Same Sync Engine Encryption keys when upgrading FIM R2 to FIM R2 Sp1. why?
Hellos,
Just a quick clarification to help me write up the upgrade report.
I managed to upgrade FIM 2010 R2 to FIM 2010 R2 Sp1 without any issues. It was quite straightforward. However, my brief was to create a report for others describing not just the WHAT but the WHY.
The first step before uninstalling the FIM 2010 R2 software was to backup database and to save the encryption keys (generated by the FIM 2010 R2 installation)
These keys were then used by the FIM 2010 R2 Sp1 installation. WHY? Does this mean that the underlying encrypting mechanism has not changed and will unlikely ever change?
It would be bad if the mechanism will change, in this case you could not re-use your FIM DB.
From what I know the mechanism is still the same since MIIS 203, as I have da customer DB which was created at that Version and migrated to all version of the product.
Regards
Peter
Peter Stapf - ExpertCircle GmbH - My blog:
JustIDM.wordpress.com
Similar Messages
-
Invalid Product Key when upgrading to Win 8.1
I just upgraded from Windows 8 (which came pre-installed on my Twist) to Windows 8.1. This is supposed to be a free upgrade and all reviews recommend people do the upgrade.
However, my product key now is showing up as "blocked" and I can't activate Windows. I called Microsoft and all they can tell is that the key is invalid. I called Lenovo and all they can tell is that the keys they have only work on Windows 8.0, they don't have Windows 8.1 keys.
So, now I need to roll back to Windows 8.0, but the only way to do it is to do a clean re-install. Obviously, a huge problem, and I'll loose all my progams and settings.
Lenovo should let all their customers know that they SHOULD NOT upgrade to Windows 8.1 right now. And they need to find a solution to this ASAP.
I have 30 days when Windows will continue working, but after that it will lock up.
Solved!
Go to Solution.No, I did not make any changes to either hardware or installed software. The upgrade process was the usual "go to MS website, click Update, wait for download to finish and start the update".
I did contact both MS tech support and Lenovo tech support. Neither could help. Lenovo tech support (I talked to them twice) was the one who told me that Win 8 product keys they have will not work with Win 8.1. They told me that I would need to reinstall Win8 from scratch and sent me the recovery disc set.
I was actually able to resolve this now. What I think happened is that Win8 key was coded somewhere in the laptop's bios and the new version of Windows was reading it incorrectly. There is a program that lets you extract OEM Windows product keys: : http://forums.mydigitallife.info/threads/29789-RW-Everything-Latest-News The program gives you the correct key. Once I entered that, I was able to activate Windows. -
I initially set up my Sync account using an add-on for an older version of Firefox and have since upgraded to the latest version. But now my browser acts as if I don't have a sync account set up at all. When I attempt to create a new account, it says that my email address is already being used which tells me that my sync information is still on the the servers. So how do I retrieve my sync settings when settings are missing within my browser?
I resolved the problem in Snow Leopard by logging out of my (admin) account and logging into my daughter's account on the same machine. She doesn't have admin privileges, so when I tried to install Firefox 4 in her account, I had to authenticate with my admin identity and PW. Installation went smoothly after that. My guess is that you could also simply create a new account on the same machine and install Firefox 4 from that. I have no idea why this works.
-
I have two different 5s's with two different phone numbers but they are both using the same iCloud/apple account. After upgrading to iOS8 when I get a phone call on one phone both phones ring. One phone is for work and one is for private and I don't need both phones to ring from one call. It's bizarre.......is this supposed to be like this? If so where can I turn it off?? And while we are at it iOS8 has installed iBooks on both of my phones and iTunes won't let me uninstall it. I don't need or want iBooks on my phones.
Hi,
There are two easy fixes to this.
One, you can set up Family Sharing, in which you can have two different iCloud Accounts, yet still share the same apps, music, media etc.
Two, go to Settings and turn-off "Handoff". This can be found under the General page.
Hope this helps! -
Ever since updating to new OS, my iphone won't sync to itunes. When I plug in the phone to the PC, dialog box says I need to update itunes to 10.6.3 or later. I did that update, but still get the same error message.
Can anyone offer suggestions?
Thanks!Since it told me to update, I updated to 10.7.
Then when I plugged in the phone again, it gave the same message that I need to update itunes. -
previously used overdrive media console to download audio books now i get an error message when trying to sync to iphone 4 after upgrading to 10.5 itunes and 5.0 on iphone unable to download audiobook states cannot play on iphone and does not convert
previously used overdrive media console to download audio books now i get an error message when trying to sync to iphone 4 after upgrading to 10.5 itunes and 5.0 on iphone unable to download audiobook states cannot play on iphone and does not convert
-
When upgrading to ios5 none of my pictures came back to albums. I don't have anything in albums, not even the camera roll albumn with pictures I have taken since. I can get to the handful of pictures I have taken by going to camera, but it says "progress-sync" where it used to say camera roll. Now every picture I take has a saving photo on it and it won't let me do anything like email it, etc. It also is not showing up in albumns. How do I fix this? What happened? Help?
I had a simialar problem with mine, but my Cameral Roll at least was there. Hopefully you have been keeping a copy of your camera roll. I back mine up to my PC every now and then. If you did not, you might want to try a RESTORE to try to get back the Camera Roll.
As for the other Picture sync, I had to create a new directory on my PC and then resyng this NEW directory....BUT NOW I have TWO identical directories on my phone, which I am trying to resolve, but AT LEAST I can carry my sync photos around with me until I get one of the directories eliminated.
Next time I WONT be so quick to jump on the next Apple OS update! -
When upgrading to Flash 10.2 (Firefox is at Ver. 3.6.14, Windows XP), any embedded videos run like a split screen (The same video in one screen, dividing the screen into two running at the same time). This doesn't happen in IE.
When upgrading to Flash 10.2 (Firefox is at Ver. 3.6.14, Windows XP), any embedded videos run like a split screen (The same video in one screen, dividing the screen into two running at the same time). This doesn't happen in IE.
-
Safari Doesnot work when encryption key is enabled!
Hello!
I'm running a wireless homenetwork with my Ibook and two other Windows computers that run on ethernet LAN. All three get their connection from a 2-wire router.
The Problem:
Whenever i open safari with my ibook i get a msg that sates "safari cant connect/find server blahblahblh" (or something like that)
So, i called my ISP tech support. We found out that if i disable my encryption key Safari will work correctly.
But, i would rather prefer using an encryption key so that my neighbor doesnt steal my bandwidth.
Somebody help me! please
ISP:yahooDSL
ROUTER:2wire2700Which wireless encryption are you using: WEP-Open, WEP-Shared, or WPA-PSK on the 2Wire gateway? WPA-PSK would be the most secure and preferable over either WEP.
If you must use WEP, especially in a mixed (PC/Mac) environment, always use Hex characters:
- 10 Hex characters (for 40-bit WEP)
- 26 Hex characters (for 128-bit WEP)
(ref: http://docs.info.apple.com/article.html?artnum=106424) -
WEP Encryption Key not remembered when restarting the Equium M50-244
I am running an Equium M50-244 Laptop, with a BT Home Hub 7838 wireless router. Nearly everytime I power up this notebook it has no wireless connection. I therefore have to go into Control Panel, Network Connections, and get it to find a new connection.
Then have to type in WEP Encryption Key number twice to get a new connection.
This is obviously a lengthy procedure so I need to get the Laptop to recognise the Encryption Key and store it for the next time I power on.
I am running Windows XP Home with Service Pack 2, and a Norton Anti Virus and Firewall.
Any help would be much appreciated
PeterHello
I agree with Louis. Your WLAN cards support WPA encryption and, if possible, you should use it.
Anyway: for WLAN configuration try to use Windows settings and defined WEP password should be remembered for your WLAN. I have configured it on many different notebooks and after choosing the listed WLAN the password was already defined and only thing that must be done is to click on button Connect. -
Way to find out old Encryption Key
Hey everyone,
Is there a way to find out the old Encryption Key? I just recently upgraded an old 5.9 database to WT6 PL10. I am getting the Padding error, however I used the same Private Key from the old database and matched the Installer to it. Is there a way to find out the old private key? Not sure how it changed... If I can't figure out the old key, what do I have to do to get the old database online to match the Keys? Any thoughts would be greatly appreciated.
Thanks,
KristenThe private key is used to create a one-way hash and therefore cannot be discovered by any sort of reverse engineering. Web tools uses RM PKI encryption which is specifically built to disallow such operations.
1) Try recreating the hash by opening the Installer in tasks mode(Installer -tasks from command line)
2) If this doesnt do the trick, re-initialize the synch and clear out only the data that synchs, which does not include themes or catalogs, but be ready for the subsequent sync to take a minute or so, ok more like an hour or more
3) Don't forget to recreate the web.config file(installer -tasks again) if you change the private key. In fact you may wish to do this now, just to be sure it has the right one, and the updated version of it, since this is an upgrade from 5.9(.Net 1.1) -
I am wanting to replace a 2003 (not R2) File Server with a 2012R2 file server and preferably keep the same machine name and IP when finished. For the moment I just need some "high level" guidance, little details can be worked out once I know
which direction I will go. I was considering that DFS might be a way to help get through the process although when finished the 2012R2 Files server will be by itself with no other file server planned at this time. DFS can stay installed for maybe
future purposes but clearly I wouldn't need the DFS Replication with only one machine.
Here's a few details of the environment....
1. DC's are 2012R2 but it is still 2003 DFL because the old 2003 DCs are still present. But likely they will be gone and the DFL elevated before I start on the File Server project
2. Nearly all machines in the facility have a shortcut on the "All Users" Desktop that points to the existing old File Server. Editing or replacing that shortcut would be a major pain,...hence why I want to keep the same machine name at least,
and maybe the same IP if not too much trouble. This way the existing shortcut would continue to work with the new 2012R2 File Server. The UNC path represented in that shortcut is also configured into one or more of our major business applications,
futher emphasizing the need to keep the UNC path the same throughout the process.
3. The facility runs 24/7/365 but is "light" on weekends. The political environment is such that there is little to no tolerance for any down time at all.
4. Would DFS (based from the 2012R2 machine) be a good tool to get where I need to go?
Thanks for any suggestions.
Phillip WindellHi Sharon,
I've done some more reading and have a few new ideas to run past you....
Yes regular DFS wouldn't help and the Namespace would still be different than how it was with just the old server. However I was thinking DFS Replication could replace the purpose of RoboCopy and it would keep the two locations "in sync" until I was ready
to flip over to the new server. DFS Rep can exist independently of a DFS Namespace, so a Namespace is not even needed. It needs a minimum of 2003R2 for the "later & better" DFS Rep but I believe 2003 can do an "in place" upgrade to 2003R2, so I would upgrade
the old server to 2003R2 first. As long as the DFS Rep on 2012R2 and 2003R2 will properly interact I think that will work.
Thanks for the reg info on the Shares. I'm debating if editing that would reg file would really be much better than manually creating the Shares on the new server while the DFS Replication was doing its job. I'll probably export that Key as a
safety move whether I use it or not.
Once the DFS Rep is fully in sync and the Shares are in place on the new server, I figure I would then:
1. Remove the DFS Replication Object (optionally remove DFS Services completely)
2. Rename the old File Server to something else and set it to DHCP
3. Rename the new File Server to the name I want to use and give it the IP the old server had.
How does that sound?
Phillip Windell -
I have the BEFW11S4 wireless router (v4) with firmware version 1.50.10.
When I try to connect my laptop wirelessly, it works....but when I disconnect and reconnect, it says "Invalid key". If I change the encryption key, it again works for one connection, but after disconnecting and reconnecting--Invalid key.
I am using WPA (TKIP).
Thanks in advance for your help!I actually did try that...When I got my laptop, I upgraded the router's firmware to the most current edition (1.52.02) to get WPA encryption. However, my router would drop it's internet connection whenever I streamed video. After reading a message board about the same exact issue (http://hardware.mcse.ms/archive80-2005-12-267981.html), I set my firmware to the newest older edition I could find (1.50.10).
Thanks for your advice, but do you have another idea? -
Moving distribution list memberships from contact to user object with sync engine
We only have the FIM sync engine and when replacing an AD contact object with a user object I am being asked to move the distribution lists that the contact is a member of over to the new user object. I've done the contact to user replacement provisioning
many times before but never had to migrate the group memberships over.
Does anyone have any advice for the best approach to do this?This is what I suspected. You are not doing conversions. You are simply Deprovisioning contact and provisioning user. For all intends and purposes, the 2 objects are not related in any shape of form. So how do you know that this contact
is related to that user??
What you need is, to have both objects connected at the same time in MV before contact is deprovisioned. Only this way you know that user 'U' is the same as contact 'C'. FIM needs to know this.
For this, you need to have one MV object with 2 AD connectors, one for user and one for contact. You can use to MAs, or you can use code to have one object with 2 connectors. (Usually this is not allowed, but with code you can pass this)
Before deprovisioning contact, you do the group membership changes, then you deprovision contact.
Nosh Mernacaj, Identity Management Specialist -
Can no longer sync Ipod to Itunes after upgrading to Itunes 7
I can no longer sync Ipod to Itunes since upgrading to Itunes 7. When I try it freezes my Itunes and I have to force quit the application. Anyone else know how to solve this? Anyone else having this problem?
Powerbook G4 Mac OS X (10.4.9)I have the 3rd generation IPod and I thought it happened when I dropped it, but after thinking about it it did happen the same time I switched to itunes v7.
I have to stop the auto-sync and have the ipod completely restored each time. So when I want to update my ipod I have make it an hour adventure.
Maybe you are looking for
-
Initial Excise upload for Depot
Dear All, I want to upload excise for depot. As we have to pass on duties to customer as per the incoming excise invoice. Please tell me how can I upload initial incoming excise details (base value, mother challan number, duty value) Thanks in advan
-
So I added some new songs to my Itunes library and plugged in my Ipod in order to add the new songs onto it. After it said sync complete I ejected the Ipod and pressed the music button on it. There were no songs on the Ipod anymore or any playlists.
-
Hi All, anyone with this problem with Acrobat Pro XI, IM USING MAC, also Yosemite if that helps. Also Adobe CC, BASICALLY IT just quit and i had to uninstall, re install, and I get this ERROR: DW006: Apple Package failed to install successfully. ERRO
-
Hi MM Gurus, May I know the standard SAP Archiving procedure for Purchase Order with attachments ( I am not talking about the business service attachments). The attachments are at the item level. Please help. Thanks Pranav
-
1) public class Thrwodemo { * @param args static void demoproc() { try { throw new NullPointerException("demo"); } catch(NullPointerException e) { System.out.println("Caught inside demoproc.");