Load Balancing FTP Server thru CSM using a single Client IP
Hello,
We have a need to load balance 3 FTP servers. These servers are reached only from a single client IP which is a database server. The FTP method that is being used is currently passive. Our configuration is currently unidirectional, ie, the FTP client (the one database server) sends to the VIP and the FTP Servers then talk directly back to the FTP client and the traffic does not go back through the CSM. The problem is that because FTP negotiates another port to talk on, we have to use sticky so that the connection is sent back to the original FTP server that sent the FTP data port to talk on. But, since we only have a single client IP that is ever used we are not load balancing appropriately across the FTP servers.
Traffic flow goes something like this, tcp port followed after colon as an example
1. FTP Client ----> VIP:21
2. CSM ---------> FTP Server:21
3. FTP Server --------> FTP Client(FTP server says come talk to me on port 1700)
4. FTP Client ---------> VIP:1700
5. CSM ---------> FTP Server:1700
6. FTP Server:1700 ---------> FTP Client
repeat steps 4 thru 6
Here's our hardware and software:
WS-X6066-SLB-APC running 4.2(2)
Config is as follows
module ContentSwitchingModule 9
ft group 101 vlan 9
priority 10
vlan 216 client
ip address 10.209.16.31 255.255.252.0
gateway 10.209.16.1
vlan 20 server
ip address 10.209.0.31 255.255.252.0
alias 10.209.0.11 255.255.252.0
probe ICMP1 icmp
interval 3
failed 3
receive 3
serverfarm FHEPRT
no nat server
no nat client
real 10.209.0.72
inservice
real 10.209.0.73
inservice
real 10.209.0.71
inservice
probe ICMP1
sticky 106 netmask 255.255.255.255 address source timeout 3
policy FHEPRT_POL1
sticky-group 106
serverfarm FHEPRT
vserver FHEPRT1
virtual 10.209.16.71 any
vlan 216
unidirectional
serverfarm FHEPRT
replicate csrp connection
no persistent rebalance
slb-policy FHEPRT_POL1
inservice
You are missing "service ftp" config in the Vip definition. Try the following
vserver FHEPRT1
virtual 10.209.16.71 tcp ftp service ftp
Syed Iftekhar Ahmed
Similar Messages
-
Load balancing FTP/HTTP on same VIP
Hi,
Please could someone confirm if it is possible to load balance FTP and HTTP on same VIP? Would something like this work in a one-armed design?
class-map match-any WCVS
2 match virtual-address 20.0.0.1 tcp eq www
4 match virtual-address 20.0.0.1 tcp eq ftp
policy-map multi-match int3
class WCVS
loadbalance vip inservice
loadbalance policy VS-l7slb
inspect ftp
nat dynamic 5 vlan 20
int vl20
service-policy input int3Hello,
I assume you want to ultimately use cookie sticky, since it is in your config, but not yet used. The '80' next to the rservers within the serverfarm will keep FTP from working because that will force the ACE to always use a destination port of 80 to the rservers, which is good for HTTP, but not so good for FTP. Below is your config with some modifications. I've created a new serverfarm for FTP, created a new probe for that farm, included HTTP cookie-sticky, and created a new L7 policy-map. There is one line that I would like you to remove and see if it works. If it does not, then add this line and see if it works.
Let me know how it goes...
logging enable
logging buffered 6
access-list ALL line 8 extended permit ip any any
access-list ALL line 16 extended permit icmp any any
probe http Probe_HTTP
interval 5
passdetect interval 60
expect status 200 200
open 2
receive 2
probe tcp Probe_FTP
port 21
interval 5
passdetect interval 60
open 2
receive 2
rserver host Server1
ip address 10.10.10.10
conn-limit max 4000000 min 4000000
inservice
rserver host Server2
ip address 10.10.10.11
conn-limit max 4000000 min 4000000
inservice
serverfarm host FARM-HTTP
probe Probe_HTTP
rserver Server1 80
conn-limit max 4000000 min 4000000
inservice
rserver Server2 80
conn-limit max 4000000 min 4000000
inservice
serverfarm host FARM-FTP
probe Probe_FTP
rserver Server1
conn-limit max 4000000 min 4000000
inservice
rserver Server2
conn-limit max 4000000 min 4000000
inservice
sticky http-cookie XXX_tempCookie XXX_tempCookie
cookie insert
serverfarm FARM-HTTP
class-map type management match-any Management
201 match protocol http any
202 match protocol https any
203 match protocol icmp any
204 match protocol kalap-udp any
205 match protocol ssh any
206 match protocol telnet any
207 match protocol xml-https any
class-map match-any XXX-WCVS-WWW
2 match virtual-address 10.10.10.100 tcp eq www
class-map match-any XXX-WCVS-FTP
2 match virtual-address 10.10.10.100 tcp eq ftp
3 match virtual-address 10.10.10.100 tcp range 1023 65535 <-- try first without this, then with this
class-map match-any NAT-VIP
2 match destination-address 10.10.10.100 255.255.255.255
policy-map type management first-match Management
class Management
permit
policy-map type loadbalance first-match XXX_VS-l7slb-WWW
class class-default
sticky-serverfarm XXX_tempCookie
policy-map type loadbalance first-match XXX_VS-l7slb-FTP
class class-default
Serverfarm FARM-FTP
policy-map multi-match int3
class XXX-WCVS-WWW
loadbalance vip inservice
loadbalance policy XXX_VS-l7slb-WWW
class XXX-WCVS-FTP
loadbalance vip inservice
loadbalance policy XXX_VS-l7slb-FTP
inspect ftp
class NAT-VIP
nat dynamic 5 vlan 12
interface vlan 12
ip address 10.10.10.1 255.255.255.0
alias 10.10.10.3 255.255.255.0
peer ip address 10.10.10.2 255.255.255.0
access-group input ALL
nat-pool 5 10.10.10.100 10.10.10.100 netmask 255.255.255.0 pat
service-policy input Management
service-policy input int3
no shutdown
ip route 0.0.0.0 0.0.0.0 10.10.10.254 -
Hi All,
I am getting an error message "All available connections to database server are in use by other client machines. Please try again later and check the log file for error 5054" when trying to log into HRC (This user has the reporting capabilities) . I checked the log files this is what i found out
The log file stated that there were ongoing connections of HRC with the CCX (I am sure there isn't any active login to HRC)
|| When you tried to login the following error was being displayed because the maximum number of connections were reached for the server . We can see that a total number of 5 connections have been configured . ||
1: 6/20/2014 9:13:49 AM %CHC-LOG_SUBFAC-3-UNK:Current number of connections (5) from historical Clients/Scheduler to 'CRA_DATABASE' database exceeded the maximum number of possible connections (5).Check with your administrator about changing this limit on server (wfengine.properties), however this might impact server performance.
|| Below we can see all 5 connections being used up . ||
2: 6/20/2014 9:13:49 AM %CHC-LOG_SUBFAC-3-UNK:[DB Connections From Clients (count=5)]|[(#1) 'username'='uccxhrc','hostname'='3SK5FS1.ucsfmedicalcenter.org']|[(#2) 'username'='uccxhrc','hostname'='PFS-HHXDGX1.ucsfmedicalcenter.org']|[(#3) 'username'='uccxhrc','hostname'='PFS-HHXDGX1.ucsfmedicalcenter.org']|[(#4) 'username'='uccxhrc','hostname'='PFS-HHXDGX1.ucsfmedicalcenter.org']|[(#5) 'username'='uccxhrc','hostname'='47BMMM1.ucsfmedicalcenter.org']
|| Once the maximum number of connection was reached it threw an error . ||
3: 6/20/2014 9:13:49 AM %CHC-LOG_SUBFAC-3-UNK:Number of max connection to 'CRA_DATABASE' database was reached! Connection could not be established.
4: 6/20/2014 9:13:49 AM %CHC-LOG_SUBFAC-3-UNK:Database connection to 'CRA_DATABASE' failed due to (All available connections to database server are in use by other client machines. Please try again later and check the log file for error 5054.)
Current exact UCCX Version 9.0.2.11001-24
Current CUCM Version 8.6.2.23900-10
Business impact Not Critical
Exact error message All available connections to database server are in use by other client machines. Please try again later and check the log file for error 5054
What is the OS version of the PC you are running and is it physical machine or virtual machine that is running the HRC client ..
OS Version Windows 7 Home Premium 64 bit and it’s a physical machine.
. The Max DB Connections for Report Client Sessions is set to 5 for each servers (There are two servers). The no of HR Sessions is set to 10.
I wanted to know if there is a way to find the HRC sessions active now and terminate the one or more or all of that sessions from the server end ?We have had this "PRX5" problem with Exchange 2013 since the RTM version. We recently applied CU3, and it did not correct the problem. We have seen this problem on every Exchange 2013 we manage. They are all installations where all roles
are installed on the same Windows server, and in our case, they are all Windows virtual machines using Windows 2012 Hyper-V.
We have tried all the "this fixed it for me" solutions regarding DNS, network cards, host file entries and so forth. None of those "solutions" made any difference whatsoever. The occurrence of the temporary error PRX5 seems totally random.
About 2 out of 20 incoming mail test by Microsoft Connectivity Analyzer fail with this PRX5 error.
Most people don't ever notice the issue because remote mail servers retry the connection later. However, telephone voice mail systems that forward voice message files to email, or other such applications such as your scanner, often don't retry and
simply fail. Our phone system actually disables all further attempts to send voice mail to a particular user if the PRX5 error is returned when the email is sent by the phone system.
Is Microsoft totally oblivious to this problem?
PRX5 is a serious issue that needs an Exchange team resolution, or at least an acknowledgement that the problem actually does exist and has negative consequences for proper mail flow.
JSB -
Using Web Cache to Load balance Forms Server application.
Hello,
I apologize for cross posting this question in the Forms and Caching Services forum. But I thought my question will have a better chance.
I have read that it's possible to use Oracle Web Cache as a software load balancer between multiple Application Servers.
We are running Oracle9iAS R1.0.2.2.2a, with Forms/Reports6i servers on 2 Win2k boxes i.e our Forms6i application is deployed on two seperate boxes in two distinct locations. Users at each location, use their respective App Server url.
Since the application is the same i.e. Forms6i code/fmx is the same for both locations, I am looking into loadbalancing and failover capability that Web Cache might be able to provide.
I AM ONLY LOOKING AT THE LOADBALANCING & FAILOVER capabilities and NOT caching.
So basically all users from both locations will point their browser to this Web Cache and the Web Cache will direct each connection to either of the two boxes. So, if either of the boxes dies, Web Cache will divert the requests to the other box.
My concern is whether Web Cache supports this for the Forms requests that it will receive from the users. We are using Servlet Deployment of Forms, so technically, all communication is going though the HTTPD.
Has anyone done this or has any ideas as to whether it's going to work or not? Oracle's FAQ insists that Forms is not supported. But I want to make sure that even loadbalancing is not supported. And if not supported then is there any other solution.
Any comments appreciated.
Thanks,
ManishUsing Web Cache to load balance servlet-based Forms (6i and 9i) is unofficially supported. I say "unofficially" because we have actual customers doing it and getting support, but the 2 development teams (Forms and Web Cache) haven't actually done any integration testing of this sort of configuration yet. For your case, please contact your Support rep and ask what was done to use Web Cache as a load balancer for Forms6i at METRO in Germany. The Forms product managemment team is writing up a white paper to describe how to do it, but until then, you'll need to go through Support. Please contact me if you want more information.
-
CSS11503 load balancing virtual server IP's
Hi CSS experts,
We have a Cisco Content Services Switch 11503 Load Balancer which seems to require Real Server NICs to be plugged in. When I plug a cable from our Cisco 3560 switch into the Cisco Load Balancer, it can't see the 2 web server IP's that I'm trying to load balance for HTTP/HTTPS. The virtual IP does not display the webpage of either web servers.
On the otherhand, when I use two physically separate 1U web servers and physically plug 2 cables (1 for each server) into the CSS 8 port switch, the virtual IP is able to redirect the traffic to both web servers.
How do I configure the CSS to load balance and actually see 2 IP's on the network which isn't plugged in physically per server into the CSS 8 port switch.
Internet->CSS->1 cable plugged into Cisco switch which host 2 web servers.
Thanks,
Mike
Configuration:
circuit VLAN1
ip address 192.168.1.10 255.255.255.0
service Websrv1
ip address 192.168.1.104
protocol tcp
port 80
keepalive type http non-persistent
active
service Websrv1SSL
ip address 192.168.1.104
protocol tcp
port 443
keepalive type ssl
active
service Websrv2
ip address 192.168.1.101
protocol tcp
port 80
keepalive type http non-persistent
active
service Websrv2SSL
ip address 192.168.1.101
protocol tcp
port 443
keepalive type ssl
active
owner Web
content NG
add service Websrv1
add service Websrv2
vip address 192.168.1.7
port 80
protocol tcp
advanced-balance arrowpoint-cookie
url "/*"
active
content NGSSL
add service Websrv1SSL
add service Websrv2SSL
vip address 192.168.1.7
port 443
protocol tcp
advanced-balance sticky-srcip
sticky-inact-timeout 60
activeI checked the connectivity to the servers form the CSS and it was good. I was able to ping, and the connection status in sh service summary incremented by 1 each time I tried to connect. From the server, I was able to ping back to the IP of the CSS and the VIP address as well. I have tried using only 1 server for 1 VIP. I have tried changing the default gateway on the server to the IP of the CSS and the VIP IP as well. It still doesn't seem to help. Anymore suggestions for me to try?
Thanks
Mike -
I am supporting an app server for a Forms & Reports application that uses run_report_object to run reports on a Reports Server. This is on 10gR2 (10.1.2.0.2) on Solaris & Linux.
Currently running multiple standalone Reports Servers on a single server (for 3 different projects). Need to prevent one project from affecting another as much as possible (yes, I know they are on the same box....).
I have a requirement to ensure that a hanging Reports Server doesn't prevent other jobs from running. I see that Reports Server clustering is no longer an option. The Reports documentation about how to implement HA basically say just read the AS docs and figure it out. The problem is that using the AS J2EE HA means that you'd HAVE to use the Reports Servlet. Additionally, I don't see how the reports servlet could be called so that more than one Reports server would be used.
I keep hearing about an impending doc about implementing HA on Reports. When is it coming?
Future environments will be multiple AS installs on separate boxes accessing a RAC DB.
So, what's the scoop? How can I implement this?
So, here are my questions:
1. (Two Servers) I believe I could do this on two servers if I had the same Reports Server name on each. If so, could I have two OC4J containers on each server both with the same mount point for the rwservlet application? What else would I need to do to tell OHS to load balance between both since they have the same name.
2. (Two Servers) If 1 above is okay, would it be possible to have two OC4J containers point to two different standalone Reports Servers?
3. (One Server) Can I start up multiple Reports Servers on same box with the same name (I'm pretty sure this is no :-) )
4. (One Server) Like 2 above except on a single server. Two independent OC4J containers accessing two different servlets. Each has a default Reports Server setup. URL would look the same from each.
I'm kind of graping for straws here on how to move ahead. I'm surprised the Reports Server clustering was taken away, but I suspect it is because the underlying Visibroker architecture was changed and there weren't the resources required to redo this. I'm not sure that is a good thing.
Any help would be appreciated.
:-) SteveSay you have two servers where you configured Reports, i.e. either in full Enterprise Edition or in AS10g Forms&Reports standalone.
For example:
ServerA.oracle.com with port 7777
ServerB.oracle.com with port 7777
Without using a load balancer you would call a Report with:
http://ServerA.oracle.com:7777/reports/rwservlet?report=test.rdf&userid=scott/tiger@orcl&destype=cache&desformat=htmlcss
http://ServerB.oracle.com:7777/reports/rwservlet?report=test.rdf&userid=scott/tiger@orcl&destype=cache&desformat=htmlcss
Now you put a load balancer in front of them and assign it the virtual name:
reports.oracle.comNow you can call Reports with this URL:
http://reports.oracle.com:7777/reports/rwservlet?report=test.rdf&userid=scott/tiger@orcl&destype=cache&desformat=htmlcss
To make it more interesting you create a specific Reports Server on ServerA called repserver_a and on ServerB: repserver_b. You add them into Enterprise Manager with:
$OH/bin/addNewServerTarget.sh repserver_a (on ServerA and with repserver_b on ServerB). You might need to reload opmnctl and emctl with:
opmnctl reload
emctl reloadIn $OH/reports/conf you add this line at the end (use server=repserver_b on ServerB) :
reporting: userid=scott/tiger@orcl destype=cache desformat=htmlcss server=repserver_a %* You'll call your Reports with this URL:
http://reports.oracle.com:7777/reports/rwservlet?reporting&report=test.rdf
Good luck!
Martin -
Site behind load balancer - Key not valid for use in specified state
Hi,
I have created a sharepoint application page to access an active end point on ADFS and establish a fedauth session. All works well in single server. But when the page runs behind load balancer with 2 servers, it fails with key not valid for use in specified
state exception. Stickiness is enabled on load balancer. verified that.
I had made few changes to config file in microsoft.identitymodel section to accomodate adfs custom login. This included removing securitytokenhandlers and issuertokenresolvers as well. Is this impacting the encryption/decryption in anyway?
Any pointers would help.
Reference point for my application page : http://blog.helloitsliam.com/Lists/Posts/Post.aspx?ID=76Hi,
As I understand, you encountered the error “Key not valid for use in specified state” when ADFS custom login.
In order to run in Windows Azure Web Sites a Web application which uses WIF for handling authentication, you must change the default cookie protection method (DPAPI, not available on Windows Azure Web Sites) to something that will work in a farmed environment
and with the IIS’ user profile load turned off.
1. If you are using the Identity and Access Tools for VS2012, just go to the Configuration tab and check the box “Enable Web farm ready cookies”.
2. If you want to do things by hand, add the following code snippet in your system.identitymodel/identityConfiguration element:
<securityTokenHandlers>
<add type="System.IdentityModel.Services.Tokens.MachineKeySessionSecurityTokenHandler,
System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<remove type="System.IdentityModel.Tokens.SessionSecurityTokenHandler,
System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
</securityTokenHandlers>
There is a similar case:
http://stackoverflow.com/questions/19323287/key-not-valid-for-use-in-specified-state-error-for-net-4-5-mvc-4-application
Best regards,
Sara Fan
TechNet Community Support
Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact
[email protected] -
Load Balancing E-Business Suite 11i using BIG-IP
"Has anyone deployed an Oracle E-Business Suite 11i solution in a load balanced environment based on the F5 BIG-IP 2400 device?"
Background:
When loadbalanced, Oracle forms requires a form of persistence to be in place, presumably to maintain state information.
If using simple persistence based on client source IP address, then there is no problem.
However in our environment, 1000s of clients are hidden behind the single IP address of a proxy server, therefore simple persistence will provide true load balancing.
The alternative is cookie based persistence which will allow true load balancing even with clients hidden behind a proxy. However the challenge here is that Oracle Forms is java and not http based which means that BIG-IP cannot insert an http cookie into the java packets sent to the client by the Oracle server.
If anyone has come across this issue and found a way round it, could you please describe how this is achieved? Either by configuration of the BIG-IP switch or at the Oracle Application side.Metalink doc id 290807.1 says that Internet Explorer 8 is now ccertified using Sun JRE 1.6.0_03 and higher. I have JRE 1.6.0_07 with Internet Explorer 8 for my Oracle 11i and the windows are freezing up consistently and works fine with IE 7, but i have users in IE 7 and IE 8, could you anyone help me with this issue. my full version is oracle 11.5.10.2 and my desktop in Windows XP.
Thanks in advance -
Help: AM Agent working with load balancing AM Server
Hi,
We are trying to set up the policy agent to work with two AM Servers behind a load balancer.
The agent deployment document said that in the AMAgent.properties we must set
com.sun.am.loadBalancer_enable=true
According to the AM deployment guide(http://docs.sun.com/source/817-7644/appE_loadbalancerconfig.html),
we also set in the AMConfig.properties something like
com.iplanet.am.lbcookie.name=server1
com.iplanet.am.lbcookie.value=server1
The loading balancing just does not work. Can anyone explain how AM agent works under such an deployment
environment? Some people say the agent can find the real server using the naming service, but the not
much explanation can be found.
More info on our two machines:
The two AM servers are named server1.domain and server2.domain. The virtual LB name is server.domain.
The two AM servers were installed using the host name server.domain. We added the servers' real name
in the AM's fqdnMap. At the agent config file, the name service is pointing to the LB.
Really appreciated any advices.
Regards,
HenryThanks for your reply.
We figured it out lately thanks to help from Bernhard.
1) use each machine's name to install the AM servers using the same LDAP server.
2) In AmAgent.propeties, set com.sun.am.loadBalancer_enable=true
3) In AM server platform, add in all machine's names
4) In Organization alias, add in two machines' name
5) In fqdnMap, add in load balancer's name
6) In LB, set cookie stickiness based on cookie JSESSIONID -
Client side load balancing and server side load balancing
Hello Team,
I need to know how to set up client and server side load balancing in oracle rac. What all things to be implemented like creating a service, tnsnames.ora settings etc.
And also if i used SCAN ip instead of VIP. how the settings will change.
Regards,Hi,
please find here an Whitepaper with the information
http://www.oracle.com/technetwork/database/features/availability/maa-wp-11gr2-client-failover-173305.pdf
kind regards -
Network load balancing SQL Server 2012
Hi all,
Out of pure curiosity, would the following scenario to load balance work:
* Create an NLB of 2 nodes
* On each node, install sql server, in my case 2012 std
* Create a merge replication which manages identity columns between the 2 servers. One node is the publisher the other one the subscriber
If I were to implement this, what would be the risks ?
Thanks
OlivierSQL Server does not support load balancing.
Yes you can do what you describe. You need to use "sticky sessions" to make sure users always get the same server, which kind of defeats the purpose of load balancing.
I would suggest looking into an AlwaysOn availably group cluster instead. Not the same thing, but built in and you can redirect read only users to use a replica.
https://msdn.microsoft.com/en-us/library/ff877884.aspx -
Hi There,
I want to implement a load balancer (linux virtual server) into our htmldb configuration. We currently run the http server on the same machine running oracle/htmldb. I want to split this out and use 2 seperate machines running http server behind the load balancer, both these http servers will be pointing to the same oracle database.
The load balancer will not be using persistent sessions, therefore client requests will be sent evenly to each http server. My main question is, will I have problems with user sessions, or (as I imagine) is all the session information written to the database ?
Thanks in advance.
TomBill,
There are a few things you need to consider
1: Availability of http server. ie how many are you going to have. How are you going to access them. Load balancer, DNS round robin. These should be on different servers to the database.
2: How are the http servers going to connect. For RAC you'll need to specify TNS connections. I'd also recommend that you look at using application partitioning using services in the RAC cluster. That way you can have Apex using a subset of nodes in the cluster .
3: If you are going down the RAC path then I'd assume availability is a priority. You''ll need to think of standby configuration. Again this is possible with TNS configuration.
You can do it all with Apex. RAC and Standby but it will take planning and testing. -
[Project] Load Balance mutiple DSL PPPOE connections using CSR1000v in Datacenter
Hello everyone
I was about to begin a new project (just for fun) and wanted to get everyones input. I live way out in the middle of nowhere where they have to pipe in sunshine and the best connection I can get is a 6mbs DSL connection. Currently I have two DSL connections in the house the end goal is to effectively bond them together.
My plans on how to accomplish this is having a couple Cisco ISR routers (probably 2821's) connect to a CSR1000v in a Datacenter that I have a colocated server. My thoughts were to set up a couple of GRE tunnels and use EIGRP to load balance between my house and the datacenter. I'd use one of my public IP's in the datacenter as the exit point.
In my head I was thinking I'd probably need to hooked up this way:
2821 -> DSL Modem \
Home Router -> Switch < Internet -> CSR1000v
2821 -> DSL Modem /
I have probably 16 or so IP's in the datacenter free so I could probably assign a /29 to my home side of the 2821's if need be.
You all think this would be the best way to go about it? Or is there a way to do it on the home side with a single 3825? I went with two because I figured I'd run into trouble with different gateways.
Thanks!
Brandon -
Java ftp server which can use LDAP, how to integrate with WLS' implementation of LDAP?
Howdy.
I'm setting up a java ftp server
(http://www.mycgiserver.com/~ranab/ftp/index.html) which is capable of using
LDAP for it's user security. I would like to integrate this ftp server with
wls' implementation of LDAP so I only have to admin one user list.
Does wls put it's user list in the LDAP or in it's own proprietary setup? I
tried playing around with it, but the users don't seem to appear in the JNDI
tree. Is this where the LDAP stuff is located? I thought it was in there?
If it's in it's own setup, is there a way to propagate the users to LDAP?
If these look like newbie Q&A, I guess they kind of are, I'm new to LDAP.
Thanks for any input you might have.Peter,
If you are talking about using the embedded LDAP server in WLS 7.0 for this purpose
I think you are going done the wrong path.
Look at the following URL on how to use an external LDAP server for your custom
application
http://e-docs.bea.com/wls/docs70/secmanage/realm.html#1172008
Chuck Nelson
DRE
BEA Technical Support -
How to control a Load Balanced set in IaaS VMs using Text files
Hi,
I would like to control the Load Balanced nodes Using a resource to probe like active.txt in IIS than a Endpoint on the Management Portal.
The reason i need this is because the engineers in my team will have access to VMs but not to Management servers.
Any info on it is very helpful.
ThanksHi,
You can Control the access to the Load Balanced Set by using Network ACL. A Network Access Control List (ACL) is a security enhancement available for your Azure deployment. An ACL provides the ability to selectively permit or deny traffic for a virtual machine
endpoint. This packet filtering capability provides an additional layer of security.
Using Network ACLs, you can do the following:
Selectively permit or deny incoming traffic based on remote subnet IPv4 address range to a virtual machine input endpoint.
Blacklist IP addresses
Create multiple rules per virtual machine endpoint
Specify up to 50 ACL rules per virtual machine endpoint
Use rule ordering to ensure the correct set of rules are applied on a given virtual machine endpoint (lowest to highest)
Specify an ACL for a specific remote subnet IPv4 address.
Network ACLs can be specified on a Load balanced set (LB Set) endpoint. If an ACL is specified for a LB Set, the Network ACL is applied to all Virtual Machines in that LB Set. For example, if a LB Set is created with “Port 80” and the LB Set contains 3 VMs,
the Network ACL created on endpoint “Port 80” of one VM will automatically apply to the other VMs.
Hope this helps !
Regards,
Sowmya
Maybe you are looking for
-
Can SimpleDateFormat for BC4J be used in Jdev 10g?
I recently migrated a struts/bc4j app from Jdev 9.0.3.4, we use SimpleDateFormat quite extensivly in Entity and View Objects, however the AttributeDefImple.getFormattedAttribute method is throwing the following exception: Error Message: JBO-29000: Un
-
Production Order : COGI Clarifications
Hi Team, I am having some clarifications on COGI transaction processing. 1. Is the production order can be settled (production order settlement) if the error exists in COGI against the production order? 2. Sometimes, user deletes the entry in the COG
-
Hi I have just recently got my Micro (updated with the latest firmware) and its great!!! The only feature I have a few small problems with is the FM radio, I am in the UK, and the reception is not brilliant. In all the portable radio devices I hav ow
-
HT4059 Which format does ibooks use?
Which format does ibooks use?
-
Hi Folks, Can anyone here please provide me some links through which I can know more about BDC. Thanks. K.Kiran.