Outbound to dymanic directory
Hi all.
I need copy files from some computer (always the same directory) to another (different directory each time).
The output directory depends on filename. The filenme it's like XXXYYYYMMDD.CCWW, where XXX = some code, YYYY=year, MM=month,DD=day,CC and WW others code.
The output directory must be ..../XXXX/YYYY/MM/DD/CC/WW/<filename>
It´s possible
a) using only ESB
(IN-Adapter -> RoutingService -> OUT-Adapter)
b) using ESB and BPEL
(IN-Adapter -> RoutingService -> BPEL)
(In BPEL process make some validation and transformation and then put the file in the directory, via adapter)
How?, if you don´t know exactly, maybe some documentation/tutorial/example can help me.
Thank´s in advance
If the output directory it doesn´t exist, so i must create the directory..
Similar Messages
-
No remittance advice output in the 'Outbound Payment File Directory'
We are working on an upgrade from 11i to R12.
Configuration has created a profile for an electronic payment with a separate remittance advice. They have specified an outbound payment file directory. The EFT text file is generated in the proper directory (on the appserver); however, the remittance advice file went to the default directory on the dbase server. We want to pick up the file, rename and ftp to our printer from the 'outbound payment file directory'.
Is this expected functionality or did we miss something in configuration?Manu,
I do not think it is possible -- You may log a SR and confirm this with Oracle support.
Where Can Be Found The Output File For The Transfer To The Bank [ID 730548.1]
How To Change Nacha Payament Output Directory And Name [ID 786007.1]
Thanks,
Hussein -
Dynamic outbound payment file directory for in Payment Profile in R12?
Hi All,
Is it possible to have the "outbound payment file directory" setup in R12 Payment Process Profile dynamically?
Ideally we would like to store the value in a profile and refer the lookup in this field, rather than giving it hard coded, like /net/common/CM_UTL_DIR/EBSTST
Please let us know of workarounds also, if any.
Thanks!
ManuManu,
I do not think it is possible -- You may log a SR and confirm this with Oracle support.
Where Can Be Found The Output File For The Transfer To The Bank [ID 730548.1]
How To Change Nacha Payament Output Directory And Name [ID 786007.1]
Thanks,
Hussein -
Outbound FTP adapter directory dynamic path
Hi,
I tried creating FTP adapter with logical directory names.
When I create inbound FTP adapter (get activity) and provide logical directory path, it creates activation agent and on deployment it works fine. However when I try to create FTP adapter for outbound FTP adapter (put activity) and provide logical directory path, it could not create activation agent for the same….When I add activation agent manually, I am able to compile the service locally on J Developer, but could not deploy the service into SOA Instance.
Please update me, if anybody has made outbound FTP adapter directory dynamic path.
Best Regards,
Dhaval KhamarDipal's note is correct for setting the output directroy dynamically, but I just want to clarify the steps you are taking.
You say that you create the activation agent manually for the put FTP adatper. This is not required, the activation agent is used to poll locations to invoke a process. The put activity is invoked from the BPEL process and not required.
If you are using logical directorys you partner link should look like this in the bpel.xml
<partnerLinkBinding name="writeFile">
<property name="wsdlLocation">writeFile.wsdl</property>
<property name="OutboundDir">/app01/oracle/outbound</property>
<property name="retryInterval">60</property>
</partnerLinkBinding>
The nasty thing about BPEL is that if you edit this manually and you make chnages BPEL will over write this. To avoid this create a property in the partner link. Right-Click the partner link select property tab, enter the logical directory name, e.g. OutboundDir and provide a value.
If you want to chnage this location dynamically during runtime follow Dipal's note.
cheers
James -
Seperate remittance advice in R12
hi guys,
I am working on R12 checkprinting.
My doubt is when I a trying to make a payment from PAYMENTS MANAGER, we also have an option for SEPERATE REMITTANCE ADVICE but it seems we have only these methods of o/p
1. printed
2. E-mail
3. Fax
but where as in case of check we have Outbound Payment File Directory in payment instruction format from we can give an o/p directory and get the file in required directory and then I am able to FTP that..
but where as in reporting tab we have only the above 3 options of o/p we can't get a file...
but i want an o/p file of seperate remittance so that I can use my check and remittance files FTP them to formscape to merge them together and get some custom o/p
can anyone help me how to get thiso/p file for seperate remittance, I know it creates an o/p file when i manually make a payment from PAYMENTS -> ENTRY -> PAYMENTS
really urgent...I am totally stuck here
thanks,
puranHi Puran,
The check XML (Payment Instruction Register) should have all the info you need including details of what was paid, so you could use the concurrent request output XML file and do what you need with it.
There is also the Send Separate Remittance Advices program that you might be able to do something with.
Regards,
Gareth -
How to send an idoc of lower release to an External RFC server
Hi All,
I am sending idocs from the sap system to an external rfc server(written using Sap RFC SDK).
When an idoc is sent from the Sap system, I receive an IDOC_INBOUND_ASYNCHRONOUS call in the external RFC server with the Idoc data.
Everything works fine with the latest release of idocs. But if I send an Idoc of lower release number, I am getting the data records properly for the lower release(say 640). But the DOCREL field (in the control record- EDI_DC40) always gives me the latest release number(700)
In my partner profile, I specify the Segment release number to 640 and even then I am receiving the value 700 in DOCREL.
What am I missing here? How can I populate the DOCREL field with the appropriate release number?
Any help would be greatly appreciated.
Thanks
PS: Please feel free to move this post to appropriate category, if this is not the one.Serigo,
Thanks for your reply and we are not using XI.
I have defined in the port definition giving the path name refering to unix like /outbound/<system name>/<directory name>. But I dont know how to define for C:\temp\, if I define the same way as c:\temp\ do I need define anything anywhere else ?
Kindly let me know.
Thanks,
Kalikonda. -
Hi
I've got an advanced leopard server running providing mail services, ical services and web services.
I would like to put the server in the DMZ and hence I need to activate the firewall. But I'm a bit unsure as to what ports I should allow traffic to. I would also like to be able to use Apple remote desktop from outside the local network and ofcourse open directory authentication from the "outside".
I have set allow traffic from any to these ports
TCP Outgoing
TCP established
UDP Fragments
UDP outbound and responses to same port
IGMP
Mail:IMAP
SSH
Mail:SMTP standard
ARD 2.x
HTTPS
DNS - response outbound queries
Remote Directory Access
Serial Number support
LDAP secure
HTTP - web service
Mail Imap SSL
ICMP - echo replymessages
ICMP - echo request
Is this a safe or good configuration or should I add some ports or rmove some ports?
I also plan to use VPN between this server and another server at another location
Any and all input appreciated.
ThanksThese are basically the defaults that where activated when instarted the firewall services. As for UDP and UDP fragments, as far as I know i dont need them. I thought these things where set by default because there was something that needed it. The same goes for ICMP. As for SSH i have set that so you need to use keys to use ssh..so without the necessary keys you cant access ssh and ofourse I have disabled root login for ssh. I havent touched the apache config file.. what specifially where you thinking of with regards to apache from a security standpoint?.
Thanks -
Simple question on FileAdapter Outbound Directory
Hello,
Can I set up a dynamic outbound directory in my wsdl?
If yes, How?
In FileAdapter tutorials the outbound dyrectory is always static path...
Thank you
AndreaSorry, I have some problem with english...
Well, in the tutorials we receive a file, it is elaborated by the process, then it is saved in a directory...
For example ComplexStructureOutbound.wsdl::
<binding name="FileOutbound_JCABinding" type="tns:FileOutbound_PortType">
<jca:binding />
<operation name="Send">
<jca:operation
InteractionSpec = "oracle.tip.adapter.file.outbound.FileInteractionSpec"
PhysicalDirectory="/usr/local/orabpel/samples/tutorials/121.FileAdapter/ComplexStructure/outputDir"
In my process, PhysicalDirectory not have a fixed value, but variable. I receive a file and I send it to a PhysicalDirectory value that is different for each invocation of my BPEL process.
I do it with a jdev web service, but I would understand if it is possible with BPEL and its FileAdapter connector...
I hope you understand...
Thank you, Edwin
Andrea -
Error in Directory Cache Update
Hi,
because we changed from two SLDs (PROD & DEV) to one (DEV) we did all changes like given in note 720717.
Everything seems to run fine except the Adapter Engine - ok parts of it.
When checking the Cache-Infos in Integration Directory we get following error in Integration Server (Central Adapter Engine). What do we need to do?!
br
com.sap.aii.ib.server.abapcache.CacheRefreshException: Unable to find an associated SLD element (source element: SAP_XIIntegrationDirectory, [CreationClassName, SAP_XIIntegrationDirectory, string, Name, directory.px1.sapru03, string], target element type: SAP_XIIntegrationServer)
at com.sap.aii.ibdir.server.abapcache.content.CacheCPA.addContent(CacheCPA.java:483)
at com.sap.aii.ibdir.server.abapcache.content.CacheCPA.addContent(CacheCPA.java:154)
at com.sap.aii.ibdir.server.abapcache.CacheRefreshRequest.addContent(CacheRefreshRequest.java:388)
at com.sap.aii.ibdir.server.abapcache.CacheRefreshRequest.addContent(CacheRefreshRequest.java:326)
at com.sap.aii.ibdir.server.abapcache.CacheRefreshRequest.processHTTPRequest(CacheRefreshRequest.java:145)
at com.sap.aii.ibdir.server.abapcache.CacheRefreshRequest.handleHTTPRequest(CacheRefreshRequest.java:103)
at com.sap.aii.ibdir.web.abapcache.HmiMethod_CacheRefresh.process(HmiMethod_CacheRefresh.java:67)
at com.sap.aii.utilxi.hmis.server.HmisServiceImpl.invokeMethod(HmisServiceImpl.java:169)
at com.sap.aii.utilxi.hmis.server.HmisServer.process(HmisServer.java:178)
at com.sap.aii.utilxi.hmis.sbeans.HmisBeanImpl.process(HmisBeanImpl.java:86)
at com.sap.aii.utilxi.hmis.sbeans.HmisLocalLocalObjectImpl10.process(HmisLocalLocalObjectImpl10.java:259)
at com.sap.aii.utilxi.hmis.web.HmisServletImpl.processRequestByHmiServer(HmisServletImpl.java:290)
at com.sap.aii.utilxi.hmis.web.workers.HmisExternalClient.doWork(HmisExternalClient.java:75)
at com.sap.aii.utilxi.hmis.web.HmisServletImpl.doWork(HmisServletImpl.java:496)
at com.sap.aii.utilxi.hmis.web.HmisServletImpl.doPost(HmisServletImpl.java:634)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:390)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:264)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:347)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:325)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:887)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:241)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:92)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:148)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(AccessController.java:207)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)Hi,
Hereu2019s a list of common errors/problems in SAP XI and their possible resolutions. This Guide will help you troubleshoot your integration scenarios in SAP XI/PI. This is in no way an exhaustive list. You can add your points/ideas to this list. Please feel free to post your inputs using the comments form at the end of this article.
Cache Update Problems
Use transaction SXI_CACHE to update the Integration Directory cache. Alternatively, you can use the following URLs to update the CPA cache. Use XIDIRUSER to refresh the cache.
For complete cache refresh - http://<hostname>:<port>/CPACache/refresh?mode=full
For delta cache refresh - http://<hostname>:<port>/CPACache/refresh?mode=delta
If this does not solve the issue, check transaction SLDCHECK to ensure that connection to SLD is available. If the connection fails, check the configuration in the transaction SLDAPICUST. Make sure that the password maintained is correct and the maintained service user is not locked.
Now in the Integration Repository go to Environment u2192 Clear SLD Data Cache. Also go to Integration Directoy and clear the cache using menu Environment u2192 Clear SLD Data Cache.
Open the XI Start Page and click on Administration. On the Repository tab, choose Cache Overview. Refresh the cache using the buttons/icons on the right. Use XIDIRUSER to refresh the cache. Carry out cache refresh in the same way on the Directory and Runtime tabs.
If you are facing cache update problems in your BPM (say you have modified the BPM, but when executed old version of the BPM is picked up instead of the new one), run the transaction SWF_XI_CUSTOMIZING and press F9 carry out automatic BPM/Workflow Customizing.
Routing Errors
NO_RECEIVER_CASE_BE or NO_RECEIVER_CASE_ASYNC
This means no receiver could be found. Check your Receiver Determination. Activate and update cache. Asysnchronous messages can be manually restarted.
TOO_MANY_RECEIVERS_CASE_BE
More than one receiver found. Check your ID configuration to ensure that there is exactly one receiver for the synchronous message. Multiple receivers for synchronous interfaces are not permitted.
Mapping Errors
JCO_COMMUNICATION_FAILURE
Check whether RFC destination AI_RUNTIME_JCOSERVER is correctly configured
NO_MAPPINGPROGRAM_FOUND
Ensure that mapping program exists and is activated. If it exists then update the cache.
EXCEPTION_DURING_EXECUTE
This error occurs due to erroneous XML formatting. Check your mapping program and ensure that you supply valid input data.
Messages stuck in queues
Check the queues using transactions SMQ1 (outbound)/SMQ2 (inbound). Resolve the displayed errors. You can cancel the messages from SXMB_MONI. Execute LUW if necessary and avoid deleting entries manually.
Conversion Errors
Unable to convert the sender service XXXX to an ALE logical system
This error occurs in case of scenarios with IDoc adapters. Whenever you use business systems, make sure that the corresponding logical system name is maintained in the SLD.
Open your business system in the Integration Directory. Switch to Change mode. Access the menu path Service u2192 Adapter Specific Identifiers. Click the button that says u2018Compare with System Landscape Directoryu2019 and chose Apply. Save and activate your change list.
In case of business services, you can manually type a logical system name in the Adapter Specific Identifiers if required. This name should match the corresponding logical system name defined in the partner SAP systemu2019s partner profiles.
Errors on the outbound side
Sometimes the link between SAP XI and the target system (say ERP) goes down and messages fail on the outbound side. It may not be possible to restart them from using RWB or the transactions like SXI_MONITOR/SXMB_MONI. In such cases, you can follow the procedure outlined in the following article - Dealing with errors on the outbound side.
Refer this article:
http://help.sap.com/saphelp_nwpi71/helpdata/en/0d/28e1c20a9d374cbb71875c5f89093b/content.htm
Refer this portal
https://www.sdn.sap.com/irj/sdn/wiki?path=/display/ep/pointers%2bfor%2btroubleshooting%2bportal%2bruntime%2berrors
Regards,
Suryanarayana -
Mail 2.1 goes to wrong IMAP directory, creates multiple connections
My Mail 2.1 woes continue using IMAP accounts on a FREEBSD virtual server.
I have 2 IMAP accounts and should be logged onto the server once for each account. My server people checked and told me I was logged on 10 times for 1 account and 7 for another. In all instances I was not in the Mail directory but in the root directory. Furthermore, my server people watched as I restarted mail and while I initially get to the Mail directory, I then move to the root directory.
I tried adding "Mail" to the IMAP path spot. That didn't work, and caused my other IMAP account to go offline and stay offline.
Last night I had connection problems when sending an e-mail and got a message that there were no outbound mail servers set up. So I set up the 2 IMAP mail servers and then things worked, then Mail program didn't work, and when I checked the outbound mail server list, the old missing servers were back on the list along with the new servers.
I also checked, and some of my local storage files and directories are now listed as being on the server as local storage. Very weird.
To make this all work going forward, I need to be able to get Mail 2.1 to go to the Mail directory on the server. I tried putting "Mail" in the IMAP path, but then it was looking for ~/Mail/Mail instead of ~/Mail.
Any ideas on how to get Mail to go to and stay in the Mail directory on my IMAP server?I fixed the problem by dumping Mail and switching to Thunderbird 2.0.0.9. All problems solved. Thunderbird has much better control over what happens between client and an IMAP server. (Probably a bad thing in an institutional setting.) Unfortunately, in other aspects, Mail is better than Thunderbird, particularly in junk mail screening. While there may have been away to get the latest version of Mail to work with my IMAP server, nobody seems to know including the Apple Store Genius and, by lack of replies on this board, most people in the know on these things.
-
Can a directory to be created if it does not exist on FTP server?
Hello SOA experts,
We are good with most common usage of all Adapters. But recently, I am facing a challenge when archive files on FTP server.
Archive files need to be placed into different folders for each month. For instance, ./archive/201308 for files archived in August. Next month, a new directory ./archive/201309 should be created, ideally automatically.
My question is, can I do through some configuration and properties setting to let SOA create a remote target directory when it does NOT exist?
We maintained multiple archive folders for different typr of documents. It is really a hassle to create them manually. And if the target directory does not exist, it would throw errors.
Thank you very much in advance.
Alena Li
CGIHi, After reading your post, I myself wanted to test this out. I thought that by configuring the following in the Adapter Wizard it would create the remote directory for me:
<adapter-config name="FW" adapter="File Adapter" wsdlLocation="FW.wsdl" xmlns="http://platform.integration.oracle/blocks/adapter/fw/metadata">
<connection-factory location="eis/FileAdapter"/>
<endpoint-interaction portType="Write_ptt" operation="Write">
<interaction-spec className="oracle.tip.adapter.file.outbound.FileInteractionSpec">
<property name="PhysicalDirectory" value="C:\Archive"/>
<property name="Append" value="false"/>
<property name="FileNamingConvention" value="%SEQ%\test.txt"/>
<property name="NumberMessages" value="1"/>
</interaction-spec>
</endpoint-interaction>
</adapter-config>
It failed on my BPEL instance however I could see that it was trying to create the file. When I created all destinations it was able to create it.
This is my recommendation from what I understand you'd like to accomplish:
Create the different Year&Month folders on your destination from Jan to Dec:
201301
201302
201303
201304
201305
201306
201307
201308
201309
201310
201311
201312
(You can actually create as many as you want going to 2090 if you want...
Add the below config to your JCA File:
<adapter-config name="FW" adapter="File Adapter" wsdlLocation="FW.wsdl" xmlns="http://platform.integration.oracle/blocks/adapter/fw/metadata">
<connection-factory location="eis/FileAdapter"/>
<endpoint-interaction portType="Write_ptt" operation="Write">
<interaction-spec className="oracle.tip.adapter.file.outbound.FileInteractionSpec">
<property name="PhysicalDirectory" value="C:\Archive"/>
<property name="Append" value="false"/>
<property name="FileNamingConvention" value="%yyyy.MM%\filename"/>
<property name="NumberMessages" value="1"/>
</interaction-spec>
</endpoint-interaction>
</adapter-config>
This will allow the files to be dynamically created in the correct directories.
This is a work-around and I hope this works for you. -
This is for information to help others
KEYWORDS:
- Sharing EFS encrypted files over a personal lan wlan wifi ap network
- Access denied on create new file / new fold on encrypted EFS network file share remote mapped folder
- transfer encryption keys / certificates
- set trusted delegation for user + computer for EFS encrypted files via
Kerberos
- Windows Active Directory vs network file share
- Setting up WinDAV server on Windows 7 Pro / Ultimate
It has been a long painful road to discover this information.
I hope sharing it helps you.
Using EFS on Windows 7 pro / ultimate is easy and works great. See
here and
here
So too is opening + editing encrypted files over a peer-to-peer Windows 7 network.
HOWEVER, creating a new file / new folder over a peer-to-peer Windows 7 network
won't work (unless you follow below steps).
Typically, it is only discovered as an issue when a home user wants to use synchronisation software between their home computers which happens to have a few folders encrypted using windows EFS. I had this issue trying to use GoodSync.
Typically an "Access Denied" error messages is thrown when a \\clientpc tries to create new folder / new file in an encrypted folder on a remote file share \\fileserver.
Why such a EFS drama when a network is involved?
Assume a home peer-to-peer network with 2pc: \\fileserver and \\clientpc
When a \\clientpc tries to create a new file or new folder on a \\fileserver (remote computer) it fails. In a terribly simplified explanation it is because the process on \\fileserver that is answering the network requests is a process working for a user on
another machine (\\clientpc) and that \\fileserver process doesn't have access to an encryption certificate (as it isn't a user). Active Directory gets around this by using kerberos so the process can impersonate a \\fileserver user and then use their certificate
(on behalf of the clienpc's data request).
This behaviour is confusing, as a \\clientpc can open or edit an existing efs encrypted file or folder, just can't create a new file or folder. The reason editing + opening an encrypted file over a network file share is possible is because the encrypted
file / folder already has an encryption certificate, so it is clear which certificate is required to open/edit the file. Creating a new file/folder requires a certificate to be assigned and a process doesn't have a profile or certificates assigned.
Solutions
There are two main approaches to solve this:
1) SOLVE by setting up an Active Directory (efs files accessed through file shares)
EFS operations occur on the computer storing the files.
EFS files are decrypted then transmitted in plaintext to the client's computer
This makes use of kerberos to impersonate a local user (and use their certificate for encrypt + decrypt)
2) SOLVE by setting up WebDAV (efs files accessed through web folders)
EFS operations occur on the client's local computer
EFS files remain encrypted during transmission to the client's local computer where it is decrypted
This avoids active directory domains, roaming or remote user profiles and having to be trusted for delegation.
BUT it is a pain to set up, and most online WebDAV server setup sources are not for home peer-to-peer networks or contain details on how to setup WebDAV for EFS file provision
READ BELOW as this does
Create new encrypted file / folder on a network file share - via Active Directory
It is easily possible to sort this out on a domain based (corporate) active directory network. It is well documented. See
here. However, the problem is on a normal Windows 7 install (ie home peer-to-peer) to set up the server as part of an active directory domain is complicated, it is time consuming it is bulky, adds burden to operation of \\fileserver computer
and adds network complexity, and is generally a pain for a home user. Don't. Use a WebDAV.
Although this info is NOT for setting up EFS on an active directory domain [server],
for those interested here is the gist:
Use the Active Directory Users and Computers snap-in to configure delegation options for both users and computers. To trust a computer for delegation, open the computer’s Properties sheet and select Trusted for delegation. To allow a user
account to be delegated, open the user’s Properties sheet. On the Account tab, under Account Options, clear the The account is sensitive and cannot be delegated check box. Do not select The account is trusted for delegation. This property is not used with
EFS.
NB: decrypted data is transmitted over the network in plaintext so reduce risk by enabling IP Security to use Encapsulating Security Payload (ESP)—which will encrypt transmitted data,
Create new encrypted file / folder on a network file share - via WebDAV
For home users it is possible to make it all work.
Even better, the functionality is built into windows (pro + ultimate) so you don't need any external software and it doesn't cost anything. However, there are a few hotfixes you have to apply to make it work (see below).
Setting up a wifi AP (for those less technical):
a) START ... CMD
b) type (no quotes): "netsh wlan set hostednetwork mode=allow ssid=MyPersonalWifi key=12345 keyUsage=persistent"
c) type (no quotes): "netsh wlan start hostednetwork"
Set up a WebDAV server on Windows 7 Pro / Ultimate
-----ON THE FILESERVER------
1 click START and type "Turn Windows Features On or Off" and open the link
a) scroll down to "Internet Information Services" and expand it.
b) put a tick in: "Web Management Tools" \ "IIS Management Console"
c) put a tick in: "World Wide Web Services" \ "Common HTTP Features" \ "WebDAV Publishing"
d) put a tick in: "World Wide Web Services" \ "Security" \ "Basic Authentication"
e) put a tick in: "World Wide Web Services" \ "Security" \ "Windows Authentication"
f) click ok
g) run HOTFIX - ONLY if NOT running Windows 7 / windows 8
KB892211 here ONLY for XP + Server 2003 (made in 2005)
KB907306 here ONLY for Vista, XP, Server 2008, Server 2003 (made in 2007)
2 Click START and type "Internet Information Services (IIS) Manager"
3 in IIS, on the left under "connections" click your computer, then click "WebDAV Authoring Rules", then click "Open Feature"
a) on the right side, under Actions, click "Enable WebDAV"
4 in IIS, on the left under "connections" click your computer, then click "Authentication", then click "Open Feature"
a) on the "Anonymous Authentication" and click "Disable"
b) on the "Windows Authentication" and click "Enable"
NB: Some Win 7 will not connect to a webDAV user using Basic Authentication.
It can be by changing registry key:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WebClient\Parameters]
BasicAuthLevel=2
c) on the "Windows Authentication" click "Advanced Settings"
set Extended Protection to "Required"
NB: Extended protection enhances the windows authentication with 2 security mechanisms to reduce "man in the middle" attacks
5 in IIS, on the left under "connections" click your computer, then click "Authorization Rules", then click "Open Feature"
a) on the right side, under Actions, click "Add Allow Rule"
b) set this to "all users". This will control who can view the "Default Site" through a web browser
NB: It is possible to specify a group (eg Administrators is popular) or a user account. However, if not set to "all users" this will require the specified group/user account to be used for logged in with on the
clientpc.
NB: Any user account specified here has to exist on the server. It has a bug in that it usernames specified here are not validated on input.
6 in IIS, on the left under "connections" click your computer, then click "Directory Browsing", then click "Open Feature"
a) on the right side, under Actions, click "Enable"
HOTFIX - double escaping
7 in IIS, on the left under "connections" click your computer, then click "Request Filtering", then click "Open Feature"
a) on the right side, under Actions, click "Edit Feature Settings"
b) tick the box "Allow double escaping"
*THIS IS VERY IMPORTANT* if your filenames or foldernames contain characters like "+" or "&"
These folders will appears blank with no subdirectories, or these files will not be readable unless this is ticked
This is safe btw. Unchecked (default) it filters out requests that might possibly be misinterpreted by buggy code (eg double decode or build url's via string-concat without proper encoding). But any bug would need to be in IIS basic
file serving and this has been rigorously tested by microsoft, so very unlikely. Its safe to "Allow double escaping".
8 in IIS, on the left under "connections" right click "Default Web Site", then click "Add Virtual Directory"
a) set the Alias to something sensible eg "D_Drive", set the physical path
b) it is essential you click "connect as" and set
this to a local user (on fileserver),
if left as "pass through authentication" a client won't be able to create a new file or folder in an encrypted efs folder (on fileserver)
NB: the user account selected here must have the required EFS certificates installed.
See
here and
here
NB: Sharing the root of a drive as an active directory (eg D:\ as "D_Drive") often can't be opened on clientpcs.
This is due to windows setting all drive roots as hidden "administrative shares". Grrr.
The work around is on the \\fileserver create an NTFS symbollic link
e.g. to share the entire contents of "D:\",
on fileserver browse to site path (iis default this to c:\inetpub\wwwroot)
in cmd in this folder create an NTFS symbolic link to "D:\"
so in cmd type "cd c:\inetpub\wwwroot"
then in cmd type "mklink /D D_Drive D:\"
NB: WebDAV will open this using a \\fileserver local user account, so double check local NTFS permissions for the local account (clients will login using)
NB: If clientpc can see files but gets error on opening them, on clientpc click START, type "Manage Network Passwords", delete any "windows credentials" for the fileserver being used, restart
clientpc
9 in IIS, on the left under "connections" click on "WebDAV Authoring Rules", then click "Open Feature"
a) click "Add authoring rules". Control access to this folder by selecting "all users" or "specified groups" or "specified users", then control whether they can read/write/source
b) if some exist review existing allow or deny.
Take care to not only review the "allow access to" settings
but also review "permissions" (read/write/source)
NB: this can be set here for all added virtual directories, or can be set under each virtual directory
10 Open your firewall software and/or your router. Make an exception for port 80 and 443
a) In Windows Firewall with Advanced Security click Inbound Rules, click New Rule
choose Port, enter "80, 443" (no speech marks), follow through to completion. Repeat for outbound.
NB: take care over your choice to untick "Public", this can cause issues if no gateway is specified on the network (ie computer-to-computer with no router). See "Other problems+fixes"
below, specifically "Cant find server due to network location"
b) Repeat firewall exceptions on each client computer you expect to access the webDAV web folders on
HOTFIX - MAJOR ISSUE - fix KB959439
11 To fully understand this read "WebDAV HOTFIX: RAW DATA TRANSFERS" below
a) On Windows 7 you need only change one tiny registry value:
- click START, type "regedit", open link
-browse to [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MRxDAV\Parameters]
-on the EDIT menu click NEW, then click DWORD Value
-Type "DisableEFSOnWebDav" to name it (no speech marks)
-on the EDIT menu, click MODIFY, type 1, then click OK
-You MUST now restart this computer for the registry change to take effect.
b) On Windows Server 2008 / Vista / XP you'll FIRST need to
download Windows6.0-KB959439 here. Then do the above step.
NB microsoft will ask for your email. They don't care about licence key legality, it is more to keep you updated if they modify that hotfix
12 To test on local machine (eg \\fileserver) and deliberately bypass the firewall.
a) make sure WebClient Service is running
(click START, type "services" and open, scroll down to WebClient and check its status)
b) Open your internet software. Go to address "http://localhost:80" or "http://localhost:80"
It should show the default "IIS7" image.
If not, as firewall and port blocking are bypassed (using localhost) it must be a webDAV server setting. Check "Authorization Rules" are set to "Allow All Users"
c) for one of the "virtual directories" you added (8), add its "alias" onto "http://localhost/"
e.g. http://localhost/D_drive
If nothing is listed, check "Directory Browsing" is enabled
13 To test on local machine or a networked client and deliberately try and access through the firewall or port opening of your router.
a) make sure WebClient Service is running
(click START, type "services" and open, scroll down to WebClient and check its status)
b) open your internet software. Go to address "http://<computer>:80" or "http://<computer>:80".
eg if your server's computer name is "fileserver" go to "http://fileserver:80"
It should show the default "IIS7" image. If not, check firewall and port blocking.
Any issue ie if (12) works but (13) doesn't, will indicate a possible firewall issue or router port blocking issue.
c) for one of the "virtual directories" you added (8), add its "alias" onto "http://<computername>:80/"
eg if alias is "C_driver" and your server's computer name is "fileserver" go to "http://fileserver:80/C_drive"
A directory listing of files should appear.
--- ON EACH CLIENT ----
HOTFIX - improve upload + download speeds
14 Click START and type "Internet Options" and open the link
a) click the "Connections" tab at the top
b) click the "LAN Settings" button at the bottom right
c) untick "Automatically detect settings"
HOTFIX - remove 50mb file limit
15 On Windows 7 you need only change one tiny registry value:
a) click START, type "regedit", open link
b) browse to [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WebClient\Parameters]
c) click on "FileSizeLimitInBytes"
d) on the EDIT menu, click MODIFY, type "ffffffff", then click OK (no quotes)
HOTFIX - remove prompt for user+pass on opening an office or pdf document via WebDAV
16 On each clientpc click START, type "Internet Options" and open it
a) click on "Security" (top) and then "Custom level" (bottom)
b) scroll right to the bottom and under "User Authentication" select "Automatic logon with current username and password"
SUCH an easy fix. SUCH an annoying problem on a clientpc
NB: this is only an issue if the file is opened through windows explorer. If opened through the "open" dialogue of the software itself, it doesn't happen. This is as a WebDAV mapped drive is consdered a "web folder" by windows
explorer.
TEST SETUP
17 On the client use the normal "map network drive"
e.g. server= "http://fileserver:80/C_drive", tick reconnect at logon
e.g. CMD: net use * "http://fileserver:80/C_drive"
If it doens't work check "WebDAV Authoring Rules" and check NTFS permissions for these folders. Check that on the filserver the elected impersonation user that the client is logging in with (clientpc
"manage network passwords") has NTFS permissions.
18 Test that EFS is now working over the network
a) On a clientpc, map network drive to http://fileserver/
b) navigate to a folder you know on the \\flieserver is encrypted with EFS
c) create a new folder, create a new file.
IF it throws an error, check carefully you mapped to the WebDAV and not file share
i.e. mapped to "http://fileserver" not "\\fileserver"
Check that on clientpc the required efs certificate is installed. Then check carefully on clientpc what user account you specified during the map drive process. Then check on the \\fileserver this
account exists and has the required EFS certificate installed for use. If necessary, on clientpc click START, type "Manage Network Passwords" and delete the windows credentials currently in the vault.
d) on clientpc (through a webDAV mapped folder) open an encrypted file, edit it, save it, close it. On the \\fileserver now check that file is readable and not gobble-de-goup
e) on clientpc copy an encrypted efs file into a folder (a webDAV mapped folder) you know is not encrypted on \\fileserver. Now check on the \\fileserver computer that the file is readable and not gobble-de-goup (ie the
clientpc decrypted it then copied it).
If this fails, it is likely one in IIS setting on fileserver one of the shared virtual directories is set to: "pass through authentication" when it should be set to "connect as"
If this is not readable check step (11) and that you restarted the \\fileserver computer.
19 Test that clients don't get the VERY annoying prompt when opening an Office or PDF doc
a) on clientpc in windows explorer browse to a mapped folder you know is encrypted and open an office file and then PDF.
If a prompt for user+pass then check hotfix (16)
20 Consider setting up a recycling bin for this mapped drive, so files are sent to recycling bin not permanently deleted
a) see the last comment at the very bottom of
this page:
Points to consider:
- NB: WebDAV runs on \\fileserver under a local user account, so double check local NTFS permissions for that local account and adjust file permissions accordingly. If the local account doesn't have permission, the webDAV / web folder share won't
either.
- CONSIDER: IP Security (IPSec) or Secure Sockets Layer (SSL) to protect files during transport.
MORE INFO: HOTFIX: RAW DATA TRANSFERS
More info on step (11) above.
Because files remain encrypted during the file transfer and are decrypted by EFS locally, both uploads to and downloads from Web folders are raw data transfers. This is an advantage as if data is intercepted it is useless. This is a massive disadvantage as
it can cause unexpected results. IT MUST BE FIXED or you could be in deep deep water!
Consider using \\clientpc to access a webfolder on \\fileserver and copying an encrypted EFS file (over the network) to a web folder on \\fileserver that is not encrypted.
Doing this locally would automatically decrypt the file first then copy the decrypted file to the non-encrypted folder.
Doing this over the network to a web folder will copy the raw data, ie skip the decryption stage and result in the encrypted EFS file being raw copied to the non-encrypted folder. When viewed locally this file will not be recognised as encrypted (no encryption
file flag, not green in windows explorer) but it will be un-readable as its contents are still encrypted. It is now not possible to locally read this file. It can only be viewed on the \\clientpc
There is a fix:
It is implimented above, see (11) above
Microsoft's support page on this is excellent and short. Read "problem description" of "this microsoft webpage"
Other problems + fixes
PROBLEM: Can't find server due to network location.
This one took me a long time to track down to "network location".
Win 7 uses network locations "Home" / "Work" / "Public".
If no gateway is specified in the IP address, the network is set to '"unidentified" and so receives "Public" settings.
This is a disaster for remote file share access as typically "network discovery" and "file sharing" are disabled under "Public"
FIX = either set IP address manually and specify a gateway
FIX = or force "unidentified" network locations to assume "home" or "work" settings -
read here or
here
FIX = or change the "Public" "advanced network settings" to turn on "network discovery" and "file sharing" and "Password Protected Sharing". This is safe as it will require a windows
login to gain file access.
PROBLEM: Deleting files on network drive permanently deletes them, there is no recycling bin
By changing the location of "My Contacts" or similar to the root directory of your mapped drive, it will be added to recycling bin locations
Read
here (i've posted a batch script to automatically make the required reg files)
I really hope this helps people. I hope the keywords + long title give it the best chance of being picked up in web searches.What probably happens is that processes are using those mounts. And that those processes are not killed before the mounts are unmounted. Is there anything that uses those mounts?
-
Active Directory replication and login errors (Plz HELP !!)
Hi All,
We have one forest domain (XXXX.LOCAL)and lots of child domains (XXX.XXXX.LOCAL).
We are facing issue that child domains are not able to login with forest administrator account and there are also lots of replication errors.
Exchange OWA gives error of not able to find particular XXX.XXX.local child domain.
dcdiag from child domain is :
C:\Windows\system32>
C:\Windows\system32>nltest.exe /dsregdns
Flags: 0
Connection Status = 1311 0x51f ERROR_NO_LOGON_SERVERS
The command completed successfully
C:\Windows\system32>nltest.exe /dsregdns
Flags: 0
Connection Status = 1311 0x51f ERROR_NO_LOGON_SERVERS
The command completed successfully
C:\Windows\system32>
C:\Windows\system32>dcdiag
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = PMA-DC01
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: HEC-CITY\PMA-DC01
Starting test: Connectivity
......................... PMA-DC01 passed test Connectivity
Doing primary tests
Testing server: HEC-CITY\PMA-DC01
Starting test: Advertising
Warning: PMA-DC01 is not advertising as a time server.
......................... PMA-DC01 failed test Advertising
Starting test: FrsEvent
......................... PMA-DC01 passed test FrsEvent
Starting test: DFSREvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... PMA-DC01 failed test DFSREvent
Starting test: SysVolCheck
......................... PMA-DC01 passed test SysVolCheck
Starting test: KccEvent
......................... PMA-DC01 passed test KccEvent
Starting test: KnowsOfRoleHolders
[PMA-DC02] DsBindWithSpnEx() failed with error -2146893022,
The target principal name is incorrect..
Warning: PMA-DC02 is the PDC Owner, but is not responding to DS RPC
Bind.
[PMA-DC02] LDAP bind failed with error 8341,
A directory service error has occurred..
Warning: PMA-DC02 is the PDC Owner, but is not responding to LDAP
Bind.
Warning: PMA-DC02 is the Rid Owner, but is not responding to DS RPC
Bind.
Warning: PMA-DC02 is the Rid Owner, but is not responding to LDAP
Bind.
Warning: PMA-DC02 is the Infrastructure Update Owner, but is not
responding to DS RPC Bind.
Warning: PMA-DC02 is the Infrastructure Update Owner, but is not
responding to LDAP Bind.
......................... PMA-DC01 failed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... PMA-DC01 passed test MachineAccount
Starting test: NCSecDesc
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
Fatal Error: Cannot retrieve SID
......................... PMA-DC01 failed test NCSecDesc
Starting test: NetLogons
......................... PMA-DC01 passed test NetLogons
Starting test: ObjectsReplicated
......................... PMA-DC01 passed test ObjectsReplicated
Starting test: Replications
[Replications Check,Replications Check] Inbound replication is
disabled.
To correct, run "repadmin /options PMA-DC01 -DISABLE_INBOUND_REPL"
[Replications Check,PMA-DC01] Outbound replication is disabled.
To correct, run "repadmin /options PMA-DC01 -DISABLE_OUTBOUND_REPL"
......................... PMA-DC01 failed test Replications
Starting test: RidManager
......................... PMA-DC01 failed test RidManager
Starting test: Services
w32time Service is stopped on [PMA-DC01]
......................... PMA-DC01 failed test Services
Starting test: SystemLog
A warning event occurred. EventID: 0x00000010
Time Generated: 04/21/2014 19:16:04
Event String:
Unable to Connect: Windows is unable to connect to the automatic upd
ates service and therefore cannot download and install updates according to the
set schedule. Windows will continue to try to establish a connection.
An error event occurred. EventID: 0x0000168E
Time Generated: 04/21/2014 19:44:42
Event String:
The dynamic registration of the DNS record '_kerberos._tcp.dc._msdcs
.PMA.XXXX.LOCAL. 600 IN SRV 0 100 88 PMA-DC01.PMA.XXXX.LOCAL.' failed on the fol
lowing DNS server:
An error event occurred. EventID: 0x0000168E
Time Generated: 04/21/2014 19:44:43
Event String:
The dynamic registration of the DNS record '_kerberos._tcp.PMA.XXXX.
LOCAL. 600 IN SRV 0 100 88 PMA-DC01.PMA.XXXX.LOCAL.' failed on the following DNS
server:
An error event occurred. EventID: 0x0000168E
Time Generated: 04/21/2014 19:44:43
Event String:
The dynamic registration of the DNS record '_kerberos._tcp.HEC-LAHOR
E._sites.PMA.XXXX.LOCAL. 600 IN SRV 0 100 88 PMA-DC01.PMA.XXXX.LOCAL.' failed on
the following DNS server:
An error event occurred. EventID: 0x0000168E
Time Generated: 04/21/2014 19:44:43
Event String:
The dynamic registration of the DNS record '_kerberos._udp.PMA.XXXX.
LOCAL. 600 IN SRV 0 100 88 PMA-DC01.PMA.XXXX.LOCAL.' failed on the following DNS
server:
An error event occurred. EventID: 0x0000168E
Time Generated: 04/21/2014 19:44:43
Event String:
The dynamic registration of the DNS record '_kpasswd._tcp.PMA.XXXX.L
OCAL. 600 IN SRV 0 100 464 PMA-DC01.PMA.XXXX.LOCAL.' failed on the following DNS
server:
An error event occurred. EventID: 0x0000168E
Time Generated: 04/21/2014 19:44:43
Event String:
The dynamic registration of the DNS record '_kpasswd._udp.PMA.XXXX.L
OCAL. 600 IN SRV 0 100 464 PMA-DC01.PMA.XXXX.LOCAL.' failed on the following DNS
server:
An error event occurred. EventID: 0x0000168E
Time Generated: 04/21/2014 19:44:43
Event String:
The dynamic registration of the DNS record '_kerberos._tcp.HEC-LAHOR
E._sites.dc._msdcs.PMA.XXXX.LOCAL. 600 IN SRV 0 100 88 PMA-DC01.PMA.XXXX.LOCAL.'
failed on the following DNS server:
An error event occurred. EventID: 0x00000C8A
Time Generated: 04/21/2014 19:44:51
Event String:
This computer could not authenticate with \\LHR-DC01.XXXX.LOCAL, a W
indows domain controller for domain XXXX, and therefore this computer might deny
logon requests. This inability to authenticate might be caused by another compu
ter on the same network using the same name or the password for this computer ac
count is not recognized. If this message appears again, contact your system admi
nistrator.
An error event occurred. EventID: 0xC00A0038
Time Generated: 04/21/2014 19:46:02
Event String:
The Terminal Server security layer detected an error in the protocol
stream and has disconnected the client. Client IP: 10.87.193.37.
An error event occurred. EventID: 0x40000004
Time Generated: 04/21/2014 19:52:41
Event String:
The Kerberos client received a KRB_AP_ERR_MODIFIED error from the se
rver pma-dc02$. The target name used was PMA\PMA-DC02$. This indicates that the
target server failed to decrypt the ticket provided by the client. This can occu
r when the target server principal name (SPN) is registered on an account other
than the account the target service is using. Please ensure that the target SPN
is registered on, and only registered on, the account used by the server. This e
rror can also happen when the target service is using a different password for t
he target service account than what the Kerberos Key Distribution Center (KDC) h
as for the target service account. Please ensure that the service on the server
and the KDC are both updated to use the current password. If the server name is
not fully qualified, and the target domain (PMA.XXXX.LOCAL) is different from th
e client domain (PMA.XXXX.LOCAL), check if there are identically named server ac
counts in these two domains, or use the fully-qualified name to identify the ser
ver.
A warning event occurred. EventID: 0x8000001C
Time Generated: 04/21/2014 19:53:42
Event String:
When generating a cross realm referal from domain XXXX.LOCAL the KDC
was not able to find the suitable key to verify the ticket. The ticket key vers
ion in the request was 25 and the available key version was 22. This most common
reason for this error is a delay in replicating the keys. In order to remove th
is problem try forcing replication or wait for the replication of keys to occur.
An error event occurred. EventID: 0x40000004
Time Generated: 04/21/2014 20:13:25
Event String:
The Kerberos client received a KRB_AP_ERR_MODIFIED error from the se
rver pma-dc02$. The target name used was LDAP/4a166db9-c39c-4069-99e7-8a233ce2c0
be._msdcs.XXXX.LOCAL. This indicates that the target server failed to decrypt th
e ticket provided by the client. This can occur when the target server principal
name (SPN) is registered on an account other than the account the target servic
e is using. Please ensure that the target SPN is registered on, and only registe
red on, the account used by the server. This error can also happen when the targ
et service is using a different password for the target service account than wha
t the Kerberos Key Distribution Center (KDC) has for the target service account.
Please ensure that the service on the server and the KDC are both updated to us
e the current password. If the server name is not fully qualified, and the targe
t domain (PMA.XXXX.LOCAL) is different from the client domain (PMA.XXXX.LOCAL),
check if there are identically named server accounts in these two domains, or us
e the fully-qualified name to identify the server.
An error event occurred. EventID: 0x40000004
Time Generated: 04/21/2014 20:13:25
Event String:
The Kerberos client received a KRB_AP_ERR_MODIFIED error from the se
rver pma-dc02$. The target name used was ldap/pma-dc02.pma.XXXX.LOCAL. This indi
cates that the target server failed to decrypt the ticket provided by the client
. This can occur when the target server principal name (SPN) is registered on an
account other than the account the target service is using. Please ensure that
the target SPN is registered on, and only registered on, the account used by the
server. This error can also happen when the target service is using a different
password for the target service account than what the Kerberos Key Distribution
Center (KDC) has for the target service account. Please ensure that the service
on the server and the KDC are both updated to use the current password. If the
server name is not fully qualified, and the target domain (PMA.XXXX.LOCAL) is di
fferent from the client domain (PMA.XXXX.LOCAL), check if there are identically
named server accounts in these two domains, or use the fully-qualified name to i
dentify the server.
......................... PMA-DC01 failed test SystemLog
Starting test: VerifyReferences
......................... PMA-DC01 passed test VerifyReferences
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : PMA
Starting test: CheckSDRefDom
......................... PMA passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... PMA passed test CrossRefValidation
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running enterprise tests on : XXXX.LOCAL
Starting test: LocatorCheck
......................... XXXX.LOCAL passed test LocatorCheck
Starting test: Intersite
......................... XXXX.LOCAL passed test Intersite
C:\Windows\system32>There are a number of things that can cause this, such as:
DNS is misconfigured to support a parent-child-additional tree forest.
Incorrect DNS zone replication scope for the design, which points back to the point #1.
AD Sites are misconfigured for the physical environment. For example if you have a hub and spoke physical environment, you can't use the default settings that bridge all sites (BASL) and must individually configure them.
Incorrect DNS settings on the DCs.
Multi-homed DCs.
Time service is not configured properly and/or syncing from the VM host, which should be configured otherwise (Microsoft, VMware and Citrix have KBs explaining this).
Default security settings at either the parent, child or both domains, have been altered.
Firewalls between DCs, such as perimeter firewalls, or installed antivirus protection features if not excluded on DCs properly, will cause this, too.
That's the short list. If you can describe some of the points above, it may help us pinpoint where the issue may be.
Some links that may help understand some of the bullet points:
AD Site Design, DNS & the DC Locator Process, and Auto Site Link Bridging, or Bridge All Site Links (BASL)
http://blogs.msmvps.com/acefekay/2013/02/24/ad-site-design-and-auto-site-link-bridging-or-bridge-all-site-links-basl/
DNS Design Options in a Multi-Domain Forest - How to create a Parent-Child DNS Delegation, and How to Configure DNS to create a new Tree in the Forest
Published by Ace Fekay, MCT, MVP DS on Oct 1, 2010 at 12:22 PM
http://msmvps.com/blogs/acefekay/archive/2010/10/01/dns-parent-child-dns-delegation-how-to-create-a-dns-delegation.aspx
Configuring the Windows Time Service for Windows 2000, 2003, 2008 and newer, explanation of the time service hierarchy, and more
Published by Ace Fekay, MCT, MVP DS on Sep 18, 2009 at 8:14 PM 3050 1
http://msmvps.com/blogs/acefekay/archive/2009/09/18/configuring-the-windows-time-service-for-windows-server.aspx
Ace Fekay
MVP, MCT, MCSE 2012, MCITP EA & MCTS Windows 2008/R2, Exchange 2013, 2010 EA & 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services
Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php
This posting is provided AS-IS with no warranties or guarantees and confers no rights. -
Active Directory domain controller could not be contacted
Hello
Help please.
I am trying to add a new server (2008) to domain 'bridgelimited.local' - only one DC (2003) doing everything at the moment. The plan is to add the new server, then move everything over from the old machine, then retire/upgrade the old machine and use as a backup.
I am currently trying to dcpromo on the new machine but I get the following error:
The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller for domain bridgelimited.local:
The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)
The query was for the SRV record for _ldap._tcp.dc._msdcs.bridgelimited.local
Common causes of this error include the following:
- The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses:
212.50.160.100
196.168.16.2
- One or more of the following zones do not include delegation to its child zone:
bridgelimited.local
local
. (the root zone)
For information about correcting this problem, click Help.
192.168.16.2 is IP address for the DC.
Any help would be grately appreciated.
Kind Regards
RichardManaged to get the DCDIAG
Here goes (I know my harddisk is failing - that's why I am desperate to get everything shifted to the new server).
Domain Controller Diagnosis
Performing initial setup:
* Verifying that the local machine bridgeserver, is a DC.
* Connecting to directory service on server bridgeserver.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 1 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\BRIDGESERVER
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... BRIDGESERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\BRIDGESERVER
Starting test: Replications
* Replications Check
* Replication Latency Check
DC=ForestDnsZones,DC=BridgeLimited,DC=local
Latency information for 2 entries in the vector were ignored.
2 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
DC=DomainDnsZones,DC=BridgeLimited,DC=local
Latency information for 2 entries in the vector were ignored.
2 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
CN=Schema,CN=Configuration,DC=BridgeLimited,DC=local
Latency information for 2 entries in the vector were ignored.
2 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
CN=Configuration,DC=BridgeLimited,DC=local
Latency information for 2 entries in the vector were ignored.
2 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
DC=BridgeLimited,DC=local
Latency information for 2 entries in the vector were ignored.
2 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
* Replication Site Latency Check
......................... BRIDGESERVER passed test Replications
Starting test: Topology
* Configuration Topology Integrity Check
* Analyzing the connection topology for DC=ForestDnsZones,DC=BridgeLimited,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for DC=DomainDnsZones,DC=BridgeLimited,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for CN=Schema,CN=Configuration,DC=BridgeLimited,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for CN=Configuration,DC=BridgeLimited,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for DC=BridgeLimited,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... BRIDGESERVER passed test Topology
Starting test: CutoffServers
* Configuration Topology Aliveness Check
* Analyzing the alive system replication topology for DC=ForestDnsZones,DC=BridgeLimited,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for DC=DomainDnsZones,DC=BridgeLimited,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for CN=Schema,CN=Configuration,DC=BridgeLimited,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for CN=Configuration,DC=BridgeLimited,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for DC=BridgeLimited,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... BRIDGESERVER passed test CutoffServers
Starting test: NCSecDesc
* Security Permissions Check for
DC=ForestDnsZones,DC=BridgeLimited,DC=local
(NDNC,Version 2)
* Security Permissions Check for
DC=DomainDnsZones,DC=BridgeLimited,DC=local
(NDNC,Version 2)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=BridgeLimited,DC=local
(Schema,Version 2)
* Security Permissions Check for
CN=Configuration,DC=BridgeLimited,DC=local
(Configuration,Version 2)
* Security Permissions Check for
DC=BridgeLimited,DC=local
(Domain,Version 2)
......................... BRIDGESERVER passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
......................... BRIDGESERVER passed test NetLogons
Starting test: Advertising
The DC BRIDGESERVER is advertising itself as a DC and having a DS.
The DC BRIDGESERVER is advertising as an LDAP server
The DC BRIDGESERVER is advertising as having a writeable directory
The DC BRIDGESERVER is advertising as a Key Distribution Center
The DC BRIDGESERVER is advertising as a time server
The DS BRIDGESERVER is advertising as a GC.
......................... BRIDGESERVER passed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=BRIDGESERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=BridgeLimited,DC=local
Role Domain Owner = CN=NTDS Settings,CN=BRIDGESERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=BridgeLimited,DC=local
Role PDC Owner = CN=NTDS Settings,CN=BRIDGESERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=BridgeLimited,DC=local
Role Rid Owner = CN=NTDS Settings,CN=BRIDGESERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=BridgeLimited,DC=local
Role Infrastructure Update Owner = CN=NTDS Settings,CN=BRIDGESERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=BridgeLimited,DC=local
......................... BRIDGESERVER passed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 2609 to 1073741823
* bridgeserver.BridgeLimited.local is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 2109 to 2608
* rIDPreviousAllocationPool is 2109 to 2608
* rIDNextRID: 2121
......................... BRIDGESERVER passed test RidManager
Starting test: MachineAccount
* SPN found :LDAP/bridgeserver.BridgeLimited.local/BridgeLimited.local
* SPN found :LDAP/bridgeserver.BridgeLimited.local
* SPN found :LDAP/BRIDGESERVER
* SPN found :LDAP/bridgeserver.BridgeLimited.local/BRIDGELIMITED
* SPN found :LDAP/96d36b0b-a148-4c2f-b3d3-8c2ac83fcaf9._msdcs.BridgeLimited.local
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/96d36b0b-a148-4c2f-b3d3-8c2ac83fcaf9/BridgeLimited.local
* SPN found :HOST/bridgeserver.BridgeLimited.local/BridgeLimited.local
* SPN found :HOST/bridgeserver.BridgeLimited.local
* SPN found :HOST/BRIDGESERVER
* SPN found :HOST/bridgeserver.BridgeLimited.local/BRIDGELIMITED
* SPN found :GC/bridgeserver.BridgeLimited.local/BridgeLimited.local
......................... BRIDGESERVER passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
IsmServ Service is stopped on [BRIDGESERVER]
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: w32time
* Checking Service: NETLOGON
......................... BRIDGESERVER failed test Services
Starting test: OutboundSecureChannels
* The Outbound Secure Channels test
** Did not run Outbound Secure Channels test
because /testdomain: was not entered
......................... BRIDGESERVER passed test OutboundSecureChannels
Starting test: ObjectsReplicated
BRIDGESERVER is in domain DC=BridgeLimited,DC=local
Checking for CN=BRIDGESERVER,OU=Domain Controllers,DC=BridgeLimited,DC=local in domain DC=BridgeLimited,DC=local on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=BRIDGESERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=BridgeLimited,DC=local in domain CN=Configuration,DC=BridgeLimited,DC=local on 1 servers
Object is up-to-date on all servers.
......................... BRIDGESERVER passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... BRIDGESERVER passed test frssysvol
Starting test: frsevent
* The File Replication Service Event log test
......................... BRIDGESERVER passed test frsevent
Starting test: kccevent
* The KCC Event log test
Found no KCC errors in Directory Service Event log in the last 15 minutes.
......................... BRIDGESERVER passed test kccevent
Starting test: systemlog
* The System Event log test
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 16:47:27
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 16:47:41
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 16:47:55
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 16:48:09
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 16:48:23
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 16:48:38
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 16:48:52
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 16:49:06
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 16:49:20
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 16:49:54
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 16:50:08
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 16:50:22
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 16:51:33
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 16:51:53
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 16:52:07
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 16:52:21
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 16:52:35
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 16:52:49
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 16:53:03
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 16:53:17
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 16:53:31
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 16:53:45
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 17:12:23
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 17:12:37
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 17:12:51
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 17:13:05
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 17:13:19
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 17:13:33
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 17:13:47
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 17:14:01
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 17:14:15
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 17:15:24
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 17:15:38
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 17:15:53
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 17:16:07
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 17:16:21
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 17:16:35
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 17:16:49
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 17:17:03
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
An Error Event occured. EventID: 0xC0040075
Time Generated: 09/10/2009 17:17:17
Event String: The driver for device \Device\Scsi\hpt3xx1
detected a port timeout due to prolonged
inactivity. All associated busses were reset in
an effort to clear the condition.
......................... BRIDGESERVER failed test systemlog
Starting test: VerifyReplicas
......................... BRIDGESERVER passed test VerifyReplicas
Starting test: VerifyReferences
The system object reference (serverReference)
CN=BRIDGESERVER,OU=Domain Controllers,DC=BridgeLimited,DC=local and
backlink on
CN=BRIDGESERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=BridgeLimited,DC=local
are correct.
The system object reference (frsComputerReferenceBL)
CN=BRIDGESERVER,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=BridgeLimited,DC=local
and backlink on
CN=BRIDGESERVER,OU=Domain Controllers,DC=BridgeLimited,DC=local are
correct.
The system object reference (serverReferenceBL)
CN=BRIDGESERVER,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=BridgeLimited,DC=local
and backlink on
CN=NTDS Settings,CN=BRIDGESERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=BridgeLimited,DC=local
are correct.
......................... BRIDGESERVER passed test VerifyReferences
Starting test: VerifyEnterpriseReferences
......................... BRIDGESERVER passed test VerifyEnterpriseReferences
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : BridgeLimited
Starting test: CrossRefValidation
......................... BridgeLimited passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... BridgeLimited passed test CheckSDRefDom
Running enterprise tests on : BridgeLimited.local
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope
provided by the command line arguments provided.
......................... BridgeLimited.local passed test Intersite
Starting test: FsmoCheck
GC Name: \\bridgeserver.BridgeLimited.local
Locator Flags: 0xe00003fd
PDC Name: \\bridgeserver.BridgeLimited.local
Locator Flags: 0xe00003fd
Time Server Name: \\bridgeserver.BridgeLimited.local
Locator Flags: 0xe00003fd
Preferred Time Server Name: \\bridgeserver.BridgeLimited.local
Locator Flags: 0xe00003fd
KDC Name: \\bridgeserver.BridgeLimited.local
Locator Flags: 0xe00003fd
......................... BridgeLimited.local passed test FsmoCheck
The only thing I can see (other then the HDD) is the
IsmServ Service is stopped on [BRIDGESERVER]
Hope you can help. Pretty please.
Kind Regards
Richard -
FTP outbound header name duplication
Version: 10.1.2.0.2
We are experiencing a problem with FTP adapter. When more than 3 or so files are simultaneously placed on the inbound directory[ftp], the BPEL process picks up the files but when it writes out to the outbound directory[FTP], the same filename is being used for file 3,4,5 etc.
Thus less files are placed than what were received.
The opmn logs will explain it better:
<2007-08-10 10:11:07,590> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Processing file : /Koppelvlakke/DATA OUT/CAS/TGB/1.NUW
<2007-08-10 10:11:07,591> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Processing file : /Koppelvlakke/DATA OUT/CAS/TGB/2.NUW
<2007-08-10 10:11:07,591> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Processing file : /Koppelvlakke/DATA OUT/CAS/TGB/3.NUW
<2007-08-10 10:11:07,591> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Processing file : /Koppelvlakke/DATA OUT/CAS/TGB/5.NUW
<2007-08-10 10:11:07,601> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Sending message to Adapter Framework for posting to BPEL engine: {
file=/Koppelvlakke/DATA OUT/CAS/TGB/1.NUW
<2007-08-10 10:11:07,601> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Sending message to Adapter Framework for posting to BPEL engine: {
file=/Koppelvlakke/DATA OUT/CAS/TGB/5.NUW
<2007-08-10 10:11:07,608> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Sending message to Adapter Framework for posting to BPEL engine: {
file=/Koppelvlakke/DATA OUT/CAS/TGB/3.NUW
<2007-08-10 10:11:07,614> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Sending message to Adapter Framework for posting to BPEL engine: {
file=/Koppelvlakke/DATA OUT/CAS/TGB/2.NUW
<2007-08-10 10:11:07,641> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Copying file :/Koppelvlakke/DATA OUT/CAS/TGB/5.NUW to user-defined archive directory for processed files :/fortepuk/Toets/CAS
<2007-08-10 10:11:07,649> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Deleting file : /Koppelvlakke/DATA OUT/CAS/TGB/5.NUW after processing.
<2007-08-10 10:11:07,652> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Done processing File : /Koppelvlakke/DATA OUT/CAS/TGB/5.NUW
<2007-08-10 10:11:07,652> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Processing file : /Koppelvlakke/DATA OUT/CAS/TGB/6.NUW
<2007-08-10 10:11:07,655> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Copying file :/Koppelvlakke/DATA OUT/CAS/TGB/1.NUW to user-defined archive directory for processed files :/fortepuk/Toets/CAS
<2007-08-10 10:11:07,658> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Copying file :/Koppelvlakke/DATA OUT/CAS/TGB/3.NUW to user-defined archive directory for processed files :/fortepuk/Toets/CAS
<2007-08-10 10:11:07,662> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Sending message to Adapter Framework for posting to BPEL engine: {
file=/Koppelvlakke/DATA OUT/CAS/TGB/6.NUW
<2007-08-10 10:11:07,662> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> File Adapter received an input Record
<2007-08-10 10:11:07,663> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Considering header for output filename, output filename from header: 5.NUW
<2007-08-10 10:11:07,665> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Outbound Translation done.
<2007-08-10 10:11:07,671> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Deleting file : /Koppelvlakke/DATA OUT/CAS/TGB/3.NUW after processing.
<2007-08-10 10:11:07,674> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Copying file :/Koppelvlakke/DATA OUT/CAS/TGB/6.NUW to user-defined archive directory for processed files :/fortepuk/Toets/CAS
<2007-08-10 10:11:07,682> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> File Adapter received an input Record
<2007-08-10 10:11:07,682> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Considering header for output filename, output filename from header: 1.NUW
<2007-08-10 10:11:07,683> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> File Adapter received an input Record
<2007-08-10 10:11:07,683> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Considering header for output filename, output filename from header: 6.NUW
<2007-08-10 10:11:07,684> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Deleting file : /Koppelvlakke/DATA OUT/CAS/TGB/1.NUW after processing.
<2007-08-10 10:11:07,684> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Done processing File : /Koppelvlakke/DATA OUT/CAS/TGB/3.NUW
<2007-08-10 10:11:07,685> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> File Adapter received an input Record
<2007-08-10 10:11:07,685> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Considering header for output filename, output filename from header: 3.NUW
<2007-08-10 10:11:07,687> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Done processing File : /Koppelvlakke/DATA OUT/CAS/TGB/1.NUW
<2007-08-10 10:11:07,688> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Copying file :/Koppelvlakke/DATA OUT/CAS/TGB/2.NUW to user-defined archive directory for processed files :/fortepuk/Toets/CAS
<2007-08-10 10:11:07,690> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Deleting file : /Koppelvlakke/DATA OUT/CAS/TGB/6.NUW after processing.
<2007-08-10 10:11:07,692> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Done processing File : /Koppelvlakke/DATA OUT/CAS/TGB/6.NUW
<2007-08-10 10:11:07,693> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Deleting file : /Koppelvlakke/DATA OUT/CAS/TGB/2.NUW after processing.
<2007-08-10 10:11:07,695> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Done processing File : /Koppelvlakke/DATA OUT/CAS/TGB/2.NUW
<2007-08-10 10:11:07,709> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> File Adapter received an input Record
<2007-08-10 10:11:07,709> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Considering header for output filename, output filename from header: 2.NUW
<2007-08-10 10:11:07,738> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Done Writing to output file 5.NUW in dir BPELPRODTESTRUN !!
<2007-08-10 10:11:07,738> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Interaction gets a ok response
<2007-08-10 10:11:07,738> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Done with Input Record
<2007-08-10 10:11:07,744> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Outbound Translation done.
<2007-08-10 10:11:07,837> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Done Writing to output file 2.NUW in dir BPELPRODTESTRUN !!
<2007-08-10 10:11:07,837> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Interaction gets a ok response
<2007-08-10 10:11:07,837> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Done with Input Record
<2007-08-10 10:11:07,843> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Outbound Translation done.
<2007-08-10 10:11:07,971> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Done Writing to output file[b] 2.NUW in dir BPELPRODTESTRUN !!
<2007-08-10 10:11:07,971> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Interaction gets a ok response
<2007-08-10 10:11:07,971> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Done with Input Record
<2007-08-10 10:11:07,989> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Outbound Translation done.
<2007-08-10 10:11:08,086> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Done Writing to output file 2.NUW in dir BPELPRODTESTRUN !!
<2007-08-10 10:11:08,086> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Interaction gets a ok response
<2007-08-10 10:11:08,086> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Done with Input Record
<2007-08-10 10:11:08,088> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Outbound Translation done.
<2007-08-10 10:11:08,415> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Done Writing to output file 2.NUW in dir BPELPRODTESTRUN !!
<2007-08-10 10:11:08,415> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Interaction gets a ok response
<2007-08-10 10:11:08,415> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Done with Input Record
<2007-08-10 10:11:08,592> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Processing file : /Koppelvlakke/DATA OUT/CAS/TGB/4.NUW
<2007-08-10 10:11:08,604> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Sending message to Adapter Framework for posting to BPEL engine: {
file=/Koppelvlakke/DATA OUT/CAS/TGB/4.NUW
<2007-08-10 10:11:08,660> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Copying file :/Koppelvlakke/DATA OUT/CAS/TGB/4.NUW to user-defined archive directory for processed files :/fortepuk/Toets/CAS
<2007-08-10 10:11:08,668> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Deleting file : /Koppelvlakke/DATA OUT/CAS/TGB/4.NUW after processing.
<2007-08-10 10:11:08,671> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Done processing File : /Koppelvlakke/DATA OUT/CAS/TGB/4.NUW
<2007-08-10 10:11:08,693> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> File Adapter received an input Record
<2007-08-10 10:11:08,693> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Considering header for output filename, output filename from header: 4.NUW
<2007-08-10 10:11:08,700> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Outbound Translation done.
<2007-08-10 10:11:08,766> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Done Writing to output file 4.NUW in dir BPELPRODTESTRUN !!
<2007-08-10 10:11:08,766> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Interaction gets a ok response
<2007-08-10 10:11:08,766> <INFO> <default.collaxa.cube.activation> <File Adapter::Inbound> Done with Input Record
From the above - bold - it is clear that the BPEL engine duplicates the same file name. Only 5,4 and 2 were written to outbound directory and should have been 1,2,3,4,5 nad 6.NUW
Is this a bug or are there any workarounds.
This holds back new production services.
Regards
HerbertHi,
Go thro' the URL:
http://abhishek-soablog.blogspot.com
Cheers,
Abhi...
Maybe you are looking for
-
Many Sporadic Preview Related Issues
Not sure if this is where to post/report Lightroom 5 issues or not, but here are preview-related issues I am experiencing... Preview panel "preview" freezes indefinitely. App very slow to load while creating new previews. (previews take forever to cr
-
How to change the value boimg://
In Webi document reports, our developpers use images for company logos through URLs, which are not handled when converted to PDF. So they were told to use the BOIMG:// value which refers to a local folder on the BO server where the images should be s
-
iTunes Match keeps "gathering information" on my library, in a loop, without ever making to step 2. I know others have experienced the same issue, but the only advice given was for PC users. Am on Mac. Admittedly, my library is huge (over 10,000 song
-
I've double clicked the home button and closed all other apps other than the one I'm using. That doesn't seem to help. Is there something else I can do?
-
Exchange Crawl Error referring to disk space
We have a number of Exchange 5.5 crawls that have started to fall over. I think the problem also manifests itself in the Adminin tool when I try to ammend any of the crawls concerned as I get a SOAP error displayed. When I look in PTSPY I see the fol