Strange Policies

This afternoon I registered as a new user and added a laptop to my cart. When I went to check out, I found out that they would not ship the laptop
and if I wanted it shipped to a store, I would have to drive 8 hours round trip.
First time in > 100 times I have purchased electronics online that a company would not deliver the item, or ship it to a store within a parsec of my house.
I found the same laptop on-line for $10 more and that company had no problem shipping it to me for free.
Looks like someone doesn't want my money...

Hi Rajiv/Suren,
The problem is occuring, if access policies are running for a large user count.
If there are only few users, outcome is as expected. Access policies are getting fired, resources are in provisioned state.
I have tested this functionality with few users.
But, in pre prod, I have more than 10K users. They are getting assigned to proper roles. But, when "Evaluate User Policies" is executed, for some of the users,
even though they are part of some roles, resources are not provisioned.
vicky

Similar Messages

  • HT1688 Scenerio: Walking in the park and I collaspse unconscious. how would my iPhone4s help a stranger/Police/Medic to know my identiy. The iphone4s is locked and the app for I.C.E. cannot be opened.  I am now considered Jane Doe cause I dont have any ID

    how would my iPhone4s help a stranger/Police/Medic to know my identiy. The iphone4s is locked and the app for I.C.E. cannot be opened.  I am now considered Jane Doe cause I dont have any ID on me.

    If you're concerned, you could always create wallpaper with some sort of ID/contact information and place it on the lock screen. I wouldn't suggest using any direct contact for you, of course, for privacy reasons, but perhaps some sort of "neutral" emergency contact such as a relative's cell phone.
    Or just carry some sort of ID; depending on a cell phone for identification probably isn't reliable regardless of the phone used. A MedicAlert bracelet or something similar might be your best option since that would allow emergency responders to get your information while still protecting your privacy.
    Regards.

  • I need to erase the contents of my phone and restore to factory settings. Does anybody know how to save your texts so you don't lose them?  Can I back those up to iCloud?  My phone was very likely hacked (Apple's advice was to call the police!)

    "I need to erase the contents of my phone and restore to factory settings. Does anybody know how to save your texts so you don't lose them?  Can I back those up to iCloud?  My phone was very likely hacked (Apple's advice was to call the police!)"
    That was all I could put in the initial "box."  Then it brought me to this page with instructions on how to write a good sentence.
    Proceeding ...
    After going back and forth between Apple, AT&T and the police (all telling me to go to the other two) I took AT&Ts suggestion and got a new number. One tech warned against doing a backup, especially on my Mac, saying if my phone had been hacked then whatever bug was there would then invade my computer. But nobody knows how to determine if the phone has been hacked or a virus was planted there. Unfortunately I know who would have reason to do such a thing and all I can say is that he is at the top technologically and could easily do it. Almost impossible to prove, however.
    So I need to preserve my text messages and my emails as well. I backed up my photos to that Microsoft product (One-Drive) and it froze (Surprise, Surprise) with four short videos to go, and no way of stopping that (when I tried it crashed repeatedly) so I'm in crisis mode here.
    Help ...
    Running 8.0 on 5S
    Thanks!

    Betty I don't know if you fixed your hacking problem but I feel your pain. I've seen some strange things going on between my iMac and my iPhone and Apple has told me the same thing, call the police which I have done. The hackers have stole 500.00 out of my checking account have access to every internet account I use and no matter how often I change the password their right back on the account. I closed my FB account 3 times only to have someone reopen it. Right now I've got a link in my reading list (Safari) that if I click on it, it allows me to log onto my FB account anonymously.
    I've seen a green folder come out of no where while I was trying to delete my passwords out of keychain when that green folder was put into the key chain I was immediately locked out. I than went into system preferences to try to make changes to my security settings, when I clicked on the icon it wouldn't open. I've seen log files of automator receiving commands and sending out my personal information thats on my computer.
    I have a legitamate program called iExplorer that allows you to look at the contents of your iPhone back ups and saw a transaction someone made at the Apple store for some full length movies, some albums, ibooks and other apps but when I called the iTunes store and they said none of those items were showing up on my account. If their not on my account how can they be on my iPhone 6? One day someone was using my gmail account and unknowingly used google maps to search for an Italian restaurant, than a Mexican restaurant than a coffee shop and their search showed up on my iPhone but I didn't have my gmail account installed on my iPhone 6. Using my computer I logged onto my gmail account and looked at the maps history and sure enough there were the searches when I'd hover my curser over the link it gave me the longitude and latitude of the where the hacker was when he was using google maps. I know whoever reads this thinks Im crazy but I've documented everything and can prove the things that I have mentioned in this post actually happened.
    One day I had my laptop (pc) and my iMac next to each other as I was using both. when I clicked on airport it showed that my laptop and my iMac had made a connection and were actually communicating with each other. I know I didn't do it I don't know how. The iMac was logged into my iCloud account while my laptop wasn't. I have formatted my iPhone at least a dozen times, Apple and an Apple retailer have formatted my hard drive not to mention the numerous times I have formatted it but the hackers keep getting on my devices. Im formatting my lap top at this very second because during the course of the night I left the ethernet cable plugged into it and they locked me out of my c: drive, and configured the system so I can't download any updates from Microsoft, overtime I type in www.microsoft.com it changes to ww38.microsoft.com which takes me to a blank page. I right clicked on the page I was redirected to and read the java script and couldn't believe that someone had actually configured Internet Explorer to redirect me to a blank page when I tried to go to Microsoft. Apples answer to all this is there was nothing wrong with my iPhone or my iMac and if I thought there was a problem to call the police which I have done.
    Theres no doubt the hackers are reading this while I type it or will read it and I simply don't care anymore. I no longer email anyone, don't use my iCloud account and have taken precautions to protect my credit but if I ever find out who has invaded my privacy to this extreme the police are going to want to talk to me because Im going to hurt them like they've never been hurt before

  • IPhone locked to a stranger's icloud account- please help I am not a thief

    I had bought iPhone 5 from AT&T the day it was released. After using it for a year and half, I decided to gift it to my dad. I completely wiped the phone to it's factory settings and shipped it to my dad. After my dad received the phone, he took it to a local store to get a new screen protector and a case. After he returned back home, he tried to use the phone but surprisingly the phone was in a lost mode with a message showing it is currently linked to an Apple ID d…[email protected]. Initially he thought the apple id that was showing on the phone belonged to me and asked me to remove it from the device. However, the problem was the apple id didn’t belong to me. I tried to contact the the email address and the phone number that was showing on the screen but they turned out to be bogus. My dad went back to the store but the owner of the store denied doing anything like that. I did some research on Google and came across this discussion where a person is also having the exact same “locked to a stranger’s apple id” issue. At this point, I am not sure if it was the store owner who locked my device or it is a bug in the iCloud system of which Apple is not aware of? I called Apple Support but the rep was kind of rude and just dismissed the case. Then I went to the Apple store with the proof of purchase and the original box but was turned back to Apple Support. The second rep whom I spoke with was professional and sounded helpful but it has been a week and haven't heard back from him yet.
    I guess Apple is finding difficulty trying to decide who the true owner of the phone is? Me who have the proof of purchase or the stranger who has provided bogus email address and phone number? Looks like Apple is not willing to help me at all. Is filing a case at small claim court the only option left for me?

    I respect your opinion but I don’t agree with it. In the real world, you don't have to involve the police if you simply loose your keys or if it gets stolen. There is nothing a police can do because the car is never stolen and is just sitting at the mall's parking lot all the time. Remember, only the keys were stolen. In my phone's case, the phone was never stolen however I do agree that it was in a vulnerable position when I did the factory reset and removed my icloud account from it. If a device is in such a position then anybody who has the physical access to the device can lock the device with their icloud account. And this is exactly what happend to my phone and this is exactly what I have been trying to explain to Apple Support. I understand they cannot just trust me and unlock the phone for me, but I expect them to tell me what's the next step for me to take. What document or proof do they need from me to show that I am the true owner? I can try and get the police involved even though the device is never stolen, but I first need to know which city police should I get involved- is it the Dallas Police, my home town police or the stranger’s home town police? The email address and the phone number shown on the locked screen are totally bogus and they don’t exist at all. I don’t even know where this stranger lives. Apple Support is simply ignoring me presuming that I am the thief and not trying to resolve the issue at all.

  • Do I have a virus? My Mac is acting very strangely

    There are lots of strange things happening with my mac.
    When I first got this mac, everything was fine. Then I had a run-in with someone who I suspect tried to or did in fact hack in to spy. There was one instance when it seemed to me like someone was using remote access to move around windows and open files right in front of me.
    Anyway, long story short, this person is no longer a concern and I have since tightened security, enalbled my firewalls and installed a VPN.
    But...here are just some of the problems I have noticed.
    When I power up, sometimes the log in window appears with only the text box visible, the rest of the screen is black. At times, when I move the mouse over the screen, it leaves a trail behind that 'erases' the black screen to reveal the log in screen behind. Sometimes part of the screen is black and some of it is not.
    Sometimes, when I power down, my mac turns itself back on again, even though the lid is shut. It sits there on sleep until further notice.
    When I walk away, leaving my mac to turn on the screen saver and then go to sleep, sometimes when I wake it up again, all of my applications have quit. I have to open eberything again and sign back in, very annoying! In these situations, my wi-fi has quite often also been turned off. When I turn it back on, it asks for my network password again, but then does not recognise it when it is entered. I have to restart before I can connect again.
    I've ran disk uitility checks and everything appears fine, I've also installed Trend Micro Titanium virus protection - it's scanned all my files and has detected nothing suspicious.
    Sometimes I have wondered about the functionality of my VPN? Maybe it is the problem? I often turn it off because it slows down my page loading.
    If anyone has any help or advice, I'd be ever so grateful...!

    If you know or suspect that a hostile intruder has either had physical access to your computer, or has been able to log in remotely, then there are some steps you should take to make sure that the computer is safe to use.
    First, if there's any chance that the incident will be the subject of legal action, then you should do nothing at all without consulting a lawyer or the police. Your computer would be the principal evidence in such a case, and you don't want to tamper with it.
    Running any kind of software to scan for "viruses" or "rootkits" is worse than useless. If I broke into your system and wanted to leave a back door, I could do it in a way that would be undetectable by those means — and I don't pretend to any special skill as a hacker. You have to assume that any intruder could do whatever I could do. The "anti-virus" software itself will slow down and destabilize the computer with no offsetting benefit.
    The only way you can be sure that the computer is not compromised is to erase at least the startup volume and restore it to something like the status quo ante. The easiest approach is to recover your entire system from a backup that predates the attack. Obviously, that's only practical if you know when the attack took place, and it was recent, and you have such a backup. You will lose all changes to your data, such as email, that were made after the time of the snapshot. Some of those changes can be restored from a later backup.
    If you don't know when the attack happened, or if it was too long ago for a complete rollback to be feasible, then you should erase and install OS X. If you don't already have at least two complete, independent backups of your data, then you must make them first. One backup is not enough to be safe.
    When you reboot after the installation, you'll be prompted to go through the initial setup process for a new computer. That’s when you transfer the data from one of your backups in Setup Assistant.
    Select only users in the Setup Assistant dialog — not Applications, Other files and folders, or Computer & Network Settings. Don't transfer the Guest account, if it was enabled.
    Reinstall your third-party software from original media or fresh downloads — not from a backup, which may be contaminated.
    Unless you were the target of an improbably sophisticated attack, this procedure will leave you with a clean system. If you have reason to think that you were the target of a sophisticated attack, then you need expert help.
    That being done, change all Internet passwords and check all financial accounts for unauthorized transactions. Do this after your system has been secured, not before.

  • OIM 9.1.0.2 - Access Policies issue

    Hi Gurus,
    I have facing a strange behavior in the Access Policies features.
    When users are inactived in the OIM, they should be removed from the groups associated to the AP, but the groups remain associated and because that the AP is triggered again provisioning resources to the users.
    Has someone faced the issue?
    Brgds,
    Carlos

    What does all of your group membership rules look like? Are you sure your right side is the correct format? You can create a rule where Users.Status = "Active". Just need to make sure it's case sensitive so you'll want to check the database for existing values.
    -Kevin

  • Strange issue with rights of account, used by SSIS (Foreach Loop Container does not return file names without Admin rights on server)

    Hello everyone.
    Faced very strange issue with account, which is used to run SSIS package.
    The specific package uses Foreach Loop Container to retrieve file names within the specified folder, and put them into Import file task.
    The package is set up to run under specific service account. This service account is given all permissions (Full control) to the folder where source files reside.
    So the issue is: SSIS package fails to execute this task (Foreach Loop Container and then Import), and shows that no files are found in the directory (although files ARE there).
    Once we're adding the service account into local Administrators group on the SQL Server, it works! Removing - does not work again. We cannot leave the service account as SQL server's admin as it's prohibited by our IT policies, and is just a bad practice.
    Any ideas, please? 
    MCP

    Here's the real log output:
    Date 16.04.2014 12:47:09
    Log Job History (RU-BW: Update)
    Step ID 1
    Server Server
    Job Name RU-BW: Update
    Step Name bw_import_cust_master_data
    Duration 00:00:02
    Sql Severity 0
    Sql Message ID 0
    Operator Emailed
    Operator Net sent
    Operator Paged
    Retries Attempted 0
    Message
    Executed as user: service_account Microsoft (R) SQL Server Execute Package Utility  Version 10.50.4286.0 for 64-bit  Copyright (C) Microsoft Corporation 2010. All rights reserved.    Started:  12:47:09  Error: 2014-04-16 12:47:11.45
        Code: 0xC0202070     Source: bw_import_cust_master_data Connection manager "Input"     Description: The file name property is not valid. The file name is a device or contains invalid characters.  End Error  Error:
    2014-04-16 12:47:11.47     Code: 0xC0202070     Source: bw_import_cust_master_data Connection manager "Input"     Description: The file name property is not valid. The file name is a device or contains invalid characters.  End
    Error  Error: 2014-04-16 12:47:11.48     Code: 0xC0202070     Source: bw_import_cust_master_data Connection manager "Input"     Description: The file name property is not valid. The file name is a device or contains invalid
    characters.  End Error  Error: 2014-04-16 12:47:11.48     Code: 0xC020207E     Source: Import file Flat File Source [1]     Description: The file name is not valid. The file name is a device or contains invalid characters.
     End Error  Error: 2014-04-16 12:47:11.48     Code: 0xC004701A     Source: Import file SSIS.Pipeline     Description: component "Flat File Source" (1) failed the pre-execute phase and returned error code 0xC020207E.
     End Error  DTExec: The package execution returned DTSER_FAILURE (1).  Started:  12:47:09  Finished: 12:47:11  Elapsed:  2.324 seconds.  The package execution failed.  The step failed.
    MCP

  • Strange behaviour from new 2012R2 in old domain

    Hi all,
    At work (education level), I'm starting to take charge of windows admin, so beiing a noob admin I'm finding strange behaviours that I hope you can help me solve them all :-)
    We've one (big) domain with about 5000 computers (workers and students all together), and around 50000 users (again, workers and students all together) setup like this:
    DC-DOMAIN-1:
    Windows Server 2008R2
    Shares NETLOGON and SYSVOL
    DC-DOMAIN-2:
    Windows Server 2003 R2 x64
    Shares CertEnroll, NETLOGON, SMSLOGON, SYSVOL
    Checking RootDSE, I see 'domainControllerFunctionaly is Windows 2003' (DC-DOMAIN-2)
    So, with this setup, I've noticed these strange behaviours, hope list isn't too big  (guess there will be more behaviours but these seemed too odd):
    1) On DC-DOMAIN-2, WinServer 2003 eventlog, inside 'Directory Service', I found this warning event ID 1083 (Source NTDS Replication):
    Active Directory could not update the following object with changes received from the domain controller at the following network address because Active Directory was busy processing information.
    Object:CN=<an user name>, CN=Users, DC=DOMAIN
    Usually followed by an information event (eventid 1955) which says:
    ctive Directory encountered a write conflict when applying replicated changes to the following object.
    Object:
    <SAME USER OBJECT THAN PREVIOUS EVENT ID>
    Time in seconds:
    0
    Event log entries preceding this entry will indicate whether or not the update was accepted.
    A write conflict can be caused by simultaneous changes to the same object or simultaneous changes to other objects that have attributes referencing this object. This commonly occurs when the object represents a large group with many members, and the functional level of the forest is set to Windows 2000. This conflict triggered additional retries of the update. If the system appears slow, it could be because replication of these changes is occurring.
    User Action
    Use smaller groups for this operation or raise the functional level to Windows Server 2003.
    And having as result that user being blocked in domain.
    2) I've added a new print server based on Windows Server 2012R2 (running inside an updated ESX 5.5 with VMXNET3 ethernet adapter as recommended by vmware), and seen in the event viewer these warnings/errors:
    At System log:
    Error Event ID 5783, Source NETLOGON:
    The session setup to the Windows NT or Windows 2000 Domain Controller \\DC-DOMAIN-2.fulldns.name for the domain DOMAIN is not responsive. The current RPC call from Netlogon on \\PRINTSERVER to \\DC-DOMAIN-2.fulldns.name has been cancelled.
    I've seen Event ID 5783 with DC-DOMAIN-1 too....
    Error Event ID 5719, Source NETLOGON:
    This computer was not able to set up a secure session with a domain controller in domain DOMAIN due to the following:
    The remote procedure call failed and did not execute.
    This may lead to authentication problems. Make sure that
    this computer is connected to the network. If the problem persists, please contact your domain administrator.
    ADDITIONAL INFO:
    If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.
    At Microsoft-Windows-TerminalServices-RemoteConnectinoManager/Admin found also this warning:
    Warning Event ID 20499 Source TerminalServices-RemoteConnectionManager:
    Remote Desktop Services has taken too long to load the user configuration from server \\DC-DOMAIN-2.fulldns.name for user administrator
    3) If I try Group Policy Modeling on DC-DOMAIN-1 (server 2008R2), everything works fine, no matter if I try it against DC-DOMAIN-1 or DC-DOMAIN-2, but if I try this from the Server 2012R2 (the one from point 2), I get this:
    Simulation against DC-DOMAIN-2: Gets executed, but all GPO show as inaccessible, empty or disabled.
    Simulation against DC-DOMAIN-1: Sometimes it gets executed as DC-DOMAIN-2, sometimes I get an error saying query can't be executed.
    4) From server 2012R2, I usually manage printing GPO. If I click on the domain root (GPMC, forest, Domains, DOMAIN-NAME-ROOT) right pane, I get a pop up saying: 
    'A processing error ocurred collecting data using this base domain controller. Please change the base domain controller and try again'
    After closing popup, right pane says something like 'DC-DOMAIN-2.fulldns.name' is the baseline domain controller for this domain.
    No infrastructure Status information exists for this domain.
    Click the Detect Now button below to gather infrastructure status from all of the domain controllers in this domain.
    Pressing 'Detect Now' does nothing, and trying to select New Baseline DC shows again same pop up than before.
    5) Last, but not least, I've feeling that GPO takes too much to apply. I've found scenarios in which even after executing 'gpupdate /force' correctly on client computer either local or domain admin, I can't see the new changes (gpresult says it has been
    updated though). But couldn't find anything on eventlog that informs about problems with GPOs...
    For all these strange behaviours I've noticed in last month that I started checking things as sys admin, I believe domain is damaged, or something is wrong there (not just my new server 2012R2, even if it's running inside an ESX, blehh), so please, any hint
    on what to check, what to change, what to fix, would be highly appreciated.
    Thanks in advance.

    Hi Paul,
    Honestly, I'm still trying to figure out all broken things reported by tests :( Guess Jesper's suggestion about adding a new 2008 DC to get rid of 2003 and start checking again after that may be best option.
    I'll try to summarize list of things I believe are wrong:
    running
    DCDIAG /V /C /D /E /s:yourdcname > c:\dcdiag.log  for every DC, shows different errors. They show things such as:
    another domain running here (not administered by us, only relationship is that our users are shared with that domain, nothing else) appear when Printing out pDsInfo (as if they were DC of our domain too, but they do not even share RootDomain). Guess it
    may be for a bug old sys admin had when clonning from his 2008R2 template, that forgot to change SID... I already noticed 1 year ago our print server shared SID with those DC, guess there may be more servers sharing SID too :-(
    Within Starting test: Replications, I see few messages at Replication Latency Check, such as the one for CN=Schema, CN=Configuration, DC=<ourdomain>: 
    Latency information for 35 entries in the vector were ignored.
                      35 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC)
    On Services test, I see an 
       Invalid service type: RpcSs on DC-DOMAIN-3, current value
                WIN32_OWN_PROCESS, expected value WIN32_SHARE_PROCESS
    On SystemLog, I see LOTS of warnings/errors such as:
    A warning event occurred.  EventID: 0x80000002
                Time Generated: 07/28/2014   08:21:54
                (Event String (event log = System) could not be retrieved, error
                0x503)
             An error event occurred.  EventID: 0xC0000003
                Time Generated: 07/28/2014   08:22:18
                (Event String (event log = System) could not be retrieved, error
                0x3afc)
    Missing entries on DNS (we've a static DNS)
    netdiag.exe /v > c:\netdiag.log Showed again DNS problems such as our primary DNS pointing to all DC, secondary
    DNS pointing just to DC with FSMO roles,...
    repadmin.exe /showrepl * /verbose /all /intersite > c:\repl.txt  Gave no errors, now I must check in detail
    if every replica is correct
    And finally,
    dnslint /ad /s "ip address of your dc"  gave more DNS problems:
    One or more DNS servers may not be authoritative for the domain
    One or more DNS servers did not respond to UDP queries
    One or more zone files may have expired
    SOA record data was unavailable and/or missing on one or more DNS servers
    Sumarizing, guess it will be better to fix DNS problems, promote new 2008R2 DC to get rid of 2003 one, promote domain to 2008 too, check again for messages and relationship with other domain, and then come back here for support if needed 
    EDIT: Almost forgot to talk about SYSVOL folder. As said before, there are 426 GPO folders inside Policies. Of them, 375 have an inetres.adm files in it (smallest one 1398 KB, almost all of them 2307 or 2707 kb).... 

  • ISE 1.1.2 - strange GUI behaviour? bug?

    Something has changed in GUI in the latest 1.1.2 version cause its not working properly.
    In the first place I encountered an issue while adding new endpoint group.
    I added some - then it refused to add new, rename old. I tried to add authorization profile and received such a notification (after 2 min of processing)
    I patched the system (v3) and this problem disappeared but now I have another problem.
    I added some authorization policies (in a number of 9)  -> saved it and it show only part of it.
    I can't add it againg cause it says its already created.
    After restarting all the services I see only one policy (not even the defaults)
    (tried different browsers - the same)
    Has anyone had similar issues?
    Should I downgrade to 1.1.1 ?
    Its a pair of 3315.
    After promoting the secondary to Administration role, I see 4 of the 10 policies and what is the most interesting the one (default) I deleted after installing the server.
    I will deregister the pair and try them independently with different software version. (1.1.2patch3  vs 1.1.1patch5)
    regards
    Przemek

    thx for fast reply
    - resizing -  did solve the problem
    I tried:
    - opera - didn't work at all
    - FF (18.0.1) - issue as described earlier
    - IE 9 - the same
    - IE 8 - the same
    - chrome - the same
    I have my lab NFR ISE 1.1.2 (standalone) and have no such dificulties with any browser. I'm starting to think it concerns deployment scenario with 2xISE
    What is more I noticed sth strange after promoting ISE (only in Chrome).
    In more details:
    - I have 2xISE (gatemaster.domain.local, gatemaster2.domain.local)
    After promoting gatemaster2 and accessing the GUI my main view was as the following
    It seems to me that even though Im using gatemaster2, internal scripts refers to gatemaster,
    I observed it only in chrome probably cause I installed Google Ch. after the promotion and it didn't have it cached.
    Is your environment standalone?
    regards

  • Several Group policies on user

    Is it possible to have several windows group policies on a user?
    If it is a general gpo associated to the container, and a another to a user
    or a group a user is member of, which one will be the effective? The closest
    to the user or a mix of all of them?
    I have done like that and get strange errors.
    /Leif

    Thanks Rolf!
    Exactly the answer I wanted.
    Must also thank you again for the tip on how to distribute certificates with
    GPO.
    It works great!
    Regards
    Leif
    "Rolf Lidvall" <[email protected]> skrev i meddelandet
    news:W1ike.670$[email protected]..
    > Group Policies are additive and they apply in the order
    > you have set in your Search Policy Search Order:
    > http://www.novell.com/documentation/...k.html#a777rvi
    > "Additive Group Policies:
    > Group policies are now additive. This means that settings from multiple
    > Group policies are cumulatively effective, rather than individually.
    > Settings from multiple Group policies can affect users and workstations.
    > Policies start with the local Group policy settings and are applied in
    > reverse of the policy search order. This means that a setting in a policy
    > applied first has lowest priority and its value is overwritten by any
    > other
    > policy with the same setting.
    > Security settings are not additive; they are set by the last effective
    > policy."
    >
    > See also:
    > http://www.novell.com/documentation/...a/a779n8h.html
    >
    > Regards
    > Rolf Lidvall
    > Swedish Radio (Ltd)
    > NSC SysOp
    >
    >

  • Error in central admin - when editing MANAGE POLICIES under USER PROFILES

    When, in Central Administration, I go to Service Application "User Profiles", and then click on "Manage Policies" (under the People section):
    I get this message:
    "Your search encountered an error. If the problem persists, contact the portal site administrator"
    Strange enough, when I select another option (like Manage User Profiles) I do get results.
    In ULS get any critical errors. What I so see, is the following message at the moment I go select User Po9licies:
    “Error loading data set containing privacy policy objects: Microsoft.Office.Server.USerProfiles.InvalidValueException:….”
     Can anyone help me to resolve this issue?

    Hi michielmmm ,
    Thank you for your posting!
    For your issue, please make sure your Forefront Identity Manager Service is running. You can go to services (Services.msc) for determinating.
    Thank you for your understanding and support.
    Best Regards,
    Eric
    Eric Tao
    TechNet Community Support

  • Strange condition on 4948 nexus

    I had a strange condition today. Had a snmp discovery running ( from a ca product called spectrum) it does extensive mapping both layer2 and layer 3 ....however we had a 4948 crash in our data centre possibly as a result thereof...no real evidence but snmp load was huge .
    Anyone seen anything like this before ?
    Thanks
    Sent from Cisco Technical Support iPad App

       I have seen snmp bury switches cpu before so it's certainly possible.  I would check your tool and see if there is some way to rate limit the snmp polling or you may have try and figure out if there is a way using control plane policeing .  Also check for bugs for
    your version of code .

  • Strange Reassociation behaviour - help on troubleshoot

    Hi there,
    I have a production wlc wich has several ssid's working.
    In a particular ssid, the wifi clients are bar code readers, using a wpa psk encription/authentication.
    My client had bought a new bar code readers, and since then, we are having problems.
    I had capture a debug client <mac> and attached here.
    I cant find a reason for so much reassociation requests... even for the same AP.
    Please give a light in here please.
    My Best Regards,
    Petrónio

    Thank You leolaohoo,
    I'll try it asap.
    Do you detect any strange behaviour on the log ???
    I detect a strange shortcut on the flow ...
    START -> AUTHCHECK -> 8021X_REQD -> L2AUTHCOMPLETE -> RUN
    *apfMsConnTask_0: Sep 23 13:41:06.809: e0:2a:82:68:b3:da 10.120.109.101 RUN (20) Change state to START (0) last state RUN (20)
    *apfMsConnTask_0: Sep 23 13:41:06.809: e0:2a:82:68:b3:da 10.120.109.101 AUTHCHECK (2) Change state to 8021X_REQD (3) last state RUN (20)
    *apfMsConnTask_0: Sep 23 13:41:06.809: e0:2a:82:68:b3:da 10.120.109.101 8021X_REQD (3) Plumbed mobile LWAPP rule on AP ac:a0:16:ca:b8:30 vapId 1 apVapId 1
    *Dot1x_NW_MsgTask_2: Sep 23 13:41:06.878: e0:2a:82:68:b3:da 10.120.109.101 8021X_REQD (3) Change state to L2AUTHCOMPLETE (4) last state RUN (20)
    *Dot1x_NW_MsgTask_2: Sep 23 13:41:06.878: e0:2a:82:68:b3:da 10.120.109.101 L2AUTHCOMPLETE (4) Change state to RUN (20) last state RUN (20)
    From "Policy Enforcement Module (PEM)" Figure, in "http://www.cisco.com/en/US/products/hw/wireless/ps430/products_tech_note09186a008091b08b.shtml" i see it bypass dhcp states.
    But nevertheless, if we have "RUN" states, then we could afirm, that " Client has successfully completed the required L2 and L3 policies and can now transmit traffic to the network" . Im i right ?
    Petrónio

  • Hi, i've found this strange behaviour:

    Hi, i've found this strange behaviour:
    if i open a pdf file from a pen drive, and after i try to print it, i have the message: You need to install a printer......
    then if i copy the same file to the hdd, then i open this file and print it, now i can print !!
    this happen with the reader 8.2.4, so i've update to the new X version and nothing is changed.
    i use XP sp3 with hp 6280 all-in-one
    someone can explain and resolve it?
    thank's
    Giorgio

    Well, no it probably won't work because the phone is locked so there is nothing you can do.
    You won't be able to activate it, so you might never be able to use it.
    You have been dishonest here and if you found a phone, then someone had obviously lost it, so you should have handed it in to the police rather than keeping it for yourself. 
    You probably won't be able to use the phone because it sounds like the phone is locked to the carrier in Muaritius and if you don't own the phone and don't have a contract, then that carrier will problably not unlock the phone for you, so you now have a paperweight that you can't use.
    You get no help here for dishonest practices and you won't be able to activate or use that phone.

  • My iPhone 5 behaves strangely. A ghost?

    I have an iPhone 5 running the latest software.  Whenever I am at a certain location (a relative's home near the coast in Southern CA) my phone does a lot of strange things. I am on AT&T and I customarily get only one or two bars when in that house.  Yesterday, my screen became unresponsive to any touch/swiping and i had to hard boot it.  Several times in the past few months the phone launches apps or texts or places calls by itself. I am not kidding.  Once it went into my favorites and dialed my city police department (which I have there in case of emergencies).  Sometimes when I am texting, the screen starts scrolling and/or it randomly types gibberish. Two weeks ago the phone was on the nightstand and I was looking at it and all of sudden Safari launched open.  I also should mention that whenever of any this weird behavior happens, I only usually have one bar. And oftentimes Safari gets hung up and doesn't load right away while I am trying to surf the web.  So it could be something to do with having a very poor signal.  But I don't know if it explains things that seem more hardware and software related and not cellular related.  None of this weird behavior happens when I am anywhere else except at this house, and I am there once a week for a couple of days. Nothing like what I have described ever happens when I am at home or work or anywhere in between. Perhaps its the poor reception regardless of specific locale.  Either that or there is ghost involved lol. The weird behavior doesn't happen with anyone else's iPhones in the house.
    So my question is what is going on here and has anyone experienced anything similar? Perhaps it's time for an iPhone 6?

    pdc88 wrote:
    My iphone 5 is displaying a message that it's not backed up, This Iphone hasn't been backed up. Backups happen when this Iphone is plugged in, locked, and connected to WIFI.
    And you have it set to sync over wifi to your computer or you have it set to backup to iCloud.

Maybe you are looking for