Load balancing failed to find a valid mailbox database.

Similar Messages

• Move Mailboxes from Exchange 2007 to Exchange 2013 (Could not find a valid mailbox migration for esta organization)

  Hi all, I am in full migration from Exchange 2007 to Exchange 2013 and everything went correctly.
  I have migrated several mailboxes and are working well. But a few days ago, when I try to migrate a mailbox I get the following error and can not migrate:
  "Could not find a valid mailbox migration for this organization"
  Do you know that you can be?
  regards
  Microsoft Certified IT Professional Server Administrator

  Hi,
  From your description, the issue should be related to the migration mailbox. I recommend you check if the following account is existed in ADUC.
  Migration.8f3e7716-2011-43e4-96b1-aba62d229136
  If this account does not exist, you need to run setup /prepareAD and then enable this migration mailbox to check the result.
  Hope this can be helpful to you.
  Best regards,
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]
  Amy Wang
  TechNet Community Support

• Load balancing / fail over

  Dear forum,
  Is there an other and more simple / "cheaper" way for load balancing / fail over then using RAC ? E.g. starting more instances againts the (same) database ?
  Thanks in advance,
  Michel
  Edited by: Michel77 on Dec 9, 2008 12:06 PM

  The answer would be highly platform and version dependent.
  On several platforms you have software implementing a 'shared nothing cluster'. This means you failover complete services to a second server, which is usually dormant.
  There is HP Service Guard, Suncluster, IBM HACMP, and Microsoft cluster, which are or can be configured as shared nothing clusters.
  For Microsoft there was or is, depending on version, Oracle Failsafe, on top of a MS Cluster.
  RAC can be configured in a shared nothing mode too. RAC itself is essentially active/active.
  On the other side, you can of course buy a second server, and use Dataguard to set up a standby database.
  For a physical standby database, which isn't enabled for more than 10 days, you don't pay a license.
  Setting up multiple instances on a single server is obviously not going to work. Those instances need to coordinate what they are doing. This is essentially the task of RAC.
  Hth
  Sybrand Bakker
  Senior Oracle DBA

• Migration from Exchange 2007 to 2013 gives error "Failed to communicate with the mailbox database'

  I have been trying to migrate several databases from Exchange 2007 to Exchange 2013. The migration started successfully, and many of the mailboxes moved successfully (about 70). The remaining mailboxes, failed. Looking deeper, we found a few issues; The
  two 2013 Mailbox servers were on different versions. The Server had run out of disk space, and the NIC drivers needed to be updated.
  Now when we try to migrate a mailbox that had failed in the earlier batch, we get the following error:
  Data migrated:                        
  Migration rate:                        
  Error:                        
  MigrationTransientException: Failed to communicate with the mailbox database. --> Failed to communicate with the mailbox database. --> MapiExceptionNetworkError: Unable to make connection to the server. ‎(hr=0x80040115, ec=-2147221227)‎ Diagnostic
  context:    ......    Lid: 9624    dwParam: 0x0 Msg: EEInfo: Detection location: 501    Lid: 13720   dwParam: 0x0 Msg: EEInfo: Flags: 0    Lid: 11672   dwParam:
  0x0 Msg: EEInfo: NumberOfParameters: 4    Lid: 8856    dwParam: 0x0 Msg: EEInfo: prm[0]: Unicode  string: ncacn_ip_tcp    Lid: 8856    dwParam: 0x0 Msg: EEInfo: prm[1]: Unicode  string: <Server
  FQDN>    Lid: 12952   dwParam: 0x0 Msg: EEInfo: prm[2]: Long val: 3749909585    Lid: 12952   dwParam: 0x0 Msg: EEInfo: prm[3]: Long val: 382312662    Lid: 45169   StoreEc: 0x824        
  Lid: 50544   ClientVersion: 15.0.847.32    Lid: 52080   StoreEc: 0x824         Lid: 44273      Lid: 49064   dwParam: 0x1    Lid: 37288  
  StoreEc: 0x6AB         Lid: 49064   dwParam: 0x2    Lid: 59431   EMSMDB.EcDoConnectEx called [length=203]    Lid: 51239   EMSMDB.EcDoConnectEx exception [rpc_status=0x6D9][latency=0]   
  Lid: 62184      Lid: 16280   dwParam: 0x0 Msg: EEInfo: ComputerName: n/a    Lid: 8600    dwParam: 0x0 Msg: EEInfo: ProcessID: 3460    Lid: 12696   dwParam: 0x0 Msg: EEInfo:
  Generation Time: 0414-04-07T16:32:03.2100000Z    Lid: 10648   dwParam: 0x0 Msg: EEInfo: Generating component: 2    Lid: 14744   dwParam: 0x0 Msg: EEInfo: Status: 1753    Lid: 9624   
  dwParam: 0x0 Msg: EEInfo: Detection location: 501    Lid: 13720   dwParam: 0x0 Msg: EEInfo: Flags: 0    Lid: 11672   dwParam: 0x0 Msg: EEInfo: NumberOfParameters: 4    Lid: 8856   
  dwParam: 0x0 Msg: EEInfo: prm[0]: Unicode  string: ncacn_ip_tcp    Lid: 8856    dwParam: 0x0 Msg: EEInfo: prm[1]: Unicode  string: <Server FQDN>    Lid: 12952   dwParam: 0x0 Msg: EEInfo:
  prm[2]: Long val: 2767313664    Lid: 12952   dwParam: 0x0 Msg: EEInfo: prm[3]: Long val: 382312662    Lid: 59505   StoreEc: 0x824         Lid: 50544   ClientVersion:
  15.0.847.32    Lid: 52080   StoreEc: 0x824         Lid: 36081      Lid: 51152      Lid: 52465   StoreEc: 0x80040115   
  Lid: 60065      Lid: 33777   StoreEc: 0x80040115    Lid: 59805      Lid: 52487   StoreEc: 0x80040115    Lid: 19778      Lid: 27970  
  StoreEc: 0x80040115    Lid: 17730      Lid: 25922   StoreEc: 0x80040115
  All of the issues listed above have been corrected, and all of the databases are mounted. Users are able to send and receive mail, but I can not migrate mail using the Migration Batch utility.
  The destination server is a Hyper-V Guest running Server 2012, SP1, and Exchange 2013
  The Source Server is Running Exchange 2007.
  I have tried doing a test move to another destination server that is also Server 2012, and Exchange 2013, and the migration also failed.
  I would appreciate any help you can give me!
  Thanks,
  Jon

  Any update if you have resolved the issue.
  Not similar, but this thread can be helpful while you migrate the mailboxes from exchange 2007 to 2013. Please check :http://social.technet.microsoft.com/Forums/exchange/en-US/721f0ae4-623a-4b02-adaf-f561d86c0426/move-mailboxes-and-public-folders-from-exchange-2007-to-exchange-2013?forum=exchangesvrdeploy&prof=required

• ReportDocument.Load Exception: Failed to find Report Applicatication Server

  I am using ReportDocument.Load(InfoObject infoObject, EnterpriseSession enterpriseSession) to load from an InfoObjects retrieved using InfoStore.Query. Though the query returns a valid report (the InfoObjects object is populated), I continue to get the following exception:
  Exception Message = "Load report failed."
  InnerException Type = System.Runtime.InteropServices.COMException
  InnerException Message = "Failed to find an available Report Application Server."
  According to [this thread|Failed to find an available Report Application Server;, I need to check CCM to make sure the Report Application Server is running. It does not show up in my CCM, but in CMC it is running and enabled. I also verified that the Guest account is enabled and has permissions to the reports folder and RAS.
  Is there a way to test (with code) that my RAS is running and accessible? The code I am running is located on a different machine than the BOE server.
  My purpose in attempting this is to export a report to disk using ReportDocument.ExportToDisk.
  Thank you for your help,
  -colin-

  This was an issue of mixed code. Colin has opened an incident with SAP Support and the issue will be handled there.

• Load balancing & Fail over with 10g

  Hi all, I understand that 10g offers a framework that allows a web site to run on multiple jvm's, therefore, offering load balancing and failover facilities. I can't find detailed information about this though on Oracle's webSite.
  If you know of any good documentation about this, please let me know.
  Thanks!

  The concepts manual has a high level overview:
  chapter 8 8 Scalability, High Availability, and Recovery
  http://download-uk.oracle.com/docs/cd/B10464_05/core.904/b10375/avscalperf.htm#i1025585
  Chapter 12 Recommended Topologies
  http://download-uk.oracle.com/docs/cd/B10464_05/core.904/b10375/commonconf.htm#CHDHFJJI

• Failed to Manually Seed the Mailbox Database Copy on Exchange 2013

  Hi,
  I tried to manually seed the mailbox database copy via exchange shell by run this command
  Update-MailboxDatabaseCopy –Identity “DB_name\Server” -sourceserver "Name Server" –DeleteExistingFiles.
  However, i got the error message whereas shown below.
  A parameter cannot be found that matches parameter name 'identity'.
      + CategoryInfo          : InvalidArgument: (:) [Update-MailboxDatabaseCopy], ParameterBindingException
      + FullyQualifiedErrorId : NamedParameterNotFound,Update-MailboxDatabaseCopy
      + PSComputerName        : XXXX.abc.XXX
  Any ideas?

  I hope database is in suspended state and not in failed state.
  Make sure EMS is running As Administrator.
  http://technet.microsoft.com/en-us/library/dd335201(v=exchg.150).aspx
  Cheers,
  Gulab Prasad,
  Technology Consultant
  Blog:
  www.exchangeranger.com 
  Twitter:   
  LinkedIn:   
  Check out CodeTwo’s tools for Exchange admins   
  Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

• Load balance not happening in BGP

  Dear Friends,
  As per I know local BGP process may implement equal-cost load-balancing to the paths that:
  Have the same set of path attributes up to the MED (weight, Local Preference, Origin, MED)
  Are of the same type (both learned via iBGP or eBGP)
  Have the same IGP cost to reach their NEXT_HOP IP address
  If the above conditions are met andmaximum-paths [ibgp]is  configured under the BGP process, BGP will install multiple equal-cost  routes into the local RIB and use them for load-balancing. We call the  above condition as load-balancing conditions for BGP.
  As all the above criteria are matched still BGP is not doing load balance. Please find below routing table:
  R1:
  R1#sh ip bgp
  BGP table version is 4, local router ID is 40.1.1.1
  Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
                r RIB-failure, S Stale
  Origin codes: i - IGP, e - EGP, ? - incomplete
     Network          Next Hop            Metric LocPrf Weight Path
  *>i192.168.1.0      20.1.1.2                 0    100      0 i
  * i                        30.1.1.1                 0    100      0 i
  R1#sh ip route
  Gateway of last resort is not set
       20.0.0.0/24 is subnetted, 1 subnets
  R       20.1.1.0 [120/1] via 10.1.1.2, 00:00:03, FastEthernet0/0
       40.0.0.0/24 is subnetted, 1 subnets
  C       40.1.1.0 is directly connected, FastEthernet0/1
       10.0.0.0/24 is subnetted, 1 subnets
  C       10.1.1.0 is directly connected, FastEthernet0/0
  B    192.168.1.0/24 [200/0] via 20.1.1.2, 00:12:01
       30.0.0.0/24 is subnetted, 1 subnets
  R       30.1.1.0 [120/1] via 40.1.1.2, 00:00:15, FastEthernet0/1
  router bgp 100
  no synchronization
  bgp log-neighbor-changes
  neighbor 10.1.1.2 remote-as 100
  neighbor 40.1.1.2 remote-as 100
  maximum-paths 2
  no auto-summary
  Please help....!!!!!!!   why BGP is not load balancing here????
  R1#traceroute 192.168.1.1
  Type escape sequence to abort.
  Tracing the route to 192.168.1.1
    1 10.1.1.2 88 msec 60 msec 28 msec
    2 20.1.1.2 104 msec 56 msec 120 msec
  Regards,
  Sanjib

  Dear Jon,
  Thank you so much.
  When I changed the configuration BGP is now loadbalancing. But in configuartion Max-path showing as 1 instead of 2.
  R1#sh ip pro | sec bgp
  Routing Protocol is "bgp 100"
    Outgoing update filter list for all interfaces is not set
    Incoming update filter list for all interfaces is not set
    IGP synchronization is disabled
    Automatic route summarization is disabled
    Neighbor(s):
      Address          FiltIn FiltOut DistIn DistOut Weight RouteMap
      12.1.1.2                                            
      13.1.1.3                                            
  Maximum path: 1
    Routing Information Sources:
      Gateway         Distance      Last Update
      13.1.1.3             200      00:01:12
      12.1.1.2             200      00:02:15
    Distance: external 20 internal 200 local 200
  Regards,
  Sanjib

• Beryl fails to find "clearlooks"

  Hey
  I installed Beryl according to the wiki instructions.
  Everything worked perfect.
  After a while, I don't quite know why, when I try to start beryl, I get:
  [fio@lg-tux ~]$ beryl-manager
  [fio@lg-tux ~]$ libGL warning: 3D driver claims to not support visual 0x67
  Window manager warning: Failed to load theme "Clearlooks": Failed to find a valid file for theme Clearlooks
  And the window decoration is very ugly (not "clearlooks" obviously).
  Anyone encountered this sometime?
  tnx
  fiod

  same problem here. the only answer i can find is....spotlight buh-lows. does anyone know if we can just revert to ye olden way of searching? simple things like: searching actually find the stuff you're searching for. and: list of items found arrangeable by date/alphabetically (just like any normal window in osx). also, is hitting apple-f essentially just bringing up spotlight in its own window, or does this search function differ at all? sorry to hijack the thread, but we suffer from the same problems. thank you!
  pb12   Mac OS X (10.4.2)  

• Question Cluster/Load balancing

  Question about iplanet load balancing/Cluster:
  Following discussion are based on iAS C++ engine(kcs).
  We have four web servers and two iAS servers:
  Web1, Web2, Web3, Web4
  iAS1, iAS2
  All machines run Solaris 8, web server is iWS4.1 SP6,
  Application server is iAS6.0 SP2, and both iAS boxes have
  same hardware configuration.
  1. What's the best load balancing method for this structure?
  Per Server Response Time(Web Connector Driven)
  Per Component Response Time(Web Connector Driven)
  Round Robin(Web Connector Driven)
  User Defined Criteria(iAS Driven)
  2. What's the criteria for the kxs engine to choose the kcs
  engine to sent request if we set Web Connector Driven
  load balancing?
  3. If we set iAS driven load balancing, what's the criteria
  for the web connector used to choose kxs?
  4. We got a problem when run load testing for an AppLogic
  in this cluster, one iAS CPU average usage got almost
  100%, but the other one is just 70%.
  We used Per Server Response Time load balancing method.
  Thanks.
  Heng

  see answers inline
  hcao wrote:
  Question about iplanet load balancing/Cluster:
  Following discussion are based on iAS C++ engine(kcs).
  We have four web servers and two iAS servers:
  Web1, Web2, Web3, Web4
  iAS1, iAS2
  All machines run Solaris 8, web server is iWS4.1 SP6,
  Application server is iAS6.0 SP2, and both iAS boxes have
  same hardware configuration.
  1. What's the best load balancing method for this structure?
  Per Server Response Time(Web Connector Driven)
  Per Component Response Time(Web Connector Driven)
  Round Robin(Web Connector Driven)
  User Defined Criteria(iAS Driven)
  it depends on the characteristics and behaviour of your application
  >
  2. What's the criteria for the kxs engine to choose the kcs
  engine to sent request if we set Web Connector Driven
  load balancing?
  kxs always does round robin to the kjs or kcs engines. The webconnector
  selects the kxs to which to send to.
  >
  3. If we set iAS driven load balancing, what's the criteria
  for the web connector used to choose kxs?
  as specified by your criteria in the iAS driven section.
  The ias instance will send its current list of preferences for ias
  intances it got from the criteria to the webconnector. This information
  is dynamic and updated constantly.
  >
  4. We got a problem when run load testing for an AppLogic
  in this cluster, one iAS CPU average usage got almost
  100%, but the other one is just 70%.
  We used Per Server Response Time load balancing method.
  again, this can be a valid result depending on the way your applogics
  are written. Are they CPU bound, I/O bound or DB bound? Since individual
  components execute differently and you specified to use the average of
  those results to determine load balancing this can be a valid result
  because differences in execution times of your applogics.
  >
  Thanks.
  Hengregards
  Han-Dat
  Consulting Project Engineer
  iPlanet Professional Services - ANZ
  iPlanet e-commerce Solutions
  - A Sun|Netscape Alliance
  Sun Microsystems Australia Pty Ltd

• Cisco 1921 Dual ADSL Load Balancing/Failover?

  Hello,
  We have purchased a Cisco 1921 with twin ADSL after advice from a Cisco sales rep. However I am having trouble working out the load balancing/fail over config for the device.
  I would like traffic to balance over both ADSL lines and if one goes down not to interrupt connectivity.
  I had a look at ppp multilink but I am unsure our ISP (BT) support this?
  This is my current config which I think only one ADSL line is being used. Some input would be appreciated
  Robbie
  ! Last configuration change at 13:18:34 UTC Tue Mar 29 2011
  version 15.0
  service timestamps debug datetime msec
  service timestamps log datetime msec
  no service password-encryption
  hostname xxxxxx
  boot-start-marker
  boot-end-marker
  no logging buffered
  enable secret 5 xxxxx
  enable password xxxx
  no aaa new-model
  no ipv6 cef
  ip source-route
  ip cef
  ip name-server 194.74.65.68
  ip name-server 194.72.0.114
  multilink bundle-name authenticated
  crypto pki trustpoint TP-self-signed-xxxxxx
  enrollment selfsigned
  subject-name cn=IOS-Self-Signed-Certificate-xxxxx0
  revocation-check none
  rsakeypair TP-self-signed-xxxxx!
  crypto pki certificate chain TP-self-signed-xxxxxx
  certificate self-signed 02 nvram:IOS-Self-Sig#4.cer
  license udi pid CISCO1921/K9 xxxxx
  username admin privilege 15 secret 5 xxxxxxxxxx/
  interface GigabitEthernet0/0
  description lan$ETH-LAN$
  ip address 10.0.8.1 255.255.248.0
  ip nat inside
  ip virtual-reassembly
  duplex auto
  speed auto
  interface GigabitEthernet0/1
  no ip address
  shutdown
  duplex auto
  speed auto
  interface ATM0/0/0
  no ip address
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  ip flow ingress
  no atm ilmi-keepalive
  dsl operating-mode adsl2
  interface ATM0/0/0.1 point-to-point
  description $ES_WAN$$FW_OUTSIDE$
  ip flow ingress
  pvc 0/38
    encapsulation aal5mux ppp dialer
    dialer pool-member 1
  interface ATM0/1/0
  no ip address
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  ip flow ingress
  no atm ilmi-keepalive
  dsl operating-mode adsl2
  interface ATM0/1/0.1 point-to-point
  description $ES_WAN$$FW_OUTSIDE$
  ip flow ingress
  pvc 0/38
    encapsulation aal5mux ppp dialer
    dialer pool-member 1
  interface Dialer0
  mtu 1483
  ip address negotiated
  ip access-group spalding in
  ip access-group spalding out
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  ip flow ingress
  ip nat outside
  ip virtual-reassembly
  encapsulation ppp
  dialer pool 1
  dialer-group 1
  ppp authentication chap callin
  ppp chap hostname xxxxx
  ppp chap password 0 xxxxx
  ppp multilink
  ppp multilink links minimum 2
  ppp multilink fragment disable
  ppp timeout multilink link add 2
  no cdp enable
  interface Dialer1
  mtu 1483
  ip address negotiated
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  ip flow ingress
  ip nat outside
  ip virtual-reassembly
  encapsulation ppp
  dialer pool 1
  dialer-group 1
  ppp authentication chap callin
  ppp chap hostname xxxxx
  ppp chap password 0 xxxxx
  ppp link reorders
  ppp multilink
  ppp multilink links minimum 2
  ppp multilink fragment disable
  ppp timeout multilink link add 2
  no cdp enable
  ip forward-protocol nd
  no ip http server
  ip http authentication local
  ip http secure-server
  ip http timeout-policy idle 60 life 86400 requests 10000
  ip nat inside source list 1 interface Dialer0 overload
  ip nat inside source static tcp 10.0.15.201 3389 interface Dialer0 3389
  ip nat outside source static tcp 195.194.75.218 3389 10.0.15.200 3389 extendable
  ip route 0.0.0.0 0.0.0.0 Dialer0
  access-list 1 remark INSIDE_IF=GigabitEthernet0/0
  access-list 1 permit 10.0.0.0 0.254.255.255
  dialer-list 1 protocol ip permit
  control-plane
  line con 0
  line aux 0
  line vty 0 4
  privilege level 15
  login local
  transport input telnet ssh
  line vty 5 15
  privilege level 15
  login local
  transport input telnet ssh
  scheduler allocate 20000 1000
  end

  Hi,
  Can anyone help me with this config?  not very reliable.
  Building configuration...
  Current configuration : 17349 bytes
  ! Last configuration change at 06:08:06 UTC Sun Apr 5 2015 by Shawn
  version 15.4
  no service pad
  service tcp-keepalives-in
  service tcp-keepalives-out
  service timestamps debug datetime msec localtime show-timezone
  service timestamps log datetime msec localtime show-timezone
  service password-encryption
  service sequence-numbers
  hostname Router
  boot-start-marker
  boot system flash0:c2900-universalk9-mz.SPA.154-3.M2.bin
  boot-end-marker
  security authentication failure rate 3 log
  security passwords min-length 6
  logging buffered 51200
  logging console critical
  enable secret 5 $1$sNeA$GB6.SMrcsxPf51tK2Eo9Z.
  aaa new-model
  aaa authentication login local_authen local
  aaa authorization exec local_author local
  aaa session-id common
  no ip source-route
  ip port-map user-protocol--8 port udp 3392
  ip port-map user-protocol--9 port tcp 3397
  ip port-map user-protocol--2 port udp 3391
  ip port-map user-protocol--3 port tcp 14000
  ip port-map user-protocol--1 port tcp 3391
  ip port-map user-protocol--6 port udp 3394
  ip port-map user-protocol--7 port tcp 3392
  ip port-map user-protocol--4 port udp 14100
  ip port-map user-protocol--5 port tcp 3394
  ip port-map user-protocol--10 port udp 3397
  ip dhcp excluded-address 192.168.1.1 192.168.1.49
  ip dhcp excluded-address 192.168.10.1 192.168.10.49
  ip dhcp pool DHCP_POOL1
   import all
   network 192.168.1.0 255.255.255.0
   dns-server 139.130.4.4 203.50.2.71
   default-router 192.168.1.1
   lease infinite
  ip dhcp pool ccp-pool1
   import all
   network 192.168.10.0 255.255.255.0
   dns-server 139.130.4.4 203.50.2.71
   default-router 192.168.10.1
   lease infinite
  no ip bootp server
  ip host SHAWN-PC 192.168.1.10
  ip host DIAG 192.168.1.5
  ip host MSERV 192.168.1.13
  ip name-server 139.130.4.4
  ip name-server 203.50.2.71
  ip cef
  ip cef load-sharing algorithm include-ports source destination
  no ipv6 cef
  multilink bundle-name authenticated
  cts logging verbose
  crypto pki trustpoint TP-self-signed-1982477479
   enrollment selfsigned
   subject-name cn=IOS-Self-Signed-Certificate-1982477479
   revocation-check none
   rsakeypair TP-self-signed-1982477479
  license udi pid 
  license boot module c2900 technology-package securityk9
  license boot module c2900 technology-package datak9
  redundancy
  controller VDSL 0/0/0
   operating mode adsl2+
  controller VDSL 0/1/0
   operating mode adsl2+
  no cdp run
  track timer interface 5
  track 1 interface Dialer0 ip routing
   delay down 15 up 10
  track 2 interface Dialer1 ip routing
   delay down 15 up 10
  ip tcp synwait-time 10
  ip ssh time-out 60
  ip ssh authentication-retries 2
  class-map type inspect match-all sdm-nat-user-protocol--7-1
   match access-group 104
   match protocol user-protocol--7
   match access-group 102
  class-map type inspect match-all sdm-nat-user-protocol--4-2
   match access-group 101
   match protocol user-protocol--4
  class-map type inspect match-all sdm-nat-user-protocol--6-1
   match access-group 103
   match protocol user-protocol--6
  class-map type inspect match-all sdm-nat-user-protocol--5-1
   match access-group 103
   match protocol user-protocol--5
  class-map type inspect match-all sdm-nat-user-protocol--4-1
   match access-group 102
   match protocol user-protocol--4
  class-map type inspect match-all sdm-nat-user-protocol--7-2
   match access-group 101
   match protocol user-protocol--7
  class-map type inspect match-all sdm-nat-user-protocol--3-1
   match access-group 102
   match protocol user-protocol--3
  class-map type inspect match-all sdm-nat-user-protocol--2-1
   match access-group 101
   match protocol user-protocol--2
  class-map type inspect match-all sdm-nat-user-protocol--1-2
   match access-group 102
   match protocol user-protocol--1
  class-map type inspect match-all sdm-nat-user-protocol--1-1
   match access-group 101
   match protocol user-protocol--1
  class-map type inspect match-all sdm-nat-user-protocol--2-2
   match access-group 102
   match protocol user-protocol--2
  class-map type inspect match-all sdm-nat-user-protocol--3-2
   match access-group 101
   match protocol user-protocol--3
  class-map type inspect match-all sdm-nat-user-protocol--8-2
   match access-group 101
   match protocol user-protocol--8
  class-map type inspect match-all sdm-nat-user-protocol--9-2
   match access-group 104
   match protocol user-protocol--9
  class-map type inspect match-any ccp-skinny-inspect
   match protocol skinny
  class-map type inspect match-all sdm-nat-user-protocol--9-1
   match access-group 101
   match protocol user-protocol--9
   match access-group 104
  class-map type inspect match-all sdm-nat-user-protocol--8-1
   match access-group 104
   match protocol user-protocol--8
   match access-group 102
  class-map type inspect match-any ccp-h323nxg-inspect
   match protocol h323-nxg
  class-map type inspect match-any ccp-cls-icmp-access
   match protocol icmp
   match protocol tcp
   match protocol udp
  class-map type inspect match-all sdm-nat-user-protocol--10-2
   match access-group 104
   match protocol user-protocol--10
  class-map type inspect match-all sdm-nat-user-protocol--10-1
   match access-group 101
   match protocol user-protocol--10
   match access-group 104
  class-map type inspect match-any ccp-h225ras-inspect
   match protocol h225ras
  class-map type inspect match-any ccp-h323annexe-inspect
   match protocol h323-annexe
  class-map type inspect match-any ccp-cls-insp-traffic
   match protocol pptp
   match protocol dns
   match protocol ftp
   match protocol https
   match protocol icmp
   match protocol imap
   match protocol pop3
   match protocol netshow
   match protocol shell
   match protocol realmedia
   match protocol rtsp
   match protocol smtp
   match protocol sql-net
   match protocol streamworks
   match protocol tftp
   match protocol vdolive
   match protocol tcp
   match protocol udp
  class-map type inspect match-all SDM_GRE
   match access-group name SDM_GRE
  class-map type inspect match-any ccp-h323-inspect
   match protocol h323
  class-map type inspect match-all ccp-invalid-src
   match access-group 100
  class-map type inspect match-any ccp-sip-inspect
   match protocol sip
  class-map type inspect match-all ccp-protocol-http
   match protocol http
  class-map type inspect match-any CCP_PPTP
   match class-map SDM_GRE
  class-map type inspect match-all ccp-insp-traffic
   match class-map ccp-cls-insp-traffic
  class-map type inspect match-all ccp-icmp-access
   match class-map ccp-cls-icmp-access
  policy-map type inspect ccp-inspect
   class type inspect ccp-invalid-src
    drop log
   class type inspect ccp-protocol-http
    inspect
   class type inspect ccp-insp-traffic
    inspect
   class type inspect ccp-sip-inspect
    inspect
   class type inspect ccp-h323-inspect
    inspect
   class type inspect ccp-h323annexe-inspect
    inspect
   class type inspect ccp-h225ras-inspect
    inspect
   class type inspect ccp-h323nxg-inspect
    inspect
   class type inspect ccp-skinny-inspect
    inspect
   class class-default
    drop
  policy-map type inspect sdm-pol-NATOutsideToInside-1
   class type inspect sdm-nat-user-protocol--1-1
    inspect
   class type inspect sdm-nat-user-protocol--2-1
    inspect
   class type inspect sdm-nat-user-protocol--3-1
    inspect
   class type inspect sdm-nat-user-protocol--4-1
    inspect
   class type inspect sdm-nat-user-protocol--5-1
    inspect
   class type inspect sdm-nat-user-protocol--6-1
    inspect
   class type inspect sdm-nat-user-protocol--7-1
    inspect
   class type inspect sdm-nat-user-protocol--8-1
    inspect
   class type inspect sdm-nat-user-protocol--9-1
    inspect
   class type inspect sdm-nat-user-protocol--10-1
    inspect
   class type inspect CCP_PPTP
    pass
   class type inspect sdm-nat-user-protocol--7-2
    inspect
   class type inspect sdm-nat-user-protocol--8-2
    inspect
   class type inspect sdm-nat-user-protocol--1-2
    inspect
   class type inspect sdm-nat-user-protocol--2-2
    inspect
   class type inspect sdm-nat-user-protocol--9-2
    inspect
   class type inspect sdm-nat-user-protocol--10-2
    inspect
   class type inspect sdm-nat-user-protocol--3-2
    inspect
   class type inspect sdm-nat-user-protocol--4-2
    inspect
   class class-default
    drop log
  policy-map type inspect ccp-permit
   class class-default
    drop
  policy-map type inspect ccp-permit-icmpreply
   class type inspect ccp-icmp-access
    inspect
   class class-default
    pass
  zone security in-zone
  zone security out-zone
  zone-pair security ccp-zp-self-out source self destination out-zone
   service-policy type inspect ccp-permit-icmpreply
  zone-pair security ccp-zp-in-out source in-zone destination out-zone
   service-policy type inspect ccp-inspect
  zone-pair security ccp-zp-out-self source out-zone destination self
   service-policy type inspect ccp-permit
  zone-pair security sdm-zp-NATOutsideToInside-1 source out-zone destination in-zone
   service-policy type inspect sdm-pol-NATOutsideToInside-1
  interface Null0
   no ip unreachables
  interface Embedded-Service-Engine0/0
   no ip address
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip flow ingress
   shutdown
  interface GigabitEthernet0/0
   description $ETH-LAN$
   ip address 192.168.10.1 255.255.255.0
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip flow ingress
   duplex auto
   speed auto
   no mop enabled
  interface GigabitEthernet0/1
   no ip address
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip flow ingress
   shutdown
   duplex auto
   speed auto
   no mop enabled
  interface ATM0/0/0
   no ip address
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip flow ingress
   no atm ilmi-keepalive
  interface ATM0/0/0.1 point-to-point
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip flow ingress
   pvc 8/35
    encapsulation aal5mux ppp dialer
    dialer pool-member 1
  interface ATM0/0/0.2 point-to-point
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip flow ingress
  interface Ethernet0/0/0
   no ip address
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip flow ingress
   shutdown
   no mop enabled
  interface ATM0/1/0
   no ip address
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip flow ingress
   no atm ilmi-keepalive
  interface ATM0/1/0.1 point-to-point
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip flow ingress
   pvc 8/35
    encapsulation aal5mux ppp dialer
    dialer pool-member 2
  interface Ethernet0/1/0
   no ip address
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip flow ingress
   shutdown
   no mop enabled
  interface GigabitEthernet0/3/0
   no ip address
  interface GigabitEthernet0/3/1
   no ip address
  interface GigabitEthernet0/3/2
   no ip address
  interface GigabitEthernet0/3/3
   no ip address
  interface GigabitEthernet0/3/4
   no ip address
  interface GigabitEthernet0/3/5
   no ip address
  interface GigabitEthernet0/3/6
   no ip address
  interface GigabitEthernet0/3/7
   no ip address
  interface Vlan1
   description $FW_INSIDE$
   ip address 192.168.1.1 255.255.255.0
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip nbar protocol-discovery
   ip flow ingress
   ip nat inside
   ip virtual-reassembly in
   zone-member security in-zone
  interface Dialer0
   description $FW_OUTSIDE$
   ip address negotiated
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip nbar protocol-discovery
   ip flow ingress
   ip nat outside
   ip virtual-reassembly in
   zone-member security out-zone
   encapsulation ppp
   dialer pool 1
   dialer-group 1
   ppp authentication chap pap callin
   ppp chap hostname [email protected]
   ppp chap password 7 1444405858557A
   ppp pap sent-username [email protected] password 7 135645415F5D54
   ppp multilink
  interface Dialer1
   description $FW_OUTSIDE$
   ip address negotiated
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip nbar protocol-discovery
   ip flow ingress
   ip nat outside
   ip virtual-reassembly in
   zone-member security out-zone
   encapsulation ppp
   dialer pool 2
   dialer-group 2
   ppp authentication chap pap callin
   ppp chap hostname [email protected]
   ppp chap password 7 01475E540E5D55
   ppp pap sent-username [email protected] password 7 055F5E5F741A1D
   ppp multilink
  router eigrp as#
  router eigrp 10
   network 192.168.1.1 0.0.0.0
  router rip
   version 2
   network 192.168.1.0
   no auto-summary
  ip forward-protocol nd
  ip http server
  ip http access-class 3
  ip http authentication local
  ip http secure-server
  ip http timeout-policy idle 60 life 86400 requests 10000
  ip dns server
  ip nat inside source static tcp 192.168.1.10 3392 interface Dialer1 3392
  ip nat inside source static udp 192.168.1.10 3392 interface Dialer1 3392
  ip nat inside source static tcp 192.168.1.35 3391 interface Dialer0 3391
  ip nat inside source static udp 192.168.1.35 3391 interface Dialer0 3391
  ip nat inside source static tcp 192.168.1.5 3394 interface Dialer0 3394
  ip nat inside source static udp 192.168.1.5 3394 interface Dialer0 3394
  ip nat inside source static tcp 192.168.1.17 3397 interface Dialer0 3397
  ip nat inside source static udp 192.168.1.17 3397 interface Dialer0 3397
  ip nat inside source static tcp 192.168.1.10 14000 interface Dialer0 14000
  ip nat inside source static udp 192.168.1.10 14100 interface Dialer0 14100
  ip nat inside source route-map ADSL0 interface Dialer0 overload
  ip nat inside source route-map ADSL1 interface Dialer1 overload
  ip route 0.0.0.0 0.0.0.0 Dialer0 track 1
  ip route 0.0.0.0 0.0.0.0 Dialer1 track 2
  ip access-list extended NAT
   remark CCP_ACL Category=18
   permit ip 192.0.0.0 0.255.255.255 any
  ip access-list extended SDM_GRE
   remark CCP_ACL Category=1
   permit gre any any
   remark CCP_ACL Category=1
  ip access-list extended STATIC-NAT-SERVICES
   permit ip host 192.168.1.35 any
   permit ip host 192.168.1.5 any
   permit ip host 192.168.1.10 any
   permit ip host 192.168.1.17 any
  dialer-list 1 protocol ip permit
  dialer-list 2 protocol ip permit
  route-map ADSL0 permit 10
   match ip address NAT
   match interface Dialer0
  route-map ADSL1 permit 10
   match ip address NAT
   match interface Dialer1
  access-list 1 remark INSIDE_IF=Vlan1
  access-list 1 remark CCP_ACL Category=2
  access-list 1 permit 192.168.1.0 0.0.0.255
  access-list 2 remark HTTP Access-class list
  access-list 2 remark CCP_ACL Category=1
  access-list 2 permit 192.168.1.0 0.0.0.255
  access-list 2 deny   any
  access-list 2 remark HTTP Access-class list
  access-list 2 remark CCP_ACL Category=1
  access-list 3 remark HTTP Access-class list
  access-list 3 remark CCP_ACL Category=1
  access-list 3 permit 192.168.1.0 0.0.0.255
  access-list 3 deny   any
  access-list 10 remark INSIDE_IF=NAT
  access-list 10 remark CCP_ACL Category=2
  access-list 10 permit 192.168.1.0 0.0.0.255
  access-list 100 remark CCP_ACL Category=128
  access-list 100 permit ip host 255.255.255.255 any
  access-list 100 permit ip 127.0.0.0 0.255.255.255 any
  access-list 100 permit ip 139.130.227.0 0.0.0.255 any
  access-list 100 permit ip 203.45.106.0 0.0.0.255 any
  access-list 101 remark CCP_ACL Category=0
  access-list 101 permit ip any host 192.168.1.10
  access-list 101 remark CCP_ACL Category=0
  access-list 101 permit ip any host 192.168.1.35
  access-list 101 permit tcp any any eq www
  access-list 102 remark CCP_ACL Category=0
  access-list 102 permit ip any host 192.168.1.35
  access-list 102 remark CCP_ACL Category=0
  access-list 102 permit ip any host 192.168.1.10
  access-list 103 remark CCP_ACL Category=0
  access-list 103 permit ip any host 192.168.1.5
  access-list 104 remark CCP_ACL Category=0
  access-list 104 permit ip any host 192.168.1.17
  control-plane
  banner login ^CCE-Rescue Systems^C
  line con 0
   login authentication local_authen
   transport output telnet
  line aux 0
   login authentication local_authen
   transport output telnet
  line 2
   no activation-character
   no exec
   transport preferred none
   transport output lat pad telnet rlogin lapb-ta mop udptn v120 ssh
   stopbits 1
  line vty 0 4
   authorization exec local_author
   login authentication local_authen
   transport input telnet ssh
  line vty 5 15
   authorization exec local_author
   login authentication local_authen
   transport input telnet ssh
  scheduler allocate 20000 1000
  end
  Thanks
  Shawn

• Load balancing between application server and database

  Hi,
  is there any load balancing between the application server and the database? Consider we have a single instance of an application server that sends database queries from different clients to the database. Are the requests queued in some way at the application server, allowing to control the flow of the queries (e.g. queries from "more important" clients might be sent with a higher priority)?
  Thanks for your help!

  Hi Victor/Jim/Volker,
  Thanks a lot for all the responses..
  Just wanted to let you guys know that my installation finished successfully.
  The thing which confused me was that my Qtime, Qdate and everything else was showing correct values..
  Well, my problem I set the environmental variable PASE_TZ to the EST time zone on a SYS level using WRKENVVAR>F4>SYS and added the variable. I logged off and the sidofr logged off, but one user which should have logged off and didn't was the "SAPINST"(my installation user) which was logged in the subsystem TMKSVR00.
  Even when I had closed the SAPINST installlation program, the user doesn't log off...it just sits there until and unless u shut him out of the system using the option 4 on wrkactjob for ending the JOB(SAPINST logged in the system below the TMKSVR00 subsystem)
  So since the SAPISNT user never logged of, his environmental variables were not initilized properly, even after the changes...
  This thought came to me almost after a 6 hours of wasting my time searching for notes here and there...
  I think when u end/stop the install in SAPINST, the SAPINST user should log off the AS400 system, but I have noticed, it never does...although when u restart the installation, if u have noticed it shows you the log on for the SAPINST user in the TMKSVR screen...
  Its kind of buggy, I would say...
  I have noticed, that even when I log on to AS400 from home or from a remote PC using Emulator, it shows me logged in the subsystem and even after i have logged of, it still shows me there...
  Anyway, thanks a lot guys...for all your responses..
  Just wanted to let you know all.
  Thanks
  Abhi

• Site behind load balancer - Key not valid for use in specified state

  Hi,
  I have created a sharepoint application page to access an active end point on ADFS and establish a fedauth session. All works well in single server. But when the page runs behind load balancer with 2 servers, it fails with key not valid for use in specified
  state exception. Stickiness is enabled on load balancer. verified that.
  I had made few changes to config file in microsoft.identitymodel section to accomodate adfs custom login. This included removing securitytokenhandlers and issuertokenresolvers as well. Is this impacting the encryption/decryption in anyway?
  Any pointers would help.
  Reference point for my application page : http://blog.helloitsliam.com/Lists/Posts/Post.aspx?ID=76

  Hi,
  As I understand, you encountered the error “Key not valid for use in specified state” when ADFS custom login.
  In order to run in Windows Azure Web Sites a Web application which uses WIF for handling authentication, you must change the default cookie protection method (DPAPI, not available on Windows Azure Web Sites) to something that will work in a farmed environment
  and with the IIS’ user profile load turned off.
  1. If you are using the Identity and Access Tools for VS2012, just go to the Configuration tab and check the box “Enable Web farm ready cookies”.
  2. If you want to do things by hand, add the following code snippet in your system.identitymodel/identityConfiguration element:
     <securityTokenHandlers>
       <add type="System.IdentityModel.Services.Tokens.MachineKeySessionSecurityTokenHandler, 
               System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
        <remove type="System.IdentityModel.Tokens.SessionSecurityTokenHandler,
              System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
      </securityTokenHandlers>
  There is a similar case:
  http://stackoverflow.com/questions/19323287/key-not-valid-for-use-in-specified-state-error-for-net-4-5-mvc-4-application
  Best regards,
  Sara Fan
  TechNet Community Support
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact
  [email protected]

• Load-balancing and fail-over between web containers and EJB containers

  When web components and EJB components are run in different OC4J instances, can we achieve load-balancing and fail-over between web containers and EJB containers?
  null

  It looks like there is clustering, but not loadbalancing available for rmi
  from the rmi.xml configuration. The application will treat any ejbs on the
  cluster as one-to-one look-ups. Orion will go out and get the first ejb
  available on the cluster. See the docs on configuring rmi.xml (and also the
  note below).
  That is a kind-of failover, because if machine A goes down, and the
  myotherAejbs.jar are on machine B too, orion will go out and get the bean
  from machine B when it can't find machine A. But it doesn't go machine A
  then machine B for each remote instance of the bean. You could also specify
  the maximum number of instances of a bean, and as one machine gets "loaded",
  orion would go to the next available machine...but that's not really
  loadbalancing.
  That is, you can set up your web-apps with ejbs, but let all of the ejbs be
  remote="true" in the orion-application.xml file:
  <?xml version="1.0"?>
  <!DOCTYPE orion-application PUBLIC "-//Evermind//DTD J2EE Application
  runtime 1.2//EN" "http://www.orionserver.com/dtds/orion-application.dtd">
  <orion-application deployment-version="1.5.2">
  <ejb-module remote="true" path="myotherAejbs.jar" />
  <ejb-module remote="true" path="myotherBejbs.jar" />
  <ejb-module remote="true" path="myotherCejbs.jar" />
  &ltweb-module id="mysite" path="mysite.war" />
  ... other stuff ...
  </orion-application>In the rmi.xml you would define your clustering:
  <cluster host="230.0.0.1" id="123" password="123abc" port="9127"
  username="cluster-user" />
  Tag that is defined if the application is to be clustered. Used to set up
  a local multicast cluster. A username and password used for the servers to
  intercommunicate also needs to be specified.
  host - The multicast host/ip to transmit and receive cluster data on. The
  default is 230.0.0.1.
  id - The id (number) of this cluster node to identify itself with in the
  cluster. The default is based on local machine IP.
  password - The password configured for cluster access. Needs to match that
  of the other nodes in the cluster.
  port - The port to transmit and receive cluster data on. The default is
  9127.
  username - The username configured for cluster access. Needs to match that
  of the other nodes in the cluster.

• Could not find a valid Java virtual machine to load

  On a fresh copy of CFMX8, when I run updater 7, it responds
  'Could not find a valid Java virtual machine to load'.
  This is being installed on a Win2K3 server and this is on a
  'freshly minted' POC box solely for the purpose of
  installing/testing CFMX8 to determine how it compares to our
  CFMX6.1 environment.
  You will notice that it is NOT being installed in the default
  directory:
  JRun Version Information
  Vendor Macromedia
  Product Name JRun 4.0
  Build Number 108487
  Version Full Version
  License Type Trial License
  Serial Number JRD400-69341-58259-30688
  JRun 3.x Serial Number
  Restricted to Single IP No
  Installation Root D:\ISG\software\jrun4
  Expiration Date Mar 29, 2008
  Evaluation Days Remaining 29
  JDK path (JAVA_HOME): D:/ISG/software/jrun4/jre
  I do find it curious that I can run the Updater 6, and it
  seems to behave properly (it finds the VM). I ran it just as a
  test, then wiped everything to start over from scratch. For some
  reason do I need to direct Updater 7 to the installation that I did
  not have to do in Updater 6?
  Thank you in advance for your assistance - Jacques

  tried executing the following cmd, below is the following error:
  <<command i executed>>
  C:\Program Files\Java\jre1.5.0_09\bin>java -classpath "C:\Program Files\Java\jre1.5.0_09\lib\javaws.jar" com.sun.javaws.Main https://<IPddr>:8443/sample.jnlp
  Can you pls let me know how it can be resolved?Umm.. I am not sure, but I will start with
  a question. Why not do it this way?C:\Program Files\Java\jre1.5.0_09\bin>javaws https://<IPddr>:8443/sample.jnlp