=8-1
  Once configured, you can use it on any ethernet port.
  Airport ExpressAirport Express is an external unit and you can configure it as a bridge.  802.11n ( I believe you will need a more modern version of Mac OS X to configure.  Sadly, Apple uses a configuration program to configure, not a web browser. )
  https://www.apple.com/airportexpress/
  Query by serial number
  Apple's warrenty database will identify the type of Mac you have.  Your serial number is securely sent, but you get only the name of your machine.
  https://selfsolve.apple.com/agreementWarrantyDynamic.do
  This site provides more information, but lacks security.
  "A serial number is a unique, identifying number or group of numbers and letters assigned to an individual piece of hardware or software. It's used for various things depending on the product / brand but what is your Mac's serial number for and more importantly... what is it hiding and what can it do for you ?"
  http://www.appleserialnumberinfo.com/Desktop/index.php
  or
  This site provides more information, but lacks security too.
  "A serial number is a unique, identifying number or group of numbers and letters assigned to an individual piece of hardware or software. It's used for various things depending on the product / brand but what is your Mac's serial number for and more importantly... what is it hiding and what can it do for you ?"
  http://www.appleserialnumberinfo.com/Desktop/index.php
  http://www.chipmunk.nl/klantenservice/applemodel.html
     ( hint by K Shaffer  )

• HT5239 Where can I get Apple FIPS Role guide for user so that I can use the APIs from my application

  I am trying to use Apple's FIPS certified crypto library's crypto APIs in my application to do the crypto operations. For that I was asked to refer the "Role Guide : User" in the nist document. But I couldn't find the same. Can I know where I can download the same.

  The OS X and iOS programming documentation is the Cryptographic Services Guide, and related manuals.
  AFAIK, what you're probably after is the Common Crypto stuff that's part of libSystem.  See man CC_crypto for some introductory details of that, and there's a sample program available.
  The devforums.apple.com developer forums and the developer.apple.com web site will be better resources for programming questions than are these ASC forums (and that includes my answer here!), and the Fed-Talk mailing list might be of interest for this question.
  Given the usual arc these security questions follow, I'd suggest ignoring what I've posted here and directly contacting the Apple Developer Technical Services (DTS) folks, and ask for formal help with this.  The folks I've worked with over the years that were looking for FIPS 140-2 crypto stuff and similar usually have a requirement for a paperwork trail involved, and that means direct contact with the vendor when you cannot local published formal statements.   Not unofficial stuff from random folks like me posted here in ASC.  (There's an Apple contact on that FIPS page, BTW.)

• Can't get URL iview to log in users to external site

  I am testing with a simple log in page that accepts two parameter values (username and password). I have created a URL iview with these parameters that displays the page perfectly, but won't log the user in.
  I am unsure if I have to set the authentication URL, method and type both in the system and in the URL iview config.
  What settings HAVE to be in place (both for the iview and system) when the POST method is to be used?
  Thanks, Henning

  Here is the correct minimal settings:
  Set Up Target System (Via System Administration - System)
  as URL-System that authenticates with UID PW
  Create the URL IVIEW, select the system and set the parameter values to "mapped user" and "mapped password".
  Set the identifier names "i.e. "PWD" and "UID" to  whatever your systems expects.
  Set method to "Post" and set the mode to "client side"
  This has worked for me.
  In your application, you can read the parameters with the names you have set in the iview.

• Adobe flash issues with a specific site but other users to the site can streem

  Good day all
  Please I have tested this on fedora 17, Ubuntu 12.04 LTS and on sepaprate PCs (win 7). With Chrome, IE 9, Firefox all update and Adobe flash is updated too
  I have test the flash on Adobe site and it is OK. But there is this erro all the time

  Hi, Go to this Adobe test site and you should be able to see the Flash Player logo animate and your FP version will be listed also. The latest is 10.1.85.3. Test with Firefox and also with Safari.
  http://www.adobe.com/software/flash/about/
  The Shockwave Flash plugin works thru the browser and is Installed there, so when you view any Flash content or videos, etc. you are able to. That test site should tell you if Flash Player is working.
  Hope that helps.
  eidnolb

• How can i prevent my user in one site about financial report in other sites

  Hi
  we implement our project in 4 sites via Citrix and all of users works on head office database, we used Document Series to divide evey site financial/inventory/procurement transaction . for example one site's JE number  start 1 to 1000000 and other site start form 1000001 to 2000000 . but we see all user can see financial report like TRial balance, General ledger for other site but selecting in extend option in report without viewing them in detail. How we can make constrain for this issue, I mean user in other site cannot see other JE in General ledger report by selecting  documnet series in Extend option.
  thansk

  1) In your case, you assign Group (in Document Numbering>>>Series Set up) for each site.
  For example:
  Site 1: Group 1
  Site 2: Group 2
  2) Then, go to Authorization >>> General Authorization >>> Administration >>> System Initialization >>> Numbering series. Now, you grant full authorization in Series - Group No. x for site users.
  For example:
  Site 1 ' user:
       Series - Group No. 1: Full authorization
       Series - Group No. 2: No authorization
  Site 2 ' user:
       Series - Group No. 1: No authorization
       Series - Group No. 2: Full authorization
  Hope this help,
  TVSon

• Since upgrading to Firefox 5 I cannot view my emails on my ISP's web site, can you help?

  Since upgrading to Firefox 5 I can no longer view my emails on my ISP's web site, can you help?

  I haven't heard of any similar message before. In your "More system details..." it lists two different Adobe PDF plugins, version 8 and version 9. You may have a conflict there, especially if the older one isn't disabled. You could try to disable it here:
  orange Firefox button ''or'' Tools menu > Add-ons > Plugins category
  If that doesn't help... Adobe Reader and the plugin have been updated to version 10. but Are you willing to upgrade Adobe Reader to see whether that fixes the problem?
  http://get.adobe.com/reader/

• Can an LDAP server be it's own client?

  In short yes, why would you want to do this? Many reasons, but mine is to be able to use ldap on laptops running Solaris and have them log into the machine with ldap credentials off the network. When we plug them back onto the network, I have a master server send any new data via one-way replication. I will give 2 separate ways to accomplish this. One is, to put it bluntly, a dirty hack to get it working. The second is much more elegant and it's the one I have stressed tested to verify that it works.
  Disclaimer: I have only used these methods on Solaris10 update 3 with Trusted Extensions using directory server 5.2 as well as the administration server. I have used a few different kinds of machines (all x86) and have not had a problem with it. I do not know if it will work on any other version or hardware. I haven't even looked at the source code, all assumptions made here are from observing the systems behavior while making minor changes.
  Now, the reasons why normally you can't be your own client (at least as far as I can tell) is because of the way the system boots and the dependencies that the ldap/client service needs to start up. If you boot a machine that is it's own client and ldap/client runs before the directory server starts, of course it will fail. The system boots the services first, then legacy init scripts. Directory Server 5.2 uses init scripts. Correct me if I am wrong, but that is the only real hurdle in your way.
  So the first way to get it 'working' (dirty hack) is to delay the ldap/client smf service from starting until the directory server is started. After you become a client of yourself (in this case the global zone) disable the ldap/client serrvice.
  svcadm disable ldap/clientThen enable it temporarily with the -t option
  svcadm enable -t ldap/clientWell if you were to reboot now it would not work because the service would not start at boot because it is set to be administratively down. Edit the S72directory script in /etc/rc2.d and after the start commands just add the svcadm enable -t ldap/client command and it will load right after directory server starts. Will this work? Yes, is it a clean way to do it? NO. I used this method just for testing the theory that the only reason I could not be my own client was because of the booting issue.
  Now the best way that I can see to accomplish this is to create your own smf services for the directory server and admin server. That way all you have to do is add a dependency to the ldap/client xml file to wait until the new directory server service is started before it starts. So in /var/svc/manifest/site create a folder called ldap (I put this in site because I didn't want to run into any issues of patching). In /var/svc/manifest/site/ldap/ create two xml files named:
  quick note: These are the first services I have created. There may be a much better way to make them. If you can re-code it better, please let me know so I can look at them. Also there is no restart command in here (actually I just noticed that) so adding one of those would be wise.
  ds_admin.xml and directory_server.xml.
  ds_admin.xml contains<?xml version="1.0"?>
  <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
  <!--
       Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
       Use is subject to license terms.
       ident     "@(#)client.xml     1.4     04/12/09 SMI"
       NOTE:  This service manifest is editable; its contents will not
       be overwritten by package or patch operations, including
       operating system upgrade.
  -->
  <service_bundle type='manifest' name='SUNWdsadmin:dsadmin'>
  <service
       name='site/ldap/ds_admin'
       type='service'
       version='1'>
       <create_default_instance enabled='false' />
       <single_instance />
       <dependency
           name='fs'
           grouping='require_all'
           restart_on='none'
           type='service'>
            <service_fmri value='svc:/system/filesystem/minimal' />
       </dependency>
       <dependency
           name='net'
           grouping='require_all'
           restart_on='none'
           type='service'>
            <service_fmri value='svc:/network/initial' />
       </dependency>
       <exec_method
           type='method'
           name='start'
           exec='/lib/svc/method/ds_admin start'
           timeout_seconds='120' >
            <method_context>
                 <method_credential user='root' group='sys' />
            </method_context>
       </exec_method>
       <exec_method
           type='method'
           name='stop'
           exec='/lib/svc/method/ds_admin stop'
           timeout_seconds='60' >
            <method_context>
                 <method_credential user='root' group='sys' />
            </method_context>
       </exec_method>
       <stability value='Unstable' />
       <template>
            <common_name>
                 <loctext xml:lang='C'>
                 LDAP Admin server      
                 </loctext>
            </common_name>
            <description>
                 <loctext xml:lang='C'>
  LDAP admin server
  Information Service lookups
                 </loctext>
            </description>
       </template>
  </service>
  </service_bundle>and directory_server.xml contains:
  <?xml version="1.0"?>
  <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
  <!--
       Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
       Use is subject to license terms.
       ident     "@(#)client.xml     1.4     04/12/09 SMI"
       NOTE:  This service manifest is editable; its contents will not
       be overwritten by package or patch operations, including
       operating system upgrade.
  -->
  <service_bundle type='manifest' name='SUNWds:ds'>
  <service
       name='site/ldap/directory_server'
       type='service'
       version='1'>
       <create_default_instance enabled='false' />
       <single_instance />
       <dependency
           name='usr'
           grouping='require_all'
           restart_on='none'
           type='service'>
            <service_fmri value='svc:/system/filesystem/minimal' />
       </dependency>
       <dependency
           name='net'
           grouping='require_all'
           restart_on='none'
           type='service'>
            <service_fmri value='svc:/network/initial' />
       </dependency>
    <dependency
              name='ds_admin'
              grouping='require_all'
              restart_on='none'
              type='service'>
                  <service_fmri
                      value='svc:/site/ldap/ds_admin' />
       </dependency>
       <exec_method
           type='method'
           name='start'
           exec='/lib/svc/method/directory_server start'
           timeout_seconds='120' >
            <method_context>
                 <method_credential user='root' group='sys' />
            </method_context>
       </exec_method>
       <exec_method
           type='method'
           name='stop'
           exec='/lib/svc/method/directory_server stop'
           timeout_seconds='60' >
            <method_context>
                 <method_credential user='root' group='sys' />
            </method_context>
       </exec_method>
       <stability value='Unstable' />
       <template>
            <common_name>
                 <loctext xml:lang='C'>
                 LDAP directory server      
                 </loctext>
            </common_name>
            <description>
                 <loctext xml:lang='C'>
  LDAP directory server
  Information Service lookups
                 </loctext>
            </description>
       </template>
  </service>
  </service_bundle>Now the start/stop scripts will be located in /lib/svc/method and are as followed:
  ds_admin
  #!/sbin/sh
  case "$1" in
       start)
            /usr/sbin/directoryserver start-admin
       stop)
            /usr/sbin/directoryserver stop-admin
            echo "Usage: $0 { start | stop }"
            exit 1
  esac
  exit 0simple yes.
  directory_server
  #!/sbin/sh
  HOST_NAME=`hostname`
  SERVER_ROOT=/var/opt/mps/serverroot
  DIRECTORY_SERVER_INSTANCE=slapd-${HOST_NAME}
  case "$1" in
       start)
            ${SERVER_ROOT}/${DIRECTORY_SERVER_INSTANCE}/start-slapd
       stop)
            ${SERVER_ROOT}/${DIRECTORY_SERVER_INSTANCE}/stop-slapd
            echo "Usage: $0 { start | stop }"
            exit 1
  esac
  exit 0The only thing left to do is modify the ldap/client smf file to wait until the directory server starts before it loads.
  So edit /var/svc/manifest/network/ldap/client.xml and right before the dependency for for /var/ldap/ldap_client_file add this
  <dependency
              name='directory_server'
              grouping='require_all'
              restart_on='none'
              type='service'>
                  <service_fmri
                          value='svc:/site/ldap/directory_server' />
          </dependency>
  Any changes made to the /ldap/client xml file must be made after ALL zones have been installed. If this file is copied to a zone it will never work as the directory_server service is not loaded in the zones.
  Now what? You must remove the legacy init scripts in /etc/rc2.d. Those would be S72directory and S73mpsadm. No need to keep them around, alternatively, you can just change the capital 'S' to lower case and they want start.
  You can now either use svccfg to validate and import the new services or you can reboot. Typically, I reboot and use the '-m verbose' option on boot to watch the services for any errors. I haven't had any lately but on different systems I always watch to see if it behaves different.
  That's it. I have rebooted all the machines many, many times without error. This of course does not address loading the directory server or adding users, tnrhdb file, etc... We have scripted most of loading out and once we get some error correction coded in I will post them.
  Also, if you find any errors or even a better way to accomplish this, please post it.

  This restriction is only in terms of implementing the Solaris support for LDAP as a naming service. If the Solaris OS is configured to use LDAP as a naming service, it can't use a LDAP server running on the same host.
  The reason is that the LDAP server makes naming service calls before it gets fully started up. If the OS wants to use the LDAP server for the naming service, then a deadlock happens, where the LDAP server's gethostbyname() call can't complete because the LDAP server isn't up.
  It is possible to configure the Solaris naming resolution to avoid this problem. I've got a system set up this way myself. Regardless, the official support channels won't support a system set up this way, so if you do this you do it at your own risk.

• Taking snapshot of oracle tables to sql server using transactional replication is taking a long time

  Hi All,
  I am trying to replicate around 200 oracle tables onto sql server using transaction replication and it taking a long time i.e the initial snapshot is taking more than 24 hrs and it still going on.
  Is there any way to replicate those these tables faster?
  Kindly help me out..
  Thanks

  Hi,
  According to the description, I know the replication is working fine. But it is very slow. 
  1. Check the CPU usage on Oracle publisher and SQL Server. This issue may due to slow client processing (Oracle performance) or Network performance issues.
  2. Based on SQL Server 2008 Books Online ‘Performance Tuning for Oracle Publishers’ (http://msdn.microsoft.com/en-us/library/ms151179(SQL.100).aspx). You can enable the transaction
  job set and follow the instructions based on
  http://msdn.microsoft.com/en-us/library/ms147884(v=sql.100).aspx.
  2. You can enable replication agent logging to check the replication behavior. You may follow these steps to collect them:
  To enable Distribution Agent verbose logging. Please follow these steps:
  a. Open SQL Server Agent on the distribution server.
  b. Under Jobs folder, find out the Distribution Agent.
  c. Right click the job and choose Properties.
  d. Select Steps tap, it should be like this:
  e. Click Run agent and click Edit button, add following scripts by the end of scripts in the command box:
          -Output C:\Temp\OUTPUTFILE.txt -Outputverboselevel 2
  f. Exit the dialogs
   For more information about the steps, please refer to:
  http://support.microsoft.com/kb/312292
  Hope the information helps.
  Tracy Cai
  TechNet Community Support

• If DW 2014.1 cc does not support database, binding, server behavior, and PHP/MySQL require it, but using Adobe Extensions Mngr IS NOT recommended, then WHAT TOOLS do we use to develop a database with DW?

  I'm using windows DW 2014.1 cc. I'm following lynda.com tutorials to build a website database with PHP and MySQL. I learned I have to download Adobe Extension Mngr to active DATABASE, BINDING, SERVER BEHAVIOR panels, which I've done. BUT NOW I'VE BEEN ADVISED NOT TO USE THESE TOOLS for new development. If this is the truly the case, then WHAT TOOLS DO I USE to develop a website that has a database?

  then WHAT TOOLS DO I USE to develop a website that has a database?
  Besides the tools you would already need for a system using server behaviors (web server, PHP, MySQL, phpMyAdmin) the only extra tool you need is your own brain.
  A lot of people are disappointed by the lack of database tools in DW now, but really it's much better this way. You can never achieve better than a rinky-dink dynamic website using server behaviors. The code Dreamweaver dynamic behaviors create is really terrible. (I'm not insulting the fine folks who wrote the feature. It's just a consequence of automated code.) You can write better, simpler, more maintainable code yourself, and over time you will improve. With server behaviors you cannot improve. you get stuck in database kindergarten.

• Messaging server in mutlimaster replication

  Sun Java(tm) System Messaging Server 6.1 (built Apr 28 2004)
  I am testing JES2004Q4 at two site and we are using Directory 5.2 patch 2 Schema 2 and Messaging server 6.1
  I have two messaging server at different sites and both using there local directory. Messaging server is working fine with current configuration.
  We are using current suffix at directory server o=abc.org,o=abc.org for abc.org domain and o=def.org,o=abc.org for def.org domain and so on��.as top root is o=abc.org for usergroups
  We want to have mutlimaster replication between these directory servers so user data can be modified or added from any site must be replicated at other LDAP.
  To setup this replication I created suffix ou=people,o=abc.org,o=abc.org under Data to intilize with current data. User data initialization done well and both messaging are working fine in mutlimaster configuration as I replicate the msg-admin-hostname-20040727213740 entries of both messaging servers.
  But when ever I want to delete the entry from the ldap, it pretends that entry successfully deleted but when I search for entry again its still there and when I delete it again its came out with the nullnetscape.ldap.LDAPException error result (32); matchedDN = ou=people,o=abc.org,o=abc.org.jm; No such object
  But I can't see this entry under ou=people,o=abc.org,o=abc.org but search of admin server console is showing me the entry
  Also ./imsimta test -rewrite -debug [email protected] is giving me the positive result
  When I delete the newly created suffix, I can see all those entries which was present before this new suffix created. that�s mean this delete is not effecting the original data but only the data intilized under newly created suffix and imsimta and admin console search is getting the data from original database not from the resulting database created with new suffix creation.
  Any idea why

  Jay,
  I am using Console, dose it make any difference? Indeed. Console is an unsupported method for doing user/group provisioning and modification. You should not attempt to use the console for such, as the Console is not aware of all of the object classes required for user manipulation.
  I wait for an hour to check delete was successful or
  not.
  I think we need to tackle this database thing because
  even search and imsimta looking of original database
  not the initialized data at new posted suffix.
  let me ask you one thing If in original data I just
  have the admin and msg-admin -hostname-2004.........
  entry to run the messaging server and rest all user
  data should the initialized at posted suffix for
  replication, will it work?I'm sorry, I don't understand what you just said above.
  If you truly have multi master replication set up (something I'm not expert with), then any changes you make to one ldap server will be propagated to the other. You can examine the "changelog" to confirm that.
  BUT
  If you attempt to manipulate users and groups by Console, you will be unsuccessful, no matter your ldap setup, as the console cannot be relied upon to properly provision users.
  The tool provided to manipulate users/groups is the command-line tool,
  commadmin
  You have to install Identity Server and commcli in order to do that.