Replacing Token-Decrypting Cert Requires Proxies to Be Rebuilt. Why?
Last night, the self-signed token-decrypting certificate at my client expired. Since the client is an IdP, not an RP, we didn't concern ourselves very much with this certificate. Once it failed, ADFS functionality ceased working. We weren't
able to renew the self-signed cert, so we replaced it with the third-party cert used for token-signing. After we completed this, the client still could not access O365 via Outlook or Lync clients, although they could access both services via the web
client, from network-internal resources. Network-external resources could not access Lync/Outlook via any method. Access to other Federation partners from any resource, whether internal or external to the network, failed. Once the four ADFS
proxy servers in the environment were rebuilt, however, everything worked. Two questions:
1. Since the client acts only as an IdP, not as an RP, why did ADFS fail when the token-decrypting certificate expired? It isn't being used for anything.
2. After the cert was replaced, why did the proxies have to be rebuilt?
Thank you.
Ian Kahn, Sr. Consultant
InfraScience, LLC
Alpharetta, GA
This thread appears to have been moved to the Directory Services forum, where ADFS and certificate questions can be addressed. However, it still appears in the Forum Issues forum, and it does not appear in the Directory Services forum (despite the thread
url). So nobody in the DS forum is likely to see this question. I am not a moderator in the DS forum so I cannot attempt to move it again, but I'm not sure anyone could.
We have seen this behavior before. It is some kind of bug. I don't know of anything I can do now, except request that the poster ask again in this forum:
http://social.technet.microsoft.com/Forums/en-US/winserverDS/threads
Sorry about this. The only other option is for me to post in the DS forum directing people to this thread with a link. I also will email "fissues" at microsoft dot com, to alert them of the problem (although I think they already have been alerted),
and also in case they can fix this.
Richard Mueller - MVP Directory Services
Similar Messages
-
i have an hardware issue with my iphone 5 64gb. its lock button in not working. for a fact i know that it can be replaced but my question is this that do they require the bill or anything to replace or they only require the phone in usa
Warranty and support is only valid in the country of origin. The only exception being the EU where a device bought in any EU country can get warranty or service in any EU country.
Warranty is determined by device (serial number), no documentation required.
Apple does not repair devices, they replace them. For that reason, ensure the device is backed up and any pictures take with the device are copied off the device prior to going in for service. -
Error: Failed to decrypt cert PFX data - distmgr.log
Hello,
When I distribute content to a DP, I get this error repeatedly in my distmgr.log:
SetObjectSecurity failed; 0x80070002
then a ton of these after:
Failed to decrypt cert PFX data
I'm running with HTTPS, and the packages always seem to copy ok, anyone know what this error indicates?
TerryI've been able to figure where this error comes from.
I had 51 errors in my distmgr.log, i've reassign a DP o do a test and after the reassign, I had 50 errors. (-1)
This makes sense because the 2007 DP certificate is not known to SCCM before the reassign. Once reassign the DP create it's own cert in 2012 so the error goes away.
This error can be ignored as it will be removed after you reassign all your shared DP.
Benoit Lecours | Blog: System Center Dudes -
How to enable Client Cert Required, only for certain URL's in the webserver
WE are using netegrity siteminder for authentication and their plugin is executed as AuthTrans function. If I enable clientauth in server.xml ( which is basically turning on the client cert required for entire site), everything works fine. But If I want to turn that on only for certain URL's how do I do that.
I tried turning global clientauth off in server.xml and tried using PathCehck fn"get-client-cert" in obj.conf for the URL's that need client cert, but the problem is AuthTrans is getting executed first and my netegrity plugin is throwing an error saying it cann't find the cert.
What are diffrent options to enable cert required only for certian URL's.
ThanksWhat is the condition you want to match?
You can use get-client-cert in If tags in Web Server 7.0 :
For e.g. If the condition is matched, This gets a cert, requesting it if it is not already present and failing the request if it can't obtain an acceptable cert only on POST requests.
<If $url ~="*abc*>
PathCheck fn="get-client-cert" method="POST" dorequest="1" require="1"
</If>
or
<Object ppath="*abc*">
PathCheck fn="get-client-cert" dorequest="1" require="1"
<Object>
for more details :
http://docs.sun.com/app/docs/doc/819-2630/6n4thbiek?a=view#indexterm-380 -
I used to have 'sky at night' app but it got deleted in error, now when I try to download the app I get 'this app is incompatible with this phone' ' this app requires a gyroscope'...why ? whats changed ? how do I resolve the issue ? thanks CB
I used to have 'sky at night' app but it got deleted in error, now when I try to download the app I get 'this app is incompatible with this phone' ' this app requires a gyroscope'...why ? whats changed ? how do I resolve the issue ? thanks CB
-
Hi,
I'm searching for an easy way to change specific tokens in a file. For instance an HTML file specify <img src="http://www.site1.com/images/img.gif"> I would like to replace all occurences by
<img src="http://www.site2.com/imgs/old/img.gif"> for instance.
Is there an easy way to do this ? (streamtokenizer or something)
Examples are welcome,
StephaneHi Steve! One quick observation, if I may. Consider the following lines of code.
pos += o.length();
oldpos = pos;
pos does not need to be updated as above. Rather, you just need
oldpos = pos + o.length();That's because pos is being updated at the top of the loop. Also, you can move the declaration of pos out of the loop. The same applies for the creation of the StringBuffer object.
Here's a slightly different version of the code. If you can optimize it further, please let me know.
public static String replace( String s, String oldToken, String newToken, boolean fAll )
if ( ( s == null ) || ( oldToken == null ) || ( newToken == null ) )
throw new IllegalArgumentException( "Null argument(s) seen" );
int oldTokenLen = oldToken.length();
StringBuffer sb = null;
int oldPos = 0;
int pos = s.indexOf( oldToken, oldPos );
if ( oldPos > -1 )
sb = new StringBuffer( s.length() );
for(
; pos > -1
; pos = s.indexOf( oldToken, oldPos )
sb.append( s.substring( oldPos, pos ) );
sb.append( newToken );
oldPos = pos + oldTokenLen;
if ( !fAll )
break;
return ( ( oldPos > 0 ) ? sb.append( s.substring( oldPos ) ).toString() : s );
} // replaceCheers! -
SSL Cert requiring intermediate CA chain breaks 10.5.8 caldavd?
Mac OS X Server 10.5.8
I just upgraded from a self-signed cert to a cert from StartCom, which requires use of an intermediate certificate on the server. I imported it using Server Admin. It and the intermediate cert are present in the /Library/Keychains/System.keychain and in /etc/certificates. Mail (Both postfix and cyrus) are happy with it. Apache is happy with it.
caldavd, however, reports the following:
+2009-10-25 22:42:11-0700 [-] [caldav-8008] [startup] Adding server at :8008+
+2009-10-25 22:42:11-0700 [-] [caldav-8008] [startup] Adding SSL server at :8443+
+2009-10-25 22:42:11-0700 [-] [caldav-8008] [-] Traceback (most recent call last):+
+2009-10-25 22:42:11-0700 [-] [caldav-8008] [-] File "/usr/share/caldavd/bin/twistd", line 21, in <module>+
+2009-10-25 22:42:11-0700 [-] [caldav-8008] [-] run()+
+2009-10-25 22:42:11-0700 [-] [caldav-8008] [-] File "/usr/share/caldavd/lib/python/twisted/scripts/twistd.py", line 27, in run+
+2009-10-25 22:42:11-0700 [-] [caldav-8008] [-] app.run(runApp, ServerOptions)+
+2009-10-25 22:42:11-0700 [-] [caldav-8008] [-] File "/usr/share/caldavd/lib/python/twisted/application/app.py", line 379, in run+
+2009-10-25 22:42:11-0700 [-] [caldav-8008] [-] runApp(config)+
+2009-10-25 22:42:11-0700 [-] [caldav-8008] [-] File "/usr/share/caldavd/lib/python/twisted/scripts/twistd.py", line 23, in runApp+
+2009-10-25 22:42:11-0700 [-] [caldav-8008] [-] _SomeApplicationRunner(config).run()+
+2009-10-25 22:42:11-0700 [-] [caldav-8008] [-] File "/usr/share/caldavd/lib/python/twisted/application/app.py", line 157, in run+
+2009-10-25 22:42:11-0700 [-] [caldav-8008] [-] self.application = self.createOrGetApplication()+
+2009-10-25 22:42:11-0700 [-] [caldav-8008] [-] File "/usr/share/caldavd/lib/python/twisted/application/app.py", line 202, in createOrGetApplication+
+2009-10-25 22:42:11-0700 [-] [caldav-8008] [-] ser = plg.makeService(self.config.subOptions)+
+2009-10-25 22:42:11-0700 [-] [caldav-8008] [-] File "/usr/share/caldavd/lib/python/twistedcaldav/tap.py", line 754, in makeService+
+2009-10-25 22:42:11-0700 [-] [caldav-8008] [-] service = serviceMethod(options)+
+2009-10-25 22:42:11-0700 [-] [caldav-8008] [-] File "/usr/share/caldavd/lib/python/twistedcaldav/tap.py", line 727, in makeService_Slave+
+2009-10-25 22:42:11-0700 [-] [caldav-8008] [-] passwdCallback=_getSSLPassphrase+
+2009-10-25 22:42:11-0700 [-] [caldav-8008] [-] File "/usr/share/caldavd/lib/python/twistedcaldav/tap.py", line 423, in _init_+
+2009-10-25 22:42:11-0700 [-] [caldav-8008] [-] sslmethod=sslmethod+
+2009-10-25 22:42:11-0700 [-] [caldav-8008] [-] File "/usr/share/caldavd/lib/python/twisted/internet/ssl.py", line 79, in _init_+
+2009-10-25 22:42:11-0700 [-] [caldav-8008] [-] self.cacheContext()+
+2009-10-25 22:42:11-0700 [-] [caldav-8008] [-] File "/usr/share/caldavd/lib/python/twistedcaldav/tap.py", line 437, in cacheContext+
+2009-10-25 22:42:11-0700 [-] [caldav-8008] [-] ctx.usecertificate_chainfile(self.certificateChainFile)+
+2009-10-25 22:42:11-0700 [-] [caldav-8008] [-] OpenSSL.SSL.Error: [('x509 certificate routines', 'X509check_privatekey', 'key values mismatch')]+
But the key and the certificate do match, as confirmed by the other apps working fine and openssl x509/rsa -modulus.
/etc/caldavd/caldavd.plist contains:
<key>SSLAuthorityChain</key>
<string>/etc/certificates/osxserver.example.com.chcrt</string>
<key>SSLCertificate</key>
<string>/etc/certificates/osxserver.example.com.crt</string>
<key>SSLPort</key>
<integer>8443</integer>
<key>SSLPrivateKey</key>
<string>/etc/certificates/osxserver.example.com.key</string>
<key>ServerHostName</key>
<string>osxserver.example.com</string>
Using openssl I verified that those three files are, in fact, correct.
If I remove the filename from the SSLAuthorityChain attribute, the server starts normally but, naturally, connections fail unless I add the intermediate certificate to the local client's keychain.
Not sure where to go next. I haven't been able to check Server 10.6.1 yet.The point that it's breaking on is obviously an Apple modification because Twisted does not and has never supported loading intermediate CA certs from a chain file.
http://twistedmatrix.com/trac/log/trunk/twisted/internet/ssl.py?rev=26525
I would suggest creating a little test script that does what the caldavd file does. The related documentation is http://packages.python.org/pyOpenSSL/openssl-context.html -
Types of certs required for OAM infrastructure
We are building out an OAM 10.1.4.3 system and are going to use cert mode. My question is will these need to be server certs, or can we use client certificates on the machine, also will we require separate certificates for each component, including webgates?
Thanks,
Andyare you using MS CA? if yes then with standard CA use the default template type I think it is named as "Administrator" or "end user" can not remember. If its an enterprise CA then you should have a "web server" type template available, you can use this if you want but as I said the extended key useage bit (EKU) for server authentication and/or client authentication is not required.
Just ensure to get a reply in base 64.
Thanks, -
Late 2006 MacBook Pro replacement keyboard: firmware update required?
My late-2006 2.33GhZ MacBook Pro is still going strong -- except that a group of keys on the internal keyboard stopped working two weeks ago, requiring me to replace it. It was a delicate operation, but it worked like a charm.
Shortly thereafter, though, I started noticing a symptom that jogged my memory: when I'd go to type something, quite often the first character would be dropped, as if the keyboard wasn't waking from its low-power state quickly enough. This had been a common complaint with this model, and Apple addressed it with the MacBook Pro Keyboard Firmware Update released in 2008. I recall installing it and very specifically noticing the problem had vanished.
So of course now I'm wondering: is it possible my new keyboard needs the firmware update too? You can see the catch-22 I'm in: I can't install it, since the computer is convinced the updater has already been run. when I do run it, I get a generic message that the update isn't necessary. I even tried removing:
/Library/Receipts/boms/com.apple.pkg.BuiltInKybdFirmwareUpdate.bom
to see if that would enable the updater to run, but no dice.
Of course it's possible I'm simply losing my mind, and the keyboard already has the update. Could someone else with this exact model -- someone who has run the keyboard firmware update -- tell me what version their internal keyboard is at, based on:
System Profiler -> Hardware -> USB -> Apple Internal Keyboard
Many thanks!Hi Eric,
Any resolution to this? I do not have the exact same MacBook - mine is a 17" MacBook Pro, but in case it helps you, my updated keyboard version is 0.18 using the same installer
My problem is that when I originally used that software update (over a year ago), it created an intermittent keyboard/trackpad failure. Every 2 days, on a very regular basis, my trackpad and keyboard fail. In order to fix the problem, I go to the Utilities folder and run the "Built-In Keyboard Update Firmware" that the original DMG installer installed there. Once I run that program I'm good for another 2 days. Apple, of course, has no clue to what's going on.
Why am I telling you all this? I noticed that you are running Snow Leopard. I tried to upgrade to Snow Leopard a couple of weeks ago. After the Snow Leopard install, my keyboard failed like clockwork; however, it turns out that the firmware installer that I have been relying on for the last year to fix my intermittent failures no longer works under Snow Leopard. My phone calls to Apple were a complete waste of time (apparently there is a very low threshold to get on the "Genius Bar"). One of my questions to them was specifically about a way to re-run the installer from the DMG file. They again had no clue, and In the end I had to downgrade to Leopard to get my Keyboard back.
All that said to let you know that even if you can find a way to re-install the firmware updater (I'd like to know how, if you figure it out), there is a good chance the actual firmware update won't install under Snow Leopard.
Good luck - let me know how you make out. -
I would like to know the variables in the http header that hold the client cert information simillar to SSL_CLIENT_CERT variable in apache and how do I access these from a servlet ?
I would like to know the variables in the http header that hold the client cert information simillar to SSL_CLIENT_CERT variable in apache and how do I access these from a servlet ?
-
Non-Domain Server Cert Requirements Enterprise vs. Standard
Is there a way to monitor a non-domain machine without having an enterprise cert server? I am using a standard CA currently and was wondering if I absolutely had to upgrade it to a Enterprise CA? We currently only need to monitor 4 off domain
servers so if we can avoid it we will.
ThanksHi,
Read this
http://social.technet.microsoft.com/wiki/contents/articles/2017.certificate-enrollment-for-system-center-operations-manager-agent.aspx
http://OpsMgr.ru/ -
'alias required in SELECT..' - Why can't I see this?
Please help I'm going mad here!
The error message is:
ERROR at line 1:
ORA-06550: line 113, column 37:
PLS-00402: alias required in SELECT list of cursor to avoid duplicate column
names
ORA-06550: line 113, column 37:
PL/SQL: Item ignored
ORA-06550: line 137, column 13:
PLS-00320: the declaration of the type of this expression is incomplete or
malformed
ORA-06550: line 136, column 7:
PL/SQL: SQL Statement ignored
..Yet I disagree.. I cant see any 2 fields called the same.
(FYI the cursor it speaks of is called 'c_check_employee').
And the code.
/* Formatted on 2009/02/27 15:35 (Formatter Plus v4.8.7) */
SET serveroutput ON SIZE 1000000 FORMAT WRAPPED
SET verify OFF
SET feedback OFF
DECLARE
-- Debugging/error handling
-- Work variables
p_emp_number VARCHAR2 (14);
v_rec_cnt NUMBER := 0;
insert_flag VARCHAR2 (8);
l_validate BOOLEAN DEFAULT FALSE;
l_obj NUMBER;
l_datetrack_update_mode VARCHAR2 (30) := 'CORRECTION';
l_assignment_sequence NUMBER;
l_name_combination_warning BOOLEAN := FALSE;
l_assign_payroll_warning BOOLEAN := FALSE;
l_org_now_no_manager_warning BOOLEAN;
l_other_manager_warning BOOLEAN;
l_spp_delete_warning BOOLEAN;
l_entries_changed_warning VARCHAR2 (30);
l_tax_district_changed_warning BOOLEAN;
l_person_id NUMBER;
l_assignment_id NUMBER;
l_special_ceiling_step_id NUMBER;
l_per_effective_end_date DATE
:= TO_DATE ('11-Jul-2049', 'DD-MON-YYYY');
l_people_group_id NUMBER;
l_group_name VARCHAR2 (30);
l_assignment_number VARCHAR2 (35);
l_effective_end_date DATE
:= TO_DATE ('11-Jul-2049', 'DD-MON-YYYY');
l_date DATE := SYSDATE;
ip_p_address_id per_addresses.address_id%TYPE;
ip_p_object_version_number NUMBER;
ip_p_party_id per_addresses.party_id%TYPE;
l_per_object_version_number NUMBER;
l_asg_object_version_number NUMBER;
l_full_name VARCHAR2 (240);
l_per_comment_id NUMBER;
l_per_effective_start_date DATE;
l_concatenated_segments VARCHAR2 (12);
l_soft_coding_keyflex_id NUMBER;
l_comment_id NUMBER;
l_no_managers_warning BOOLEAN;
-- Get employee details info from work table
CURSOR get_employee_details
IS
SELECT std_validate, std_person_id, std_assignment_id, std_hire_date,
std_business_group_id, std_last_name, std_sex,
std_date_of_birth, std_email_address, std_employee_number,
std_first_name, std_marital_status, std_middle_names,
std_nationality, std_title, std_national_identifier,
std_address_line1, std_address_line2, std_address_line3,
std_address_line4, std_post_code, std_telephone_1,
std_position_id, std_job_id, std_location_id,
std_organization_id, std_supervisor_id,
std_default_code_comb_id, std_set_of_books_id, std_payroll_id,
std_grade_id, std_pay_basis_id, std_assn_ovn
FROM SU_TEMPLOYEE_DETAILS;
-- checks employee details info from PER_ALL_PEOPLE_F table
CURSOR c_check_employee (p_emp_number VARCHAR2)
IS
SELECT paas.assignment_id, per.person_id, per.business_group_id,
per.last_name, per.start_date, per.date_of_birth, per.email_address,
per.employee_number, per.first_name, per.marital_status, per.middle_names,
per.nationality, per.national_identifier, per.sex, per.title, padd.address_id,
padd.primary_flag,padd.address_line1, padd.address_line2, padd.address_line3,
padd.town_or_city, padd.postal_code, padd.telephone_number_1, padd.telephone_number_2,
padd.telephone_number_3,paas.job_id, paas.location_id,paas.organization_id, paas.assignment_type, paas.primary_flag, paas.supervisor_id,paas.default_code_comb_id,
paas.set_of_books_id,paas.assignment_number, paas.period_of_service_id,paas.object_version_number
FROM per_all_people_f per,
per_all_assignments_f paas,
per_addresses padd
WHERE per.employee_number = p_emp_number
AND per.person_id = padd.person_id
AND paas.person_id(+) = per.person_id;
emp_rec c_check_employee%ROWTYPE;
-- Cursor retrieves latest Object Version Number from per_assignments_f table..
CURSOR csr_ovn (cp_person_id IN per_all_people_f.person_id%TYPE)
IS
SELECT MAX (paas.object_version_number)
FROM per_assignments_f paas, per_all_people_f per
WHERE paas.person_id = per.person_id
AND per.employee_number = paas.assignment_number
AND per.person_id = cp_person_id;
BEGIN
-- Process each record in the work table
FOR v_emp IN get_employee_details
LOOP
-- determine whether customer already exists
OPEN c_check_employee (v_emp.std_employee_number);
FETCH c_check_employee
INTO emp_rec;
IF c_check_employee%NOTFOUND
THEN
insert_flag := 'I';
ELSE
insert_flag := 'X';
END IF;
CLOSE c_check_employee;
-- Obtain the most recent Object Version Number..
OPEN csr_ovn (v_emp.std_person_id);
FETCH csr_ovn
INTO l_obj;
-- IF csr_ovn%NOTFOUND THEN RAISE NO_DATA_FOUND; END IF;
CLOSE csr_ovn;
-- Create new PER_ALL_PEOPLE_F and PER_ADDRESSES record from
-- info in table record
IF insert_flag = 'I'
THEN
BEGIN -- Importing Employee Procedure --
-- DBMS_OUTPUT.PUT (CHR (10));
-- DBMS_OUTPUT.PUT_LINE ('Importing employees.... ');
BEGIN
Hr_Employee_Api.create_gb_employee
(p_validate => l_validate,
p_hire_date => v_emp.std_hire_date,
p_business_group_id => v_emp.std_business_group_id,
p_date_of_birth => v_emp.std_date_of_birth,
p_email_address => v_emp.std_email_address,
p_first_name => v_emp.std_first_name,
p_middle_names => v_emp.std_middle_names,
p_last_name => v_emp.std_last_name,
p_sex => v_emp.std_sex,
p_ni_number => v_emp.std_national_identifier,
p_employee_number => v_emp.std_employee_number,
p_person_id => l_person_id,
p_title => v_emp.std_title,
p_assignment_id => l_assignment_id,
p_per_object_version_number => l_per_object_version_number,
p_asg_object_version_number => l_asg_object_version_number,
p_per_effective_start_date => l_per_effective_start_date,
p_per_effective_end_date => l_per_effective_end_date,
p_full_name => l_full_name,
p_per_comment_id => l_per_comment_id,
p_assignment_sequence => l_assignment_sequence,
p_assignment_number => l_assignment_number,
p_name_combination_warning => l_name_combination_warning,
p_assign_payroll_warning => l_assign_payroll_warning
Hr_Person_Address_Api.create_person_address
(p_validate => l_validate,
p_effective_date => v_emp.std_hire_date,
p_pradd_ovlapval_override => NULL,
p_validate_county => NULL,
p_person_id => l_person_id,
p_primary_flag => 'Y',
p_style => 'GB_GLB',
-- p_date_from => v_emp.std_hire_date,
p_date_from => SYSDATE,
p_date_to => NULL,
p_address_line1 => v_emp.std_address_line1,
p_address_line2 => v_emp.std_address_line2,
p_address_line3 => v_emp.std_address_line3,
p_town_or_city => v_emp.std_address_line4,
p_postal_code => v_emp.std_post_code,
p_country => v_emp.std_nationality,
p_telephone_number_1 => v_emp.std_telephone_1,
p_party_id => ip_p_party_id,
p_address_id => ip_p_address_id,
p_object_version_number => l_obj
--ip_p_object_version_number
Hr_Assignment_Api.update_emp_asg_criteria
(p_validate => l_validate,
p_effective_date => l_date, -- SYSDATE
p_datetrack_update_mode => l_datetrack_update_mode,
p_assignment_id => l_assignment_id,
p_object_version_number => l_obj,
p_organization_id => v_emp.std_organization_id,
p_location_id => v_emp.std_location_id,
p_job_id => v_emp.std_job_id,
p_position_id => v_emp.std_position_id,
p_special_ceiling_step_id => l_special_ceiling_step_id,
p_effective_start_date => l_date,
p_effective_end_date => l_effective_end_date, --IN/OUT
p_people_group_id => l_people_group_id, --IN/OUT
p_group_name => l_group_name, --IN/OUT
p_org_now_no_manager_warning => l_org_now_no_manager_warning, --IN/OUT
p_other_manager_warning => l_other_manager_warning, --IN/OUT
p_spp_delete_warning => l_spp_delete_warning, --IN/OUT
p_entries_changed_warning => l_entries_changed_warning, --IN/OUT
p_tax_district_changed_warning => l_tax_district_changed_warning --IN/OUT
Hr_Assignment_Api.update_emp_asg
(p_validate => l_validate, -- in
p_effective_date => l_date,
p_datetrack_update_mode => 'CORRECTION',
p_assignment_id => l_assignment_id,
p_object_version_number => l_obj,
p_supervisor_id => v_emp.std_supervisor_id,
p_default_code_comb_id => v_emp.std_default_code_comb_id,
p_set_of_books_id => v_emp.std_set_of_books_id,
p_concatenated_segments => l_concatenated_segments, -- out
p_soft_coding_keyflex_id => l_soft_coding_keyflex_id, -- out
p_comment_id => l_comment_id, -- out
p_effective_start_date => l_date, -- out
p_effective_end_date => l_effective_end_date,
p_no_managers_warning => l_no_managers_warning,
p_other_manager_warning => l_other_manager_warning
-- DBMS_OUTPUT.PUT_LINE ('Employee No:'|| v_emp.std_employee_number|| ' imported successfully..' );
EXCEPTION
WHEN OTHERS
THEN
RAISE NO_DATA_FOUND;
-- DBMS_OUTPUT.PUT (CHR (10));
DBMS_OUTPUT.PUT_LINE ( 'Ah, Employee:'
|| v_emp.std_employee_number
|| ' failed to load.. '
|| SQLERRM
-- DBMS_OUTPUT.PUT (CHR (10));
END;
END;
-- DBMS_OUTPUT.PUT (CHR (10));
v_rec_cnt := v_rec_cnt + 1;
-- DBMS_OUTPUT.PUT_LINE ( 'There were '|| v_rec_cnt|| ' records read in..');
-- End of customer related details
END IF;
END LOOP;
COMMIT;
END;
EXIT;
many thanks..Check primary_flag .... ;)
Regards.
Satyaki De.
Alex is Winner.... ;)
Edited by: Satyaki_De on Mar 2, 2009 5:33 PM -
Can anyone help with CC photography plan activation, when tBridge and photoshop are active and Lightroom requires a key . I have even applied the key to no avail.
Have you downloaded the perpetually licensed version of Lightroom or via the Cloud?
-
"Replace with After Effects Composition" greyed out using CC - WHY??
Hi All,
I am doing a project in Premiere Pro CC but need to dynamic link to After Effects CC. The "replace with After Effects Composition" button is greyed out and I can't understand why, both are installed!
I still have Premiere Pro CS6 and AE CS6 installed, because they contain plug-ins I use regularly, could this be causing an issue? I can't think why it would.
Any help would be greatly appreciated.
Many thanks,
RickHi,
Please navigate to C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0 and rename 1.0 as old1.0 and also C:\Program Files\Common Files\Adobe\dynamiclinkmediaserver\7.0 and rename it as old7.0.
Reset the preferences of After effects and Premiere pro from :
C:\Users\username\AppData\Roaming\Adobe\After Effects and rename 12.0 and 12.1 as old12.0 and old12.1. In the same location C:\Users\username\AppData\Roaming\Adobe\Premiere Pro and rename 7.0 as old7.0.
Restart the machine after these steps and then try to use dynamic link
Regards,
Vinay -
It requires activation of Windows! Why ?!
It was purchased a laptop with Windows 8 Professional on board.
On Downgrade I activated Windows 7 Pro.
Ability to make some time ago was put into a laptop repair center certified HP.
On his return from repair - I changed the video card chip, - Windows suddenly announced the absence of authentication and could not be activated with the current key.
To demolish all the software installed on your computer and reinstall again - not a solution: some programs can not be reset.
We need some how to activate the operating system in the current circumstances.
How to do it?Is Microsoft agrees to comply support OEM versions? Support OEM is always on the manufacturer. Read the license agreement.
The issue was resolved in a roundabout way: the reference to an authorized service center found replace the motherboard GPU in the repair of what I said in the first message.After talking with the support of the service center, it was decided that the firmware of the motherboard serial number and the key of faulty equipment. Exactly how this will be done - I do not care. Importantly, the authorized center "HP" admitted his mistake and eliminate it.
Maybe you are looking for
-
Internet Explorer Error while running VS2005 asp form from devt envt.
Compilation Error Description: An error occurred during the compilation of a resource required to service this request. Please review the following specific error details and modify your source code appropriately. Compiler Error Message: BC30560: 'Or
-
Change the ITEM PER SALES UNIT
Hi experts. I try to change the value in Items per sales unit, but the system give me an error 'CAN NOT BE CHANGED TO AN ITEM WITH TRANSACTION. Now we plan for the next month to change the package for abaout 2500 products that we produced. Someone ca
-
We have a requirement to integrate Oracle BPM with MQ version 6.0. The trigger point for instance creation would be the messages subscibed from MQ. Please let me know if there is any example showing the integration or any helpful documentation. Thank
-
Aperture 3.3 Upgrade, still not actually managed to use Aperture for anything!
I eagerly downloaded 3.3 as soon as it was available - the idea of a shared library/format between iPhoto and Aperture is great - sharing Faces/Places etc. But I haven't been able to do anything with it yet! After the initial library conversion, onc
-
V 5 worked fine and v6 doesnt (see post about not updating or installing apps). Is v 5 anywhere for download? Even when I Google it and the title says V 5 when I go to download its v6.