PKI Design / Migration - Questions

Similar Messages

• Analysis Authorization Migration Question

  Analysis Authorization Migration Question
  This is detail Question
  1)     I am testing Analysis Authorization Migration in NW2004s SP9 and have applied all OSS notes that are relevant to SP09 and are coming in SP10.
  2)     We have 2 Info object flagged as Authorization relevant 0COMP_CODE and 0COSTCENTER
  3)     We have Object level security set-up in BW 3.x system and for a role we have specified values like 0COMP_CODE has value 1000, 1800. “:”. In the same role we have specified 0COSTCENTER value 130001 to 180001, “:”  and hierarchy node.
  4)     When we migrate to Analysis Authorizations, using RSEC_MIGRATION, this program creates 2 Authorizations ZCOCODE00 & ZCOSTCTRH00. Both of them have 0COMP_CODE and 0COST_CENTER Objects.
  5)     ZCOCODE00 authorization gets value 0COMP_CODE values 1000, 1800. “:” and 0COSTCENTER Value “:”.
  6)     On the same line ZCOSTCTRH00 gets value 130001 to 180001, “:”  and 0COMP_CODE “:”.
  1st Question:
  1)     Why does it create 2 Authorizations?
  2)     During Checking it does not pass the authorizations, because it seems to me that it fails in Optimization process.
  3)     I manually merge the authorizations in “ONE” object then authorization check passes.  In other word if I combine ZCOSTCTRH00 & ZCOCODE00 then Query authorization check passes.
  Any one is struggling on this.
  Please note, I am doing Migration so that it updates existing Profiles (Roles now from SP9).
  Any comments will be very help full.
  Pankaj Gupta

  Hello Pankaj
  There are some basic misunderstandings on your side.
  Let me try to clarify:
  First we should distinguish between migration of authorizations and of what a query does with them.
  You had 2 auth objects before migration (in 3.x).
  Of course, they must be migrated to 2 new analysis auths.
  There is no general possibility to combine authorizations to a single one as the may appear in different roles and users. Moreover this would kill performance and finally, nobody would recognize the origin.
  Only in very restricted cases one could think of a combination of auths which come out of migration. But, then people loose overview about what goes on.
  Before the corrections in note "Migration IV" the : had not been inserted but now it is for good reasons.
  Now, accept for the moment that you receive 2 auths.
  Then, you cannnot (must not) combine the 2 resulting authorizations!
  <b>Authorization 1</b>
  COMP_CODE : 1000, 1300, “:”
  Cost Center : “:”
  <b>Authorizations 2</b>
  Comp_Code “:”
  Cost Center : 3100001-31999999; “:” plus a Hierarchy Node.
  This means that e.g. combination
  COMP_CODE 1000
  COST_CENTER 3100001-31999999
  <u>is not allowed!!!</u> Therefore, they must not be combined!
  Also, the query and its optimization is comepletely independent of the migration. And here, during query run time the auths cannot be combined. It is no failure!
  Moreover, the merging optimization is just a performance optimizaiton and has nothing to do with whether the query result is authorized or not.
  If you combine them manually you have authorized different combinations.
  Well, now you may wonder why you get 2 auths at all which leads to a "no auth" result in the query execution.
  The reason is, that in 3.x where you got a result with your 2 auth objects the modeling was wrong.
  If you want to authorize any combination of characteristic values, you should combine these characteritics together in one auth object, not in 2!
  (In BI7.0 it works like that but not in 3.x)
  But you defined 2 which may be valid even in several other InfoProviders independently and not even at the same time. Moreover, the auth objects may come from different roles and may be assigend to different users which then have completely different auth content. In general it is not possible to combine different auth objects or to find out those special situations which nevertheless allow for such optimizations. If you re-do a migration with more objects and users you could even receive different results which is also not satisfying.
  Therefore, instead, the mechanism was introduced to insert a : auth to those characteristics that are auth relevant (and checked now with 7.0) but not in the currently processed auth object.
  In you special case it may have made sense to combine them but not in general. And a migration can only try to work as general as possible.
  For your application you may combine the 2 auths manually if you want to allow also the crossover combinations
  COMP_CODE 1000
  COST_CENTER 3100001-31999999
  Best regards
  Peter John
  BI Development

• Exchange 2013 Migration Questions

  Exchange 2013 SP1 to a new server. I just realized that I have been asking migration questions on the "general" forum. Here's the deal:
  We just want to move to a newer server and reuse the "old" server as a DAG member. We have a production exchange 2013 SP1 server and I found that the DB is not on a RAID'ed drive. So, we purchased a server. I installed 2012 R2 and all windows updates.
  Then installed exchange 2013 SP1. Then got our AS/AV software installed. When I boot the new server up and login to ECP, it sees all the exchange users, DB and info. So, I followed:
  http://technet.microsoft.com/en-us/library/dd876926(v=exchg.150).aspx
  to migrate users and current email to the new DB. However, when users logged in their current email was not there. I also tried to use the ECP migration option and this resulted in the same, users old email was not in their inbox. So I had to perform that
  same process on the old DB to get users old email back. I then tried to use the migration option in the ECP->same issue. So as of now, we are on the old DB and things are working fine.
  According to:
  http://technet.microsoft.com/en-us/library/aa997006(v=exchg.65).aspx
  When moving from server to server, the DB filename must be the same. The non-production server does not have the same DB filename. Could this be the problem? Could someone point me to documentation on migrating from server to server

  So I ran Get-Mailbox -Database “Source Database Name” " -ResultSize Unlimited | New-MoveRequest -TargetDatabase “Target Database Name” and moved all the user mailboxes. Then moved the system mailboxes, public folders and
  OAB. Adjusted send connector to reflect new server. Log in as a user, all email is there. Great! Dismount the old DB. Wait a few minutes and user email is still there. Woohoo! Shut down the old exchange server and a few minutes later, all email is gone. Boo!
  Boot the old server back up and mount the old DB, all email is back in user inbox. How do I use only the new DB in exchange 2013?
  So I just dismounted the old DB and all email stays in users inbox?! So it must be something with the old server that did not get moved over but for the life of me I cant figure out what

• How to remove app designer migration access from the Developer id

  Team,
  Please guide me with steps to remove app designer migration access from the Developer id.
  I want that developer can create the project but do not have migration access.
  Rgds,

  Did you already remove the other permission lists/roles you identified in your previous response like I told you to do in my first response?  The user can have no permission lists that grant this access.  Working with a clone of VP1 is a bad strategy.  Security should be handled from the bottom up, adding what is required for a user to perform their necessary functions.  Cloning VP1 and removing roles/permissions is security from the top down and will undoubtedly leave you with a user that is still granted more access than you like even after removing this particular access.  You should really be working with your companies security admin on this, they may have a standard way of doing this.  Many places I've been use custom roles and permission lists when deviating from the Oracle delivered security.
  Does ABC user still have any access to UPGRADE?
  select ru.roleuser, ru.rolename, rc.classid, ai.barname from psroleuser ru
  join psroleclass rc on ru.rolename = rc.rolename
  join psauthitem ai on ai.classid = rc.classid
  where ai.menuname = 'APPLICATION_DESIGNER'
  and ai.barname = 'UPGRADE'
  and ru.roleuser = 'ABC'

• Iprint migration question

  We had to back out of a migration last week because of issues with edir version on Netware. I've updated that and TSA, but another question just came up. I'm migrating iPrint from a cluster, plus doing transfer ID. If I choose cluster resource on the source server in miggui, I only get the consolidate option. Does that mean I need to first run a consolidation job just for iprint and then go back and run the transfer ID? Or will the consolidation screw up a transfer ID?

  $(UService migrations based on cluster resources and Transfer ID are separated in Migration Tools (miggui). You need to execute Cluster based iPrint migration in one project and Transfer ID migration in another project.
  Perform all service consolidation migrations and make sure they are all completed/synced and working before attempting Transfer ID.
  >>>
  From:
  zenking<[email protected]>
  To:
  novell.support.open-enterprise-server.migration
  Date:
  07/22/2010 02:26 AM
  Subject:
  iprint migration question
  We had to back out of a migration last week because of issues with edir
  version on Netware. I've updated that and TSA, but another question just
  came up. I'm migrating iPrint from a cluster, plus doing transfer ID.
  If I choose cluster resource on the source server in miggui, I only get
  the consolidate option. Does that mean I need to first run a
  consolidation job just for iprint and then go back and run the transfer
  ID? Or will the consolidation screw up a transfer ID?
  zenking
  zenking's Profile: http://forums.novell.com/member.php?userid=2813
  View this thread: http://forums.novell.com/showthread.php?t=416302

• Forms system potential migration questions.

  We have a forms and reports based system built in 10g.
  We are considering migrating to 11g forms and reports but long term moving to ADF or APEX.
  We are generally a data entry system run on intranet so my prefernence has always been APEX but management are trying to follow the Oracle roadmap which is pushing ADF.
  We are a small outfit so the solution we choose will probably be the one which offers the quickest development times.
  I have signed up for apex.oracle.com to have a play but seems to be taking forever to get approval!
  A few questions re APEX (apologies if these are really simple)
  1) How is user access controlled. Currently all our users login via one SYSDBA user. Our current system has a logon box which then allows access to the screens they can amend. I assume APEX uses the DB user access rights?
  2) How easy is it to deploy fixes etc? We have upwards of 200 customer sites. We currently distribute fmx an RDF files on a monthly basis.
  3) Can you use key strokes? Many customers like the F Keys to be used as quick keys? i.e. in forms F10 can be save, F3 can be clear etc
  4) Can we use our existing database? Although this is many years old and all the correct constraints may not be in place (ie. a few FK/indexes may be missing - but we could try and tidy up pre migration) would it be possible to use this. We are consdiering rewriting the database but most customers will want to bring through their old data and have custom reports built on these so would struggle to rewrite)
  5) How is inheritance handled? In our forms environment all our items are inherited from one point so if we change that one point it follows through the system
  6) I have seen online demo were by people are creating mini databases from spreadsheets. Can it be setup so the users can create things like this without affecting other areas of the system?
  7) Any pros/Cons when comparing to ADF
  8) Any people any fedback from migrating from Forms
  Any feedback at all is greatfully recieved.
  Im looking forward to the online demo.

  Sure Oracle pushes ADF, because it has cost them $$$$$$ and they want to get that back. Apex is part of the database, and as such you already have a license for it. No need for a Weblogic or OAS license.
  seems to be taking forever to get approval!Went pretty fast for me a few years ago. 1-2 days if I remember correctly.
  1) There are pre-built authentication methods, but you can also create your own method (which most people do).
  I assume APEX uses the DB user access rights?As in most web applications, there is only one user that actually accesses the database. And I would never ever make that a SYSDBA user!
  Other users may log in via username/password that can be stored in Apex tables or your own tables. They can also be actual database users. However, since they do not connect to the database, their roles are irrelevant. You may use these roles to check authorization in your application, though.
  2) Apex exports applications in a sql file, so you can deploy applications via sqlplus (or via the Apex administrator page).
  3) The keys are actually browser keys, so you are very limited. You can use some Javascript, but forget about something like F7-F8 combination. It doesn't matter what technology you use, web is different from client/server (or the Forms Java applet). You have to rethink GUI concepts coming from Forms and going to browser applications.
  4) Yes. But like Forms, good database design makes thinks easier (like using wizards).
  5) There are all kinds of places where you can set defaults, templates etc.
  6) Yes.
  7) Google for discussions on ADF vs Apex.
  8) We use it side by side. No plans to recreate Forms as an Apex application.
  Depending on the size of your Forms app, it may take a long time to re-create it in Apex. There are some Forms migration tools in Apex, but I wouldn't use those. They cannot migrate the Forms code anyway, since a browser doesn't understand pl/sql code. As said, you really have to rethink your GUI when moving to a web app.

• Adobe Output Designer Migration

  Hello,
  our customer has implemented Adobe Output Designer version 5.6 in Poland. We were asked for outsourcing of their Adobe printing solution. Could somebody help us please to answer the following questions:
  1) Is it possible to migrate content of Adobe Central Output Server resp. Adobe Output Designer without physically moving hardware? If yes, how can be such migration provided?
  2) Do we need to install the same version 5.6 of the Adobe Output Designer or we can install the version 5.7 and migrate the Adobe Output Designer content?
  Thank you
  Martin Dedouch

  Look here: http://www.adobe.com/products/server/outputdesigner/overview.html
  There is a link at the top to have Adobe contact you.

• Software migration questions- from Crystal 9 or 11 to CR4E

  Hello, this is my first post here.
  I'm a system's analyst and I have been working with crystal reports since 2003. My company's product has a report module and basically its architecture is based on jsp, java, asp and crystal reports ( we have over 200 reports ).
  My first big task related to that architeture was making it able to support crystal XI as well, I was able to do it in about 1 week.
  Yesterday I started designing a project in order to eliminate dictionary labels in .mdb files, and putting them on .properties files or direct in database. Looking for some ideas on how to do it, I was able to find out cr4e version.
  I already downloaded it, installed and imported some reports into it, and it worked great.
  Now, taking a closer look at this new version of crystal reports I was wondering if I could put it into my project. The main idea is to elimante the asp pages, odbc connections and those label dictionaries I have in mdb format.
  My first question is: which libraries should I carry to my existing application?
  I mean, I already have a application done and I don't want to start a new one, I just want to add to my application the libraries that I really need to  make it works.
  The second question: Am I able to do such things as I did on ASP pages using JSP with those libraries? For example, I used to replace labels within a report just by making connections on asp, running through the report sessions and replacing its labels depending on user's language.
  Hopefully, If I could do it I'b be able to make the application's performance better.
  Well, if someone is able to answer those questions I'd able to continue my project and then migrate to this new version and see how it goes.
  Thank you very much.
  Paulo.

  Since you were using ASP pages to modify Crystal Report 9, I'm assuming you were using the Report Designer Component (RDC) SDK.  The RDC has report creation/modification that allows one to alter text objects within the report before refreshing it.
  Crystal Reports for Eclipse currently doesn't have report creation/modification capabilities - they're there (it uses a version of the Report Application Server SDK), but not currently tested for public developer use. 
  Sincerely,
  Ted Ueda

• IBM Domino to Exchange 2013 Migration question

  I've been tasked with looking into migrating our company of 5500+ Domino users to Exchange 2013.  Currently, my Domino servers spread across the county and not all in one location.  Is there a document/guide that can help me get an understanding
  on what type of environment I can take my hub/spoke Domino environment to in Exchange?  Any guidance would be appreciated. Thanks!

  hi Hoss,
  I have done couple of Migrations from Domino to Exchange Migrations and pretty familiar with this. For this to happen, you have to use a third party tool like Quest or Binary Tree.
  Since you said, 5500+ users, I would recommend you using one of the quest or binary tree tools to assist you with this migration. The key to the migration is the design and planning phase.
  I am familiar with Quest tools and will give you as much as i know but I am sure every other tool out there is pretty similar in terms of functionality.
  you have to purchase Quest licenses and for quest to be installed on your server, you have to go through Quest Professional services or a Quest approved vendor. You cannot install Quest on your own - this is a small drawback that I personally think.
  While your Quest servers are being setup, you have to plan out your Exchange server design and for a 6000 user mailbox, you wont have a big of a deal. I need the hardware information that you have purchased for the Exchange servers? are you going
  to go physical or virtual? I need to know the user message profile in your existing domino environment (how many emails sent/recived /size per day/per mailbox)? I also need your inputs on how many servers are you planning with Exchange 2013 in total (all roles),
  Do you need single item recovery? Do you have any storage contrains? and a 100+ questions. If you get me the answers for what I asked, I am willing to help you with the design fo Exchange 2013.
  Re: Domino:
  What version of domino are you running? What is your max mail file size? how many mailboxes (person documents) how many mail-in databases? how is your user account provisioning currently designed? and so on. user account provisioning could be a challenge
  because you have to introduce a 3rd party app like FIM or CA's User Management apps to work between your Domino and Exchange (during the time of coexistence) and there is a lot to it.
  All the best!
  Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you. Regards, Siva

• How do I find a photo file in the Finder + future migration question

  Being a recent Mac convert, I am just getting used to the 'complete control' approach to photo management that iPhoto has. I'm used to knowing where my photos physically reside on my computer - this is useful for doing things like uploading photos to a website for example. How do I actually find a particular photo in the Finder (or even give photo files recognisable names, as opposed to whatever automated naming system iPhoto uses)?
  A followup question to this is, what happens if I ever want to migrate my photos out of iPhoto one day to another application or even back to a PC (God forbid - just my paranoia about being forced to use a particular system forever kicking in here!) - is there a way to do this, and keep photo modifications etc? Or once I start using iPhoto, have I made my decision for life??
  My apologies if this has been asked before, I couldn't find anything in the forum when searching.

  poddster
  I hope you've a notebook and pen, but you've asked a lot of questions:
  I'm used to knowing where my photos physically reside on my computer
  You photos are stored in the iPhoto Library at your Pictures Folder. This is a Unix style Package Folder that very easy to see inside: right click on it and choose show package contents. A finder window opens with the library exposed.
  Here's how the library is laid out:
  In this folder there are various files, which are the Library itself and some ancillary files. Then you have three folders
  Originals are the photos as they were downloaded from your camera or scanner.
  (ii) Modified contains edited pics, shots that you have cropped, rotated or changed in any way.
  iPhoto always preserves the original file, all operations are carried out on a copy.
  (iii) Data holds the thumbnails the the app needs to show you the photos in the iPhoto Window.
  And here's a warning: It is strongly advised that you do not move, change or in anyway alter things in the iPhoto Library Folder as this can cause the application to fail and even lead to data loss.
  this is useful for doing things like uploading photos to a website for example
  No it's not. Don't surf the iPhoto Library. The idea with iPhoto is that you do everything via the iPhoto Window or media browsers:
  So, to access pics use one (or more) of the following:
  There are three ways (at least) to get files from the iPhoto Window.
  1. *Drag and Drop*: Drag a photo from the iPhoto Window to the desktop, there iPhoto will make a full-sized copy of the pic.
  2. *File -> Export*: Select the files in the iPhoto Window and go File -> Export. The dialogue will give you various options, including altering the format, naming the files and changing the size. Again, producing a copy.
  3. *Show File*: Right- (or Control-) Click on a pic and in the resulting dialogue choose 'Show File'. A Finder window will pop open with the file already selected.
  To upload to MySpace or any site that does not have an iPhoto Export Plug-in the recommended way is to Select the Pic in the iPhoto Window and go File -> Export and export the pic to the desktop, then upload from there. After the upload you can trash the pic on the desktop. It's only a copy and your original is safe in iPhoto.
  This is also true for emailing with Web-based services. If you're using Gmail you can use THIS
  If you use Apple's Mail, Entourage, AOL or Eudora you can email from within iPhoto.
  If you use a Cocoa-based Browser such as Safari, you can drag the pics from the iPhoto Window to the Attach window in the browser. Or, if you want to access the files with iPhoto not running, then create a Media Browser using Automator (takes about 10 seconds) or use THIS
  iPhot doesn't name the files, those names are given by your camera. You can add titles in iPhoto and if you use the File -> Export command there's a facility there to name the resulting file (it'll be a copy - remember what I said about all operation being done on a copy...) with the title.
  Do not rename files in iPhoto, That comes under the heading of making changes in the iPhoto Library Folder and alters the path to the files. If you do, iPhoto will lose track of the file. But the truth is there's simply no need to. However, you can rename the files before importing them if you like.
  Migrating is really easy. You've seen the layout of the Library above. The originals are all there, in the originals folder, the Modified versions in their folder. If you want to have only the most recent versions of pics, then export them from iPhoto to a folder on the desktop.
  By all means post back if you need more.
  Regards
  TD

• Migration questions from Exchange 2007 to Exchange 2013

  Dear Forum Members,
  I'd ask just two short questions, regarding a migration from Small Business Server 2008 (Exchange 2007) to 2013. We installed the two Exchange 2013 servers, configured a DAG and updated every single URL (OWA, ECP, AnyWhere, Autodiscover etc.) to be a mail.domain.com
  record (DNS round robin, since no HW load balancer :( )
  Thankfully, the mail flow between the Internet and the other Exchange 2007 users are still working. Now for those users I've already migrated, if I check outlook connections there are several connections for GUID based servers via the DNS Round Robin
  name proxy (the AnyWhere address). But I saw that there are still just one connection (type: Exchange Public Folders) to the old 2007 server. Is it okay? I'm a bit afraid to uninstall it because of this.
  And the other thing: Based on what I wrote, do you think I've done it good? Or could I miss any important things? You are much experienced than me in these migrations so I hope that I can get some confirmation/advice here :(
  ps: Is it good if I set NTLM authentication for Outlook AnyWhere?
  Thank you really much for your help,
  Best Regards,
  Chris

  Hi Chris,
  Agree with Hinte, the user will still connect to the exchange 2007 server if there is a public folder database in the old server.
  If the old public folders are no longer in use, you can delete the public folder database and create a new one in the exchange 2013 server, you can also consider migrating public folders to Exchange 2013 .
  The following articles for your reference:
  Use serial migration to migrate public folders to Exchange 2013 from previous versions
  Set up public folders in a new organization
  Step-by-Step Exchange 2007 to 2013 Migration
  >>Is it good if I set NTLM authentication for Outlook AnyWhere?
  The Outlook Anywhere authentication method you choose will depend on a few factors in your environment,
  I recommend you refer to the following thread to understand how to choose:
  https://social.technet.microsoft.com/Forums/exchange/en-US/75f8d6c4-70f4-49e5-ac32-a49dd91b5520/outlook-anywhere-ntlm-for-internal-users-and-basic-for-external-users?forum=exchangesvrclients
  Exchange 2013: Configuring Outlook anywhere
  Best regards,
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]
  Niko Cheng
  TechNet Community Support

• Misc Basic PL/SQL Application Design/Programming Questions 101 (101.1)

  ---****** background for all these questions is at bottom of this post:
  Question 1:
  I read a little on the in and out parameters and that IN is "by reference" and OUT and IN-OUT are by value. To me "by reference" means "pointer" as in C programming. So it seems to me that I could call a function with an IN parameter and NOT put it on the right side of an assignment statement. In other words, I'm calling my function
  get_something(IN p_test1 varchar2) return varchar2;
  from SP1 which has a variable named V_TEST1.
  So.... can I do this? (method A):
  get_something(V_TEST1);
  or do I have to do this (method B):
  V_TEST1 := get_something(V_TEST1);
  Also, although this may muddy the thread (we'll see), it seems to me that IN, since its by reference, will always be more efficient. I will have many concurrent users using this program: should this affect my thinking on the above question?
  -- ******* background *******
  So Far:<< I've read and am reading all over the net, read and reading oracle books from oracle (have a full safari account), reading Feurstein's tome, have read the faq's here.
  Situation Bottom Line:<< Have an enormous amount to do in a very little time. Lots riding on this. Any and all pointers will be appreciated. After we get to some undetermined point I can re-do this venture as a pl/sql faq and submit it for posting (y'alls call). Some questions may be hare brained just because I'm freaking out a little bit.
  Situation (Long Version):<< Writing a pl/sql backend to MS Reporting Services front end. Just started doing pl/sql about 2 months ago. Took me forever to find out about ref-cursor as the pipe between oracle and all client applications. I have now created a package. I've been programming for 20 years in many languages, but brand new to pl/sql. However, pl/sql sql has freed me from myriad of limitations in MS RS's. My program is starting to get big (for me -- I do a lot in a little) pks is currently 900 lines with 15 functions so far. Currently SP (pls) is back up to 800 lines. I get stuff working in the sp then turn it into a function and move it to the package.
  What does application do?:<<<< Back End for MS Reporting Services Web front end. It will be a very controlled "ad-hoc" (or the illusion of ad-hoc) web interface. All sql queries are built at run-time and executed via "open ref cusor for -- sql statement -- end;" data returned via OUT ref_cursor. Goal is to have almost 100% of functionality in a package. Calling SP will be minimalist. Reporting Services calls the SP, passes X number of parameters, and gets the ref_cursor back.
  Oracle Version: 10.2 (moving to 11g in the next 3 months).Environment: Huge DW in a massively shared environment. Everything is locked down and requires a formal request. I had to have my authenticated for a couple dbms system packages just to starting simple pl/sql programs.

  Brad Bueche wrote:
  Question 1:
  I read a little on the in and out parameters and that IN is "by reference" and OUT and IN-OUT are by value. To me "by reference" means "pointer" as in C programming. So it seems to me that I could call a function with an IN parameter and NOT put it on the right side of an assignment statement. The IN parameter is not passing by reference. It is passing by value. This means variable/value of the caller used as parameter, is copied to the (pushed) stack of code unit called.
  An OUT parameter means that the value is copied from the called unit's stack to the caller (and the current value of the caller's variable is overwritten).
  To pass by reference, the NOCOPY clause need to be used. Note that is not an explicit compile instruction. The PL/SQL engine could very well decide to pass by value and not reference instead (depending on the data type used).
  Note that the ref cursor data type and the LOB data types are already pointers. In which case these are not passed reference as they are already references.
  The NOCOPY clause only make sense for large varchar2 variables (these can be up to 32KB in PL/SQL) and for collection/array data type variables.
  As for optimising PL/SQL code - there are a number of approaches (and not just passing by reference). Deterministic functions can be defined. PL/SQL code can be written (as pipelined tables) to run in parallel using the default Oracle Parallel Query feature. PL/SQL can be manually parallelised. Context switches to the SQL engine can be minimised using bulk processing. Etc.
  Much of the performance will however come down to 2 basic issues. How well the data structures being processed are designed. How well the code itself is modularised and written.

• Open Directory Migration Question

  Setup:
  My company has two servers, both running 10.5.6. We are migrating from the server Fubar (xserve) as it has had a lot of problems and we want to do a fresh install on it (I was not the admin who initially set it up).
  In order to get a 'fresh' OD going, we are recreating all the accounts on the new server Edoras (powerpc mac pro), making sure to preserve UID of the users.
  Problem:
  User A cannot change his password on Edoras after Directory Utility has been changed to point at it. He can change his password locally, but it does not propagate to Edoras, nor does a password change on Edoras affect his local machine.
  The questions I haven't been able to get answers for are:
  * Should the OD search string be different on Fubar and Edoras? Currently our search string is 'dc=fubar,dc=domain,dc=com'.
  * Are there other attributes that have to be setup in OD besides UID? I noticed when using the Target tab in Workgroup Manager that there is a GeneratedUID attribute, does this need to match?
  Thanks for any information/help.

  I did something like this recently. Unfortunately I couldn't get an answer on the Internet and had to re-configure Directory Access on the client machines manually.
  I moved our system from a POwerMac G4 with several upgrades (eSATA card, eSATA Coolgear Enclosure, 7200.11 (yeah I know, bad drives to use) Seagate drives, 1.8 GHz PPC 7447 upgrade, 1.5GB of ram) to a new Mac Pro with a Highpoint RAID controller. The old G4 was very unreliable and couldn't hand
  I had to go to each machine with ARD, open Directory Access, delete the LDAP entry and re-enter it. This was really annoying and confusing for me as the old server and the new server had:
  The same version of OSX (ok, one was a PPC version and I special ordered the Intel version from Apple Tech Support), but they both were running 10.4.11 with the newest security patches.
  The same OD Search Strings
  The same IP Address for the Server
  The same DNS name for the server
  and the same user IDs and group settings
  and I still had to re-do Directory Access using the client machines. Before re-doing the Directory Access re-binding I would try to login. The "other" icon would appear on the loging window, but when I would loging with the correct username and password the login windows would "shake it's head" and wouldn't let me login.
  The biggest pain was that portable directories didn't sync correct anymore, so I had to manually backup, then delete the account, then re-bind, then re-create and restore the portable directory on each laptop manually.
  Unfortunately I do not know the unix command to change directory binding to client computers using ARD. If such a command exists it would make things much easier for you. Does anyone know if a command exists?

• Hyper-V Server 2012 Migration Questions

  Hello All,
  This is my first post here, but I have used these forums many times for information. Sorry in advance for the long post.
  I have a few questions regarding migration to Hyper-V server 2012 for my production environment. I have done quite a bit of reading, but I have a few direct questions and I would like to get some direct answers.
  My current production environment consists of one PowerEdge 2900 with 2 Xeon X5460 Quad Core 3.16GHz CPUs, 24 GB of RAM and a RAID 10 consisting of 8, 500 GB HDDs for a total of 2TB of storage. I am currently running Server 2008 R2 Enterprise w/ GUI as the
  Hyper-V host OS. I have 4 virtual machines all also running Server 2008 R2 Enterprise. The 4 virtual machines consist of 1 domain controller, 1 Exchange Server with Exchange 2010 Standard, 1 Server running SharePoint 2010 Enterprise and the remaining server
  running IIS with FTP and HTTP.
  The network topology is as follows….
  Hopefully it is clear from my diagram that the Hyper-V host OS is connected to the same physical network as the domain, but is not a joined to the domain. I set it up this way because I had concerns about connectivity and manageability because the domain
  controller is a guest VM. Also, the IIS server is on a completely different physical network independent of the domain.
  What I would like to accomplish is the migration of the above environment to Hyper-V Server 2012 as is. I want to keep my existing guest VMs unchanged and running Server 2008 R2 for now as well as keep the existing network topology intact.
  I have 3 additional servers in a separate test environment that would be able to serve as temporary storage or whatever is needed for the migration process.
  Here are the two main things I would like to accomplish with this migration…
  1. Make the transition from Server 2008 R2 to Hyper-V Server 2012 as a host OS.
  2. Migrate virtual hard disks from .VHD to the new .VHDX format.
  All that being said, I have finally come to my questions regarding this process.
  First and foremost, I would obviously need to back up my current setup in case something goes horribly wrong during the migration. My question regarding the initial backup is would it be better to do a bare metal backup of the Hyper-V host or should I do
  individual backups (bare-metal?) of the Guest VMs from within their operating systems?
  Second, since I plan to use Hyper-V Server 2012, I will have to manage the host OS using the RSAT from a domain joined client running Windows 7 Professional. How much of a pain is it going to be to setup RSAT and manage the non-domain joined host from a
  domain joined client? Is there a better way without using SCVMM or using Server 2012 w/ a GUI as the host OS?
  Third, are there any concerns I should have, precautions I should take or procedures I need to do before, during or after the migration regarding the existing VMs and the new virtualized hardware environment on the same physical host?
  Forth, should I use the trial version of SCVMM 2012 SP1 (or another previous version) to perform the migration? What should I be aware of using SCVMM for the migration and then discontinuing its use after the migration is complete and moving to management
  using the RSAT?
  Fifth, if I don’t use SCVMM for the migration, what is the best procedure for moving the VMs? Should I just copy the VHDs to a temporary storage location, install Hyper-V server 2012, copy the VHDs back, create new VMs and attach the VHDs or should I use
  the export/import process?
  Number six, when is the best time to migrate the VHDs to VHDX format and what would be the best method?
  And finally, do I need to worry about USN rollback with a single domain controller? From my reading, this seems to be a point of disagreement. Some people say it could happen while others say it won’t. Is there any point during the migration process where
  it could occur either during the copying of VHDs or from the switch to VHDX?
  Again, sorry for the long post and thanks for staying with me this far. Any information would be much appreciated

  1) As Jens said below with Windows Server 2012 you can simple copy the configuration files and VHDs from a 2008 R2 server to a 2012 server and import them - they one caveat to this is that any vlan configuration is lost and you have to simply re-create it. 
  Optionally you can also export the virtual machines from Windows Server 2008 R2 and then import them on Windows Server 2012.
  2) Remote management in a workgroup does have some caveat's associated with it - take a look at
  http://blogs.technet.com/b/jhoward/archive/2009/08/07/hvremote-refresh.aspx.  Generally I would recommend joining the Hyper-V management operating system to the domain - not just because of these issues but for a number of other features to work properly
  (see below)
  3) I always recommend validating the hardware and environment after the installation before migrating critical workloads to it - testing networking, backup etc... to make sure they function as expected.  Also ensure that you upgrade the integration
  components in the VM's after the migration.
  4) That is an option - though you might find you like SCVMM
  5) Recreating VM's using existing VHD's has some issues for example the BIOS GUID changes, all of the NIC's are re-plug and played etc... When possible copying the configuration or using export is much better.
  6) The sooner the better - VHDx has a number of significant advantages, you can do the migration using the Hyper-V manager UI (edit disk) or via powershell with Convert-VHD.  Do keep in mind that during the conversation you need 2x the space (for the
  original and the new VHDx).
  7) In the past you could get into trouble if you for example snapshotted an AD virtual machine and than reverted it - taking one offline and then brining it back online was never a problem.  In Windows Server 2012 we addressed this with a feature called
  generation ID's.
  Domain considerations...  A few things to keep in mind regarding the choice to not domain join the Hyper-V server.
  - You can't live migrate virtual machines
  - You can't utilize Hyper-V over SMB
  - Management is more difficult and less secure
  -Taylor Brown -Program Manager, Hyper-V -http://blogs.msdn.com/taylorb

• Migration Question for New Leopard Mac Mini

  Oh my... I have a new Leopard Mac Mini still in the box!
  I want to connect it up and migrate my iTunes and iPhoto libraries, etc. to it from my old Mac Mini but here's the thing: my old Mac Mini is a G4, powerpc mac has been through a sort of mini **** lately and at this time will need it's hard disk repaired before I will be able to get it back up to 10.4.11 and Safari 3.0.4. that it had had only last week, before all manner of disasters happened after the last security update. Genius bar made it relatively functional by re-installing the OS but they used 10.4.7 and Safari 2.0.4. to do it! So here is my question: Do I need to get my PPC Mac back up to snuff completely before I can migrate stuff from it to the new Leopard Mac Mini or can I do the migration and get everything nice and lovely on the new machine even though there are still problems on the old Mac Mini?
  Here is the problem that the PPC G4 Mac Mini has at this time:
  Verifying volume "Macintosh HD"
  Checking HFS Plus volume.
  Checking Extents Overflow file.
  Checking Catalog file.
  Invalid index key
  The volume Macintosh HD needs to be repaired.
  Error: The underlying task reported failure on exit
  1 HFS volume checked
  Volume needs repair
  Would this pose a problem in the migration?
  Any help and advice would be greatly appreciated! Thanks so much! -Charlotte

  The best thing I can say about your post is that at least you realize that Installing Leopard on a broken Tiger and a G4 processor files is exactly how hundreds of the problems are being caused. Too many people have decided that "Apple Just Works" and figure that installing the newest most complex MacOS ever will just work. These people are getting "worked".
  Good Luck cleaning up your machine to tip-top shape to 10.4.11, with every update for every program you intend to transfer. Your drive must be squeeky clean, or you will have problems that nobody can explain. I'd recommend removing any applications you don't have to have or that you can reinstall easily with a program like App Zapper and get rid of the G4 system files as much as possible.