ISE Distributed System - AD join issue

Similar Messages

• Distributed ISE & Distributed PKI = EAP-TLS issues ... Correct?

  In a distributed ISE deployment with regional intermediate CA, I am getting failed authentication due to " EAP-TLS failed SSL/TLS handshake because of an unknown CA in the client certificates chain".  Client device have only one client certificate issued from regional intermediate CA. When client device goes across the region, they can't authenticate and gets this "unknown” CA error. The admin node has certificates of all intermediate CAs and root CA.
  One possible solution is to add intermediate CA certificates to all regional Node groups but apparently it is not possible on ISE policy nodes.
  Have a look at the diagram below and let me know you think (Client authentication failure at both location 1 and 3).

  Thanks Jan for reply. And short answer is Yes ....
  we have identified the issue and it has been resolved now. It was down to one of the cert corruption on primary admin.
  It was only identified after going to debug logs in prrt. Verification was done by export that particular cert and analyzing it. Don't know how it got corrupted but it did.
  In CA cert section on primary admin node, it was displaying correct value like issue date etc but when it was exported for analysis, I couldn't open it.
  So moral of the story is that the someone thought that they need to put a status field against every cert on ISE and it wasn't decided how to check its status - no offence.

• Ise distributed deployment upgrade

  My customer has an ISE deployment with 4 nodes: Admin/Monitor Primary and Secondary plus 2 Policy Server. The Admin nodes are VMs, the Policy nodes are 3315 appliances.
  The system was installed almost three years ago with the version 1.1.0 ... It appears the system never had issues so never was patched or upgraded. Why fix something that is working fine?
  Today there was an issue because the certificates expired, so in the review to get the system up and running again, the update issue bring on to the conversation. We like to do an upgrade to the last supported version. So I wonder for some tips and ideas to take care for planning the upgrade.
  I have some doubts:
  Can the 3315 appliance support the release 1.3 without issues?
  I know the upgrade procedure is basically installing a .tar file, but I'm not clear how the process in a distributed deployment should be. I had run upgrades in standalone systems, but never in a distributed deployment. So, I need to upgrade the Primary Admin only and the other nodes would upgrade automatically?
  I would need to upgrade 1.1 to 1.2 first and then 1.2 to 1.3?
  I undertand release 1.1 was in 32 bits, and the version 1.2 and 1.3 are in 64 bits, so I guess the process would take a long time (perhaps a couple of hours), so a maintenance window would need 3 or 4 hours until the full system became stable.
  Can you give me some advice and suggestions to avoid major issues?
  Regards.
  Daniel Escalante.

  Can you give me some advice and suggestions to avoid major issues?
  Documents related to upgarde were given by Venkatesh refer those. Along with that additional information.
  Can the 3315 appliance support the release 1.3 without issues?
  Cisco ISE-3315-K9 (small) 3
  Supports ISE 1.3
  Any
  1x Xeon 2.66-GHz quad-core processor
  4 GB RAM
  2 x 250 GB SATA4 HDD5
  4x 1 GB NIC6
  I know the upgrade procedure is basically installing a .tar file, but I'm not clear how the process in a distributed deployment should be. I had run upgrades in standalone systems, but never in a distributed deployment. So, I need to upgrade the Primary Admin only and the other nodes would upgrade automatically?
  When upgrading to Cisco ISE, Release 1.2, first upgrade the secondary Administration node to Release 1.2. You do not have to manually deregister the node before an upgrade. Use the application upgrade command to upgrade nodes to Release 1.2. The upgrade process deregisters the node automatically and moves it to the new deployment. If you manually deregister the node before an upgrade, ensure that you have the license file for the Primary Administration node before beginning the upgrade process. If you do not have the file on hand (if your license was installed by a Cisco partner vendor, for example), contact the Cisco Technical Assistance Center for assistance.
  I would need to upgrade 1.1 to 1.2 first and then 1.2 to 1.3? I undertand release 1.1 was in 32 bits, and the version 1.2 and 1.3 are in 64 bits, so I guess the process would take a long time (perhaps a couple of hours), so a maintenance window would need 3 or 4 hours until the full system became stable
  If you are on a version earlier than Cisco ISE, Release 1.2, you must first upgrade to 1.2 and then to 1.3.
  You can upgrade to Cisco ISE, Release 1.2, from any of the following releases:
  Cisco ISE, Release 1.1.0.665 (or 1.1.0 with the latest patch applied)
  Cisco ISE, Release 1.1.1.268 (or 1.1.1 with the latest patch applied)
  Cisco ISE, Release 1.1.2, with the latest patch applied
  Cisco ISE, Release 1.1.3, with the latest patch applied
  Cisco ISE, Release 1.1.4, with the latest patch applied
  Type of Deployment
  Node Persona
  Time Taken for Upgrade
  Standalone (2000 endpoints)
  Administration, Policy Service, Monitoring
  1 hour 20 minutes
  Distributed (25,000 users and 250,000 endpoints)
  Secondary Administration
  2 hours
  Monitoring
  1.5 hours
  After upgrading to ISE 1.2, upgrade to ISE 1.3
  Type of Deployment
  Node Persona
  Time Taken for Upgrade
  Standalone (2000 endpoints)
  Administration, Policy Service, Monitoring
  1 hour 20 minutes
  Distributed (25,000 users and 250,000 endpoints)
  Secondary Administration
  2 hours
  Monitoring
  1.5 hours
  Factors That Affect Upgrade Time
  Number of endpoints in your network
  Number of users and guest users in your network
  Profiling service, if enabled

• ISE distribution system with 4 nodes & Licensing

  Hi,
  Question 1
  We have 04 ISE appliances and we are planning to deploy in distributed system such way that 02 ISE will act as PRI/SEC with the roles PAD/M&T and other 02 to be act as PRI/SEC with PDPs.
  Configuring PAD/MT pair is straighforward and has no doubts, however we have issue with other two nodes which is  (PDP) as PRI/SEC.
  ISE giving us warning that atleast one node should have monitor role enabled, however by the time Admin role is already enabled where we cant disabled.
  If someone has deployed this, appreciate can guide me in proper direction or share any document how to achieve this requirement.
  Question 2
  My other querry is about the licensing on this requirement. We have only 1 Base and 1 Adv license for all these 04 boxes for about 500 endpoints. However we can generate licenses against only 1 ISE appliance giving it's serial number and that will be installing on Primary PAP/MT box only, and what about other two boxes which will act as PRI/SEC PDPs and it will still giving warning that there's no licenses.
  Question 3
  When we deploy distributed system with above senario, what ISE node IP addresses that we need to configure on NAD (switch), will it be all 04 ip addres or it will be the pair of  PAP/MT or PDP..?
  Thanks in advance.

  Question 1
  We have 04 ISE appliances and we are planning to deploy in distributed system such way that 02 ISE will act as PRI/SEC with the roles PAD/M&T and other 02 to be act as PRI/SEC with PDPs. Configuring PAD/MT pair is straighforward and has no doubts, however we have issue with other two nodes which is  (PDP) as PRI/SEC.  ISE giving us warning that atleast one node should have monitor role enabled, however by the time Admin role is already enabled where we cant disabled.  If someone has deployed this, appreciate can guide me in proper direction or share any document how to achieve this requirement.
  Answer-  The type of ISE deployment you want to implement is Distributed with HA.
  In this particular case, you must have PAN and one MNT and rest nodes can be PSN, which depends as per your requirement.
  In your case you are going to run PAN & MNT on single node with HA and other 2 nodes are left for PSNs.
  There is no concept of HA for individual PSN, your all PSNs will remain active; however you can distribute the requests coming from NADs between 2 PSNs, like configure some NADs with one PSN IP and rest with other PSN.
  Question 2
  My other querry is about the licensing on this requirement. We have only 1 Base and 1 Adv license for all these 04 boxes for about 500 endpoints. However we can generate licenses against only 1 ISE appliance giving it's serial number and that will be installing on Primary PAP/MT box only, and what about other two boxes which will act as PRI/SEC PDPs and it will still giving warning that there's no licenses.
  Answer- First node in ISE is considered as Primary node under the ISE instance, so when you add more ISE appliances under that ISE instance all become secondary except the first one.
  Hence you install licenses on the Primary ISE node on which you installed ISE in early stage or you introduced in your network.
  So Licenses are meant for ISE instance not for the node.
  Question 3
  When we deploy distributed system with above senario, what ISE node IP addresses that we need to configure on NAD (switch), will it be all 04 ip addres or it will be the pair of  PAP/MT or PDP..?
  Answer- On NADs you have to configure PSN's IPs, like you can configure one PSN IP as a primary and other one as a secondary.

• Need suggestion for ISE distributed deployment model in two different data centers along with public certificate for HTTPS

  Hi Experts,
  I am bit confused about ISE distributed deployment model .
  I have two data centers one is DC & other one is as a DR I have  requirement of guest access service implementation using CWA and get public certificate for HTTPS to avoid certificate error on client devices :
  how do i deploy ISE persona for HA in this two data centers
  After reading cisco doc , understood that we can have two PAN ( Primary in DC  & Secondary in DR ) like wise for MnT (Monitoring will be as same as PAN ) however I can have 5 PSN running in secondary i.e. in DR ISE however I have confusion about HA for PSN .. since we have all PSN in secondary , it would not work for HA if it fails
  Can anybody suggest me the best deployment solution for this scenario ?
  Another doubt about public certificate :
   Public Certificate: The ISE domain must be a registered or part of a registered domain name on the Internet. for that I need Domain name being used from customer .
  Please do correct me if I am wrong about certificate understanding :
  since Guest will be the outside users , we can not use certificate from internal CA , we need to get the certificate from service provider and install the same in both the ISE servers
  Can anybody explain the procedure to opt the public certificate for HTTPS from service provider ? And how do i install it in both the ISE servers ?

  Hi there. Let me try answering your questions:
  PSN HA: The PSNs are not configured as "primary" or "secondary" inside your ISE deployment. They are just PSN nodes as far as ISE is concerned. Instead, inside your NADs (In your case WLCs) you can specify which PSN is primary, which one is secondary, etc. You can accomplish this by:
  1. Defining all PSN nodes as AAA radius servers inside the WLC
  2. Then under the SSID > AAA Servers Tab, you can list the AAA servers in the order that you prefer. As a result, the WLC will always use the first server listed until that server fails/gets reloaded, etc. 
  3. As a result, you can have one WLC or SSID prefer PSN server A (located in primary DC) while a second WLC or SSID prefer PSN server B (located in backup DC)
  Last but not the least, you could also place PSNs behind a load balancer and that way the traffic would be equally distributed between multiple PSNs. However, the PSN nodes must be Layer 2 adjacent, which is probably not the case if they are located in two different Data Centers
  Certificates: Yes, you would want to get a public certificate to service the guest portal. Getting a public/well known certificate would ensure that most devices out there would trust the CA that signed your ISE certificate. For instance, VeriSign, GoDaddy, Entrust are some of the ones out there that would work just fine. On the other hand, if you use a certificate that was signed by your internal CA, then things would be fine for your internal endpoints that trust your internal CA but for any outsiders (Guests, contractors, etc) that do not trust and do not know who your internal CA is would get a certificate error when being redirected to the ISE guest portal. This in general is only a "cosmetic" issue and if the users click "continue" and add your CA as a trusted authority, the guest page would load and the session would work. However, most users out there would not feel safe to proceed and you will most likely get a lot of calls to your helpdesk :)
  I hope this helps!
  Thank you for rating helpful posts!

• I need help about distributed systems

  Dear guys...
  I search for answer about these question but not found the answer ,please help me?
  1.What are the main objective and key issues of distributed systems address by Java EE and who can benefit from this system compared to other systems?
  2. what is about Java EE based on distributed system evaluation criteria such as transparencies, reliability, security, performance and etc. I need summary?

  oh .

• RT Target Resources and Distributed System Manager

  Hello all,
  Does anyone know of some potential reasons why an RT target might not publish its CPU and memory usage?  This particular target is a cFP-2200 running a complete installation of FieldPoint 6.0.2 (RT 8.6) including System State Publisher.  For some reason I can't view the memory usage on this target and I haven't been able to figure it out.
  Thanks in advance,
  Jim

  Hello Hillman,
  Thanks for your reply!  I sort of
  figured that this one would go by the wayside and not be answered. 
  Actually, I'm not using RTSM; I'm using the Distributed System Manager
  - It's a relatively new tool that ships with LabVIEW RT 8.6.  In my
  humble opinion, I find it to be much superior to the RT System Manager
  in its own way.  The only downside, really, is that you can't log with
  it natively, but there are ways around that.
  You've
  got some great suggestions.  I definitely was using the correct IP, I
  could target it with LabVIEW because I loaded my application on there,
  and I didn't get any boot errors when I connected.  You're absolutely
  right, too, that the CPU is always maxed out at 100%.
  I
  guess I was perplexed because, one moment I could see the resources in
  DSM (is that acronym valid yet?), and after I reloaded the software
  from scratch, I could see lots of variables on the target, but for some
  reason the system resources weren't showing up.  After no one jumped on
  the question, I went back to tweaking various settings and realized
  that I hadn't rebooted after enabling VI Server.  In fact, I didn't
  think that VI Server would be the issue and hadn't really thought of
  checking there.  My reasoning followed that, if all of the other
  variables showed up, surely it wouldn't be VI Server, but that fixed it.
  I definitely appreciate your getting back to me, though.
  Cheers,
   Jim

• Error in Central Instance installation ERP 2005 Distributed System

  Hi All,
  I am currently trying to install Central Instance for ABAP Distributed system  on AIX.
  During the installation I encounter this error message:
  WARNING 2006-09-20 14:22:39
  Could not determine a valid JAVA_HOME directory from the environment.
  INFO 2006-09-20 14:22:39
  Creating file /tmp/sapinst_instdir/ERP/SYSTEM/ORA/DISTRIBUTED/AS-ABAP/CI/FormalPasswordCheck.log.
  ERROR 2006-09-20 14:22:39
  FSL-04008  Unable to access application bin/java. A file or directory in the path name does not exist.
  Before the installation SAPINST_JRE_HOME and JAVA_HOME variables were set to /usr/java14.
  Please help.
  Thanks,
  Chie

  Hi Chie,
  definately wrong
  the output should be similar to this one:
  java version "1.4.2"
  Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.2)
  Classic VM (build 1.4.2, J2RE 1.4.2 IBM AIX 5L for PowerPC (64 bit JVM) build caix64142sr1aifx-20051020 (SAP 142SR1a + 88494 + 84428 + 83602 + 89528 + 90372 + 88233 + 66827 + 92741 + 95636 + 96556 + 96581) (JIT enabled: jitc))
  note the "64 bit" and "SAP" in there...
  You can download it here:
  https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=javasap
  Regards,
  Pascal
  PS: please give points for helpful answers

• Regarding Sun Java System Application Server Issue with JVM

  Regarding Sun Java System Application Server Issue with JVM
  Hi
  I have installed SJSAS9.1 on solaris system. I m trying to deploy war file which i compiled in windows enviorment by jdk1.5.0_05. Every time i got the following error :
  type Exception report
  message
  descriptionThe server encountered an internal error () that prevented it from fulfilling this request.
  exception
  org.apache.jasper.JasperException: PWC6033: Unable to compile class for JSP
  PWC6199: Generated servlet error:
  [javac] javac: invalid target release: 1.5
  [javac] Usage: javac
  [javac] where possible options include:
  [javac] -g Generate all debugging info
  [javac] -g:none Generate no debugging info
  [javac] -g:{lines,vars,source} Generate only some debugging info
  [javac] -nowarn Generate no warnings
  [javac] -verbose Output messages about what the compiler is doing
  [javac] -deprecation Output source locations where deprecated APIs are used
  [javac] -classpath Specify where to find user class files
  [javac] -sourcepath Specify where to find input source files
  [javac] -bootclasspath Override location of bootstrap class files
  [javac] -extdirs Override location of installed extensions
  [javac] -d Specify where to place generated class files
  [javac] -encoding Specify character encoding used by source files
  [javac] -source Provide source compatibility with specified release
  [javac] -target Generate class files for specific VM version
  [javac] -help Print a synopsis of standard options
  note The full stack traces of the exception and its root causes are available in the Sun Java System Application Server 9.1 logs.
  I have cheked jvm version on both system the only difference is :
  Solaris points to jdk 1.5.0_09
  Windows point to jdk1.5.0_05
  Even i tried to run blank jsp also but again i got the same error.
  Can any help me to sort out the problem or give me any idea so i can do something by my own.
  Thanks in Advance
  Gagan

  Do you have ANT installed and available?
  Thanks,
  Kedar

• How to use DB13 on a distribute system

  HI,
     We install SAP R3 enterprise 4.7 SR1 as distribute system on 3 different windows 2003 server, Central Instance , Database Instance and Dialog Instance. As I understood, we need to use sm59 to setup the RFC destination so that DB13 can work well.
    So I manually create a RFC destination SAPXPG_DBDEST_DB01 and only test successfully after I install a new dialog instance on database server and connect to this dialog instance. I tried to create SAPOSCOL_DB01 with the folow parame
  Connect Type : T
  Activition Type: Explicit
  Program: saposcol
  target: db01  ( db01 could be resolved to IP address and ping well)
  but the test is unsucessful.
  when I run db13 to backup, it looks the brbackup run on the central instance not on the database instance.
  Any one can help to handle this problem or give me some notes about a distribute system RFC setting?
  Your kindly help will be appreciated!
  Regards

  there is not any relation of saposcol program to database backup. as per my understanding, this program is used to collect the data, for database backup from DB13 program sapxpg should be called, so check the SM59 that the connection of this program is working properly or not.
  Sap Note : 446172
  Regards
  Subhash
  Edited by: Subhash Chandra on Dec 11, 2008 2:56 PM

• Error in Export of ABAP+JAVA  Distributed system

  Hi
  I am exporting an ABAP(ECC 6.0)+JAVA Add-in system .
  I have started the database instance export from the database instance host .
  I am geting the following error :
  An error occurred while processing service SAP ERP 6.0 Support Release 3 > Software Life-Cycle Options > System Copy > MS SQL Server > Source System Export > Distributed System > Based on AS ABAP and AS Java > Database Instance Export( Last error reported by the step :uncaught exception: nw.usageTypes.utlError: Execution of UTL tool 'D:\j2sdk1.4.2_13-x64\bin\java.exe -classpath D:\usr\sap\ERS\SYS\global\sltools\sharedlib\launcher.jar -showversion -Xmx256m com.sap.engine.offline.OfflineToolStart com.sap.sl.ut.manager.UtlMain
  sdsapdbsbx1/sapmnt/ERS/SYS/global/security/lib/tools;D:/usr/sap/ERS/SYS/global/sltools/sharedlib/sap.comsl.ut.infoprovider_lib.jar;D:/usr/sap/ERS/SYS/global/sltools/sharedlib/sap.comsl.ut.manager.offline.jar;D:/usr/sap/ERS/SYS/global/sltools/sharedlib/antlr.jar;D:/usr/sap/ERS/SYS/global/sltools/sharedlib/exception.jar;D:/usr/sap/ERS/SYS/global/sltools/sharedlib/jddi.jar;D:/usr/sap/ERS/SYS/global/sltools/sharedlib/logging.jar;D:/usr/sap/ERS/SYS/global/sltools/sharedlib/offlineconfiguration.jar;D:/usr/sap/ERS/SYS/global/sltools/sharedlib/opensqlsta.jar;D:/usr/sap/ERS/SYS/global/sltools/sharedlib/tc_sec_secstorefs.jar;D:/usr/sap/ERS/SYS/global/sltools/sharedlib/sap.comtcsdtcvlimpl.jar;D:/usr/sap/ERS/SYS/global/sltools/sharedlib/SDMutil.jar;D:/usr/sap/ERS/SYS/global/sltools/sharedlib/SLUtil.jar;D:/usr/sap/ERS/SYS/exe/nuc/NTAMD64/mssjdbc/sqljdbc.jar -export -type=keydb "-expfile=C:/Program Files/sapinst_instdir/ERP/LM/COPY/MSS/EXP/DISTRIBUTED/AS/EXPDB/usages_data.xml" -log=UTL_load_usages.log -sid=ERS -dsn=jdbc/pool/ERS -ssprops=D:/usr/sap/ERS/SYS/global/security/data/SecStore.properties -ssk=D:/usr/sap/ERS/SYS/global/security/data/SecStore.key' aborts with return code 1. Check 'UTL_load_usages.log' and 'C:/Program Files/sapinst_instdir/ERP/LM/COPY/MSS/EXP/DISTRIBUTED/AS/EXPDB/UTL.java.log' for more information. (in script unknown, line 0: ???)).
  The file UTL.java.log is as follows:
  java version "1.4.2_19-rev"
  Java(TM) Platform, Standard Edition for Business (build 1.4.2_19-rev-b07)
  Java HotSpot(TM) 64-Bit Server VM (build 1.4.2_19-rev-b07, mixed mode)
  java.lang.NoClassDefFoundError: com/sap/engine/offline/OfflineToolStart
  Please help.
  Regards
  Ratnajit

  Hi
  with 1.4.2_18 and 1.4.2_19 we are currently having massive stack overflow check the below link for more clarifications
  X64 java 1.4.2_18 for SAP
  Regards
  Uday

• AP - WLC joining issue

  We have 3 WLC's(5500) in our network and about 150 AP's. Only 4 AP's register to 1 controller, over 70 to 2nd and about 50 to 3rd. On checking & comparing few of the AP's this is what i concluded.
  1. 4 AP's that registered to the first WLC did not have that AP in the primary, secondary or tertiary list. If it was there then it was either secondary or tertiary or the device name entered is not resolvable by DNS but the device name is correct. Management IP was not configured on any of the 4 AP's for any of the WLC's
  2. AP's registered to second and third WLC's have similar config. First WLC as Primary, Second as secondary and third Tertiary with correct DNS name in the field but wrong device name. Also all have Management IP's entered as well.
  CAPWAP Join Taken Time for 4 AP's varies from 6to10 mins while for other AP its few seconds. DNS for cisco-capwap-controller points to WLC with4 AP's. I donot see any use of option in DNS for WAP's.
  How can i make AP's join this WLC. 
  Should I get the DNS and device name discrepancy corrected? 
  What is the selection process for AP's to choose WLC, as I see AP's not joining WLC in there building but joining a WLC in other adjacent building? Is there a way for me to influence this decision?

  What is the selection process for AP's to choose WLC, as I see AP's not joining WLC in there building but joining a WLC in other adjacent building? Is there a way for me to influence this decision?
  Best way to do this is configure AP High Availability of APs with primary,secondary,tertiary WLC name & IP (both fields required). This is taking precedence over any other methods.
  http://mrncciew.com/2013/04/07/ap-failover/
  If you have AP join issue, try to configure DHCP option 43 & see if that helps
  http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/97066-dhcp-option-43-00.html
  If this is one off case, you can try static or broadcast forwarding as a interim solution
  http://mrncciew.com/2013/03/17/ap-registration/
  http://mrncciew.com/2013/05/04/wlc-discovery-via-broadcast/
  HTH
  Rasika
  *** Pls rate all useful responses ***

• Not Updating Customized Table when System having Performance Issue

  Hi,
  This is actually the same topic as "Not Updating Customized Table when System having Performance Issue" which is posted last December by Leonard Tan regarding the user exit EXIT_SAPLMBMB_001.
  Recently we changed the program function module z_mm_save_hide_qty to update task. However this causes more data not updated. Hence we put back the old version (without the update task).  But now it is not working as it used to be (e.g. version 1 - 10 records not updated, version 2 with update task - 20 records not updated, back to version 1 - 20 records not updated).
  I tried debugging the program, however whenever I debugged, there is nothing wrong and the data is updated correctly.
  Please advise if anyone has any idea why is this happening. Many thanks.
  Regards,
  Janet

  Hi Janet,
  you are right. This is a basic rule not to do any COMMIT or RFC calls in a user exit.
  Have a look at SAP note 92550. Here they say that exit EXIT_SAPLMBMB_001 is called in the update routine MB_POST_DOCUMENT. And this routine is already called in UPDATE TASK from  FUNCTION 'MB_UPDATE_TASKS' IN UPDATE TASK.
  SAP also tells us not to do any updates on SAP system tables like MBEW, MARD, MSEG.
  Before the exit is called, now they call 'MB_DOCUMENT_BADI' with methods MB_DOCUMENT_BEFORE_UPDATE and MB_DOCUMENT_UPDATE. Possibly you have more success implementing the BADI.
  I don't know your situation and goal so this is all I can tell you now.
  Good luck!
  Regards,
  Clemens

• Adapter Engine has wrong hostname after HSC with Distributed System

  I have an interesting situation where I have performed a homogeneous system copy from a standard system to a distributed system.  The only that really has changed is the database server name.  I performed the global host install, the database instance import, and then the Primary Application Server install.
  The strange error is that the adapter engine after the install shows the hostname of the database server.  The SLD CIM Instance data shows the hostname of the database server as an adapter engine.  The correct hostname for the adapter engine is there also, but is not updated by the SLD Data Supplier/or RZ70 update.
  The SLD entries for the ABAP and Java stacks are never updated after this copy.
  I'm pretty much stumped on this one.  I think I picked the correct options for the install.

  Hi,
  you said that you have done homogenous system refresh. As a check please follow the below note and let me know if it is helpful.
  SAP Note  1286149 - Configuration Wizard: PI Self Test for NetWeaver
  Also Please go through the doc regarding post installation steps for PI
  [http://www.sdn.sap.com/irj/scn/index?rid=/library/uuid/60d2a693-9504-2b10-5ba7-82964bd8370e]
  Please let me know the result.
  Regards,
  Venkata S Pagolu

• What is the limitations of J2EE as a distributed system

  Merry Christmas!!!
  What is the limitations of J2EE as a distributed system
  For example,
  Once we use J2ee as a solution to the E-commerce,
  What is the limitations of J2EE compared with .NET?

  imagination