Cloning Domains/Servers

Similar Messages

• Non Domain Servers and Workstations

  Hi,
  we are trying to deploy SCCM 2012 clients to non domain servers, and we are also in the process of trying to find out what the best way we can clean up machines from sccm that have not logged in 90days or more.
  From my understanding if I turn on only discover machines that have logged on to the domain in a given period of time than that means if a server has not logged in will not be discovered which can be an issue when patching, and also what do I need to do
  with the non domain servers with sccm client installed on the servers.
  can you please help me with this that would be greatly appreciated
  Thanks Tom

  Hi,
  This blog post does a good job explaining the steps to manage non-domain machines with ConfigMgr 2012:
  http://blogs.technet.com/b/anilm/archive/2012/05/06/managing-workgroup-clients-in-configuration-manager-2012.aspx
  This technet article also has more detailed information about client communication for workgroup computers:
  http://technet.microsoft.com/en-us/library/gg712701.aspx#Plan_Com_X_Forest
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• EDN:  subscribe to the same event deployed on different domain/Servers

  We are working on use case where in we would like to publish an Event from an ADF application . We would like to subscribe to the same event deployed on different domain/Servers than the servers on which ADF Application deployed. We would like to get more information on the configuartion of Foreing JNDI for the Business events for this use case. in the documentation it was mentioned, it is possible but not much details were provided.
  So far all I have to go on is: http://download.oracle.com/docs/cd/E21764_01/integration.1111/e10224/obe_intro.htm#BABHBGAG

  We are working on use case where in we would like to publish an Event from an ADF application . We would like to subscribe to the same event deployed on different domain/Servers than the servers on which ADF Application deployed. We would like to get more information on the configuartion of Foreing JNDI for the Business events for this use case. in the documentation it was mentioned, it is possible but not much details were provided.
  So far all I have to go on is: http://download.oracle.com/docs/cd/E21764_01/integration.1111/e10224/obe_intro.htm#BABHBGAG

• How to make Weblogic 10 share playerPrincipal among intra-domain servers

  Hello,
  We have been struggling with this problem quite a lot. We are currently trying to implement SSO which sharing playerPricipal within intra-domain servers (servers in the same domain).
  User login in one server and another server should know that the user has been logged in or not.
  We are thinking to set up some kind of "trust" between servers inside domain but do not know how to configure it.
  Does anyone have any idea how to set up WebLogic 10 so that playerPrincipal can be shared between servers? Many many thanks for the experts :).
  Br,
  Linda
  P.S: we are avoiding to use cluster because it might caused a lot of work for us :)

  Thank for your answer James.Bayer :)
  We have quite severals applications are running in server 1. Using cluster is mean that all other applications in server 1 should change their configuration. And what cluster provides are too much more than our requirements. What we want is only sharing Principal between 2 servers in the same domain.
  All of the links which I have searched are about sharing Principal within 2 servers in 2 separate domains. No link about sharing Principal between 2 servers in the same domain. My wondering is that: does servers in same domain share Principal by default? But we have configured applications either the servers wrongly hence it can not see other's Principal.
  Could you please answer me with this question. And all answers of other people are very much welcome. I thank you very much for all of your kindness in answering my question .)

• Domain Admins not able to run executable on Domain Servers

  I have built a VM domain of Windows 2008 R2 SP1 x64 machines.  One Domain controller, 4 member servers.  I have built a couple users, and put them into the following domain groups:
  Domain Admins
  Enterprise Admins
  Schema Admins
  However, if I log into any of the machines as the two users I created, I cannot run, for instance, setup.exe for SQL server.  I am invariably told :
  "Windows cannot access the specified device, path, or file.  You may not have the appropriate permissions to access the item."
  I CAN access stuff on the Domain Controller logged in as one of those users.  So all these problems only apply to the member servers.
  I have checked to unblock the files (not an issue)
  I have modified UAC settings through SECPOL.msc
  I have confirmed that the users in question (as well as the groups above) are members of the local Administrators group on each node.  The only way for me to run these programs (things like regedit also won't run either) is to log in as Administrator
  (domain and local work for this) 
  I have removed a member server from the domain and re-added it.  I did so using one of the userids that have been problematic.  It added it to the domain fine, but upon reboot, that userid had effectively no rights on the box.
  I have no idea what the problem is.  I can't even elevate a command prompt to administrator - it gives the error above.
  I built this system for some exercises and testing for a cert test I am taking.  If I can't get these (or any other) accounts working, I am kinda stuck.  
  Any help would be great, because none of this makes sense.
  Thanks,
  Todd 

  Hi,
  Would you please check the below article and try the suggestions in it:
  "Windows cannot access the specified device, path, or file" error when you try to install, update or start a program or file
  http://support.microsoft.com/kb/2669244
  Regards,
  Yan Li
  Regards, Yan Li

• I have a set of cloned APEX servers, how should I get them working?

  Hey there, I have been asked to configure a set of servers which are clones of an existing APEX environment and get them working as a separate development environment. This APEX setup has three servers which are all running RedHat Linux: a single sign on server, a web server, and a database server. I am having some trouble finding all the configuration files that I need to update with the new ipaddresses and hosts names in order to get the new servers to talk to each-other again. For example, the cloned web server seems to still be trying to connect to the original database server. When I start opmnctl, it doesn't throw any errors even if the cloned database server's listener isn't running.
  I've updated the ssl.conf, httpd.conf, and targets.xml files on the web and sso servers, and the TNSnames.ora and Listener.ora files on the database server. I also updated the generic linux hosts and networking files on both. Can anyone think of anything that I'm missing?

  Hi user8245974,
  You may want to take a look at the dads.conf file, which should be where your Web server is configured. There most likely is a connect string defined in there.
  Joel

• Deploy SCOM 2012 R2 Agents to Domain Servers on Perimeter Network using SCOM Gateway on different Domain

  Hi, I have a bit odd situation on a SCOM 2012R2 deployment.
  I have a MS on the internal network, and a Gateway Server on the perimeter network. Each server is connected to different Active Directory Forests and there are no trust relationships between them. I configured the communication between the two using certificates.
  I have already connected some servers through the Gateway using certificates because there are on Workgroups, they are already approved on the MS and reporting their status.
  However, I have some servers that are member servers of the internal AD domain but are located on the perimeter network.
  So I've tried to configure one of them for testing to connect to the Gateway Server using a certificate using manual agent installation. Initially it didn't report on the SCOM, but then I ran the get-scompendingmanagement and saw that it showed there,
  so I ended up approving the agent using Powershell and then it was reported on the Console as "Not Monitored"
  First the agent was running as local system and then tried using a local admin account on the server, neither options have worked.
  I get the following errors:
  The OpsMgr Connector connected to scomgateway.externaldomain.com, but the connection was closed immediately after authentication occurred.  The most likely cause of this error is that the agent is not authorized to communicate with the server, or the
  server has not received configuration.  Check the event log on the server for the presence of 20000 events, indicating that agents which are not approved are attempting to connect.
  For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
  OpsMgr was unable to set up a communications channel to scomgateway.externaldomain.com and there are no failover hosts.  Communication will resume when scomgateway.externaldomain.com is available and communication from this computer is allowed.
  For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
  Is this configuration possible? Or do I need to open communication ports from the agents to the MS inside the corporate network and not use the Gateway?
  Any ideas if someone else has done this are appreciated.
  Thank you.
  Regards.
  Eduardo Rojas

  I'm sorry, maybe I didn't explained myself correctly, I already have the gateway up and running with some Workgroup machines connected to it using certificates, so the Gateway is indeed working. These Workgroup machines are in fact reporting back to the
  Management Server on the internal network through the Gateway.
  My problem is with Domain Member machines that are on the perimeter network. This machines are joined to the Active Directory inside the corporate firewall, not the Active directory from the perimeter network (where the Gateway is joined). So my question
  is, can I connect these machines through the Gateway (even if the Gateway is on a different domain) or do I need to open ports and connect them directly to the management server (which is on the same active directory domain)? 
   Let me know if I made myself clear.
  Thank you.
  Regards.
  Eduardo Rojas

• Cloning managed servers ....

  Hi,
  I have created a bam_server1 and soa_server1, managed servers to support BAM and SOA.
  Now I want to clone bam_server1 to bam_server2. The clone operation in WLS admin console, is just creating a managed server template and not deploying all the applications/jdbc connections/jms,etc, which are part of bam_server1.
  Is there a script which can deploy BAM or SOA to the newly created managed server, which are part of the same domain.
  Thanks,
  Sudhakar.

  Sudhakar,
  Are you trying to increase the capacity of the SOA infrastrcuture by adding additional servers? The ideal way of scaling out to multiple servers is to create a "cluster". We do not support multiple SOA servers that are not in a cluster within a single domain in 11gR1. A SOA 11gR1 domain can have either a single SOA server or a single SOA cluster.
  You can create a domain with a SOA cluster using the domain configuration wizard. All applications and services (JDBC, JMS etc.) are automatically targeted to the cluster as part of the configuration process. Once you define a SOA cluster, you can add additional managed servers to the same from WLS console and all meta-data will be propagated to the new server.
  Thanks,
  Samrat

• Cloning Domains

  Hi everybody...
  I'm new to it, so I'm not understanding very well some concepts.
  I have a Domain, that has 2 managed servers WLS_FORMS and WLS_REPORTS.
  I want to have another instance of forms and reports, to make development tests.
  What is the best approch? To have 2 more managed servers, WLS_FORMS_TEST and WLS_REPORTS_TEST, or to clone entire domain.
  I had been reading some forums and blogs, and I think it must be the second option.
  If it is, how do I make it? Is there any wizard or utility to do it?
  I'm using Oracle Fusion Middleware 11g.
  My best regards,
  Fernando Almeida

  "Jas" <[email protected]> wrote in message news:<3e657be5$[email protected]>...
  Hi,
  I am wondering if anyone has tried creating a domain on a weblogic server by copying
  and pasting an entire domain directory. ie. Copying %bea_home%\config\DomainName
  to the new installation %bea_home%\config\DomainName.
  When I do this I get the following error when starting up the weblogic server:
  "The WebLogic Server did not start up properly. Exception raised:
  weblogic.security.internal.encryption.EncryptionServiceException:Error decrypting
  Secret Key" when loading config.xml
  I assume this is because the weblogic system password is encrypted in the config.xml
  file. Is there anyway I can get around this so I can easily clone weblogic servers?
  Thanks,
  JasJas,
  Yeah the security key is tied to the server, what exactly are you
  trying to accomplish? Do you want seperate domains or servers? Are
  they on different physical servers?
  Also what version of wls? 6 or 7?
  Will try to help you if I can
  Steve

• DPM 2012 R2 CU 4 - issue w/ system state backup completing on non domain servers with T2embed.dll

  I am really new to DPM and just took over a system that has servers being backed up that are not part of the domain. The volumes backup fine and system state will not complete. In looking at the protection group server the WindowsImageBackup folder is created
  and the backup starts however it will fail and DPM server will say Replica is inconsistent.  Back on the protected server in the backup event log, it fails w/ error code 2155347997.  In the backup error log file in C:\windows\logs\windowsserverbackup. 
  It says "Error in backup of C:\windows\system32\t2embed.dll during read.  Error [0x80070005] Access is denied.
  We have about 4 other servers that are not domain joined and they are getting similar errors w/ t2embed.dll in that system32 directory or in the WinSXS folder.   All servers are 2008 SP2 or 2008 R2 SP1.
  Thank you in advance for you help

  Hi,
  DPM has no control over errors that Windows server backup receives, but check permissions and Remove the DENY permission for EVERYONE on the below files:
  C:\Windows\system32\t2embed.dll
  C:\Windows\winsxs\amd64_microsoft-windows-font-embedding_31bf3856ad364e35_6.1.7601.17514_none_13e628b635935244\t2embed.dll
  C:\Windows\winsxs\x86_microsoft-windows-font-embedding_31bf3856ad364e35_6.1.7601.17514_none_b7c78d327d35e10e\t2embed.dll
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Regards, Mike J. [MSFT]
  This posting is provided "AS IS" with no warranties, and confers no rights.

• Licensing for two domain servers

  Hello all,
  I have (so far) one Windows Server 2012 R2 Foundation acting as a domain controller. We are planning on adding second DC (within same domain/tree/forest) as a redundant server. Servers are used only for direct access within LAN (same subnet/VLAN, no terminal,
  no Hyper-V). Will number of CALs add up (to 30 CALs) or do I still have only 15 CALs ?
  Thanks in advance for Your response.
  Regards

  Thanks for Your answers.
  I don't think I understand You correctly.
  1. Server Foundation comes with 15 CALs
  2. I'd like to get a second server for redundancy in my office domain. 
  3. It would be second machine with separate install of WinSrv2012R2 (same version, but different CALs).
  4. Both come with 15 CALs each (this is standard for Foundation)
  SO QUESTION IS:
  Even if I have second install do I need additional CALS if I have 20 users?
  diramoh -
  1. Does that mean I need to buy additional CALs if I have 20 users and TWO WinSrv2012 Foudations
  2. If so Why do I need Standard Edition, why not only Essentials?
  3. What about using one DC with 15 CALs per server and other DC with 15
  per seat
  Thanks again for Your help, support and answers.
  Regards,
  ~V...

• Cloning domains (WLS 7.0)

  Is there an easy way to clone a domain, possibly to a different machine, in WLS 7.0?
  In 6.1 I just copied the domain directory, edited config.xml and bob was my uncle.
  But in 7.0 this doesn't work due to problems with encrypted entries in config.xml.
  I have found a way around these problems but it leaves me with a domain with no users,
  roles, policies, etc. so I have to manually recreate all security settings.

  Thanks for your reply Gray
  But can you explain more detaily ?
  I have to add class path info as classes url not jar.
  then how can I ?
  for examaple ..
  EAR root Directory
  - ejb1.jar
  - ejb2.jar
  - WAR root Directory
  - jsp root Directory
  - META-INF
  - WEB-INF
  - classes
  - com
  - tobeway
  - util
  if ejb1.jar and ejb2.jar reference com.tobeway.util classes how can I make manifest
  file ?
  Current contenti are (in ejb jar file)
  "Manifest-Version: 1.0
  Created-By: Ant 1.4.1"
  that's all
  Thank for you kind reply.
  "Dave Gray" <[email protected]> wrote:
  Within an .ear each .jar should have a classpath within its manifest
  that
  includes any other jars in the .ear that this .jar references.
  "Park" <[email protected]> wrote in message
  news:[email protected]..
  (WLS 7.0)
  When I use EAR I met some problem.
  I packed all JSP into one .war file. fot that I had to inclde requredclasses
  into .war because jsps use these classes. then I packed EAR file withWAR
  and
  some EJB jar files. After then I deployed EAR file to WLS. But If removeclasses
  from classpth while EJB deploying Error occured. Because EJBs referencethese
  classes. I thoght if I packed classes into .WAR .. there is no problem.But Error
  occured. I have to include classes into classpth for that ? or Anymistakes in
  my way.
  thank you.

• How to build transitional replication on two different domain servers in SQL server 2012 ?

  Hi All,
  We have to build transnational replication with updatable  subscribers between two different domains .
  Is it possible ,if it's possible please share the any document or process .....
  Thanks in advance. 
  RAM

  Yes this is possible.
  Replication across two non-trusted domains or workgroups can be done by using Windows Authentication by configuring
  pass-through authentication.
  Create a local Windows account on both the Publisher and Subscriber that has
  the same username and password. Use this account for the Merge Agent process account and have the connections to the publisher and distributor impersonate the agent process account. Ensure the account has the permissions required in
  Replication Agent Security Model.
  This approach is covered in the section Use Windows Authentication to Set Up Replication Between Two Computers Running SQL Server in Non-Trusted Domains in
  HOW TO: Replicate Between Computers Running SQL Server in Non-Trusted Domains or Across the Internet.
  Another approach to configure replication between non-trusted domains is to use SQL authentication for cross domain connections.
  Brandon Williams (blog |
  linkedin)

• Server 2012 R2 Group policy management with older Domain servers

  Hi Guys,
  I need your expert assistance with a issue I'm facing.
  We have a client that has 3 domain controllers. The Primary DC is running Server 2003 R2, another one is running Server 2008, and the last DC is running Server 2008 R2. The forest functional level is Server 2000 & the domain functional level is Server
  2003.
  Currently Group policy is processing using a central store across the 3 domain controllers.
  We have installed a new Server 2012 R2 Terminal server and need to apply group policies to the Server to lock it down.
  We have a separate Server 2012 R2 server (say SERVER1) that is also joined to the domain that I have added the group policy management feature to so it can remotely manage group policy.
  It seems to be pulling the all the group policy details from the central store so I can't see any of the server 2012 related settings on
  SERVER1.
  Are we going about this the correct way? how would we best manage the Server 2012 policies? I was thinking either somehow making the specific TS group policy only load in a local policy or templates somehow..

  If you are using a central policy store, this is the expected (intended) behaviour.
  You willl need to update the central store with the latest versions of the adm(x/l) files.
  http://www.microsoft.com/en-us/download/details.aspx?id=36991
  or grab them from a 2012(r2) instalaltion c:\Windows\PolicyDefinitions
  MCP/MCSA/MCTS/MCITP

• Multiple Node Manager Instances and servers sharing the same domain home.

  Hi,
  We have a 8 man server weblogic cluster spread over 4 machines. Each machine runs 2 man servers each.
  Each of the machine is configured to run node manager.
  We use shared storage accessible to all 8 servers and all 8 man servers have the same domain_home.
  Lets call it W:/domain
  Now the problem we are facing is that node manager running on 1 machine is trying to access/control a managed server on a different machine after a machine restart.
  eg.
  ManServer1 Home : W:/domain/servers/server1 ====> runs on Machine 1
  ManServer2Home : W:/domain/servers/server2 ====> runs on Machine 2
  Problem is node manager on machine 1 is trying to restart man server 2. The path W:/domain/servers/server2 is accessible to Machine 1.
  After a restart, what I assume is happening is that the nodemanager is checking all servers folder under Domain_Home/Servers and trying to restart servers instead of restarting only those which it should start. The config file has the server and machine assignment done correctly. Is there a way to make this configuration towork. Or do we need to create different domain_home's for different man servers like
  Domain_Home for MS1: W:/domain/MS1 ( Server Home would be : W:/domain/MS1/servers/MS1)
  Domain_Home for MS2: W:/domain/MS2 ( Server Home would be : W:/domain/MS2/servers/MS2)
  Regards,
  Atheek
  Edited by: atheek1 on 03-May-2010 00:27

  Thanks - We have tried putting 2 dad entries in file, but not sure how you connect. You only specify a port number, so how does it connect that to a db???