Subordinate per domain?

Similar Messages

• How to configure multiple smtp servers per domain

  Hi,
  how do we configure multiple smtp servers per domain/corporate in iplanet messaging server 5.2. i wanted to do this so that i can configure some domains with virus scanning and some domains without antivirus.

  Hi Martin,
  Well we are trying to run a report without exactly specifying the name of reports server anywhere, e.g. in database or in form or anywhere else. Now if I do not supply a reports server name using RUN_REPORT_OBJECT, the error it displays is FRM-41211: Integration Error : SSL failure ... However if I specify the reports server name in the form, the reports run perfect. Also the name of reports server is specified in rwservlet.properties.
  Now the question goes as follows:
  Can I run my report from Form without specifying the name of the Reports server anywhere at all. This is so because either an in-process reports server should be picked or the one which is entered in rwservlet.properties should be pickec up by default. Please correct us if we are wrong. once we are through with it, we have to move to Oracle 10gR2 concept of reports server.
  Thanks in anticipation,
  Ruchi/Saurabh

• Question about Convergence per-domain customized login pages

  hi,
  Recently I installed JES 7 with Convergence 1u3 and have two domains:
  The default is defaultdomain.com
  test.com is my second hosted domain
  I would like to have different login page one per domain. So far I did this:
  iwcadmin -w test123 -o client.{test.com}.loginpage -v "/iwc_static/layout/login-test.html"
  And copy login.html to login-test.html and modify it.
  Also did an appserver restart.
  If I try this URL:
  http://mail.test.com/iwc_static/layout/login-test.html
  I can view the html page and enter to the convergence without problem.
  But my question is the following:
  If I try this URL:
  http://mail.test.com/iwc
  I get a redirect to:
  http://mail.defaultdomain.com/iwc_static/layout/login.html?lang=en&10.01_182620&svcs=abs,im,mail,calendar,c11n
  that behavior is correct? or am I missing something in my appserver/Convergence configuration?
  Thanks in advanced

  ofonseca wrote:
  Thank you Shane but still doesn't work.I tried your exact steps and still couldn't reproduce the problem you reported:
  ./iwcadmin -w password -o client.{test.com}.loginpage -v /iwc_static/layout/login-test.html
  cd /opt/sun/appserver/domains/domain1/docroot/
  cp iwc_static/layout/login.html iwc_static/layout/login-test.htmlRestart App-Server.
  Edited "hosts" file on client browser system to point mail.test.com at Convergence server IP address.
  Accessed: "http://mail.test.com/iwc"
  Redirected to: "http://mail.test.com/iwc_static/layout/login-test.html?lang=en-us&10.01_183235&svcs=abs,im,mail,calendar,c11n"
  When I enable AUTH debug logging (log.AUTH.loglevel = DEBUG), I also see a redirect message in the logs:
  iwc.log:AUTH: DEBUG from com.sun.comms.client.web.auth.IwcAuthController  Thread httpSSLWorkerThread-443-0 at 2009-10-20 23:28:24,468 - Redirecting to: http://mail.test.com/iwc_static/layout/login-test.html?lang=en-us&10.01_183235&svcs=abs,im,mail,calendar,c11n If you still have no luck after reviewing this, I suggest you log a Sun support request.
  Regards,
  Shane.

• PrimeNCS - email per domain

  We are using PrimeNCS (soon upgrading to Inf. 2.0) as a Multitenent Management for out Schools. I add their individual email addresses in the Domain setup. but, I have no idea how to dedicate notification email (AP Down messages etc..) on a per Domain basis. As of now, They will receive all or none. 
  Thanks all

  Virtual domains are organized hierarchically. Subsets of an existing virtual domain contain the network elements that are contained in the parent virtual domain. The default or “ROOT-DOMAIN” domain includes all virtual domains.
  Because network elements are managed hierarchically, some features and components such as report generation, searches, templates, config groups, and alarms are affected.
  Note If the configuration of a controller is modified by multiple virtual domains, complications might arise. To avoid this, manage each controller from only one virtual domain at a time.
  This section describes the effects of partitioning and contains the following topics:
  Reports
  Search
  Alarms
  Templates
  Config Groups
  Maps
  Access Points
  Controllers
  Email Notification
  http://www.cisco.com/c/en/us/td/docs/net_mgmt/prime/infrastructure/2-0/administrator/guide/PIAdminBook/maint_user_access.html#pgfId-1056197

• Convergence per domain customization problem

  I have enabled customizations in the convergence installation and added the configuration objectclass/attribute to the domain. I copied the configuration sample to my c11n directory. My config.js looks like this:
  c11n.config = {
  // allDomain configuration
  allDomain: {
  module: "allDomain", // module name
  themeEnabled: true, // true if theme is customized
  i18nEnabled: true, // true if i18n is customized
  jsEnabled: true // true if js is customized
  // the last entry must not end with comma
  // replace sample.com for each domain configuration, change
  // domain name uwo_ca to example_com for javascript syntax and url syntax
  jestest_uwo_ca: {
  module: "jestest_uwo_ca", // module name
  themeEnabled: true, // true if theme is customized
  i18nEnabled: true, // true if i18n is customized
  jsEnabled: true // true if js is customized
  // the last entry must not end with comma
  }, // I have tried it without the , and with it
  I then copied the default allDomain files into the jestest_uwo_ca directories and modified all the paths to reflect the directory structure. When I startup convergence I get to "20% User Theme" and it hangs. Enabling debug logs, the last message is:
  PROTOCOL: DEBUG from com.sun.comms.client.protocol.delegate.agent.ClientOptionsA
  gent Thread httpSSLWorkerThread-80-0 at 2010-05-13 12:16:21,731 - Found domain
  specific client preferences, merging with default client prefs
  The theme worked when I used it in the allDomain but I would rather use the per domain features for all the customizations. There is nothing weird in the ldap directory logs or in the log messages before the "merging with default" messages. Any advice on how to debug?
  thanks
  steve

  I started using the IE and got a javascript error outlined below. I rooted the problem down to using a symbolic link for jestest_uwo_ca. I guess it gets confused with all of the ../../../.. s.
  steve
  Webpage error details
  User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; (R1 1.6); InfoPath.1; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
  Timestamp: Thu, 13 May 2010 18:08:46 UTC
  Message: Could not load 'c11n.jestest_uwo_ca.js.customize'; last tried '../../../c11n/jestest_uwo_ca/js/customize.js'
  Line: 20
  Char: 5357
  Code: 0
  URI: http://jestest.uwo.ca/iwc_static/js/dojotoolkit/dojo/dojo.js?12.01_213859

• [7-mode] Per domain cpu utilization missing on CLI/ZAPI in OCUM but available in NMC

  Hello,I'm trying to get performance counters using ZAPI from perl (in order to export graphs to XLSX file). I can get regular performance counters (like FCP average latency) but I'm getting problems with domain busy.    Counter "processor:domain_busy" is invalid.  When I check on CLI on the OCUM it also doesn't show the domains. C:\Users\XP96SMPlsa>dfm perf counter list NTAP-20A-OW:processor:*:*:*
  Object Instance Counter Label1 Label2 Unit Priv
  processor processor3 processor_busy percent basic
  processor processor3 processor_elapsed_time none basic
  processor processor3 sk_switches per_sec basic
  processor processor1 processor_busy percent basic
  processor processor1 processor_elapsed_time none basic
  processor processor1 sk_switches per_sec basic
  processor processor2 processor_busy percent basic
  processor processor2 processor_elapsed_time none basic
  processor processor2 sk_switches per_sec basic
  processor processor0 processor_busy percent basic
  processor processor0 processor_elapsed_time none basic
  processor processor0 sk_switches per_sec basicBut when I use NMC to connect to OCUM in Performance Advisor fot the same object NTAP-20A-OW I can see the processor per domain utilization.   I have previously used the same perl code to connect to older DFM (4.2) and it worked. What do I have to do to get the domain counters over ZAPI/CLI ?   

  Hello,I'm trying to get performance counters using ZAPI from perl (in order to export graphs to XLSX file). I can get regular performance counters (like FCP average latency) but I'm getting problems with domain busy.    Counter "processor:domain_busy" is invalid.  When I check on CLI on the OCUM it also doesn't show the domains. C:\Users\XP96SMPlsa>dfm perf counter list NTAP-20A-OW:processor:*:*:*
  Object Instance Counter Label1 Label2 Unit Priv
  processor processor3 processor_busy percent basic
  processor processor3 processor_elapsed_time none basic
  processor processor3 sk_switches per_sec basic
  processor processor1 processor_busy percent basic
  processor processor1 processor_elapsed_time none basic
  processor processor1 sk_switches per_sec basic
  processor processor2 processor_busy percent basic
  processor processor2 processor_elapsed_time none basic
  processor processor2 sk_switches per_sec basic
  processor processor0 processor_busy percent basic
  processor processor0 processor_elapsed_time none basic
  processor processor0 sk_switches per_sec basicBut when I use NMC to connect to OCUM in Performance Advisor fot the same object NTAP-20A-OW I can see the processor per domain utilization.   I have previously used the same perl code to connect to older DFM (4.2) and it worked. What do I have to do to get the domain counters over ZAPI/CLI ?   

• Db schema for osb domain - 1 db schema per domain???

  Hi,
  I have recently started looking into osb10.3.
  domain 1
  created osb domain and assigned one schema to 'wlsbjmsrpDataSource' datasource.
  started the domain and it worked fine then i shutdown the domain.
  domain 2
  Created another domain and assigned same schema assigned previously to domain 1.
  started the domain and it worked fine.
  Now when i try to start domain 1 again the domain startup failed. Wondering if we need one schema per domain or i am missing something while creating datasource for domain?
  Please help as i cant really believe having one schema per osb domain?
  thanks in advance!
  salman

  Hi Manoj,
  Some more information below!
  CR231843
  An ALSB domain cannot boot and generates weblogic.transaction.loggingresource.LoggingResourceException if the domain is a new domain using the same database, schema, and LLR table as an existing domain.
  When you move a domain template to a different machine and use the template to create the new domain, the new domain is not able to boot and weblogic.transaction.loggingresource.LoggingResourceException is thrown. The following details outline the scenario:
  Create the original domain.
  Start the server for the original domain. At this point, the domain is now “used”—a domain is considered used once you have started the server for a domain after you have created it.
  Create the domain template. You can create it in several different ways—use the Domain Template Builder tool and the Configuration Wizard, the pack/unpack command, or the Weblogic Scripting Tool in offline mode.
  Move the domain template to a different machine.
  Create a new domain using the template. Again, you can create it in several different ways—use the Domain Template Builder tool and Configuration Wizard, the pack/unpack command, or the Weblogic Scripting Tool in offline mode.
  Start the server for the domain. If the new domain does not have the same name as the initial domain, the new domain cannot be started. This is because the JMS Reporting Provider provided with ALSB uses the Logging Last Resources (LLR) option. The new domain is attempting to use the same database, schema, and LLR table name to store LLR transaction records. LLR does not allow this to prevent different domains from corrupting each other's tables. To learn more about the LLR feature, see Understanding the Logging Last Resource Transaction Option in Configuring and Managing WebLogic JDBC.
  Note: You can access the Domain Template Builder, Configuration Wizard, and the WebLogic Scripting Tool from the BEA ProductsTools menu on your machine. The tools and the pack and unpack commands are located in the BEA_HOME/weblogic9xx/common/bin directory.
  According to this i have tested :
  domain 1 and domain 2 pointing at same schema ignoring Loggin Last Resource option in the reporting datasource.
  Now the only question is how much do we need Logging Last Resource option and for what purpose in OSB domain??? any comments?
  thanks
  salman

• How to limit mail size of outgoing messages per domain/user

  Hello,
  i want to limit the size of a mail a user can send. For inbound mail there are attributes in the directory service: mailDomainMsgMaxBlocks and mailMsgMaxBlocks.
  But these limitations only enforce the size of incoming mail.
  I've read the messaging server admin guide but all i could find out is that i could limit the size of outgoing mail via a channel.
  For me this solution ist not granular enough. I want to set the outgoing mail size limit per user. Furthermore i don't know the impact of configuring 200+ channels for enforcing individual outgoing mail size limits per hosted domain.
  Does anybody know a solution for this problem? Maybe i've read over something. Or can anybody tell me the performance impact of 200+ channels at least?
  Thank you very much,
  af_inet
  JES 2005Q1, Solaris10, V440

  Hi jay_plesset,
  thanks a lot for your clarifications.
  Why would you need 200 channels? That sounds like a
  very strange setup. Setting outbound max size per
  user sounds like a very unusual demand, too.Let me explain: I got several departments who control their email settings in the messaging server via a webapp. So they can add, delete and modify users. They can manage mailing lists and so on. It's really a cool tool :-) I want this thing to be as granular as an own mailserver for the department would be. So it would be cool when the webapp writes an attribute like maxMsgBlocks in the DS and the thing is done.
  I don't understand why you guys could do the stuff for inbound but not for outbound. Is there a technical reason or is it just because it seems strange? :-)
  If you REALLY need something like that, 200 channels
  would need a POOL of at least 200 jobs in order to
  reliably run, and that's likely to need lots of
  system memory.I think that's not the way i want to go.
  Consider a custom channel, or something like that,
  that does an LDAP lookup for setting message size on
  sending. You'd need to enforce smtp authentication,
  so you know who your messages are coming from, first,
  and then you could proceed from there. This is not a
  trivial setup.Sounds interesting. Any documentation hints for custom channels?
  Thanks again for your reply,
  af_inet

• Is server_id in JSessionID unique per Domain?

  Hi!
  I understand the format of JSessionID is
  random_id!server_id.
  If a domain has 50 managed servers but not clustered, then is this server_id unique for each server instance in the domain?
  Or server_id is unique per weblogic installation?
  Thanks
  Shaik

  Hi Patrick,
  I'm not that familiar with these setings, but just some days ago I looked around these things and would now have tried to set this via UME settings - ume.ldap.unique
  userattribute: http://help.sap.com/saphelp_nw04/helpdata/de/63/14f5b51a6eff429f2d8b2063400e82/frameset.htm - and/or via the attributeMapping - http://help.sap.com/saphelp_nw04/helpdata/en/1a/2bee408a63732ae10000000a155106/frameset.htm
  Hope it helps
  Detlev
  PS: Do you have two different accounts on SDN? For in this thread: How to start Top-Level Navigation on Level two? it's a different account. Maybe you should ask the SDN team to reduce you accounts to one and to move the corresponding user related data.

• How do you set-up multiple NT Auth servers per Domain, but one per role

  I have a domain with three roles. These roles correspond to subsidiaries of our company, each with their own NT Auth Server. Shouldn't I be able to put in the NT information at the role level and not in the code for the iwtLoginChannel or on the domain Auth pages?
  What happens is I cannot authenticate any if I try this. If I try with the Host listed in the HTML for the iwtLoginChannel it works fine.

  Roles are used to assign a set of attributes (such as setting user preferences for different applications/channels) to a group of authentication authenticated users. Hence, it is not possible to assign a role, before the user is authenticated.
  A solution to your problem is to assign different NT Domain users to different iPS domains as iPS domains are identified using the Gateway URIs.

• Possible to check total incoming/outgoing size per domain?

  Hello :),
  Is it possible to see the top incoming or outgoing emails by total size?
  The intention is to determine which domain or emails may be eating the network bandwidth.
  Also, is there a Report to check the Incoming email graph/statistics a listener or specific domain receives? I tried Monitor > Incoming Mail, with the domain options but it does not show them. As we have several clients in the same Appliance we need a Report for the email that only client1.com or client2.com received.
  Thank you in advance.
  Hugo

  My unoffical answer is using Mail Flow Central in the unoffical way.
  login the MFC mysql
  select rcpt_domain,sum(message_size) as total_size from recipients r, messages m
  where r.sid = m.sid
  and r.mid = m.mid
  and timestamp > unix_timestamp(date_sub(now(), interval 1 day))
  group by rcpt_domain order by total_size desc limit 0,20
  This will give the top 20 total message size processed by receipent domains of last 1 day.
  This executes just forever if you want more days or add the transfer_id as a condition..(i left it out delibrately).
  There are alternatives,
  1.
  In my experience, your incoming total size statistics can, alternatively, be generated by your ultimate message store server (sendmail/postfix/exchange).
  Your outoging total size is a little difficult if not using the above tweaked method.
  2.
  scp the mail_logs out regularly, look for "MID XXXXXX ready YYYY bytes for "
  Do some mining scripts.
  Chris

• Block popups in safari per domain?

  I know how to block popups, simple little check in the menu but is this seriously the only place and only setting for the entire browser? This global block? I find it hard to believe that there is not a place to add domains that you would like to have popups. A good example is the hulu site. I watch movies there and they have a popup player and every time I want to watch a movie there, I have to deactivate popups and hit the popup player, then reactivate popup blocker. Just wondering why there is not a way to add domains that you regularly visit and want popups to be allowed.

  http://www.apple.com/feedback/macosx.html

• Transport Rule - Mail Tip Per Domain

  I need to setup a transport rule to do the following:
  If mail sent from a group of users, lets call it Group1
  Apply a policy tip that blocks the message and allows override
  Except if the message is sent to a member of Group1.
  Sounds simple, right? But, I can't find a rule setup that gives me what I need.
  Any help would be appreciated!!

  Hi,
  From your description, I recommend you create the following transport rule to achieve your goal.
  Hope it helps.
  Best regards,
  Amy Wang
  TechNet Community Support

• Multiple objects, multiple domains, for-loops the problem?

  Hi,
  I've based a small amount of Powershell code off the code I've found here: http://halfloaded.com/blog/powershell-using-posh-to-search-across-multiple-domains-in-forest/
  Ideally what I'm aiming for is for it to find the current forest, enumerate the domains, and then for each domain to search for a specific user. If it finds the user it should then do something, for now just clear a value extensionAttribute8.
  What I suspect is happening is it finds the users but then tries to modify them while attached to the current domain, which is child1.
  Domain structure:
   - Root
     - child1
     - child2
  cls
  $objForest = [System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest()
  $DomainList = @($objForest.Domains | Select-Object Name)
  $Domains = $DomainList | foreach {$_.Name}
  foreach($Domain in ($Domains))
  $ADsPath = [ADSI]"LDAP://$Domain"
  $objSearcher = New-Object System.DirectoryServices.DirectorySearcher($ADsPath)
  $objSearcher.Filter = "SamAccountName=testuser"
  $objSearcher.SearchScope = "Subtree"
  $colResults = $objSearcher.FindAll()
  foreach ($objResult in $colResults)
  $userDomain = $objResult.GetDirectoryEntry()
  Set-ADUser $userDomain.DistinguishedName[0] -clear extensionAttribute8
  It errors with
  Set-ADUser : Cannot find an object with identity: 'CN=testuser,CN=Users,DC=root,DC=company,DC=co,DC=uk' under: 'DC=child1,DC=root,DC=company,DC=co,DC=uk'.
  At line:17 char:9
  + Set-ADUser $userDomain.DistinguishedName[0] -clear extensionAttribute8
  + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  + CategoryInfo : ObjectNotFound: (CN=testuser,C...pny,DC=co,DC=uk:ADUser) [Set-ADUser], ADIdentityNotFoundException
  + FullyQualifiedErrorId : Cannot find an object with identity: 'CN=testuser,CN=Users,DC=root,DC=company,DC=co,DC=uk' under: 'DC=child1,DC=root,DC=company,DC=co,DC=uk'.,Microsoft.ActiveDirectory.Management.Comman
  ds.SetADUser
  Set-ADUser : Cannot find an object with identity: 'CN=testuser,CN=Users,DC=child2,DC=root,DC=company,DC=co,DC=uk' under: 'DC=child1,DC=root,DC=company,DC=co,DC=uk'.
  At line:17 char:9
  + Set-ADUser $userDomain.DistinguishedName[0] -clear extensionAttribute8
  + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  + CategoryInfo : ObjectNotFound: (CN=dttestuser,C...ita,DC=co,DC=uk:ADUser) [Set-ADUser], ADIdentityNotFoundException
  + FullyQualifiedErrorId : Cannot find an object with identity: 'CN=dttestuser,CN=Users,DC=its,DC=ad,DC=capita,DC=co,DC=uk' under: 'DC=central,DC=ad,DC=capita,DC=co,DC=uk'.,Microsoft.ActiveDirectory.Management
  .Commands.SetADUser
  Please help!

  cls
  Import-Module ActiveDirectory
  Foreach ($Domain in (Get-ADForest).Domains)
  #Performing Search Operation per Domain
  $Objects = Get-ADObject -LDAPFilter "SamAccountName=dttestuser" -Server $Domain -Properties extensionAttribute8
  Foreach ($Object in $Objects)
  Set-ADUser $Object -clear extensionAttribute8
  If anyone could tell me why removing the loop:
  Foreach ($Object in $Objects)
  And saying
  Set-ADUser $Objects -clear extensionAttribute8
  Errors I'd be interested. $objects only finds 1 object so having the loop makes no sense but it does seem to stop it error'ing!

• RDBMS Security Store supporting multiple domains

  Can one instance of the RDBMS Security Store be utilized to support multiple WLS 10.3.2 domains?
  I have several 10.3.2 domains, all of which have clusters and role requirements? The documentation 'suggests' one Store per domain, but all of the tables in the schema contain DOMN (domain) and REALMN (realm) columns that would seem to indicate domain independence. It would be nice to be able to manage one Store schema that supports several Domains.

  Hi,
  The document which you are referring is for WLS 10.0 and RDBMS security is introduced from WLS 10.3.0 onwards.
  The reason why RDBMS security store should not be stored between two domains is RDBMS security store is used by authorization, role mapping, credential mapping, and certificate registry providers.
  Once the RDBMS security store is configured in a domain, an instance of any of the preceding security providers that has been created in the security realm automatically uses only the RDBMS security store as a datastore, and not the embedded LDAP server.
  It is just the replacement for Embedded LDAP.
  Thanks & Regards,
  Murali.
  ============