Roles in ou=oblix branch

Hi ,
Can someone explain what are the roles in ou=oblix branch?
thanks

I don't understand your question. Can you elaborate?

Similar Messages

Newly Created Branches not showing up for Recruiter in the Requisition.

Hi,
We have created Branches as Administrator and the Branches are not showing up for Recruiter when trying to create the requisition. Any suggestion on this will be great help.
Thanks.

Hi,
the most common reason for branches not showing up is caused if someone does not use the frontend for administrator but the IMG nodes for creating branches and assigning to companies. This is caused by missing bp role assignment.
So check the branches in TCODE BP that they have the role for e-recruiting branch assigned. The standard delivey uses bp role RCFBRA but this can be changed in T77S0 RECFA BRARO.
Furthermore you should check if T77RCFBRANCHCOMP entries are ok.
Kind regards
Roman

Using Dimension Role

Hi Guys ,
I've created one dimension that i want to use it multiple time in one cube , so i defined two role for it (delivery branch, order branch) .
I used this dimension twice in sales cube with different role but when i want to deploy cube i got following error .
XOQ-01486: Consistent solve has two aggregation steps over dimension "DIM_BRANCH".
I Use Roalp with CubeMV storage option for my cube and dimension .
I've read in owb help that when we use Dimension Role , Oralce make seperate Dimension for Role in Olap Catalog , but when i deploy my dimension with two role , i can see only one dimension in awm .
I need your help.
thanks
Edited by: amir on Jul 14, 2012 12:01 AM

We're going to need some more details about exactly what you did because it really sounds like you're making a mistake. This extra attribute should work.
The only situation I can think of where it might not work as intended is if your new attribute is a property of the state attribute... when you slice by the state attribute, it will override the default member on the new attribute.
What are your attribute relationships in that dimension? What do you get when you run the following MDX queries?
with
member test1 as [Geography].[State].DefaultMember.UniqueName
member test2 as [Geography].[NewAttribute].DefaultMember.UniqueName
select {test1,test2} on 0
from YourCube
select {} on 0,
[Geography].[NewAttribute].[NewAttribute].Members
*[Geography].[State].[State].Members on 1
from YourCube
As for the calculated member [Geography].[State].[All].[West], you can add to that to the MDX script (the Calculations tab in the cube designer) and it will be available to all sessions.http://artisconsulting.com/Blog/GregGalloway

Urgent Help / suggestion Needed - DAG in Differnt Site - Implementaion

Hi All
Current setup of my lab is below -
MAIN SITE - Named Head Office
Root Domain Controller : IP 172.29.154.1 / 255.255.0.0
Two node DAG : - Mailbox servers - DAG NAME - DAG1
Casarray (casaarray1 , and casarray2) servers
One hub transport server
Total 6 VM servers are running in the head office site
Created a new AD site for name Branch Office and installed a addition domain controller with IP of 10.10.10.1/255.0.0.0
Now i would like to implement the DAG between the sites .
how can i implement, i mean what are the best ways to implement the DAG between two sites
1. shall i go for typical installation of exchange (CAS, HUB , MAILBOX ) 2010 in main office and Branch office . will it support DAG between two sites for typical installation?
2. shall i install one more Mailbox server alone in MAIN SITE and install CAS and hub in one server and mailbox alone in the branch office site? i mean - two Mailbox servers in each site
any other best ways other than above two points , the main intention is to implementing, testing and learning the site resilience between the sites and want to know the stuffs in and around DAC
Thanks in advance

so, i was assuming that i will add one mbx server in main site and another mbx server in branch site and make it HA via DAG --- is it possible
Next option
i can go for typical installation of ( CAS , HUB MBX server (all three in in one server) in main site and another three server roles (aal in one server) of Branch office and make the mailbox for HA -- will it possible
how can i achieve the HA with my current setup between the sites
If your bandwidth and latency between sites  you
can have  HA for mailbox databases by adding a mailbox server as a member in the current DAG. DAG will
give you only HA for mailbox not HUB/CAS.
After you installed the Mailbox role on the branch server, You have to set autodiscover site affinity.
http://technet.microsoft.com/en-us/library/aa998575(v=exchg.141).aspx
It is little bit complicated if you want HA over 2 sites, It depends on the bandwidth and latency between sites. If
you install all the 3 roles and configure the branch site as part of the main branch ADsite you can have highly availability for CAS by a load balancer and this is not a small change. i.e. add the branch server to the Main office CAS
Array and load balance.
http://channel9.msdn.com/Events/TechEd/NorthAmerica/2011/EXL401
If the branch site is not Internet facing, Please check this.
http://technet.microsoft.com/en-us/library/bb310763(v=exchg.141).aspx
adding an MBX/HUB/CAS in your branch office and buy a hardware load balancer of your budget. List
of MS supported HLBs here.  Configure the load balancer to according to your bandwidth and latency
between sites.
Thanks, MAS
Please mark as helpful if you find my comment helpful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.
Couple of comments please!
Autodiscover sitescope is a function of CAS not mailbox. This is written into AD when the CAS role is installed.
Why are you splitting all the roles out like this? The recommendation in 2010 and 2013 is to multirole whenever possible. There are valid reasons for splitting, I just want to know what's driving you to this.
The preferred DC switch is just for the current PowerShell session IIRC. I'll check up on that though.
I'd ask you to look at the design examples on TechNet
http://technet.microsoft.com/en-us/library/dd979781(v=exchg.141).aspx
In all of this, you have to consider what the impact of a failed WAN link(s) will do. If you have a single DAG spanning both locations, and the WAN goes down then in the case of a single DAG spanned between both of the sites some users will not have
access to a local mailbox server. The cluster service terminates and so does the Exchange store. That is by design.
Cheers,
Rhoderick
Microsoft Senior Exchange PFE
Blog:
http://blogs.technet.com/rmilne
Twitter:   LinkedIn:
  Facebook:
  XING:
Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

OAM 10g reinstall issue

We're having a problem reinstalling OAM 10g.
We had an OAM 10g install with config and user data stored in OID. All the OAM components were uninstalled from a testing server, the oblix schema objects, attributes and oblix branch were deleted from OID. The ID server and webpass were reinstalled and the ID server web config step carried out, but after that the ID server will not restart because it can't find an ID. When we look at the new oblix branch in the ldap there isn't much there and specifically the DBAgents entry is missing.
The suggestions for the error all point to it being that this isn't the first ID server to be installed in the ldap. We've uninstalled the first one and tried to remove everything from the ldap. Can anyone suggest what we may have left behind in the ldap because something is retaining a reference to the previous install.
Thanks for any help.

If a component installation terminates (or is terminated by you) after component files were extracted to the designated installation directory, you should run the Uninstaller for that component and then remove the installation directory before attempting to reinstall in the same location.
If you simply delete the installation directory and attempt to reinstall the component in the same location, the vpd.properties file is left in an inconsistent state and reinstalling will not work.
For example, suppose you terminate a WebGate installation after component files were extracted, then you remove the installation directory manually rather than using the WebGate uninstaller.
In this case, the extracted files are deleted but the vpd.properties file is not. This leaves the vpd.properties file in an inconsistent state that prevents successful installation.
Reinstalling Oracle Access Manager with Oracle Internet Directory
If Oracle Access Manager will be removed and reinstalled with the same directory instance, only the Oracle Access Manager configuration tree(s) need be deleted.
In this case, there is no need to remove the Oracle Access Manager schema from the directory instance.
When reinstalling the Identity Server, select "No" when asked if you want to update the schema (which is already present). Selecting "Yes" results in an an error message "schema already exists".
You remove the Oracle Access Manager configuration tree from the directory server instance using tools and instructions from your directory vendor.
For Oracle Internet Directory, for example, you may use the Oracle Internet Directory Administration Console.
However, you cannot simply delete the parent object because there are dependencies and recursive deletes are not possible.
Oracle recommends that you do not remove the Oracle Access Manager schema from Oracle Internet Directory using the Console.
Instead, Oracle recommends that you use the LDIF files in Component_install_dir\identity\access\oblix\data.ldap\common. For example:
OID_oblix_schema_index_delete.ldif : Oracle Access Manager attrbitue index cleanup file drops the Oracle Access Manager indexes before or after you clean up the schema.
OID_user_schema_delete.ldif—Oracle Access Manager user data cleanup file for Oracle Internet Directory—removes user data that resides on a separate directory instance from configuration data
OID_oblix_schema_delete.ldif—Oracle Access Manager configuration data cleanup file for Oracle Internet Directory—removes both user and configuration data when both reside on the same directory instance
When user data and configuration data reside in the same directory instance, only the OID_oblix_schema_delete.ldif needs to be used with the because it will also remove the user schema objects.
However, when a separate directory instance hosts only user data the OID_user_schema_delete.ldif should be used. In either case, however, you must use the OID_oblix_schema_delete.ldif to remove the attribute index.
For steps, see Chapter 20, "Removing Oracle Access Manager".

Km authorization in a Enterprise

assume there are two roles in the system:
km content administrator in headquarter
km content administrator in branch office
all the km contents should be classified in enterprise hiberarchy
km content administrator in headquarter should have the authorization to manage all content in the enterprise scope. km content administrator in branch office only have the authorization to manage the content in the branch office scope.
is it possible to do that?
thanks

You can create KM Navigation iViews and give the root folder to headquater and branch office repository/folder.
And then finally assign these to specific roles of headquater and branch office administrator roles. This way each will only have access to their content will full right only to their specific areas.
Hope this helps.
Ankur

Reconfigure OAM components

Hi all,
I have configured OAM with OID and it was working fine.... But suddenly OID got crashed and I am not able to access OAM. Is it possible to reconfigure OAM with new OID...? Pls suggest some way....
Thanks.

You need to force the product back into bootstrap mode and re-run the browser based setups.
1) Identity System
This is the process that writes the initial o=oblix branch. To force this process again, locate the file {identity server install}/identity/oblix/config/setup.xml and locate the line indicating the current step - it should have a value of 'done'. Edit this value to 'incomplete' and save the file. Restart the webserver and identity server and navigate in a browser to /identity/oblix and request the Identity System Console. The Setup screen should appear.
Note that you can run this setup process with or without major underlying directory changes. Also note that (depending on what you are changing) you may also need to reconfigure individual software components using each one's command line configuration program (found in some form at .../oblix/tools/{setup* or configure*}).
2) Policy Manager (Access System)
The setup process for the Access System results in the writing of the obapp=PSC branch of the directory. To force this process find the file {policy manager install}/access/oblix/config/setup.xml and rename the file to something else. Then restart the webserver and navigate a browser to the /access/oblix. Request the Access System Console and you should see the setup button.
As on the identity side, depending on what you are doing, you may need to reconfigure the software components installed using their command line setup utilities.
That should be enough information to get you going in the right direction.
I see this question often so I am also documenting this here: [http://coreidng.blogspot.com/2009/09/forcing-oam-browser-based-setup.html|http://coreidng.blogspot.com/2009/09/forcing-oam-browser-based-setup.html]
I'm sure this is in the product docs as well though I can't find it right now.
Mark

E-Recruiting 6.0: Business Partner Role For Branches

Hi Experts,
In the IMG, SAP E-Recruiting > Basic Settings > Enterprise Structure > Define Business Partner Role for Branches
Can anyone help in the following:
1) What is the purpose of Business Partner Role and how does it relate the Branches? Or how can i make use of it?
2) If i am going to maintain the Company & Branches via the Administrator function instead of IMG, do I still need to configure this step: Define Business Partner Role for Branches
Thanks. Will reward points for any helpful tips.
William

Hello William,
the Business Partner is an application / module which belongs to the base components of the SAP. It is used and partly extended by various other applications / modules. Next to E-Recruiting it is used for example by CRM and the financial service solution (FS-CS, FS-PM, FS-RI). All of these modules can put their data for a person or an organization into the same tables. Depending on the installation / system environment or even within one single module the requirements for available fields and business checks as on authorization differ between kinds of business partners (e.g. in FS-CS the commission solution for the financial service sector knows external agents and internal employees which have to be treated differently). The business partner is the element to assign the logical / business role in which a person is handled by the system.
For E-Recruiting you have 2 kinds of business partners, too. On the one and there are people being candidates and on the other hand there are branches of your company which hire people. The configuration allows you to seperate them if you need to identify anywhen which business partner is a branch and which is a candidate. So far I never tried if this is really working as there is no real use for this I never set it up. The attributes and the business checks are the same anyways.
Hope that helps a bit to understand the context
Best Regards
Roman Weise
PS: please remember that you have to maintain the branches via administrator bsp application. Using the IMG entry won't work.

Branch office Exchange 2010 Role base administration control for branch site administrator

Dear sir,
   Customer has a Exchange 2010 Main and Branch office environment:
- Main office Exchange 2010 CAS x2 +HTS & Mailbox x2 (Server1,2 & Server 3,4)
  (Main office administrator:domain1\administrator) - DAG1
- Branch office Exchange 2010 CAS+HTS x2 & Mailbox with DAG x2 (Server5,6 & Server7,8
   (Branch Administrator: domain1\badmin) - DAG2
   Customer would like to know what is the role which permission should grant / delegate for ID: badmin in order to manage Exchange server 5,6,7,8 ? (with manage user account and performance in DAG2 failover & branch exchange server)
Regards,
Joe Tam

Dear Brian,
   I have try in my lab to scale down into 2 x Server in 1 AD Single Domain And Single Forest. It still have many unexpected behaviour, can you please suggest whether it is a design or bug of Exchagne 2010 SP1?
Procedure:
============================================================================
Exchange 2010 Role Delegation Problem: (Single AD, Single Site)
Environment:
Server: Windows 2008 R2 AD x1 + (CAS+HTS+Mailbox) Server x1
AD Server: AD1
Exchange2010 Server : EX2010 (with SP1) – Member Server Joined to testdomain1.net
Domain Name: testdomain1.net (NETBIOS: TESTDOMAIN1)
In AD,
Login as domain administrator: Testdomain1\administrator
1. Create an Organization Unit OU1.
2. Create User User1 under OU1
3. Delegate User1 to allow create user in OU1
Select all item in “Delegate the following common tasks:
In Exchange 2010 Server,
Login as domain administrator: Testdomain1\administrator
1. Rename existing database name to HKDB1
2. Create a new database AUDB1 in EX2010 Server:
AUDB1 Create Done.
Assign testdomain1\User1 as Exchange 2010 local administrators group.
Logoff Testdomain1\administrator and Login Testdomain1\User1
Open Exchange EMC: (Failed, because no user management roles is grant).
Logoff Testdomain1\User1, Login Testdomain1\Administrator
Open Exchange 2010 PowerShell:
Delegate User1 to allow perform recipient management in HKDB1 only:
====================================================================
New-ManagementScope "HKDBSCOPE" -DatabaseRestrictionFilter {Name -Eq 'HKDB*' }
$RoleGroup = Get-RoleGroup "Recipient Management"
New-RoleGroup "HKDBRecipientManagement" -Roles $RoleGroup.Roles -CustomConfigWriteScope "HKDBSCOPE"
Add-RoleGroupMember “HKDBRecipientMANAGEMENT” -Member User1
====================================================================
Result:
In Exchange 2010 Server, logon as domain user: Testdomain1\User1
Open Exchange Management Console: (User1 able to open EMC now)
Perform Create User User2 in OU1 with Mailbox located in HKDB1
Mailbox Creation Failed because it cannot match the Database name = HKDB*
Logoff Testdomain1\User1, Login Testdomain1\Administrator
In Exchange Management Shell, enter:
Set-ManagementScope "HKDBSCOPE" -DatabaseRestrictionFilter {Name -Like 'HKDB*' }
Logoff Testdomain1\administrator, Login Testdomain1\User1
Open Exchange Mangement Shell and Create User2 again.
Create user successfully.
Perform create User User3 in OU1 with Mailbox located in AUDB1
User3 Creation Failed because it is not meet the Database restriction of User1 – Like HKDB*
Logoff Testdomain1\User1, Login Testdomain1\Administrator
Open Exchange Management Console, create User3 in AUDB1
Create User3 in Users Container, by administrator ID.
Logoff Testdomain1\administrator, Login Testdomain1\User1
Perform mailbox remove of User2
User2 mailbox remove successfully.
Perform deletion of User3
Mailbox User3 Remove Successfully.
Why User3 is allowed to deleted mailbox which is located in by using delegated of User1?
Moreover, it found that User3 properties can also be changed by using User1. Why?
Does it mean delegation cannot handle delete operation?
In Active Directory User and Computer: User2 is deleted successfully by using User1 ID.
In Active Directory User and Computer: User3 is also deleted successfully by using User1 ID.

Cannot add Active Directory Domain Services role on - DirectoryServices-DomainController . Status: -2147021879 (80070bc9)

Hi everyone,
I've been banging my head against this for a while and hope someone can help me.
Running Windows Server 2008 R2 Standard with Service Pack 1.
When I try to add the Active Directory Domain Services role to the server it gets to about 90% complete and then dies.
The ServerManager.log shows the following information, I have run the System Readiness Tool - output below - with no errors found.
At a loss on what to do next. The only other links I've found suggest rebuilding the server which I would really like to avoid...
Help appreciated,
John
ServerManager.log (extract)
==========
name : Active Directory Domain Services
state : Changed
rank : 1
sync tech: CBS
guest[1] : Active Directory Domain Controller
guest[2] : Identity Management for UNIX
ant. : empty
pred. : empty
provider : null
name : Active Directory Domain Controller
state : Changed
rank : 4
sync tech: CBS
ant. : .NET Framework 3.5.1
pred. : Active Directory Domain Services, .NET Framework 3.5.1
provider : Provider
8720: 2012-01-18 10:54:41.853 [Sync] Calling sync provider of Active Directory Domain Controller ...
8720: 2012-01-18 10:54:41.853 [Provider] Sync:: guest: 'Active Directory Domain Controller', guest deleted?: False
8720: 2012-01-18 10:54:41.853 [Provider] Begin installation of 'Active Directory Domain Controller'...
8720: 2012-01-18 10:54:41.853 [Provider] Install: Guest: 'Active Directory Domain Controller', updateElement: 'DirectoryServices-DomainController'
8720: 2012-01-18 10:54:41.853 [Provider] Installation queued for 'Active Directory Domain Controller'.
8720: 2012-01-18 10:54:41.853 [CBS] installing 'DirectoryServices-DomainController ' ...
8720: 2012-01-18 10:54:42.399 [CBS] ...parents that will be auto-installed: 'NetFx3 '
8720: 2012-01-18 10:54:42.399 [CBS] ...default children to turn-off: 'WCF-HTTP-Activation '
8720: 2012-01-18 10:54:42.415 [CBS] ...current state of 'DirectoryServices-DomainController': p: Staged, a: Staged, s: UninstallRequested
8720: 2012-01-18 10:54:42.415 [CBS] ...setting state of 'DirectoryServices-DomainController' to 'InstallRequested'
8720: 2012-01-18 10:54:42.430 [CBS] ...current state of 'NetFx3': p: Installed, a: Installed, s: InstallRequested
8720: 2012-01-18 10:54:42.430 [CBS] ...skipping 'NetFx3' because it is already in the desired state.
8720: 2012-01-18 10:54:42.430 [CBS] ...current state of default child 'WCF-HTTP-Activation': p: Installed, a: Installed, s: InstallRequested
8720: 2012-01-18 10:54:42.430 [CBS] ...skipped child 'WCF-HTTP-Activation' because it is already installed
8720: 2012-01-18 10:54:42.461 [CBS] ...'DirectoryServices-DomainController' : applicability: Applicable
8720: 2012-01-18 10:54:42.461 [CBS] ...'NetFx3' : applicability: Applicable
8720: 2012-01-18 10:54:42.539 [CbsUIHandler] Initiate:
8720: 2012-01-18 10:54:42.539 [InstallationProgressPage] Installing...
8720: 2012-01-18 10:54:42.758 [InstallationProgressPage] Verifying installation...
8720: 2012-01-18 10:54:42.758 [InstallationProgressPage] Installing...
8720: 2012-01-18 10:55:03.740 [CbsUIHandler] Error: -2147021879 :
8720: 2012-01-18 10:55:03.740 [CbsUIHandler] Terminate:
8720: 2012-01-18 10:55:03.787 [InstallationProgressPage] Verifying installation...
8720: 2012-01-18 10:55:03.802 [CBS] ...done installing 'DirectoryServices-DomainController '. Status: -2147021879 (80070bc9)
8720: 2012-01-18 10:55:03.818 [Provider] Skipped configuration of 'Active Directory Domain Controller' because install operation failed.
8720: 2012-01-18 10:55:03.818 [Provider]
[STAT] ---- CBS Session Consolidation -----
[STAT] For
'Active Directory Domain Controller'[STAT] installation(s) took '21.9535541' second(s) total.
[STAT] Configuration(s) took '0.0007754' second(s) total.
[STAT] Total time: '21.9543295' second(s).
8720: 2012-01-18 10:55:03.818 [Provider] Error (Id=0) Sync Result - Success: False, RebootRequired: True, Id: 110
8720: 2012-01-18 10:55:03.818 [Provider] Error (Id=0) Sync Message - OperationKind: Install, MessageType: Error, MessageCode: -2147021879, Message: <null>, AdditionalMessage: The requested operation failed. A system reboot is required to roll back changes made
8720: 2012-01-18 10:55:03.818 [InstallationProgressPage] Sync operation completed
8720: 2012-01-18 10:55:03.818 [InstallationProgressPage] Performing post install/uninstall discovery...
8720: 2012-01-18 10:55:03.833 [Provider] C:\Windows\system32\ServerManager\Cache\CbsUpdateState.bin does not exist.
8720: 2012-01-18 10:55:03.833 [CBS] IsCacheStillGood: False.
8720: 2012-01-18 10:55:04.333 [CBS] >>>GetUpdateInfo--------------------------------------------------
8720: 2012-01-18 10:55:34.784 [CBS] Error (Id=0) Function: 'ReadUpdateInfo()->Update_GetInstallState' failed: 80070bc9 (-2147021879)
8720: 2012-01-18 10:55:34.784 [CBS] <<<GetUpdateInfo--------------------------------------------------
8720: 2012-01-18 10:55:34.815 [DISCOVERY] hr: -2147021879 -> reboot required.
8720: 2012-01-18 10:55:34.831 [InstallationProgressPage] About to load finish page...
8720: 2012-01-18 10:55:34.831 [InstallationFinishPage] Loading finish page
8720: 2012-01-18 10:55:34.831 [InstallationFinishPage] Finish page loaded
CheckSUR.log
=================================
Checking System Update Readiness.
Binary Version 6.1.7601.21645
Package Version 13.0
2012-01-18 10:33
Checking Windows Servicing Packages
Checking Package Manifests and Catalogs
Checking Package Watchlist
Checking Component Watchlist
Checking Packages
Checking Component Store
Summary:
Seconds executed: 220
No errors detected

Hi John,
Thanks for posting.
Performed some research and some results say that this problem can be caused by HD Write Caching.
To disable Write Caching:
1. Go to Device Manager.
2.Click the plus sign (+) next to the Disk Drives branch to expand it.
3.Right-click the drive on which you want to enable or disable disk write caching, and then click Properties.
4.Click the Disk Properties tab.
5.Click to select or clear the Write Cache Enabled check box as appropriate.
6.Click OK.
If no luck, Please check if any erros can be found in Event log, Dcpromoui.Log and Dcpromo.log
The following articles maybe helpful to you:
Known Issues for Installing and Removing AD DS
http://technet.microsoft.com/en-us/library/cc754463(v=WS.10).aspx
You cannot install Active Directory Domain Services
http://support.microsoft.com/kb/975142
Thanks
ZHANG

Branch Office Connectivity

hi
we have firewall setup in our main office with following setup:
we are running DC on Windows 2008 Servers with MS Exchange 2010, lync 2010 and ip phone as well.
planning to setup AD replication to our branch offices for network drive access and group policy update; kindly advice on this.
Best Regards,
Ramesh TP

Hi
i think you mean about best practice topology.
First of all,you will add Additional Domain Controllers on your branch offices.Also This ADC will have DNS,DHCP role based.And will deploy a File server.
Important point is structure you want to build.
This is a detailed article about domain topologies, So please check this article about your questions;
https://msdn.microsoft.com/en-us/library/cc749945.aspx?=255&MSPPError=-2147217396

Clients Not seeing DHCP server at branch office or not accepting ip offers (NO LOG REPORTS KIND OF IN THE DARK)

Hi there i am having an issue that has popped up recently i have a DC at a branch office that is connected to the main office DC via a Persistent Demand Dial connection in RRAS. Everything was working properly according to me until i found out that the Network
Admin who manages the branch office network failed to notify me that client machines weren't getting IP addresses from the DHCP server. This server was recently installed and wasn't fully implemented till about a week ago when i configured the Demand Dial
connection in RRAS up until that point it just had a regular old VPN connection to the main office while we worked out the kinks with a few things. the things ive tried so far to get DHCP working are as followed
1.Rebooted the branch office server (MULTIPLE TIMES)
2. Uninstalled the DHCP Role and re-installed it....To my surprise 1 client managed to get a ip on its lan adapter after DHCP was re-installed but nothing else
3. Disconnected the connection between the main office DC and the Branch office DC as i figured the main office DC DHCP server might be interfering with the branch office DC DHCP Server but nothing happened
4. Unauthorized and Reauthorized the main office DHCP server and the branch office DHCP server nothing changed
5. sifted through multiple log files on both servers and found noting in fact DHCP logs are empty on both servers
6. restored backups of the DHCP servers from when they were working
7. came here cause im out of ideas and im pulling my hair out
here are the current statistics from the problem server
Start Time: 7/12/2014 2:02:10PM
Up Time: 1Hours, 18 Minutes, 41 Seconds
Discovers: 90
Offers: 90
Requests: 2
Acks: 13
Nacks: 0
Declines: 0
Releases: 0
Total Scopes: 1
Total Addresses 253
In Use 2 (0%)
Available: 251 (99%)
Id like to add that RRAS was getting IP addresses from the problem server up until the point i uninstalled the role and re-installed it
heres is a ipconfig /all from the problem server
Windows IP Configuration
Host Name . . . . . . . . . . . . : MNB-DC
Primary Dns Suffix . . . . . . . : VTEACR.LOCAL
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : VTEACR.LOCAL
PPP adapter Remote Router:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Remote Router
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.141.70.25(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 10.141.70.10
NetBIOS over Tcpip. . . . . . . . : Disabled
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
Physical Address. . . . . . . . . : 00-16-35-AB-D3-05
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d9e:daa4:34dd:db44%10(Preferred)
IPv4 Address. . . . . . . . . . . : 10.141.80.102(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : fe80::226:5aff:feb7:5b3c%10
10.141.80.1
DNS Servers . . . . . . . . . . . : ::1
10.141.80.102
NetBIOS over Tcpip. . . . . . . . : Enabled
PPP adapter RAS (Dial In) Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : RAS (Dial In) Interface
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 169.254.238.243(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Disabled
Tunnel adapter Local Area Connection* 8:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{427DF66B-3B30-40B1-B67E-B5587465C
394}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 9:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 11:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.ziricom.com
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 12:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.VTEACR.LOCAL
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 13:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{BE201060-A9B9-404A-8361-F8FFB82F5
6F6}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 14:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 15:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.VTEACR.LOCAL
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 16:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 19:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.ziricom.com
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
if anymore information is needed please let me know i have full access to everything on the network so its not a problem and i am able to remotely access the branch office DC and all computer and switches at any time of the day
Viper Technologies Computer Repair Putting The Venomus Bite Back In Your Computer We Are Located In Antigonish ,NS Canada Check Us Out HTTP://WWW.VIPERTECHNOLOGIES.TK

Hi,
Does this issue occur on one client or multiple?
Please check this article:
http://technet.microsoft.com/en-us/library/cc757164(v=ws.10).aspx#BKMK_5
Regards.
Vivian Wang

Managed Role Scope

I learned that roles in DS are scoped to where they are created. Meaning if I create a managed role called role1 in ou=Roles,dc=sun,dc=com only entries (ie users and groups) under the ou=Roles branch will have visibility to role1. But since all my users are created underneath a different ou (ie ou=People), how do I get role1 to be visible to the users under ou=People? From a day's worth of reading, this doesn't seem possible. The only way around is to create the role under the ou=People branch. In this approach, all the member searches are behaving correctly. My concern is we will have thousands of roles, what's the scalability of having that many roles mingled with all 750,000 user entries under ou=People...
Any help is appreciated!

The problem with that is the nsRole virtual attribute never gets >calculated. While, the nsRoleDN will allow me to find all the roles for a >given user with a search filter like this:
uid=user1 nsRoleDN
I need the nsRole virtual attribute to find role members (all members >with a particular role)
for example, using this search filter
nsRole=cn=role1,ou=roles,dc=sun,dc=com
to retrieve all members of role1. and this does not work unless role1 >was in the same scope as the user or aboveWhat about using
nsRoleDN=cn=role1,ou=roles,dc=sun,dc=com
It should return all members of role1. In the same time usage of on-the-fly computed nsRole attribute in searches isn't supported - please see Note 2 in the same link:
http://docs.sun.com/source/816-5606-10/roles.htm#1117631

Need suggestion to configure role in CRM in a particular scenario.

Dear All,
There are 2 business units under root business unit let say B1 and B2. A user (U1) belongs to business unit B1 and other user (U2) belongs to business unit B2. Both users (U1 and U2) are associated to a security role “Branch Users”.
The scenario is users can assigned record (Lead) to the users belongs to their business unit only but can share the record (Lead) to all the users of organization.
Now the problem is for “Branch Users” role if I am giving organization level read permission on “Users” entity then users (U1 and U2) can share lead to all users of the organization but the same time users(U1 and U2) also can assigned lead to all organization
users. If I am giving business unit level read permission on “Users” entity then users (U1 and U2) can only see users of their business unit at the time of assignment but they are not able to see all users of organization at the time of sharing a lead.
Please suggest how to implement this particular scenario to resolve this conflict of read permission on User entity.
Thanks
Sartaj

Hi,
What you are trying to achieve contradicts each other. You will not be able to achieve both with OOTB security roles. Use the function which will be used most with OOTB roles and for other one, write custom code. Like plug-in to restrict
the change if it is outside the default business unit.
Hope this helps.
Minal Dahiya
blog : http://minaldahiya.blogspot.com.au/
If this post answers your question, please click "Mark As Answer" on the post and "Vote as Helpful"

How to interrogate roles of a user in a process

I mentioned this in the beta call on Wednesday, but I thought I would enter it here to follow-up on....
We have a business need to be able to interrogate the roles assigned to a user in our process flow. Here is an example:
1. A user enters some data on an initiator type human task. (let's say the swimlane or role is 'data entry')
2. Next, there is an approval type human task that must be completed (it is in the swimlane or role of 'approver')
3. If the user that performed the data entry task is also associated to the role of 'approver', the approval task should be bypassed.
So, I think I need to get the user who did the data entry and determine if they have the role associated to the approval task....if so then I can branch around that task in my process flow. Is there a way to do this in the BPM process (preferred)? Or within the Human task definition? Or do I need to write a service of some sort?
--- Becky Kellinger
Edited by: bkellinger on Apr 8, 2010 2:06 PM

Essentially,
a. You can find the actual performer of a Task by using output/execData/systemAttributes/updatedBy/id
b. You can use ids:isUserInRole to test user's membership in desired role
Note that since we have a bug of not exposing identity XPath functions in BPMN, you have to edit the source of BPM. What I did was, create an expression in editor: ora:addQuotes(concat(role, users)) (any dummy expression to get everything setup), then found the expression in the .bpmn file, and replaced it with:
<from language="http://www.w3.org/1999/XPath" xmlns:bpmn="http://www.omg.org/bpmn20" xmlns:ora="http://schemas.oracle.com/xpath/extension">ora:addQuotes(concat(bpmn:getDataObject('role'), bpmn:getDataObject('user')))</from>
This will work with Groups but not Swimlane roles (app roles) It is supposed to work with Swimlane roles as well and we will fix it in PS.
Please let me know if you would like the sample code.

Roles in ou=oblix branch

Similar Messages

Maybe you are looking for