Some clarification needed on PKCS #5 PBE

Hi all,
This is my first time posting on SUN Forums. Hope to be able to get your assistance in the programming field.
I have questions about PKCS #5, as I couldn't understand how it can help improve security when using salt and iteration count.
PKCS #5 states that salt and iteration count does not need to be kept secret as it is normally appended with the encrypted data.
To my understanding,
On encryption side, user will input a password and salt will be appended to the password, followed by a hashing algorithm.
key[1] = SHA-1(password+salt)
Iteration count addeds to key strengthening by:
Key [1] = SHA-1(password+salt)
key[2] = SHA-1(Key[1])
Key[i] = SHA-1 (Key[i-1]
Encrypted Data will then be obtained by:
Ciphertext = AES(Key[i] and Plaintext)
Hence the data payload will be as follows:
|| Encrypted Data+Salt+Iteration Count ||.
When the receiver receives the message, the decryption is similar.
key[1]= (password+obtained salt) from Payload
Key[i] will then be obtained depends on the Iteration Count,
and encrypted Data will be decrypted with Key.
My lack of understanding here is how does using salt increases security when the salt is public?
If a 56bit salt is used and only available to the receiver, any attacker who wants to decrypt the message might need to try 2^56 possible keys using a SINGLE password.
But if the salt is public, the only difference from adding salt and not adding salt is the key strengthening process.
How is password based encryption safer when comparing to AES-128 when the password the user input maybe commonly 48 bits?
Thank you all in advance! Hope to receive replies!
Regards,
Brandon

barnnod wrote:
Hi Sabre150,
Thank you for your suggestion. My application is enterprise based hence I think it is okay that the password is made known to employees only. (E.g one password per day, different department deploys different password each day). So each day each department has to distribute it's daily password to each department it needs to communicate with. So not just once every now and then do you have a key distribution problem you have one every day.
>
My actual scenario given by the school is:
"An organisation's daily operations involve frequent data messaging among mobile devices. The data transmitted are confidential and recently it has been observed that there is an increased number of incidents involving unauthorised tapping of data signals from unknown sources. Due to the sensitivity of data, the senior management has commissioned its IT security team to propose a prototype for a secured messaging application to enhance data transmittion security. The solution must also fufil operational needs such as response time and peak traffic tranmission."
I am very glad that you are helping me in this. What kind of encryption scheme do you think I can adopt? As I said. I would use Public Key cryptography probably using RSA.
What I have thought about is:
1) PBE I view PBE as suitable for personal use only. For example - if I want to encrypt data just for myself then using a password based approach makes sense since I don't have to distribute the key. I just keep it in my head.
2) PKCSYou would need to elaborate on this since PKCS is a broad brush.
3) Create a messaging server who can help distribute public keys. (But I left with 3 weeks upon completion and im not very confident of this because i dont know how to :( )Public Key distribution is fairly easy since you want everybody to have access to your public key. The public key could be broadcast as an SMS message or posted on a web server for people to download. I publish my public key on my web server.
So as what I derived from your post, the key distribution problem can be solved using asymmetric key algorithm. Pretty much so but not completely. One needs to be able to verify that a particular public key belongs to who you think it does. This process is normally done by distributing a certificate that contains the Public Key. The certificate is signed by a Certification Authority who does checks to make sure the purported owner is actually the owner. Since this is for internal use, rather than paying a fortune to a third party CA, one can use one of the free ones. You might want to take a look at [http://www.devx.com/Java/Article/10185|http://www.devx.com/Java/Article/10185] but there are others out there.
>
Meaning the Sender A uses Receiver A's public key and using RSA(randomly generated symmetric key), and send the ciphertext over to Receiver A. Receiver A uses it's own private key to decrypt the ciphertext, and obtain the private symmetric key between Sender A and Receiver A. Sender A and Receiver A .That is the way I would do it
then can securely do messaging from then on. The session keys would not be used more than once. Each message would use a different random session key.
But I do not know how can I derive the Receiver A's public key. I guess the use of a messaging server can solve this.Yes. Or a simple Web server. An admin person just publishes the public keys for each user and each user just sends his public key to the admin person just once.
>
Please advice!
Thank you :)You background makes doing the whole thing in 3 weeks a bit tight so you should leverage any third party software you can.
Since this is a school/university project you might just want to use PBE for the moment and then in your report explain the key distribution problem and explain how to a more comprehensive and secure system could be achieved. That way you get to do the work and to show your examiners that you have thought about the problems associated with your naive PBE based solution and can propose a better solution. In your position I would ask my Tutor for advice on this - it could save you a load of effort.
I don't work with Mobile devices so I don't know what libraries are available. I suspect you may need design your solution around what tools you have available.
Edited by: sabre150 on Sep 27, 2009 12:45 PM

Similar Messages

  • Need some clarification on Replacement Path with Variable

    Hello Experts,
    Need some clarification on Replacement Path with Variable.
    We have 2 options with replacement path for characteristic variables i.e.
    1) Replace with query
    2) Replace with variable.
    Now, when we use  "Replace with variable" we give the variable name. Then we get a list for "Replace with" as follows:
    1) Key
    2) External Characteristic Value Key
    3)Label
    4)Attribute value.
    I need detailed explanation for the above mentioned 4 options with scenarios.
    Thanks in advance.
    Regards
    Lavanya

    Hi Lavanya,
    Please go through the below link.
    http://help.sap.com/saphelp_nw70/helpdata/EN/a4/1be541f321c717e10000000a155106/frameset.htm
    Hope this gives you complete and detailed explaination.
    Regards,
    Reddy

  • Need some clarifications on Quality-of-services

    Hi Everybody.
                       I need some clarification on Quality-of-services.the question is which one is better in Quality-of-services (Exactly-Once or Exactly-Once-In-order)?why?wht is the differenc between them?

    Hi Narayana
    refer the below Urls
    make the QOS of file as EO or EOIO and then use this blog,
    /people/arpit.seth/blog/2005/06/27/rfc-scenario-using-bpm--starter-kit
    It depends upon the Adapter,Can you please spicific
    http://help.sap.com/saphelp_erp2005vp/helpdata/en/41/b714fe5ffc11d5b3ea0050da403d6a/content.htm
    Check these blogs written on QoS:
    XI Asynchronous Message Processing: Understanding XI Queues
    How to deal with stuck EOIO messages in the XI 3.0 Adapter Framework
    EO = Exactly Once ( Used in Asynchronous Communication)
    EOIO = Exactly Once In Order ( Used in Asynchronous Communication)
    BE = Best Effort ( Used in Synchronous Communication)
    Best Effort --> Used for Synchronous Calls.
    EO and EOIO --> Asynchronous Calls.
    EOIO --> Asynchronous with Sequential Processing Guranteed.
    http://help.sap.com/saphelp_nw04/helpdata/en/41/b714fe5ffc11d5b3ea0050da403d6a/frameset.htm
    For the QOS, u can refer the following library links .
    http://help.sap.com/saphelp_nw04/helpdata/en/41/b714fe5ffc11d5b3ea0050da403d6a/frameset.htm
    http://help.sap.com/saphelp_nw04/helpdata/en/ae/d03341771b4c0de10000000a1550b0/frameset.htm
    For receiver channels QoS BE (Best Effort) will result in a
    synchronous call (sRFC) , QoS EO (Exactly Once) will create a
    transactional call (tRFC) to the BC. For sender channels a synchronous
    call (sRFC) will result in a message with QoS BE, a transactional call
    (tRFC) will result in a message with QoS EO.
    QoS EOIO is not supported by the BC-Adapter.
    SAP XI term Quality of service describing how the transmission and process-ing of messages is to be handled. Possible values are:
    BE = BestEffort (synchronous call, no transactional guarantees for transmission and processing)
    EO = ExactlyOnce (asynchronous call, guarantee for local transactional handling, exactly-once transmission and exactly-once processing)
    EOIO = ExactlyOnceInOrder (as for EO but with serialization guarantee on a given queue name).
    <b>Pls reward if useful</b>

  • Just needed some clarification regarding the Viewer Builder and actually publishing your App...

    If someone could let me know if my understanding is correct, that'd be a huge help... So I've designed my publication in InDesign and exported the .zip file from the Folio Producer. I've created all of my certificates/splash screens/icons. Lastly, I just recently went through the steps of the Viewer Builder. I'm now at the stage of this process that requires me to purchase the $395 single edition so that I can enter the serial number in the last stage of the Viewer Builder. Now, to my knowledge, once I get the serial number, Viewer Builder will then give me access to an .ipa file and a .zip file. The .ipa file is for me to test on my iPad, and the .zip would be used to distribute to the App Store. I guess this is where I get confused... Let's say after I test the .ipa on my iPad, I don't like some part of my publication. I know how to update my own documents obviously, and I understand that I would have to export another .zip file from the Folio Producer, in turn requiring me to edit the exported folio link in the Viewer Builder. If I had to do that, would I need to purchase another single edition serial number since the original App was edited? Or would the same serial number apply since I'm editing that same App in the Viewer Builder? My next question is somewhat similar. Let's say all of the information is up to date and I go ahead and publish the App to the App Store. However, maybe a month later or some time in the future, I needed to update a phone number or email address--some little detail like that. Again, I understand that I'd have to update the export link in the Viewer Builder, but would I then need to create a new app since my app was already published? Would I then have to purchase another $395 single edition serial number just so that I can update my information? This seems to be the only thing in this whole process that I could use some clarification on so that I don't run into any surprises in the future. Any help would be great, thanks!

    Hi Joshua,
    When you have purchased the serial, you can rebuild your app with your updated content, as long as you use the same bundleID (applicationID), that is tied to your Apple mobile provisioning profile. The serial number is valid for a one year period.
    After you have submitted your app to Apple and it has been approved, please read: http://forums.adobe.com/message/4172167#4172167
    With kind regards,
    Klaasjan Tukker
    Adobe Systems

  • Clarification needed in the Fault Handling Framework(Error Hospital)

    Hi,
    I need some clarification on Fault Handling Framework...
    Scenario:
    My BPEL Process is Asynchronous.(10.1.3.3.1) and I tryed to invoke the another BPEL Process( which is used to select the Fname from the table using DB Adapter) . In the Main BPEL Process I have the Fault handling Framework and I done necessary changes in the bpel.xml. This is successfully working for Invoke Activity when ever an Remote or Binding Fault occurs in the Sub-BPEL Process and this Fault is send to Fault-Policy.xml in the server(bpel/domains/default/config/fault-Policy) and works accordingly to the action mentioned in the policy xml....( I have also made changes in the fault-bindings.xml ).
    How ever this Framework is working fine for every actions.
    Need Clarification:
    1) Only the Binding and Remote faults will work for the Fault handling Framework.
    2) can we use User defined faults (Buissness Faults,,,) for this........because I used the User defined faults to invoke the fault-policy.xml and it won't works....
    3)Only Invoke Activity can be handled for this Framework or any Other Activity........
    4)How to handle other Activity in the Fault-policy.xml...
    5)Any difference for Asynchronous or Synchronous in this Fault Handling Framework.......
    I also referred the Oracle SOA Suite New Feauters PDF .......
    Can any one send me the related documents and try to help me on this.
    Please help me on this.......
    Thanks,
    Ashok.

    Hi Chintan,
    You are saying that Custom faults are also supported for fault-Policy.xml.
    I can't understand that 2nd answer you said. can you please explain how to use the Custom faults in the FaultHandlingFramework..
    My Scenario:
    I have 2 BPEL Process, BPEL1 will invoke the BPEL2 and if any remote fault or binding faults occurs in the BPEL 2 its returning the same fault to BPEL1 and here I am using FaulthandlingFramework , this fault send to fault-policy.xml and necessary action is took place succesfuly...(like retry, human intervention.....)
    But when I throw some CustomFaults(userdefinedFaults)in the BPEL2 , its returning as a remotefault to BPEL1. I don't know how to use the customFaults in the Fault handling framework.......
    Can you explain me in detail how to use custom faults in faulthandling framework...............
    Send me some related documents for this.....

  • Clarification needed - Intune and SCCM side by side

    Hi Forum
    I need some clarification on how the Intune and SCCM client will react when on the same workstation. non-integrated.
    Will it refuse install? I know its not ideal, I just need to know.
    Say I managed Endpoint in Intune and Updates in SCCM. Is this even possible?
    Thanks in advance
    NN

    It shouldn't be used like that, either use the hybrid configuration, of Intune integrated with ConfigMgr, or use them stand-alone.
    Also, just for testing purpose, I just tried to install the Intune agent on a machine with the ConfigMgr client installed and the installation failed with an error message stating that the ConfigMgr client should be uninstalled first.
    My Blog: http://www.petervanderwoude.nl/
    Follow me on twitter: pvanderwoude

  • Clarification needed on where to start using the Wizard

    I need some clarification about at what point start using the Maintenance Wizard in the R12 upgrade process. Having done this manually before I need direction on what steps need to be done before letting the Wizard take over the process.
    I realize that the 12.1.1 software needs to be installed ahead of time but what about other manual tasks that are outlined in the “Database Preparation Guidelines for an E-Business Suite Release 12.1.1 Upgrade (Doc ID 761570.1)” and documents it refers to? This note says to “Follow the standard 12.1.1 upgrade path as documented in the Oracle Applications Upgrade Guide: Release 11i to Release 12.1.1. Perform all requirements documented in Chapter 1 and all applicable steps in Chapter 2.”.
    I guess the question is should all steps be done in the notes above and start using the Maintenance Wizard at step “8. Complete the R12 upgrade” in note 761570.1? I’m confused because it appears some of the steps, such as running the TUMS report, can be done with the wizard but what ones can’t.

    There's actually a step in the MW for installing the 12.1.1 software, though it can also (and is easier if done ahead) be installed prior to starting the steps in MW.
    Ideally, the MW includes all the steps from the Upgrade Guide, the Release Notes and any other referenced notes. If you are finding this not to be the case, please log a bug with Support so we can add the missing step(s).
    -Vikki

  • Reviewed documentation on Reporting: I will appreciate some clarification

    Hi,
    Reviewed documentation on Reporting: I will appreciate some clarification:
    1. Can you help me understand what "Staging" means as used here:
    A data warehouse system serves primarily to stage information from various data source
    The information is staged in various forms including personalized reports, freely definable queries, and predefined reports.
    2. Is RemoteCube the same as Virtual Cubes? if not, what is the difference?
    3. Can you help me understand what "flexible update" means as used here:
    Characteristic InfoObjects have to be included in the InfoProvider tree in the Data Warehousing Workbench to make them available as data targets for flexible updates and as InfoProviders for reporting.
    4. "DataStore Objects are available for transaction data and for master data."
    When do we decide to store master data in a DSO?
    5. Formula Collision vs. "Exception Aggregation"
    I understand what formula collision is about but is it the same as "Exception Aggregation"?
    If not, do you have a real-life example to help me understand the concept of "Exception Aggregation"?
    The documentation/link is not helping.
    6. i. With the followin limitation on Display attribute, why not always make the attribute Navigational?
    "You can show Display Attributes in a report in the drilldown. However, navigation steps are not possible. (For example, you cannot choose values from a display attribute as a filter.)"
    ii. Any example where Nav Attrib does not make sense but it must be Display attrib?
    Thanks

    Hi Amanda,
    2. Is RemoteCube the same as Virtual Cubes? if not, what is the difference?
         Yes, they are one and the same.
    3.Can you help me understand what "flexible update" means as used here:
    Characteristic InfoObjects have to be included in the InfoProvider tree in the Data Warehousing Workbench to make them available as data targets for flexible updates and as InfoProviders for reporting.
    in 3.x, you have infosources and not transformations. So you have basically two types of infosources, direct update and flexible update.
    Direct update infosources do not have any update rules. These are used for master data loading since the format of data is usually fixed as in fields etc.
    Flexible update datasources have update rules, which means that you can use it for loading pretty much anything. You can load master data by changing the update rules and you can use the same infosource for loading transactional data as well. What the statement means is that the infoobject has been set as an infoprovider. and therefore it can be used as a source in a query. The loading is done via flexible updates.
    More info on direct and flexible updates can be found here :[3.x InfoSource Types|http://help.sap.com/erp2005_ehp_04/helpdata/EN/87/3fdf9587f211d5b2ff0050da4c74dc/frameset.htm]
    5)Formula Collision vs. "Exception Aggregation"
    I understand what formula collision is about but is it the same as "Exception Aggregation"?
    If not, do you have a real-life example to help me understand the concept of "Exception Aggregation"?
    The documentation/link is not helping.
    I'm glad that you understand what formula collision is...since its a difficult concept. Exception aggregation is much simpler.
    For every key figure that is present in BW,  there are two types of aggregations that can be maintained.
    Standard: can be sum etc.
    and exception aggregation like avg etc. When you do this, you need to give a reference characteristic. By default this is time. and usually it is summation. Now when you drilldown in your query based on the ref. characteristic, the exception aggregation is used.
    Eg [http://help.sap.com/saphelp_nw70/helpdata/en/d2/e0173f5ff48443e10000000a114084/frameset.htm]
    6.  With the followin limitation on Display attribute, why not always make the attribute Navigational?
    "You can show Display Attributes in a report in the drilldown. However, navigation steps are not possible. (For example, you cannot choose values from a display attribute as a filter.)"
    ii. Any example where Nav Attrib does not make sense but it must be Display attrib?
    Essentially this is a preference or a personal choice basically. You can have several attributes. but keeping all of them as navigational does not help and degrades system performance as they have to be interlinked. For eg.
    You have an employee ID as your characteristic.
    attributes are as follows
    Date of birth
    division
    salary stack
    *** etc
    now things like division,salary stack and  *** could be used as filters in a query but date of birth would in general not be used as filter and hence would make no sense to use it as a navigational attribute(unless you want to find all employees whose birthday is a certain date ).
    In the end, it just comes down to the requirement. If you are required to put a filter on an attribute of master data, then it needs to be a nav. attribute else a display attribute would suffice.
    Hope this helps.
    Regards.

  • Show ip cef switching statistic output - some clarifications required

    Good morning, everyone!
    I need some clarifications regarding ouput of show ip cef switching statistic on Catalyst 6k and some entries apply to other platforms as well. Consider output:
    #show ip cef switching statistics
           Reason                          Drop       Punt  Punt2Host
    RP LES No route                      179269          0      12866
    RP LES Packet destined for us             0  153061543          2
    RP LES No adjacency                12460594          0          0
    RP LES Incomplete adjacency           10400          0          0
    RP LES Unresolved route                1476          0          0
    RP LES Bad checksum                      17          0          0
    RP LES TTL expired                        0          0   24725338
    RP LES IP options set                     0          0          3
    RP LES Fragmentation failed, DF  1757274333          0     481160
    RP LES Features                         975          0       5278
    RP LES IP redirects                       0          0          7
    RP LES Unknown input if                 192          0          0
    RP LES Neighbor resolution req     32540982       7290          0
    RP LES Total                     1802468238  153068833   25224654
    All    Total                     1802468238  153068833   25224654
    Questions are:
    1) What the difference between rows
    RP LES No adjacency
    RP LES Incomplete adjacency
    RP LES Neighbor resolution req
    2) What the difference between rows
    RP LES No route 
    RP LES Unresolved route   
    3) What does mean collum name - Punt2Host?
    I will higly aprecciate your answers! Thnx in advance.

    So far I partially have found answer on first question.
    RP LES Neighbor resolution req - here counted packets that have no adjacency and they are punted to arp request to send.
    RP LES No adjacency  - after ARP request sent throttling adjacency is installed for this destination for 2 seconds and all subsequent packets get drop.  Those packets are counted here.
    RP LES Incomplete adjacency - here packets counted which matches to incomplete adjacencies. Which are stays in adjacency table marked incomplete - as i understand it can happen after arp entry aged out. But those adjacencies must be deleted as well, but as i can see in my environment some of them stays for a while, i am a bit confused here.

  • Clarifications needed for full text search

    Hi,
    I need some clarification regarding full text search.
    1) Is japanese part of the standard Oracle full text search?
    2) if it is not, how to install the japanese lexer?
    3) how oracle is sorting international characters. If a column contains both english, japanese and french, how will be the output?
    Thanks
    Muneer

    Follwoing is the sql statement and the result i got
    select language, description,lengthb(description) bytes, length(description) length, vsize(description) vsize from t2;
    LANGUAGE      DESCRIPTION      BYTES      LENGTH      VSIZE
    English      abcdefghij      10      10      10
    English      zyxwvutsrq      10      10      10
    French      désignéess      16      12      16
    French      réconcilia      13      11      13
    German      Einfuhrzöl      13      11      13
    German      müßtämpfer      19      13      19
    Greek      Î´Î·Î¼Î¿ÏƒÎ¹Î¿Î³ÏÎ±      40      20      40
    Greek      Î±Ï€Î¿ÎºÎ»ÎµÎ¹ÏƒÏ„ι      42      20      42
    Russian      Ð¿Ñ€ÐµÑÑ‚упник      42      20      42
    Russian      Ð¿Ñ€Ð¸Ð²ÐµÐ´ÐµÐ½Ð¸Ñ      41      20      41
    Japanese      å…¥é–“市の会社の銀行口      65      30      65
    Japanese      ç¥žæˆ¸å¸‚ä¸å¤®åŒºã®æ±éŠåœ’      62      30      62
    Korean      ì¶œë°œì ë¶€í„°ì¶œë°œì ë¶€í„°      64      30      64
    Korean      ë³´ì¢Œê´€ì„출발점부터경      64      30      64
    Hindi      à¤•à¤¤à¤œà¤¨à¤¤à¤®à¤¨à¤œà¤¤à¤¶à¥à¤°      73      36      73
    Hindi      à¤¨à¥€à¤šà¥‡à¤¨à¥€à¤šà¥‡à¤¨à¥€à¤šà¥‡à¤¨à¥€à¤šà¥‡à¤¨à¥€à¤šà¥‡      130      60      130 I think it explains a lot. I am facing another problem in searching blob columns when it contains japanese or korean characters. I tried with multi lexer (adding japanese as sub lexer and making english as default lexer). But it is not searching the column. Do i have to set any other parameters (editing registry, changing enviornment setting etc). I used the following script to set the lexer.
    begin
         ctx_ddl.create_preference('english_lexer','basic_lexer');
         ctx_ddl.set_attribute('english_lexer','index_themes','yes');
         ctx_ddl.set_attribute('english_lexer','theme_language','english');
         ctx_ddl.create_preference('german_lexer','basic_lexer');
         ctx_ddl.set_attribute('german_lexer','composite','german');
         ctx_ddl.set_attribute('german_lexer','mixed_case','yes');
         ctx_ddl.set_attribute('german_lexer','alternate_spelling','german');
         ctx_ddl.create_preference('japanese_lexer','japanese_vgram_lexer');
         ctx_ddl.create_preference('korean_lexer','KOREAN_MORPH_LEXER');
         ctx_ddl.set_attribute('korean_lexer','COMPOSITE','NGRAM');
         ctx_ddl.create_preference('global_lexer', 'multi_lexer');
         ctx_ddl.add_sub_lexer('global_lexer','default','english_lexer');
         ctx_ddl.add_sub_lexer('global_lexer','german','german_lexer','ger');
         ctx_ddl.add_sub_lexer('global_lexer','japanese','japanese_lexer','jpn');
         ctx_ddl.add_sub_lexer('global_lexer','korean','Korean_lexer');
    end;Hope i presented enough details.

  • Some clarifications regarding Aironet settings

    Hi,
    i need some clarifications regarding configuring Aironet stand-alone AP (in this case AIR-LAP1131AG).
    Under Security->SSID Manager:
    what is the purpose of Network ID?
    Under Guest Mode/Infrastructure SSID Settings - what is the purpose of Set Infrastructure SSID?
    and Force Infrastructure Devices to associate only to this SSID?
    Cheers,

    Assign a Service Set Identifier (SSID) to each VLAN configured on the AP. SSIDs enable endpoints to select the wireless VLAN they will use for sending and receiving traffic. These wireless VLANs and SSIDs map to wired VLANs. For voice endpoints, this mapping ensures priority queuing treatment and access to the voice VLAN on the wired network
    For further information click this link,
    http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/srnd/4x/42nstrct.html#wp1098806

  • Clarification needed between NET TIME and W32TIME please.

    I have been struggling with the difference between NET TIME and W32TIME. I found the following excellent blog:
    http://blogs.msdn.com/b/w32time/archive/2009/08/07/net-time-and-w32time.aspx
    I do, however, need some clarification that I'm hoping you guys can help with.  Any following conversation assumes a single domain with workstations.
    Based on previous knowledge, I always assumed that when running NET TIME on a workstation, it was actually showing which computer on the network this workstation was syncing to.  However, it appears that it is actually just looking for the nearest domain
    controller (if possible).  Is that correct?  If so, then NET TIME has no bearing on what the time is set to on the workstation, correct?
    With that asked, I suppose I need to focus on W32TIME to configure time on workstations.  I typically prefer to point it to the NTP pool available as it has been reliable for me in the past.  If I need to focus on W32TIME, is it a preferred method
    in domains to configure each and every workstation to point to a NTP internet source via GPO?  Alternatively, is there a way to use W32TIME to point to a server to get its time?  For example, point a domain server to an internet NTP source, then
    configure all workstations to point to that server.  If that's possible, is it as simple as specifying the FQDN of the time server in my environment during W32TIME setup instead of an internet NTP server?
    Thank you for any clarification, I'm hoping to clear up any confusion I have about time to never have to question it again.  I assist in managing many domains and this information will come in very handy.

    Hello,
    As far as i know net time functions correctly with windows equivalent to win XP.
    I will recommend you to configure your domain members to synchronize with the DC's and those DC's the PDC which normally hold this role synchronize with the internet. This is for normal domain hierarchy(Nt5DS).
    Some commands to be run to get information:w32tm /query /source or w32tm /query /configuration from the cmd line
    http://technet.microsoft.com/en-us/library/cc773263(v=ws.10).aspx
    http://support.microsoft.com/kb/816042
    Configuration of PDC:
    http://technet.microsoft.com/en-us/library/cc786897(v=ws.10).aspx
    Domain members configuration:
    http://technet.microsoft.com/en-us/library/cc758905(v=ws.10).aspx
    But all these configurations can be made from the group policy.
    Hope it helps
    Fred

  • Clarification needed on DVD copying

    Being new to mac I'm on a learning curve and would just like some clarification on DVD/CD copying in the following scenarios. I am aware that copying commercial/copyright DVDs is a no no so I'm not talking about those. I've read through previous postings and it's just got me more confused!
    1) I want to copy some music CDs to play in the car (don't want the originals to get pinched!).
    2) I have transferred some videos (i.e. wedding) onto a DVD to view on the TV - I want to make a copy.
    3) I have recorded programmes off the TV onto a DVD that I want now want to copy for someone else to view on TV. (I guess that is similar to no. 2 above).
    4) I have a tutorial DVD that doesn't appear to have copyright - I don't particularly want to copy it, but how would I if I did want to.
    5) Documents and data that I've copied onto DVD out of the Documents folder that I want to back up (i.e. a back up DVD of a back up DVD!)
    I am confused about whether to use iDVD, Disk Utility or whether I need to purchase other software that I've seen mentioned, such as MacTheRipper, Toast, Popcorn. Can anyone advise what I use for each of the above scenarios?
    Thanks
    Jane

    Hi Jane,
    for 1) to 5) I personally would suggest SimplyBurns http://www.macupdate.com/info.php/id/19778
    I find it very easy in use, because it uses five buttons to choose from, depending what you want it to do. And also it's free.
    For 1) 2) and 5) I would say, that you don't need to think of copyrights since either you own the original (for 1)) or you yourself own the copyright (2) and 5)).
    For 3) I also don't see problems with copyright, as it is aired before and recording it and giving the recordings to friends should be allowed.
    For 4) even though you made not have the copyright, you should be allowed to make a copy for backup purpose with SimplyBurns.
    Regards
    Stefan

  • Some files need to be updated first .Specify --force to overwrite remote files. while vlt command co

    Hi
    apps\collab\commons\components\components\.content.xml:
    Some files need to be updated first .Specify --force to overwrite remote files. while vlt command co
    What has to be done?

    have you tried vlt up --force ? Make sure that you are using latest version of vault tool. Also let us know sequence of command you are using ?
    http://dev.day.com/docs/en/crx/current/how_to/how_to_use_the_vlttool.html
    Yogesh

  • "Some photos need to be prepared to view them at full size" message when starting slideshow

    I'm pretty new to iPhoto so I'm sorry if these questions are obvious to you, but they're not to me!
    From the "Photos" section on iPhoto, with no photos selected, I accidentally started a slideshow with all my photos by pressing the play button on the keyboard and got this message:
    "Some photos need to be prepared to view them at full size. Do you want to continue using the current size or prepare the photos so that only full size images are used? This may take some time." With these options: Cancel / Prepare Photos / Continue Playback.
    I pressed "Esc" on the keyboard and it clicked "Prepare Photos" instead of "Cancel" as I expected, it started the process and I clicked "Cancel" to stop it, and the slideshow started. When the slideshow was playing, everything froze, I pressed cmd-alt-esc, no window appeared and iPhoto quit immediately. Could it have caused damages to the library? Could it be a reason to restore the iPhoto Library from Time Machine? I didn't get any error message when I reopened iPhoto.
    Not to leave the process incomplete later I decided to start another slideshow and this time I clicked "Prepare Photos" and let it complete the process. Now when I start another slideshow I don't get that message anymore.
    I have no idea what this process did to my photos and couldn't find an answer anywhere. This library is very important to me, so I'm wondering if I should restore the iPhoto Library from a Time Machine backup.
    Could canceling the process the first time have caused any damage to my photos?
    What is this preparation? What did it do to my photos? Have my photos been resized, or somehow modified?
    Thanks

    Ok, thank you very much. I still don't know exactly what the "preparation" did to my photos but now I guess that nothing bad happened. Thanks

Maybe you are looking for

  • Where is the Zend "Application.php" in Dreamweaver???? Help ASAP

    Hi all, so I thought I knew enough to get me by in DW/coding. But I can't seem to figure out how Zend works, I've never used it. All I'm trying to do is edit some simple text on a webpage that my predecessor at my job set up. When I go to login to th

  • List Box values

    Hello, I’m using a WAD report with list box. When I filter the report the values are not changed in the list box. Is there a way that the user will see only the values which shown in the report? Please Advice, Amir

  • Help! Unable to Start - weblogic.policy - (Linux) and WLS 5.1

     

  • How to clear a QueryCriteriaStore ?

    Hi I am using a BC4J View Object through a dacf.RowsetInfo in a Java application. I populate a reusable FindPanel with its results. When the user enters the FindPanel the second time, I want to present her a clear dialogue, that is, not showing the q

  • Oracle BI  Setup

    Hi DBAs, I am just starting up working with OBIEE . Please refer me to some installation document for OBIEE 10.1.3.4.1 on OEL 5.x. I need to install and configure the following components. Oracle Business Intelligence Suite Enterprise Edition 10.1.3.