Multiple AD FS instances in single forest

Similar Messages

• Multiple Oracle 9ias instances on single host

  hi all
  i tried installing more than 1 instances on a single host, under different oracle home......but i am facing certaing strange errors. Can anyone tell me what are the things that we have to specifically take care of while installing multiple instances on single host, i mean any port issues or anything else??
  please help
  thanks

  hi all,
  i have almost the same prolem here.
  i have created two instances other then OC4J home. i have also deployed two different applications on the two different instances. but when i try to run the application it gives Page not found exception! for both the applications.
  now when i stop one instance then the other instance runs properly and doesnt throw any error!
  there is definately no problem with the ports as internally the ports allocated to both the applications are different!
  if anybody has got any idea what might be the problem then it will be very helpful for me!
  thanks in advance!!
  Piyush

• Multiple AD FS Instances/independent AD FS Servers in one domain or forest

  Hello together,
  Is it possible to install multiple AD FS Instances on independent AD FS Server in one Domain or Forest? If yes, is that supported from Microsoft or best practice?
  Best regards
  Ulrich Greshake

  Hi Ulrich,
  Is it possible to install multiple AD FS Instances on independent AD FS Server in one Domain or Forest?
  Yes, it is possible. Actually, multiple instances in a single ADFS farm are very useful for fail-over.
  Here are some references below for you:
  Active Directory federation Services Question - Can I run two seperate ADFS instances in my domain?
  https://social.msdn.microsoft.com/Forums/exchange/en-US/3c8903c8-d6d6-471d-9966-b23c83172a40/active-directory-federation-services-question-can-i-run-two-seperate-adfs-instances-in-my-domain
  ADFS Deployment Topology/Architecture
  https://social.msdn.microsoft.com/Forums/vstudio/en-US/e85b1b06-9559-4028-b7cf-eed6582fe60d/adfs-deployment-topologyarchitecture?forum=Geneva
  ADFS High Availability – Quick Reference Guide for Administrators. Implement Single sign-on for Office 365.
  http://blogs.technet.com/b/ucando365talks/archive/2014/04/15/adfs-high-availability-quick-reference-guide-for-administrators-implement-single-sign-on-for-office-365.aspx#.VMnxiXkfpes
  In addition, here is a dedicated ADFS forum below:
  Claims based access platform (CBA), code-named Geneva Forum
  http://social.msdn.microsoft.com/Forums/vstudio/en-US/home?forum=Geneva
  Best Regards,
  Amy
  Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

• Can there be multiple ASM instances on single node?

  Hi,
  Can there be multiple ASM instances on single node?
  This one says No : http://www.freelists.org/archives/oracle-l/02-2008/msg00317.html
  And This one says Yes : http://www.databasejournal.com/features/oracle/article.php/3571371
  Thanks in advance.
  Thanks,
  Harsha
  Edited by: user498756 on Sep 11, 2008 2:23 AM

  ...that document doesnt say you cannot have multiple ASM instances on a node. It says "...ASM, +you only need one ASM+ instance for that computer, to manage the two database instances that use ASM."
  The fact that you only need one - and I cannot think of a good reason to have more than one - does not preclude the fact that you do seem to be able to have multiple ASM instances on a single node, each looking after its own set of disks and diskgroups.
  Again - I cannot think of a good reason to do so though!
  -Bob

• Multiple DNS Domain support in Single instance of Portal

  Can BEA portal support multiple DNS domains in a single instance of BEA Portal.
  For example can I setup portal to respond as bothe www.xxx.com and www.yyy.com
  and keep those urls as trhough the entire portal?

  Hi,
  thanks for your quick response. You mean we should run only one copy of the package I mentioned and seperate the plants and machines by logic implemented in the package? Well, I think this is critical in case of deploying a new version, since all machines at all sites won't have the system available at the same time. At the moment we do not have things in the system that are needed to go on with production, but we have planned to implement some things that will be indispensable and in this stage we need a clear seperation of the plants to minimize the risk of a simultaneous stand at all plants.
  Thanks for your suggestion and best regards,
  Matthias

• EBS R12 - Multipl Instance using Single Databse ( with Different SID )

  Hi,
  Is it possible to create Multiple R12 EBS instance (i.e. TEST and DEV ), in to Single Database ( using same database binary ).
  Or Can these different EBS instance , configured with Single Database using differant Oralce SID ( means creating Multiple databases with Single binary )
  Please guide,
  Thanks

  Is it possible to create Multiple R12 EBS instance (i.e. TEST and DEV ), in to Single Database ( using same database binary ).No.
  Or Can these different EBS instance , configured with Single Database using differant Oralce SID ( means creating Multiple databases with Single binary )No -- Each instance/database should have its own ORACLE_HOME.
  Thanks,
  Hussein

• Facing issue while provisioning to AD which is in multiple domain in single forest

  Hi All,
  I am facing issue while user provisioning to AD which is in multiple domain in single forest.I can Synchronize the OU and Groups from Global Catalog i.e. root domain,but unable to Synchronize OU and Groups from child domains.Following is depict of my domain.
  Root -------   example.com
           |_______doamin1.example.com
           |_______doamin2.example.com
           |_______domain3.example.com
  My global catalog is example.com where I have configure my connector.Following is the snippets of it.
  Parameter
  Value
  ADLDSPort
  BDCHostNames
  Configuration Lookup
  Lookup.Configuration.ActiveDirectory.Trusted
  Connector Server Name
  Active Directory Connector Server
  Container
  DC=example,DC=com
  DirectoryAdminName
  DWPTEST\adm
    DirectoryAdminPassword
  DomainName
  example.com
  IsADLDS
  no
  LDAPHostName
    GlobalCatalog server name  -> where my root domain is present
  SyncDomainController
  SyncGlobalCatalogServer
  GlobalCatalog server name  -> where my root domain is present
  UseSSL
  no
  Above configuration I am using to Synch my OU and Groups using scheduler Job.Following changes I have made in connector configuration.
  1. Set the value of the SearchChildDomains entry to yes in one of the following lookup definitions:
  For trusted source reconciliation: Lookup.Configuration.ActiveDirectory.Trusted
  For target resource reconciliation: Lookup.Configuration.ActiveDirectory
  2. Specify the name of the domain controller that is hosting the Global Catalog Server as the value of the SyncGlobalCatalogServer IT resource parameter.
  For provisioning purpose I am trying to find following configuration which is mentioned in connector document,but unable to locate it.
  In the connector, the referral chasing option is set to All, which means that all referrals are chased when any referral is provided by the domain controller
  Thanks in advance.
  Regards,
  Nitin Natekar

  Hi All,
  Thanks all for the reply.I was not getting an error,but once I changed the connector configuration,It started working. I Kept the LDAPHostName parameter blank  in connector configuration.
  Thanks all for reply
  Regards,
  Nitin Natekar

• Configuring multiple web sites in a single OC4J instance with 10g OEM

  Hi There,
  there doesn't seem to be a way of configuring multiple web sites within a single OC4J instance using the 10g Enterprise Manager Website, so can i assume that there's some performance related issues with doing this, or is it just a case of if you want multiple web sites, configure it manually?
  We currently use 9iAS release 1 (which has been configured to use multiple web sites - with normally 1 j2ee app in each website - in a single OC4J clustered instance, using mod_proxy to forward the http requests onto oc4j), but we are looking to migrate to 10g very soon...
  The initial configuration was done by an external company, so i'm not entirely sure of the reasons why it was chosen (perhaps so that if there was a problem with a single website, it wouldn't impact all our applications)..
  Does anybody else currently use multiple *-web-site.xml's in a 9iAS release 2 or 10g in a production environment, and if so did you encounter any problems with the OEM website (assuming you configured them manually)?
  Thanks in advance,
  Andy

  Hello,
  Something like this:
  New-OWAVirtualDirectory -WebSiteName "FBA"
  Enable the Basic authentication via running the following command:
  Set-OWAVirtualDirectory -Identity "yourservername\owa (FBA)" -BasicAuthentication $true
  Restart the IIS admin service in services.msc
  Thanks,
  Simon Wu
  TechNet Community Support

• Exchange 2003 migrate to Exchange 2010 - single forest multiple domain. Active Sync problem

  Hi All, 
  I have AD single forest and multiple domain. for example, the forest domain is jakarta.co.id, and the other domain is bali.co.id.
  Exchange 2003 deployed in jakarta.co.id, User mail enabled in domain jakarta.co.id and bali.co.id.
  Then, I upgrade to Exchange 2010 (deploy in jakarta.co.id) and move mailbox from Exchange 2003 to Exchange 2010.
  All users in bali.co.id are able to access email from Owa, BlackBerry (BIS), Outlook, but cannot access from Android, Windows Phone. (Active-Sync).
  I got error information generated from https://testconnectivity.microsoft.com, as following:
  Attempting the FolderSync command on the Exchange ActiveSync session.
  The test of the FolderSync command failed.
  Tell me more about this issue and how to resolve it
  Additional Details
  Exchange ActiveSync returned an HTTP 500 response (Internal Server Error).
  Active-Sync still not work even I check option "Include inheritable permissions from this object" in security tab.
  any idea to fix this issue?
  Thanks.
  Endrik
  Endrik | blog: itendrik.wordpress.com Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading
  the thread.

  Hi Sathish, 
  We are planning to migrate Exchange 2003 to Exchange 2013, all user already in Exchange 2010 and Exchange 2003 was decommissioned
  Event Viewer log as following:
  Log Name:      Application
  Source:        MSExchange ActiveSync
  Date:          1/17/2014 10:00:48 PM
  Event ID:      1008
  Task Category: Requests
  Level:         Warning
  Keywords:      Classic
  User:          N/A
  Computer:      EXC2010.jakarta.co.id
  Description:
  An exception occurred and was handled by Exchange ActiveSync. This may have been caused by an outdated or corrupted Exchange ActiveSync device partnership. This can occur if a user tries to modify the same item from multiple computers. If this is the case,
  Exchange ActiveSync will re-create the partnership with the device. Items will be updated at the next synchronization. 
  URL=/Microsoft-Server-ActiveSync/default.eas?Cmd=Sync&User=bali%5Csteveng&DeviceId=SAMSUNG123456789&DeviceType=SAMSUNGGTN7000
  --- Exception start ---
  Exception type: Microsoft.Exchange.AirSync.AirSyncPermanentException
  Exception message: A null value was received for the NTSD security descriptor of container CN=ExchangeActiveSyncDevices,CN=Steven Gerrard,OU=IT,DC=bali,DC=co,DC=id.
  Exception level: 0
  HttpStatusCode: 500
  AirSyncStatusCode: 110
  XmlResponse: 
  This request does not contain a WBXML response.
  Exception stack trace:    at Microsoft.Exchange.AirSync.ADDeviceManager.SetActiveSyncDeviceContainerPermissions(ActiveSyncDevices container)
     at Microsoft.Exchange.AirSync.ADDeviceManager.CreateActiveSyncDeviceContainer(Boolean retryIfFailed)
     at Microsoft.Exchange.AirSync.ADDeviceManager.CreateActiveSyncDevice(GlobalInfo globalInfo, ExDateTime syncStorageCreationTime, Boolean retryIfFailed)
     at Microsoft.Exchange.AirSync.ADDeviceManager.CreateActiveSyncDevice(GlobalInfo globalInfo, ExDateTime syncStorageCreationTime)
     at Microsoft.Exchange.AirSync.Command.UpdateADDevice(GlobalInfo globalInfo)
     at Microsoft.Exchange.AirSync.Command.CompleteDeviceAccessProcessing()
     at Microsoft.Exchange.AirSync.Command.WorkerThread()
  --- Exception end ---.
  I think KB817379 is not related because Exchange 2003 was decommissioned.
  Regards, 
  Endrik
  Endrik | blog: itendrik.wordpress.com Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading
  the thread.

• Is it possible to integrate multiple instances with single OAM (Oracle Acce

  Hi All,
  Please could anyone clarify,is it possible to integrate multiple instance with single OAM(Oracle Access Manager).
  We have two instance in development environment, Among them one is already integrated with OAM 11g,Now we want to integrate the second one with OAM 11g. For this already configured OAM is enough or we need to configure the another OAM separately.
  Application Version is 12.1.1
  Database Version : 11.1.0.7
  OS : RHEL 5.3 64 bit
  Thanks in advance.

  Hi Hussein ,
  I Ran below script,
  ant -f txkEBSAuth.xml \
  -Dwlshosturl=appora.corp.hexaware.com:7021 \
  -Dwlsuser=weblogic \
  -Dwlspwd=password1 \
  -DuseDefaults=true \
  -DforceDataSource=true \
  -DdataSourceName=DEV \
  -DdataSourceJNDIName=jndi/DEV \
  -DasadminUser=SSO11GLOGIN \
  -DasadminPassword=welcome1 \
  -DdbcFile=/u06/oamfmw/Middleware/appsutil/accessgate/DEV/DEV.dbc \
  -DserverName=AdminServer \
  -DdeploymentName=ebsauth_DEV \
  -DfndauthWarFile=/u06/oamfmw/Middleware/appsutil/accessgate/DEV/fndauth.war \
  -DplanPath=/u06/oamfmw/Middleware/appsutil/accessgate/DEV/plan/plan.xml \
  -DforceDeployment=true \
  -DSSOServerRelease=11 \
  -DSSOServerURL=http://appora.corp.hexaware.com:14100 \
  -DWebgateLogoutURL=http://appora.corp.hexaware.com:7780/public/oacleanup.html \
  -DlogConfigfile=/u06/oamfmw/Middleware/appsutil/accessgate/DEV/sample/logging.properties
  -bash: ant: command not found
  Thanks in advance

• Logging into multiple instance using single ID

  We have multiple instances of CRM ONDemand and have login ID for each instance. I have a group of users who are users across multiple instances, the problem is they have to login using ID and Password every time they navigate across instances. Is there a way in which this can be simplified.
  Eg:
  I have 2 countries with different data set and due to nature of business I have to keep the data separate. But I have operational resources who have to access both instances, is there a way in which they can access both instances from single screen.

  Hi, For seemless navigation of users across instances you can thing about implementing SSO. But if you like to see data across instances in one single instance, it may not be possible without using webservices
  -- Venky CRMIT

• SCCM 2012 AD Publishing in a Single Forest Multiple Domains

  Hi there,
  Let me explain the situation first so that you get the idea. We have a single forest, multiple child domains AD environment. For some reasons each domain is being managed separately by their geographic location IT.
  Forest has been extended for SCCM by the site who holds the forest root domain. Since everyone wants to manage their own domain and systems, each child domain have their own primary site server.
  In one of the domains I have installed brand new SCCM 2012 R2. I haven't done anything yet, havent turned on any discovery except Heartbeat. Now I see one device, which belongs to another domain with totally separate IP address, shows in my SCCM site. I dont
  know why.
  From here question arises for me. Correct me if I'm wrong and please advice what to do domain/forest wide.
  1. System Container is needed in each child domain, not in the forest, right?
  2. Where does/should each SCCM primary site publish information; in each domain or in the forest root domain?
  3. Under Administration > Overview > Site Configuration > Sites > Properties > Publishing I see forest root domain name and its checked. 
  Under Administration > Overview > Hierarchy Configuration > Active Directory Forests > Properties > Publishing my site is checked and its the only one in there. In that same window I went ahead and specified my own domain hoping
  to cure the possible problem.
  So, why would that one device show up in this site? I have disabled Heartbeat together with other discoveries for now till I make everything ready.
  Thanks for your help in advance.

  1. Under Administration > Overview > Site Configuration > Sites > Properties > Publishing If I uncheck forest root domain will devices on my child domain still be able to find my site server?
  2. Under Administration > Overview > Hierarchy Configuration > Active Directory Forests > Properties > Publishing my site is checked and its the only one in there. In that same window I went ahead and specified my own domain
  hoping to cure the possible problem. Is this a good practice?
  3. "When clients look for ConfigMgr info, they use GC lookups meaning they return objects from every System Management container in the forest." So, which one do clients choose and how?
  4. "For that one device, have you opened its properties and examined it?" Yes, what abou it? Its found based on Heartbeat Discovery agent (when heartbeat was enabled).
  5. "Have you reviewed the boundaries and boundary groups set up for site assignment?" Yes, as I mentioned this device belongs to different domain and totally outside of my AD site and SCCM boundaries.
  This is fresh install and not in production yet. I have disabled Heartbeat temporarily so that I fix this problem. I will enable it after. 

• Understanding Lync 2013 Deployment for Single forest multiple domain Infrastructure

  Hello Everyone,
  I have an issue in understanding a deployment scenario of Lync 2013 Enterprise edition.
  We have a single forest multiple domain infra. 
  My My question here is, while AD prep, do we need to run Domainprep on every domain in the forest. 
  Thanks!
  Thank You!!! BR, Ammi.

  Hi Ammi,
  To prepare Active Directory Domain Services for your Lync Server 2013 deployment, you must perform three steps in a specific sequence.
  1.
   Preparing the Active Directory schema in Lync Server 2013
  Extends the Active Directory schema by adding new classes and attributes that are used by Lync Server.
  Run once for each forest in your deployment where Lync Server will be deployed.
  2. Preparing the forest for Lync Server 2013
  Creates global settings and universal groups that are used by Lync Server.
  Run once for each forest in your deployment where Lync Server will be deployed.
  3. Preparing domains for Lync Server 2013
  Adds permissions on objects to be used by members of universal groups.
  Run once per user domain or server domain.
  Hope it can be helpful.
  Best regards,
  Eric

• Multiple Hierarchies in Single Forest

  Hi,
  I’m really struggling to understand how SCCM 2012 would work in this scenario.
  We have a single forest with 3 child domains. In the first of the child domains we have a SCCM 2007 hierarchy and in the second we have a SCCM 2012 hierarchy. We’d like to install a new hierarchy in the parent domain which will support clients in the third
  domain (and longer term the other two).
  If we install a primary server in the parent domain and allow it to publish it’s MP to the Sys Man container, will the SCCM clients in the existing child domains (with SCCM installations) query AD and attempt to use the primary server in the parent
  domain?
  Thanks,
  Gareth

  The answer is both yes and no. It will all depend on how you setup your boundaries. If the clients are not withing the boundaries then they will not try to use it.
  Garth Jones | My blogs: Enhansoft and
  Old Blog site | Twitter:
  @GarthMJ

• Can i create more than one instance for single database?

  HI
  anybody can tell me how to create more than one instance for single database(without using RAC)?
  thanks
  Kalanidhi

  Anandji,
  I sometimes think differently. I also think like what this person is asking..(although I have installed and administering 5 different RAC databases)
  The main doubt of mine is that we create multiple instances accessing the same storage area.
  Anyway the controlfiles of all instances will have the same information except the instance_names and instance id's.
  Hence I always think , why can't it be possible to to create another instance in the same system and point it to a controlfile which is copied from the other instance.
  Why can't the same files be shared between the two instances in a same system ?
  I know I am thinking a little bit confusing...
  Anyway I need to test that also...
  Mahesh.