How does client certificate get passed through TMG/ISA to destination server (eg. SCCM)?

Similar Messages

• Does the iPad 2 pass through TV the same way that the iPhone 4s does ?

  Does the iPad 2 pass through TV the same way that the iPhone 4s does ? I have an Arcam rCube dock which allows the tv pass through from the iPhone 4s and I was wondering if the iPad 2 will do the same if I buy a dock extender and what should I check for in a dock extender ?

  No - that feature does not exist on the iPad2 and I know of no plans - nor would anyone else here - for that feature to be added with a software update in the future.

• How does client connect to RAC

  I'm confused how client connect to RAC,
  1) According to this:
  http://www.datadirect.com/developer/odbc/odbc_oracle_rac/connecting/index.ssp
  "a ServiceName exists for the entire Oracle RAC system. When an application uses the Oracle RAC system's ServiceName, the Oracle RAC system appears to be a single Oracle instance to the application"
  so, seems client just make sure using service name instead of SID, it will be connect to RAC. the URL format is same as single non-RAC enviroment
  2) however,according to this:
  http://forums.sun.com/thread.jspa?threadID=5274308
  The URL need to be:
  jdbc:oracle:thin:@(DESCRIPTION=(LOAD_BALANCE=on)
  (ADDRESS=(PROTOCOL=TCP)(HOST=host1) (PORT=1521))
  (ADDRESS=(PROTOCOL=TCP)(HOST=host2) (PORT=1521))
  (CONNECT_DATA=(SERVICE_NAME=service)))
  this make RAC connect URL differenct from single non-RAC enviroment
  if so, with this format, how does SQL developer connection set up? since you can only specify one host in connection properties configuration?
  if so, adding a node will require all of client modify connect url?
  3) my understanding is client only need to specify VIP to any one of node, and speicify global service name (all node should share same service name), this will make RAC connection setup (similar to above (1)), but I'm not sure if my understanding correct or not in the following senario:
  -- a) what if client using public ip (not VIP) to one of node, but using global service name?
  -- b) what if client using VIP to one of node, but using it's SID instead of global service name?
  -- c) what if client using public ip (not VIP) to one of node, and using it's SID?
  please clarify how does client connect to RAC?
  Thank you!

  Very good question.
  You have asked in a certain way which tells me you have done lot of research.
  Any how:-
  Remember no matter how convoluting it looks it is the same.
  1 Tns Entry
  If you add a node then yes you have to publish it.
  There are other alternatives such as Oracle Names [old]
  internect directory , ldap and so on, beyond the scope of this discussion.
  1)
  TNSNAME Entry
  RAC.WORLD=
  DESCRIPTION=DESCRIPTION=(LOAD_BALANCE=on)
  (ADDRESS=(PROTOCOL=TCP)(HOST=host1) (PORT=1521))
  (ADDRESS=(PROTOCOL=TCP)(HOST=host2) (PORT=1521))
  (CONNECT_DATA=(SERVICE_NAME=service))
  Now see The same string from DESCRIPTION onwards goes to jdb thin client, it
  is the same thing...
  Also the host1 host2 are all VIPS'
  Also you need failover , load balance thingies in there
  -- a) what if client using public ip (not VIP) to one of node, but using global service name?
  non vip, Test it out, tns should hop over it .
  but TAF /FAN won't work.
  -- b) what if client using VIP to one of node, but using it's SID instead of global service name?
  You have to use SERVICENAME, if you are using SID then you are pretty
  much connecting to 1 node.
  -- c) what if client using public ip (not VIP) to one of node, and using it's SID?
  Then you are using 1 node rac.

• How does a workflow get triggered when we create a Shopping cart

  Hi all,
  In SRm how does a workflow gets triggered when we create a Shopping cart...what i mean is that in r/3 we use changedocument object or function modules etc..likewise in srm how the wf gets triggere...can anyone help me.
  Thanks&Regards,
  Hari

  Hi martin,
  yes i accept that in SRM also workflows are all started by event...what i mean is in R/3 we go for Change document object(swec) or some other method for event creation...like that in SRM what is there?Just whenwe create a Shopping cart How the workflow is trigerred...suppose if it is trigerred using fm swe_event_create where they might have called the function module.
  Thanks&Regards,
  Hari

• How does the GR get into SUS---MM-SUS Sceanario

  Hi all,
  How does the GR get into SUS---MM-SUS Sceanario. Can anyone explain??
  Thanks in Advance..
  Regards,
  Jagan

  Hi,
  In SUS - MM scenario
  The supplier ships the goods and sends an ASN based on PO or an Scheduling Agreement to the purchaser. If ASN is based on PO then PO Response has to be accepted  by the purchaser. When the ASN is sent from the SUS system, an inbound delivery is created automatically in SAP MM.
  Now Create GR with reference to ASN or PO based on your requirement in R/3 - MM. The GR notification is then sent to the SUS system, where the supplier can display it.
  Please reward points for helpful answers

• How does the attribute gets the data from R/3 field?

  Hi Experts,
  It could be silly Q.  IO has attributes x, y, z.......  When we map r/3 field to IO, and it is added to the cube and when we create a report, how does the attribute gets data?  I've been working in BW and suddenly I got confused.  Someone please provide me some info
  Thanks,
  Radha

  X,Y,Z being attributes of an info object A.
  When A gets loaded it will be loaded with X,Y,Z.
  If A is a cube and if you wish you can bring X,Y,Z also in the cube in one or more dimensions.
  If you keep X,Y,Z as vag attributes rather than in te cube as dimensions, then , the system will generate SIDs for them.
  Ravi Thothadri

• Purchased ExportPDF for one of our end using depts.  It is under my account I manage for our institution.  How does the dept get the application to download.

  Purchased ExportPDF for one of our end using depts.  It is under my account I manage for our institution.  How does the dept get the application to download.

  Hi Cassi,
  If you are ordering subscriptions for various people in your office, it would be best to sign up under their Adobe IDs, so they can log in and use the subscription with their own credentials. As for moving the current subscription, the easiest route is to cancel the current subscription (see Cancel your membership or subscription | Acrobat, Acrobat.com online services--or I can help), and then reorder as necessary.
  Best,
  Sara

• HT201210 How does the Ipad get back to Nigerian Store from American Store to enable it carry out Update aand Downloading?

  Dear All, please, How does the Ipad get back to Nigerian Store from American Store to enable it carry out Update and Downloading?

  Try this.
  Settings>iTunes and App Stores>Apple ID
  Tap your ID
  Tap View Apple ID
  Enter your password
  Go to country/region in the popup window to change the store

• How does one stop getting email about other peoples problems

  How does one stop getting messages about other peoples problems like 10 - 12 a day

  Click here for the instructions on stopping the emails.
  (100882)

• HT204053 How does my spouse get the benefits of using my iCloud for contacts and calanders but not messages, etc?

  How does my spouse get the benefits of using my iCloud for contacts and calanders but not messages, etc?

  iCloud is designed for personal use and not for managing multiple access.  If you gives your password to someone else, this person can benefit everything including access to purchase with your account, email, etc.
  You should rather consider having each one an iCloud account and then, create and share a calendar.  As for contact, you can send them to your spouse to be save in her account but they cannot be shared nor synced.

• HT5244 How does Flashback Malware get into a Mac?

  How does Flashback Malware get into a Mac?

  The ‘Flashback Trojan’:
  A version of an existing Trojan Horse posing as a legitimate Flash Player installer (named “Flashback.A” by a security firm) is designed to disable updates to the default Mac OS X anti-malware protection system, potentially leaving the system open to the manual installation of other malware without any system warnings. The most recent versions bypass any user action and automatically installs itself after an affected website is visited.
  http://www.appleinsider.com/articles/11/10/19/fake_adobe_flash_malware_seeks_to_ disable_mac_os_x_anti_malware_protection.html
  (Adobe is aware of malware posing as its Flash Player and warns users to ignore any updates that didn't originate on its own servers. "Do not download Flash Player from a site other than adobe.com," said David Lenoe, Adobe's product security program manager, in an entry on Adobe Product Security Incident Response Team's PSIRT blog. "This goes for any piece of software (Reader, Windows Media Player, QuickTime, etc). If you get a notice to update, it's not a bad idea to go directly to the site of the software vendor and download the update directly from the source. If the download is from an unfamiliar URL or an IP address, you should be suspicious.")
  Flashback Trojan - Prevention of infection:
  In order to prevent a potential infection with “Flashback” Trojans, Mac users should always obtain their copy of Adobe Flash Player directly from Adobe’s official website and to disable the "Open 'safe' files after downloading" option in Safari Preferences/General to avoid automatically running files downloaded from the Internet. Also, do not turn on Java in Safari Preferences/Security. Few websites use Java. Javascript is something entirely different and should be left active.
  The Flashback Trojan does not affect PPC (non-Intel) Macs, nor has it been noted to affect users running Tiger OS 10.4.11 or Leopard OS 10.5.8.
  Last, but by no means least, using Open DNS is the simplest way of preventing infection in the first place. Open DNS also protects against phishing attacks, re-directs, speeds up your internet connection, and works for all users of OS X from Tiger upwards:
  http://blog.opendns.com/2012/04/09/worried-about-mac-malware-just-set-up-opendns /
  How to get it:
  https://store.opendns.com/get/home-free
  Flashback Trojan - Detection and Removal
  Users with Intel Macs running Snow Leopard OS 10.6 or Lion OS 10.7 should ensure that they have downloaded all the recent Java updates from Apple, which are designed to prevent infection and also remove any infection already present.
  New Macs running Lion do not have either Flash Player nor Java installed. If you running Lion and have not already downloaded and installed Java, you should download the ‘Flashback malware removal tool’ from Apple:  http://support.apple.com/kb/HT5246  (356KB) which includes the same code as the Java update that plugged a security hole which allowed the malware to automatically install itself without admin authorization.
  You can also use this to check whether you have been infected (for Intel Macs only) and remove it if required:
  http://www.macupdate.com/app/mac/42571/anti-flashback-trojan
  Flashback Trojan - Detection, and how to remove (with caution) if you are running other browsers than Safari:
  http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml

• How does SAP updates MKPF Table Through TCODE MB0A

  Hello There,
     how does SAP updates MKPF Table Through TCODE MB0A ( POST GOODS RECEIPT )? I tried to debug the same by posting GR, but could not figure out.
  Awaiting Reply
  Santosh

  Hi ,
  These are the table that are updated through the MB0A ,,
  DGESV DMAEX DMAKT DMAPE
  DMARM DMEAN DMKAL DMLAN
  DPROW DQMAT DUNGV MARA
  MARC MARD MBEW MFHM
  MLGN MLGT MPGD MPOP MVKE,
  MCHA, MCHB, MCHD.
  Regards,
  Bharani

• How does the ADF support romote call method between two managed server ?

  How does the ADF support romote call method between two managed server ?

  You would usually use this as a WebService through the WSDL that is exposed.
  JDeveloper can help you create a Java Proxy to call the Web service if you point it to the WSDL file that was generated for your AM.
  Some other samples here:
  http://www.connotea.org/user/jdeveloper/tag/Service%20Interface

• X.509 client certificate not working through Reverse proxy

  Dear expert,
  We are working on fiori infrastructure. Our current scope is to enable X.509 authentication for both internet and intranet. However, the intranet scenario for X.509 authentication is working fine but internet is not, we got error message of "Base64 decoding of certificate failed". For landscape, the only difference between internet and intranet is we have apache reverse proxy in DMZ. We are using gateway as fron-end server, business suite and HANA in the back-end.
  As X.509 authentication works fine under intranet scenario, we assume that the configuration for X.509 for both front-end and back-end are correct. With that assumption, the issue would exist in reverse proxy. We are using apache 2.4.7 with openssl 1.0.1e, but we have upgraded the openssl to the latest version 1.0.1h for SSL certificate generation. Below are the apache configuration for X.509.
  Listen 1081
  <VirtualHost *:1081>
  SSLEngine on
  SSLCertificateFile  "D:/Apache24/conf/server.cer"
  SSLCertificateKeyFile  "D:/Apache24/conf/server.key"
  SSLCertificateChainFile  "D:/Apache24/conf/server-ca.cer"
  SSLCACertificateFile "D:/Apache24/conf/client-ca.cer"
  SSLVerifyClient optional
  SSLVerifyDepth  10
  SSLProxyEngine On
  SSLProxyCACertificateFile "D:/Apache24/conf/internal-ca.cer"
  SSLProxyMachineCertificateFile "D:/Apache24/conf/server.pem"
  AllowEncodedSlashes On
  ProxyPreserveHost on
  RequestHeader unset Accept-Encoding
  <Proxy *>
       AddDefaultCharset Off
       SSLRequireSSL
       Order deny,allow
       Allow from all
  </Proxy>
  RequestHeader set ClientProtocol https
  RequestHeader set x-sap-webdisp-ap HTTPS=1081
  RequestHeader set SSL_CLIENT_CERT  ""
  RequestHeader set SSL_CLIENT_S_DN  ""
  RequestHeader set SSL_CLIENT_I_DN  ""
  RequestHeader set SSL_CLIENT_CERT "%{SSL_CLIENT_CERT}s"
  RequestHeader set SSL_CLIENT_S_DN "%{SSL_CLIENT_S_DN}s"
  RequestHeader set SSL_CLIENT_I_DN "%{SSL_CLIENT_I_DN}s"
  ProxyPass / https://ldcinxd.wdf.sap.corp:1081/  nocanon Keepalive=on
  proxyPassReverse /  https://ldcinxd.wdf.sap.corp:1081/
  We are out of mind on how to resolve this issue. Please kindly help if you have any idea on it.
  thanks,
  Best regards,
  Xian' an

  Hi Samuli,
  Really thanks for your reply.
  Yes, we have tried your suggestion above in the apache configure file above, but when testing the HANA service, we got error message "Certificate could not be authenticated".
  Yes, web dispatcher makes the X.509 authentication much easier as under intranet scenario, no DMZ between browser and web dispatcher. Client certificate pass through web dispatcher directly and it works perfectly this way. Not sure why it doesn' t work through apache reverse proxy.
  Best regards,
  Xian' an

• How do FPM properties get pulled through to containing iViews?

  I'm trying to figure out something related to the FPM. I can't find anything on this particular issue on SDN, and my colleagues and I are all stumped. You can define properties in FPM views, and read these from within your Web DynPro application, if it uses the FPM. This works fine when you run your application directly - that is, not through SAP portal.
  However, as soon as your application is running in a portal, it doesn't read properties from the FPM application or the FPM view - it reads them from the properties of the iView in which your application is running. That's fine. Apparently, when you create an iView based on a Web DynPro application, if the application uses the FPM, the iView will pull through the appropriate FPM properties. However, it doesn't appear to be that straightforward.
  In particular, often, the FPM properties configured by SAP pull through, but custom ones do not. When I create these properties manually using the PCD inspector, the application still can't pick them up. Also, colleagues have reported that when transporting iViews that contain these generated properties system-to-system, the generated properties disappear from the iView profiles, and the iViews need to be recreated to have them pull through again.
  So, I have some questions:
  1. Exactly how does this mechanism work? If I create an iView based on a particular Web DynPro application, does the runtime actually go and look in the application properties to see if it uses the FPM, then go and look in the specified PCD location to find the FPM application, and then include in the iView the properties of each view? Seriously?
  2. If so, how does this work for the old style Cc-components? What if my application's configuration is not in the PCD?
  3. Why is this procedure not working, then? Is there a special way in which the FPM view properties need to be created in order to pull through?
  4. Are these conventional properties? Is it at all possible that they would disappear in a transport from one system to another? Are they somehow derived from the application/view at runtime, despite the fact that they seem to be in the PCD?
  5. Are the properties in the iView in some way kept in sync with the application? If I remove, add, or change a property in the FPM application, do I need to recreate the iView to update it? If I do a 'reset all properties', will that do it?
  I know there are a lot of questions here, but I'd be tremendously grateful if anyone could shed some light on any of this. The results we're getting from our tests are essentially inconsistent, and we're pretty stumped.
  James

  I do feel your pain, but note that most here are volunteers and dont work for Mozilla.
  No the homepage can't be changed, also note that apps being locked on your phone may be because of things that your mobile carrier (Verizon, AT&T) puts that on the phone.
  SEE: https://support.mozilla.org/en-US/questions/969365