SSRS configuration in multi server environment with SSL

Similar Messages

• Workflow Custom Activity deploy in multi server environment

  I have been working on a project that involves developing a custom workflow activity for SharePoint 2013. I am developing it in a single server environment working with http.
  My problem occurs when deploying to multi-server environment with https (WFE, APP). My question is how to deploy my solution to the new environment. 
  The steps:
  Create a project - c# activity library
  Add a workflow activity, add .xml
  Deploy the .dll and .xml of project to:
  "C:\Program Files\Workflow%20Manager\1.0\Workflow\Artifacts" "C:\Program Files\Workflow Manager\1.0\Workflow\WFWebRoot\bin"
  net sotp "Workflow Manager Backend"
  net start "Workflow Manager Backend"
  Deploy .DLL to GAC
      - Created MSI using install shield in VS2010 to add .DLL to GAC
      - Verify .DLL in GAC by going to c:\windows\assembly and %windir%\Microsoft.NET\assembly
  iisrest
  Deploy WSP to SharePoint, activate feature, open SharePoint Designer 2013 and choose the custom action that now appears when creating a 2013 workflow
  To recap we have workflow manager on the APP server and and the workflow client on the WFE. We deployed the .DLL and .XML to the workflow manager (APP) only. The .DLL is deployed
  to/in the GAC on the WFE and the APP. We are able to see and create the activity in Designer 2013 and we deploy the workflow to a normal SharePoint list. When we run the workflow we do not get any errors in the ULS logs, event viewer or Workflow Manager Debug
  Logs (event viewer also). The site is not created though. We believe the issue is that the custom C# (.DLL) is not being ran. 
  This all works fine and dandy on my single server environment. Workflow is working like a charm. How can we trouble shoot what the issue is if we are not finding any errors?
  Is there a step that we missed or some other place we need to look for logs? Would the ULS logs show the site creation or show running our custom code? Currently it does not show anything when we run the workflow.
  Let me know if this is unclear or if anyone needs more information. Thanks

  Hi,
  Here is a workaround for your reference:
  We can develop a custom WCF service instead of the Custom Activity in SharePoint. And then use the service from workflow. It use a separate dedicated server for workflow without having any reference to SharePoint DLLs from inside workflow.
  Here is a similar thread for your reference:
  https://social.technet.microsoft.com/Forums/systemcenter/en-US/d462ca07-9861-4133-948a-fc9771306cb1/custom-workflow-how-to-go-from-single-server-to-multiple?forum=sharepointdevelopment
  Thanks,
  Dennis Guo
  TechNet Community Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
  [email protected]
  Dennis Guo
  TechNet Community Support

• Configure HFM environment with SSL

  Hi all
  I am in the middle of process to install HFM environment
  For the first time I need to configure HFM environment with SSL
  Before I started to install the HFM environment with SSL
  I read the SSL CONFIGUATION GUIDE to understand what I need to configure
  My environment based on web logic web server version Bea WebLogic_9.1_Express
  As I started I read the part of information on configuring your web server for SSL
  The next step was creating CA. The Company created for me CA ( file *.cer ) that I can continue with the issue, and this is what I do:
  I configure the HSS for SSL Using a text editor, open Hub.properties. Create the following entry in Hub.properties. sslEnabled=true
  And. Saved the file Hub.properties.
  The next step was configure the HSS Server on WebLogic
  I Log on to the Web Logic Administration Console.
  Select Servers > Shared Services (admin).
  From General tab, I select SSL Listen Port Enabled.
  Specify the port (for example, 58082) on which Shared Services will listen for SSL communication
  At last I Navigate to Keystore tab and set up the identity and trust keystore
  And fill the parameters
  At the end I restarted HSS services and Log on to User Management Console as Shared Services Administrator. Connect using the secure
  URLhttps://<host>:<SSL-port>/interop; for example, https://myServer:58082/
  interop.
  The things doesn’t seems that they work, I don’t know how can I be sure that all the parameter's that I fill is right?
  Nothing writes on Hyperion SSL PDF
  The web logic doesn't notify any error, all I can is just to get to the standard port 58080
  Thank
  Renan

  Hi Renan,
  One thing to realize is you don't need to have Shared Services in SSL mode to have HFM in SSL mode.
  The main reason you would want Shared Services in SSL mode was if IT/Info security mandated that your directory service (active directory, ldap, ...) be encrypted. If the corporate directory service is not encrypted you should skip making Shared Services encrypted which will simplify things some.
  Also once you had gotten shared services up on 58082 you would need to unregister/register all the installs to use 58082 and check the SSL box on the Shared Services install.
  Good Luck,
  -John

• Setting up Multi server environment in Sql Server 2012 - Enlist Failed Error

  I am trying to Configure the Master target server / Multi server environment in Sql Server 2012.
  I changed :
   - `MSXENCryptChannnelOptions`-->Changed from 2 to 0
   - `AllowDownloadedJobsToMatchProxyName` - changed from 0 to 1 on the target
  When I run the wizard I am getting below error
  >MSX Enlist failed for Job Server 'MasterServerName'
  >The enlist operation Failed(Reason:SQL Server Agent Error: Unable to connect to MSX 'MasterServerName'(Microsoft Sql Server, Error : 22026)
  They both servers SQL Agents are running on the same windows service account.
  Any Suggestions on how to fix this?
  **Adding the Log:**
  Enlist TSX Progress
  - Create MSXOperator (Success)
  Checking for an existing MSXOperator. 
  Updating existing MSXOperator. 
  Successfully updated MSXOperator. 
  - Make sure the Agent service for 'Test3' is running (Success)
  The service 'SQLSERVERAGENT' is running. 
  - Ensure the agent startup account for 'Test4' has rights to login as a target server (Success)
  Checking to see if the startup account for 'Test4' already exists. 
  Login exists on server. 
  Checking to see if login has rights to msdb. 
  Login has rights to msdb. 
  Checking to see if user is a member of the TargetServersRole. 
  User is a member of the TargetServersRole. 
  - Enlist 'Test4' into 'Test3' (Error)
  Enlisting target server 'Test4' with master server 'Test3'. 
  Using new enlistment method. 
  Messages
  MSX enlist failed for JobServer 'Test4'.  (Microsoft.SqlServer.Smo)
  ADDITIONAL INFORMATION:
  An exception occurred while executing a Transact-SQL statement or batch. (Microsoft.SqlServer.ConnectionInfo)
  The enlist operation failed (reason: SQLServerAgent Error: Unable to connect to MSX 'TEST3'.) (Microsoft SQL Server, Error: 22026)

  hi SmilingLily,
  you can try to run the SQL Agent under a domain account.

• Task executions in multi server environment

  Hi All,
  I have a question regarding the task execution in a multi-server environment.
  Below is the scenario:
  We have two SIM applications: one for intranet users (employees and contractors) and one for extranet users (customers). Both these applications point to same database repository.
  Intranet : idm-intra.ear ( this is deployed on IntraServer1 and IntraServer2)
  Extranet: idm-extra.ear ( this is deployed on ExtraServer1 and ExtraServer2)
  And both share same repository WAVESET.
  Now we are deploying some request workflows for intranet users. In our case even the extranet application can see these tasks.
  My question is: if I triggered a request workflow from intranet application and it is pending for approval and when it times out, is there a chance that this workflow is executed by the "extranet" application?
  Thanks,
  kIDMan.

  The answer to your question is yes. If you go to the Configure>>Server tab in the admin console on any of these instances of IdM you should see all four instances. An easy way to test this is happening, is to enable workflow tracing and launch a couple of request from IntraServer1. IdM will try to distribute the work among all the servers it knows about so you'll see portions of the flow within the workflow traces on the individual servers. Well maybe it's not an easy thing to test because it's a timing issue.......
  I had an issue recently in which the guy doing the build to the QA environment messed up and pointed the QA IdM instances to the DEV repository. We were doing some testing of some flows on DEV and they were being executed on the QA IdM instances and bombing out with ClassNotFound errors because the QA environment was not build out completely/correctly. So even though the requests were being launched from the DEV instances they were being executed on the QA instances.
  There is a feature that is supposed to let you restrict which workflows run on which servers. If you go to the admin console and click on Configure>>Servers choose a server and click on the 'Scheduler' tab and then check the 'Task Restrictions' checkbox. From here you can restrict which workflows run on which servers. But my suspicion is that this doesn't work correctly (based on some testing I was doing on 7.1)....might want to test it out....Hope this helps.

• Multi-server Environment without Windows Domain

  Hi,
  Has anyone had experience with installing SAP BPC in a multi- server environment without using Microsoft Active Directory as a domain. (ie just using local users for everything).
  Do we need to create a domain in order in successfully install and use the BPC? If that is the case, which server is best suited to install the domain on?
  Many thanks

  Hi,
  Do you have at least a domain for hosting your servers ? Without an administrative domain for computer and technical accounts I doubt you could even make BPC work in a multi-servers environment.
  If you don't have a domain for your users, you may (but i will never recommend it), create all your users localy. But you will have to create them on all BPC servers with same name / same password. Password adminisration will be a real mess as you will have to change the password on all machine each time the user want to change it. And this will not be done by the end-user but by IT staff. Also, users will not be able to use Windows Integrated Authentication functionnality.
  So basically, yes use a domain for computer and users. The most easy architecture is to use a single domain for both computer and users.
  If you have to install a Windows AD, I would take a look at Microsoft white paper and KB. But I think that you have to dedicate at least 1 machine for it (best is to have 2 servers for fault tolerance).

• How to configure OC4J using RMI/IIOP with SSL

  Any help?
  I just mange configure the OC4J using RMI/IIOP but base on
  But when I follow further to use RMI/IIOP with SSL I face the problem with: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
  p/s: I use self generate keystore which should be ok as I can use it for https connection.
  Any one can help?
  Below is the OC4J log:
  D:\oc4j\j2ee\home>java -Djavax.net.debug=all -DGenerateIIOP=true -Diiop.runtime.debug=true -jar oc4j.jar
  05/02/23 16:43:16 ================ IIOPServerExtensionProvider.preInitApplicationServer
  05/02/23 16:43:38 ================= IIOPServerExtensionProvider.postInitApplicationServer
  05/02/23 16:43:38 ================== config = {SEPS={IIOP={ssl-port=5556, port=5555, ssl=true, trusted-clients=*, ssl-client-server-auth-port=5557, keystore=D:\\oc4j\\j2ee\\home\\server.keystore, keystore-password=123456, truststore=D:\\oc4j\\j2ee\\home\\server.keystore, truststore-password=123456, ClassName=com.oracle.iiop.server.IIOPServerExtensionProvider, host=localhost}}}
  05/02/23 16:43:38 ================== server.getAttributes() = {threadPool=com.evermind.server.ApplicationServerThreadPool@968fda}
  05/02/23 16:43:38 ================== pool: null
  05/02/23 16:43:38 ====================== In startServer ...
  05/02/23 16:43:38 ==================== Creating an IIOPServer ...
  05/02/23 16:43:38 ========= IIOP server being initialized
  05/02/23 16:43:38 SSL port: 5556
  05/02/23 16:43:38 SSL port 2: 5557
  05/02/23 16:43:43 com.sun.corba.ee.internal.iiop.GIOPImpl(Thread[Orion Launcher,5,main]): getEndpoint(IIOP_CLEAR_TEXT, 5555, null)
  05/02/23 16:43:43 com.sun.corba.ee.internal.iiop.GIOPImpl(Thread[Orion Launcher,5,main]): createListener( socketType = IIOP_CLEAR_TEXT port = 5555 )
  05/02/23 16:43:44 com.sun.corba.ee.internal.iiop.GIOPImpl(Thread[Orion Launcher,5,main]): getEndpoint(SSL, 5556, null)
  05/02/23 16:43:44 com.sun.corba.ee.internal.iiop.GIOPImpl(Thread[Orion Launcher,5,main]): createListener( socketType = SSL port = 5556 )
  05/02/23 16:43:45 ***
  05/02/23 16:43:45 found key for : mykey
  05/02/23 16:43:45 chain [0] = [
  Version: V1
  Subject: CN=Server, OU=Bar, O=Foo, L=Some, ST=Where, C=UN
  Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
  Key: SunJSSE RSA public key:
  public exponent:
  010001
  modulus:
  b1239fff 2ae5d31d b01a0cfb 1186bae0 bbc7ac41 94f24464 e92a7e33 6a5b0844
  109e30fb d24ad770 99b3ff86 bd96c705 56bf2e7a b3bb9d03 40fdcc0a c9bea9a1
  c21395a4 37d8b2ce ff00eb64 e22a6dd6 97578f92 29627229 462ebfee 061c99a4
  1c69b3a0 aea6a95b 7ed3fd89 f829f17e a9362efe ccf8034a 0910989a a8573305
  Validity: [From: Wed Feb 23 15:57:28 SGT 2005,
                 To: Tue May 24 15:57:28 SGT 2005]
  Issuer: CN=Server, OU=Bar, O=Foo, L=Some, ST=Where, C=UN
  SerialNumber: [    421c3768]
  Algorithm: [MD5withRSA]
  Signature:
  0000: 34 F4 FA D4 6F 23 7B 84 30 42 F3 5C 4B 5E 18 17 4...o#..0B.\K^..
  0010: 73 69 73 A6 BF 9A 5D C0 67 8D C3 56 DF A9 4A AC sis...].g..V..J.
  0020: 88 AF 24 28 C9 39 16 22 29 81 01 93 86 AA 1A 5D ..$(.9.")......]
  0030: 07 89 26 22 91 F0 8F DE E1 4A CF 17 9A 02 51 7D ..&".....J....Q.
  0040: 92 D3 6D 9B EF 5E C1 C6 66 F9 11 D4 EB 13 8F 17 ..m..^..f.......
  0050: E7 66 58 9F 6C B0 60 7C 39 B4 E0 B7 04 A7 7F A6 .fX.l.`.9.......
  0060: 4D A5 89 E7 F4 8A DC 59 B4 E7 A5 D4 0A 35 9A F1 M......Y.....5..
  0070: A2 CD 3A 04 D6 8F 16 B1 9E 6F 34 40 E8 C0 47 03 ..:[email protected].
  05/02/23 16:43:45 ***
  05/02/23 16:43:45 adding as trusted cert:
  05/02/23 16:43:45 Subject: CN=Client, OU=Bar, O=Foo, L=Some, ST=Where, C=UN
  05/02/23 16:43:45 Issuer: CN=Client, OU=Bar, O=Foo, L=Some, ST=Where, C=UN
  05/02/23 16:43:45 Algorithm: RSA; Serial number: 0x421c3779
  05/02/23 16:43:45 Valid from Wed Feb 23 15:57:45 SGT 2005 until Tue May 24 15:57:45 SGT 2005
  05/02/23 16:43:45 adding as trusted cert:
  05/02/23 16:43:45 Subject: CN=Server, OU=Bar, O=Foo, L=Some, ST=Where, C=UN
  05/02/23 16:43:45 Issuer: CN=Server, OU=Bar, O=Foo, L=Some, ST=Where, C=UN
  05/02/23 16:43:45 Algorithm: RSA; Serial number: 0x421c3768
  05/02/23 16:43:45 Valid from Wed Feb 23 15:57:28 SGT 2005 until Tue May 24 15:57:28 SGT 2005
  05/02/23 16:43:45 trigger seeding of SecureRandom
  05/02/23 16:43:45 done seeding SecureRandom
  05/02/23 16:43:45 com.sun.corba.ee.internal.iiop.GIOPImpl(Thread[Orion Launcher,5,main]): getEndpoint(SSL_MUTUALAUTH, 5557, null)
  05/02/23 16:43:45 com.sun.corba.ee.internal.iiop.GIOPImpl(Thread[Orion Launcher,5,main]): createListener( socketType = SSL_MUTUALAUTH port = 5557 )
  05/02/23 16:43:45 matching alias: mykey
  matching alias: mykey
  05/02/23 16:43:46 ORB created ..com.oracle.iiop.server.OC4JORB@65b738
  05/02/23 16:43:47 com.sun.corba.ee.internal.corba.ClientDelegate(Thread[Orion Launcher,5,main]): invoke(ClientRequest) called
  05/02/23 16:43:47 com.oracle.iiop.server.OC4JORB(Thread[Orion Launcher,5,main]): process: dispatching to scid 2
  05/02/23 16:43:47 com.oracle.iiop.server.OC4JORB(Thread[Orion Launcher,5,main]): dispatching to sc [email protected]7
  05/02/23 16:43:48 com.sun.corba.ee.internal.corba.ClientDelegate(Thread[Orion Launcher,5,main]): invoke(ClientRequest) called
  05/02/23 16:43:48 com.oracle.iiop.server.OC4JORB(Thread[Orion Launcher,5,main]): process: dispatching to scid 2
  05/02/23 16:43:48 com.oracle.iiop.server.OC4JORB(Thread[Orion Launcher,5,main]): dispatching to sc com.sun.corba.ee.internal.corba.ServerDelegate@9300cc
  05/02/23 16:43:48 com.sun.corba.ee.internal.corba.ServerDelegate(Thread[Orion Launcher,5,main]): Entering dispatch method
  05/02/23 16:43:48 com.sun.corba.ee.internal.corba.ServerDelegate(Thread[Orion Launcher,5,main]): Consuming service contexts, GIOP version: 1.2
  05/02/23 16:43:48 com.sun.corba.ee.internal.corba.ServerDelegate(Thread[Orion Launcher,5,main]): Has code set context? false
  05/02/23 16:43:48 com.sun.corba.ee.internal.corba.ServerDelegate(Thread[Orion Launcher,5,main]): Dispatching to servant
  05/02/23 16:43:48 com.sun.corba.ee.internal.corba.ServerDelegate(Thread[Orion Launcher,5,main]): Handling invoke handler type servant
  05/02/23 16:43:48 NS service created and started ..org.omg.CosNaming._NamingContextExtStub:IOR:000000000000002b49444c3a6f6d672e6f72672f436f734e616d696e672f4e616d696e67436f6e746578744578743a312e30000000000001000000000000007c000102000000000c31302e312e3231342e31310015b3000000000031afabcb0000000020d309e06a0000000100000000000000010000000c4e616d65536572766963650000000004000000000a0000000000000100000001000000200000000000010001000000020501000100010020000101090000000100010100
  05/02/23 16:43:48 NS ior = ..IOR:000000000000002b49444c3a6f6d672e6f72672f436f734e616d696e672f4e616d696e67436f6e746578744578743a312e30000000000001000000000000007c000102000000000c31302e312e3231342e31310015b3000000000031afabcb0000000020d309e06a0000000100000000000000010000000c4e616d65536572766963650000000004000000000a0000000000000100000001000000200000000000010001000000020501000100010020000101090000000100010100
  05/02/23 16:43:48 Oracle Application Server Containers for J2EE 10g (9.0.4.0.0) initialized
  05/02/23 16:45:14 com.sun.corba.ee.internal.iiop.ConnectionTable(Thread[JavaIDL Listener,5,main]): Server getConnection(119e583[Unknown 0x0:0x0: Socket[addr=/127.0.0.1,port=1281,localport=5556]], SSL)
  05/02/23 16:45:14 com.sun.corba.ee.internal.iiop.ConnectionTable(Thread[JavaIDL Listener,5,main]): host = 127.0.0.1 port = 1281
  05/02/23 16:45:14 com.sun.corba.ee.internal.iiop.ConnectionTable(Thread[JavaIDL Listener,5,main]): Created connection Connection[type=SSL remote_host=127.0.0.1 remote_port=1281 state=ESTABLISHED]
  com.sun.corba.ee.internal.iiop.MessageMediator(Thread[JavaIDL Reader for 127.0.0.1:1281,5,main]): Creating message from stream
  05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, handling exception: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
  05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, SEND TLSv1 ALERT: fatal, description = unexpected_message
  05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, WRITE: TLSv1 Alert, length = 2
  05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, called closeSocket()
  05/02/23 16:45:14 com.sun.corba.ee.internal.iiop.ReaderThread(Thread[JavaIDL Reader for 127.0.0.1:1281,5,main]): IOException in createInputStream: javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
  05/02/23 16:45:14 javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
  05/02/23 16:45:14 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.d(DashoA12275)
  05/02/23 16:45:14 at com.sun.net.ssl.internal.ssl.AppInputStream.read(DashoA12275)
  05/02/23 16:45:14 at com.sun.corba.ee.internal.iiop.messages.MessageBase.readFully(MessageBase.java:520)
  05/02/23 16:45:14 at com.sun.corba.ee.internal.iiop.messages.MessageBase.createFromStream(MessageBase.java:58)
  05/02/23 16:45:14 at com.sun.corba.ee.internal.iiop.MessageMediator.processRequest(MessageMediator.java:110)
  05/02/23 16:45:14 at com.sun.corba.ee.internal.iiop.IIOPConnection.processInput(IIOPConnection.java:339)
  05/02/23 16:45:14 at com.sun.corba.ee.internal.iiop.ReaderThread.run(ReaderThread.java:63)
  05/02/23 16:45:14 Caused by: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
  05/02/23 16:45:14 at com.sun.net.ssl.internal.ssl.InputRecord.b(DashoA12275)
  05/02/23 16:45:14 at com.sun.net.ssl.internal.ssl.InputRecord.read(DashoA12275)
  05/02/23 16:45:14 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
  05/02/23 16:45:14 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA12275)
  05/02/23 16:45:14 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
  05/02/23 16:45:14 ... 6 more
  05/02/23 16:45:14 com.sun.corba.ee.internal.iiop.IIOPConnection(Thread[JavaIDL Reader for 127.0.0.1:1281,5,main]): purge_calls: starting: code = 1398079696 die = true
  05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, called close()
  05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, called closeInternal(true)
  05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, called close()
  05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, called closeInternal(true)
  05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, called close()
  05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, called closeInternal(true)
  05/02/23 16:45:14 com.sun.corba.ee.internal.iiop.ConnectionTable(Thread[JavaIDL Reader for 127.0.0.1:1281,5,main]): DeleteConn called: host = 127.0.0.1 port = 1281

  Good point, I do belive what you are referring to is this:
  Any client, whether running inside a server or not, has EJB security properties. Table 15-2 lists the EJB client security properties controlled by the ejb_sec.properties file. By default, OC4J searches for this file in the current directory when running as a client, or in ORACLE_HOME/j2ee/home/config when running in the server. You can specify the location of this file explicitly with the system property setting -Dejb_sec_properties_location=pathname.
  Table 15-2 EJB Client Security Properties
  Property Meaning
  # oc4j.iiop.keyStoreLoc
  The path and name of the keystore. An absolute path is recommended.
  # oc4j.iiop.keyStorePass
  The password for the keystore.
  # oc4j.iiop.trustStoreLoc
  The path name and name of the truststore. An absolute path is recommended.
  # oc4j.iiop.trustStorePass
  The password for the truststore.
  # oc4j.iiop.enable.clientauth
  Whether the client supports client-side authentication. If this property is set to true, you must specify a keystore location and password.
  # oc4j.iiop.ciphersuites
  Which cipher suites are to be enabled. The valid cipher suites are:
  TLS_RSA_WITH_RC4_128_MD5
  SSL_RSA_WITH_RC4_128_MD5
  TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
  SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
  TLS_RSA_EXPORT_WITH_RC4_40_MD5
  SSL_RSA_EXPORT_WITH_RC4_40_MD5
  TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
  SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
  nameservice.useSSL
  Whether to use SSL when making the initial connection to the server.
  client.sendpassword
  Whether to send user name and password in clear form (unencrypted) in the service context when not using SSL. If this property is set to true, the user name and password are sent only to servers listed in the trustedServer list.
  oc4j.iiop.trustedServers
  A list of servers that can be trusted to receive passwords sent in clear form. This has no effect if client.sendpassword is set to false. The list is comma-delimited. Each entry in the list can be an IP address, a host name, a host name pattern (for example, *.example.com), or * (where "*" alone means that all servers are trusted.

• How to configure BODS in network environment with NAT ?

  Hi Team,
  Now we are working on POC of BO Data Services 4.0 with SI partner and they reported us that  a communication error (error code:BODI-1241023) occurred when they started a job from Designer. 
  They can do it without any problems in the following two cases.
  1. from Designer which is installed in the CMS/JobServer machine
  2. from Designer which is installed in local PC within internal network (without firewall / NAT) 
  That is, the cause is Firewall with NAT(Network Address Translation) between Designer and JobServer/CMS.
  And, they can log on to CMS/JobServer with NAT environment, however, cann't start a job from Designer.
  The port #3500 for JobServer is open. They confirmed that they could log on to the JobServer in the event log
  of the JobServer.
  That is,  Designer -> CMS/JobServer communication is OK, but JobServer -> Designer communication must be NG.
  Could you advise us how to configure BODS both client and server sides in the network environment with NAT ?
  Thanks and best regards,

  HI Buddy,
  You can achieve this by $FLEX$, create first value set, and assign it to first field. Create second value set based on first value set using $FLEX$.
  follow steps mentioned in the bellow link
  http://erpschools.com/articles/usage-of-flex

• How to Non-ACC Client connect Sun App Server 8 with SSL

  I have create a Rich Client(Non-ACC) that connect to Sun App Server 8 with IIOP(8001) and is working fine. However, when I try to connect to same server with using SSL (8002) and throw exception during lookup a Bean as below.
  Please help!!
  Server Configuration
  ================
  IIOP Port(s): 8001, 8002, 8003
  All listener ports are enabled
  Client Coding
  ===========
  env.put(javax.naming.Context.PROVIDER_URL, "iiop://"+url);
  env.put(javax.naming.Context.INITIAL_CONTEXT_FACTORY,"com.sun.appserv.naming.S1ASCtxFactory");
  System.setProperty("javax.net.ssl.keyStoreType", "jks");
  System.setProperty("javax.net.ssl.keyStore", "D:\\Sun\\AppServer\\domains\\adsr\\config\\keystore.jks");
  System.setProperty("javax.net.ssl.keyStorePassword", "password");
  System.setProperty("javax.net.ssl.trustStore", "D:\\Sun\\AppServer\\domains\\adsr\\config\\cacerts.jks");
  System.setProperty("javax.net.ssl.trustStorePassword", "password");
  System.setProperty("com.sun.CORBA.connection.ORBSocketFactory", "com.sun.enterprise.iiop.IIOPSSLSocketFactory");
  ic = new InitialContext(env);
  Object objref = ic.lookup("ejb20/statelessSession/EntControllerHome");
  Exception
  ========
  [java] Mar 18, 2005 4:43:59 PM com.sun.corba.ee.spi.logging.LogWrapperBasedoLog
  [java] INFO: "IOP00710299: (INTERNAL) Successfully created IIOP listener on the specified host/port: all interfaces/4645"
  [java] Mar 18, 2005 4:44:00 PM com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl readFully
  [java] WARNING: "IOP00410215: (COMM_FAILURE) Read of full message failed :
  bytes requested = 12 bytes read = 7 max wait time = 300 total time spent waiting = 364"
  [java] org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor code: 215 completed: No
  [java] at com.sun.corba.ee.impl.logging.ORBUtilSystemException.transportReadTimeoutExceeded(ORBUtilSystemException.java:2629)
  [java] at com.sun.corba.ee.impl.logging.ORBUtilSystemException.transportReadTimeoutExceeded(ORBUtilSystemException.java:2655)
  [java] at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.readFully(SocketOrChannelConnectionImpl.java:676)
  [java] at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.read(SocketOrChannelConnectionImpl.java:545)
  [java] at com.sun.corba.ee.impl.protocol.giopmsgheaders.MessageBase.readGIOPHeader(MessageBase.java:119)
  [java] at com.sun.corba.ee.impl.transport.CorbaContactInfoBase.createMessageMediator(CorbaContactInfoBase.java:153)
  [java] at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.readBits(SocketOrChannelConnectionImpl.java:325)
  [java] at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.handleEvent(SocketOrChannelConnectionImpl.java:1175)
  [java] at com.sun.corba.ee.impl.transport.SelectorImpl.run(SelectorImpl.java:275)
  [java] javax.naming.CommunicationException: Can't find SerialContextProvider [Root exception is org.omg.CORBA.COMM_FAILURE:   vmcid: SUN  minor code: 208 c
  ompleted: Maybe]
  [java] at com.sun.enterprise.naming.SerialContext.getProvider(SerialContext.java:133)
  [java] at com.sun.enterprise.naming.SerialContext.lookup(SerialContext.java:290)
  [java] at javax.naming.InitialContext.lookup(InitialContext.java:347)
  [java] at com.shkco.jaf.test.JAFLogonTest.connect(JAFLogonTest.java:110)
  [java] at com.shkco.jaf.test.JAFLogonTest.setUp(JAFLogonTest.java:134)
  [java] at junit.framework.TestCase.runBare(TestCase.java:125)
  [java] at junit.framework.TestResult$1.protect(TestResult.java:106)
  [java] at junit.framework.TestResult.runProtected(TestResult.java:124)

  I don't think tomcat supports the ejb-ref portion of web.xml. If you're using ejbs your best bet is to use a web container within a J2EE implementation.
  --ken                                                                                                                                                                                                                                                                                                                                           

• Oracle Spatial over a distributed, multi-server environment

  Our organisation has a multi-site, multi-server distributed environment. As we are looking to implement Oracle Spatial in this environment are there any issues regarding distribution / replication, backup & recovery we should be aware of ?
  Any advice / comments would be welcome.
  null

  Hello Soulis,
  Before Oracle 9i, replication and distribution do not work with Objects.
  There are no known issues with backup/recovery that we know of, nor are there any major issues with import/export.
  null

• SharePoint Multi-Server Farm with LB and SQL Cluster.

  Helllo,
  We are setting up a Multi Server SharePoint 2013 Farm with a Load-Balancer. 
  We are also using SQL Server 2012, Two Node Cluster. 
  We have SQL Server Instance Running as a Service. Also I managed to install PowerPivot for SharePoint as a Instance. 
  Looking at various article's I have question if this Cluster Setup supported in SharePoint 2013. 
  Can the SharePoint Farm use this PowerPivot Instance as a failover service? 
  Or do I have to install Analysis services separately on Both SQL Nodes? 
  If so how do I configure Excel Services on SharePoint? 
  Thank you
  Sham

  PowerPivot is installed on the SharePoint server and is a scale-out service (you just install it on multiple SharePoint servers and make sure the Service Instance is started in SharePoint). Same with Excel Calc Services (but for this one you don't have
  to install anything, just start it).
  Trevor Seward
  Follow or contact me at...
  &nbsp&nbsp
  This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

• Best Method For Server Variables in Multi-Developer / Multi-Server environment?

  In addition to having a development environment on my laptop and my desktop, we have a staging server and a production server. Furthermore, we have one or more developers and contributors who may have one or more development environments of their own.
  Each of these environments may have their own copy of ColdFusion (developer, standard, enterprise - whatever is needed) and their own copy of SQL Server / Express / whatever, their own data source name, data user name, data password, names for CF Mappings, and so forth.  So, while the SQL tables and directory structure of the code is all the same, there are many things different from one to the next.
  Certainly, we need to have a large number of variables so when someone uploads via SVN commit they don't screw everyone else up because they shove their own local names into place.
  How do YOU handle that?  XML file?  CFC? some form of .INI file?   Looking for a solid way to handle this for a myriad of developers and environments, so I welcome seeing YOUR solution.
  Thank you!
  RLS

  BKBK,
  Thank you for the response.
  We considered a databased-solution, but if we keep all of the variables in a database and our datasource in CF contains the user/psw, then it's increasingly easy for any hacker to reach into our bag of jewels.  If you don't store the user/psw in CF, then all of your developers have easy access to the db user/psw and that's not easy to change when each one leaves.
  One of the most compelling solutions we have found is http://code.google.com/p/configcfc/  By using an XML file and designating it as do-not-upload in the svn local files for each developer, each developer can maintain their own list of variables with the values customized to their environment, and when they push updates they don't have to worry about flipping switches or making changes to what the source or destination location is.  Furthermore, being an XML that actually ends with ".cfm" means that it cannot be read by the typical hacker.
  BTW, for anyone who hasn't discovered SVN in conjunction with Dreamweaver when working in a multi-programmer environment, man, you're missing out.  The one place that Adobe needs to finish this, though, is the final step -- migration from your staging server to production.  Anyone with clues on that will earn my undying gratitude (for whatever that's worth!).
  RLS

• How to Configure  Oracle Management Server (OMS) with  Dataguard Broker

  Dear Experts,
  i have a production DB (192.168.200.9) 9.2.0.1.0 on Server 2003
  i have a standby DB (192.168.200.19) 9.2.0.1.0 on Server 2003
  Archive logs are shipped to standby database and applied there. *(Datagauard is configured).*
  Now i want that Graphically i want to see that archivelogs are shipping to standby database and applied there ( i want to configure Dataguard Broker in graphical mode (*dataguard manager*) isnt it ( bcz i anm bit confused with this).............?
  *1.* For this purpose to achieve i take some seperate machine install on it Server 2003.
  *2.* and then Install oracle db 9.2.0.1.0 ( here i will install FULL DATABASE, CUSTOM installation ( then createsome repository).
  *3*. can i configure this repository for OMS on my already running production or standby DB............?
  *4.* After this OMS is configured or not..........?
  *5.* how i will configure datagauard broker
  what i know regarding this is on primary and standby db *( DG_BROKER_START = TRUE)* and after
  this we have to create some configuration wizards but how
  i think i have to go with this sequence if somebody has different sequence tellm e
  wait for replies
  thanks in advance
  regards rehan
  faisalabad pakistan

  Does anybody dont know anything about this.................?

• Use of SQL Reporting Services in BPC (multi-server environment) - concept

  Hello Experts,
  I have the following scenario:
  2 BPC application servers. Lets call them BPCA1 and BPCA2.
  Load Balancer with virtual name BPCA
  SQL 2005 database server BPCDB
  Database server would hold BPC databases and Report Server database - requires 1 SQL Server license.
  Each application server requires SQL Server Integration Services to be installed - 2 SQL Server Standard Edition licenses in my scenario.
  Now, is Reporting Services a required component and needs to be installed on both application servers?
  Because "scale-out" deployment for Reporting Services is only supported in SQL Server Enterprise Edition. Price difference between Standard and Enterprise Editions are quite sufficient.
  So, can I install SQL Server Reporting Services only on BPCA1 and point BPC configuration to BPCA1 for all applications servers?
  What is the use of SQL Server Reporting Services in BPC besides running Admin Reports?
  Thanks in advance,
  Akim

  Hi RS is not required to be installed into db server or app server. It  can be even an external RS server.
  You are right if you will try to install RS in both app server you need Enterprise Edition because is required by Microsoft for RS web farm.
  If you will install RS into database server then you don't need other license for SQL but if you will use SQL Server 2005 you have to install IIS into database server.
  For many companies this broke some security policies and for this reason you have to install RS into appserver.
  If you will use SQL Server 2008 then IIS is not required anymore and this is another plus in favor of SQL 2008.
  Also SAP recomendations is to use SQl Server 2008 for SAP BPC 7.0 SP3 or later becaiuse the performances are better.
  RS is used for:
  Admin reportts. Audit Reports Journal Reports.
  But without RS working you can have issue also with some Admin components not really just with reports.
  Regards
  Sorin Radulescu

• Mac in Windows server environment with SMB shares

  Hello Apple Support Community,
  This is my first post here, so take it easy on me.
  Here is a brief background before I explain the problem. I'm currently in an environment that has about 35 various Mac computers (Mac Pros, iMacs, Mac Book Pros, etc) from many different generations, but all running 10.8.2 or newer. The enviornment also has several Dell Servers running various OS versions (2003 Std, 2008 Std, and one 2012 Storage Server). Active Directory is currently in place and healthy. The 2012 Storage Server is where we are hosting all of the file shares. Users are connecting to these shares via smb.
  We are experincing two problems that may or may not be related.
  Problem #1
  Occasionally (I have yet to find consistency), when we drag and drop a folder from one location to the other (on the same server, in the same share, and usually source and destination reside in the same parent folder) or if we rename a folder, we'll be prompt for credentials with the message "Finder wants to make changes. Type your password to allow this."
  Since our local username and password are different then the Active Directory username and password used to connect to the share, I have observed that usually typing in the local username and password allows this prompt to go away. Any other username or password does not work. However, once the prompt goes away, the folder never actually moves on the share or is renamed. This prompt for a password will repeat over and over until you go away, do something else in a different folder, then come back after a while, then it won't prompt you for a password for the same move or rename operation.
  I thought this might be related to permissions at first as we just migrated the data from an old Mac Server to this new 2012 Storage Server, but I have since replicated the scenario with a test share and a series of test subfolders that I just created (no files were involved in the test, just folders). I have also opened permissions to everyone for both the share and the folder structure for this test.
  Problem #2
  Similar to the scenario above, but rather than moving or renaming a folder or file, when we attempt to delete a folder it will occasionally pretend to delete, then appear back in the share as a folder that no one has permissions to. If you navigate away for a while and then return, the folder has actually been removed.
  If anyone has any insight as to why we might be experiencing any of this behavior or direction for how to troubleshoot or solve this, I would greatly appreciate it.
  Thanks!

  Hello?
  Anyone?
  Bueller...Bueller....Bueller
  It's been a couple of weeks now and no one has any input to help me? Is there something I can provide to get some additional help?
  I've done some research over the past couple of weeks and ran into an article (sorry, I have misplaced the source) that indicated adding the Mac to the windows domain would help with Problem #1 by providing single sign-on functionality. I bound all of the macs in the network to the domain and changed all of the user profiles from local to domain. They are now logging in with their domian credentials. For the most part, this appears to have solved the problem. I will find out more tomorrow as there appears to still be one user experiencing the same behavior even after adding his Mac to the domain and having him log in with his domain account and credentials.
  This is, however, how the problem started in the first place. It began with just this one user reporting the problem, then eventually everyone was having the problem. I'm no longer feeling confident that this has actually solved the problem.
  I've implemented ExtremeZ-IP on the storage server and have redirected the users to using AFP again. This appears to have solved Problem #2.
  We now have two additional problems showing up on the network.
  Problem #3
  Occasionally (again, having a hard time finding any consistency), after opening a file and working on it for a while, we are being presented with an error that a file cannot be written to. Once the error shows up, the problem is persistent. You can save the file as a different name in the same location, and it will take without error. You just can't save the file with the same name. It's as if the file is locked. If I reboot the windows server at the end of the day, the file that was locked no longer has a problem being written to.
  We also see this problem with moving/renaming folders on occasion.
  Problem #4
  Users are reporting that files in a folder sometimes do not appear (the folder appears as blank), but appear fine for others.
  I have seen this issue when users connect with different protocols (one with smb and the other with afp - the smb connected user usually doesn't see the file) but in the process of changing profiles from domain to local, I have switched all users to AFP.
  I could really use some help with this situation. Anything this community has to offer, suggest, or otherwise help me find resolution would be extremely appreciated.