TLS setup with multiple receiving domains

Similar Messages

• People Picker search order with multiple forest domains

  I had customer with multiple forest domain environment. Now the problem is that all users from one domain synced to the resource domain(Domain A) where sharepoint is installed.
  The peoplepicker is now finding at first the user in Domain A where sharepoint is installed. My Solution is now to specify the order of searching in People Picker that first all users in Domain B will return and if there is noting will return Domain A.
  All SharePoint Server(s) had Network Access to the other Domains. And there are two-way-trust konfigured.
  Any Solution for that?
  Thanks for your feedback!
  P.

  Regardless of search order, you would get both results returned. Have you tried using the UserAccountDirectoryPath property on the Site Collection to specify DC=domainB,DC=com?
  Trevor Seward
  Follow or contact me at...
  This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.
  Nice to now that i can set it up per site collection. But it do not work in my case, it indeed returned users from Domain B but Domain A, C, D and F(Examples) are excluded from People Picker.

• Any possiblity to use single Inbound Service Interface with multiple Receiver Agreements

  Hi All,
  Scenario: PROXY to FILE.
  Requirement is to receive to two locations.
  Is it possible to use single Inbound interface with multiple Receiver Agreements. I tried using two operation in the Inbound Service Interface, and Operation Specific in Determination. But couldnt proceed further. Do I need to use seperate Service Interface for two receiver locations?
  Please suggest some solution.

  Hi Naveen,
  There is a possibility but in the case in the same server location with dynamic configuration: Placing file in two different directories using single receiver communication Channel
  With different location you would need to develop a new adapter module as Amit Srivastava explains and develops here Send File to Two Different Locations using Adapter Module
  Regards.

• Best Migration Method for Exchange 2007 with multiple accepted domains

  We are trying to determine which method would be best for us as we migrate to O365.  Scenario as follows:
  1) Multiple accepted domains (each in their own OU in AD); example: domainA.com, domainB.com
  2) Exchange is 2007; clients will be upgrading the Outlook 2013
  3) Would like to be able to sync mailboxes starting anytime but be able to cut over a domain at a time.
  Tested so far with staged migration but it appears that with this, there is a change in the TargetAddress sending all mail to the O365.  Even changing MXs didn't redirect the message as it reaches the Exchange box and immediately goes to O365.
  We haven't tried the cutover as we're only able to test with the production box and if that somehow cutover the entire box, we'd be .. well, it wouldn't be good.  
  Anyone had any experience so that our #3 point would be doable, that would be great.  
  Thx
  George

  Hi George,
  According to your description, I understand that the issue is related to Exchange migration from Exchange 2007 to Exchange Online for Office 365. This forum focuses on some general discussion about Office 365 ProPlus which
  is the version of Office that comes with many Office 365 plans. Therefore, I suggest we can post the issue in Microsoft Exchange Online (Office 365) forum for more professional suggestions:
  http://social.technet.microsoft.com/Forums/en-US/home?forum=onlineservicesexchange
  Hope you can find the solution soon.
  Regards,
  Winnie Liang
  TechNet Community Support

• GetDesktopURL() problem with multiple DNS domains

  Hello,
  I use PS6.1 on a server with more domain names. If I login to one domain many portal links are directed to other domain.
  I suppose that there is something wrong in function/tag getDesktopURL(). The domains are swaped sometimes after server restart. (I clear all cookies between tests).
  For examle:
  Page URL:
  www.d1.com/portal/dt
  In channel JSP:
  <dtpc:getDeskpc.geDesktopURL/> -> www.d2.com/portal/dt
  pc.getDesktopURL(null) -> www.d2.com/portal/dt
  pc.getDesktopURL(request) -> www.d2.com/portal/dt
  but:
  request.getServerName() -> www.d1.com
  request.getHeader("host") -> www.d1.com
  Thank you for any hint, M.C.

  You should give Apple a call and ask to speak to the iPhone enterprise group. They should be able to help you get your network setup properly.

• EEO setup with multiple GRE's associated to Business Group

  Hi,
  I am looking to setup EEO report for a business group that has multiple GRE's. There are multiple locations rolling up to the GRE.
  How can I setup EEO Generic Hierarcy so that I can get each Location as an establishment report and a consolidated report on the GRE.
  Parent Org has a Business group classification and the individual GRE have GRE/Legal Entity classification.
  If I setup Generic Hierarchy with Business Group Org as a Parent Entity and GRE's as Establishment then all the locations defined are summed up to the Establishment. This does not work for me as I am looking to report on each location as an Establishment.
  Alternativeuly I cannot add GRE classification to Business Group Org or Business Group classification to GRE.
  Any help woudl be appreciated.
  Thanks

  Prashant
  If you are in R12 then there is no more relation between GRE and Ledger, OU
  GRE is independent and only for the HR.
  You need to look at the Accounting legal entity which is tied to the ledger, which interm tied to the business group.
  If you build global hierarchy in HR, there is no impact on the ledger or to anyother non HR modules.
  You can use MOAC for the other modules
  Regards
  Ramesh s

• 2 Exchange 2013 Cas and mailbox on both in defferant ad sites with multiple main domains

  Hi
  I have 2 Exchange servers in a single AD forest. Mail1 and mail2
  2X 2012 R2 Dc's
  There are 2 AD sites Site 1 and site 2
  Site 1 = DC1 and Mail 1
  Site 2 = DC2 and Mail2
  One exchange organisation
  2 email external domains = domain1.com and domain2.com
  2 wildcard certs *.domain1.com on mail1 and *.domain2.com on mail2
  2 different Internet connections one for site 1 and other for site 2 and 2 external Ip address's
  Requirements where to split the servers so that domain1.com users send form a different IP address than those of domain2.com. This has been done and works fine by simply setting a exchange connection cost of 100.
  Domain1.com users live on mail1 MD1 and domain2.com users are on Mail2 MD2
  I am facing an issue on how to connect outlook anywhere so that users in the 2 domains are connecting to their own exchange servers and outlook anywhere will work with autodiscover.
  At the moment I have set the outlook provider to domain1.com and this work fine but outlook anywhere will not work for domain2.com
  I have only come up with an idea to requester a 3rd mutual domain and then issue a SAN cert that would have all 3 domains in set the outlook provider to domain3.com it and then direct the outlook anywhere users to use the new domain to connect their outlook
  anywhere clients with.
  I don't think the client is going to go for this as he wants the names to be separate .
  Any help would be appreciated

  The EXPR provider is a global setting.
  Since you are doing this
  "2 wildcard certs *.domain1.com on mail1 and *.domain2.com on mail2"
  Can you not get both onto the same cert?  Though accessing a SAN entry on a cert will not work for clients older that Vista SP1.
  Alternatively use a generic name.  That is what hosting companies do.  Dedicated hosting is not really multitenant before that comes up :)
  Cheers,
  Rhoderick
  Microsoft Senior Exchange PFE
  Blog:
  http://blogs.technet.com/rmilne 
  Twitter:   LinkedIn:
    Facebook:
    XING:
  Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

• Ipad setup with multiple users

  A group of people are sharing an Ipad at the school I work at.  How should I set up the apple id/itunes password?  I have an apple id and a mac but not everyone who uses it does.

  With regard to what? The iPad isn't designed for multiple users in the way that you want to do it. If you switch ID's on the iPad and start downloading past purchases from different ID's, you will end up locking yourself out of some of those ID's for 90 days by associating the device with another ID.
  There is no way that you can sync the device to multiple computers either. You might want to read this.
  iTunes Store: Associating a device or computer to your Apple ID
  If you are sharing the iPad in order to read certain textbooks, or surfing the web - or been checking your personal email using a web browser where you can log in and out of you personal email accounts, that is fine for multiple users, but of you want to download content using different Apple ID's. that will create problems.
  If you just want to create one Apple ID for everyone to share and you are not going to sync to iTunes at all, just create a free email account that you can all use as the Apple ID email address with one password of your choosing.

• ICloud setup with multiple devices

  I have an iPad, my husband has a Mac and a brand new iPhone. We have been using the same Apple ID and had everything working over iCLoud. We want to share contacts and calendars (pretty much everything except email) and now we would like to utilize iMessage. How should we setup our icloud? THanks

  What, exactly, are you trying to do? You can use the same iCloud account on as many devices as you want, as long as you don't turn on iTunes Match. Once you turn on Match, you're limited to 10 devices total.
  Is this what you want to do...same iCloud account, but different iTunes/App store accounts on each device? If so, you can do that also.

• BPM with multiple Receives

  I have an input from a File1 and this will be received in the BPM and then the input will be sent Synchronously to get a Response Back. Only after I receive the First HTTP response, I need to Receive another File say File2 in BPM.
  How to achieve the above scenario

  Hi,
  Basically add a second Receive step to the BPM after the synchronous send step. However, you must create a correlation so the engine knows exactly which File2 is to be routed to a particular process instance. You activate the correlation in the first Receive step (for File1) and use the correlation in the second Receive step.
  Regards,
  Thorsten

• TM setup with multiple HD's

  I have a Mac Pro with 4 HD's. I have Leopard installed on first partition of 500 GB HD#2.
  HD#1 is OEM 250 GB HD, mostly used with carryover from my 20" iMac. I have Tiger installed on HD#2B, and some DV and HDV files on 750 GB HD #3. Used 750 GB HD#4 to back up with TM.
  I have 79.1 GB on HD#2A to back up to HD#4. However, TM backed up all my HD's( other than #4), using 380GB on HD#4!!
  How do I select specific HD to use with TM? Can I just delete the HD folders that TM backed-up to HD#4?

  Tried to delete unwanted HD folders from HD#4 where TM stored all my HD's.
  Ms says HD folder cannot be move to trash-- "cannot be completed because back up items cannot be modified"
  How do I start over with TM only backing up specified HD?

• Is an AP got problem with multiple regulatory domain?

  Hello,
  Our customer in China reported that they got poor 2.4GHz wireless quality(i.e.slow response, slow data transfer). But these not happened on 5GHz band. The main WLC installed in Bangkok, Thailand. This controller take controll all their APs over the country and oversea branchs. We checked into the AP configurations and saw this..
  Regulatory Domains: 802.11bg:-E    802.11a:-C
  Country Code: CN (China)
  AP Part:     AIR-CAP2602I-C-K9
  After we checked these tables
  (http://www.cisco.com/en/US/prod/collateral/wireless/ps5679/ps5861/product_data_sheet0900aecd80537b6a.html#wp9005671)
  All regulatory domains for this AP should be -C right?
  We followed this page for configuring China country code.
  (http://www.cisco.com/en/US/docs/wireless/controller/7.4/configuration/guides/lwap/config_lwap_chapter_010000.html)
  I got noticed in guidelines and limitations
  Although the controller supports different access points in different regulatory domains (countries), it requires all radios in a single access point to be configured for the same regulatory domain. For example, you should not configure a Cisco 1231 access point’s 802.11b/g radio for the US (-A) regulatory domain and its 802.11a radio for the Great Britain (-E) regulatory domain. Otherwise, the controller allows only one of the access point’s radios to turn on, depending on which regulatory domain you selected for the access point on the controller.
  So, this should be a problem? or I hit a bug?
  WLC information:
  Part:                                       AIR-CT5508-K9
  Version:                                  7.3.112
  Configured Country Code(s):     TH,US,CN
  Regulatory Domain:                 802.11a: -ACE, 802.11bg: -ACE
  Thank you.

  This is not a bug. Refer to Cisco TAC response.
  Its not a bug, from the WLC you can run the command:
  Show country supported tx-power
  (WLC-5508-RAC1) >show country supported tx-power       KEY: ## = Tx Power in dBm.
             ##*= Channel supports radar detection.
              . = Channel is not legal in this country.
            = Regulatory Domains allowed by this country.
            (-,-) = (indoor, outdoor) regulatory Domains allowed by this country.
  -----------------:+--+--+--+--+--+--+--+--+--+--+--+--+--+--
      802.11BG     :                                         
      Channels     :                             1  1  1  1  1
                   :  1  2  3  4  5  6  7  8  9  0  1  2  3  4
  -----------------:+--+--+--+--+--+--+--+--+--+--+--+--+--+--
  (-CE  ,-CE  ) AE : 20 20 20 20 20 20 20 20 20 20 20 20 20  .
  (-A   ,-AR  ) AR : 27 27 27 27 27 27 27 27 27 27 27  .  .  .
  (-E   ,-E   ) AT : 20 20 20 20 20 20 20 20 20 20 20 20 20  .
  (-A   ,-NA  ) AU : 27 27 27 27 27 27 27 27 27 27 27  .  .  .
  (-E   ,-    ) BA : 20 20 20 20 20 20 20 20 20 20 20 20 20  .
  (-A   ,-    ) BB : 27 27 27 27 27 27 27 27 27 27 27  .  .  .
  (-E   ,-E   ) BE : 20 20 20 20 20 20 20 20 20 20 20 20 20  .
  (-E   ,-E   ) BG : 20 20 20 20 20 20 20 20 20 20 20 20 20  .
  (-E   ,-    ) BH : 20 20 20 20 20 20 20 20 20 20 20 20 20  .
  (-E   ,-    ) BN : 20 20 20 20 20 20 20 20 20 20 20 20 20 20
  (-A   ,-A   ) BO : 27 27 27 27 27 27 27 27 27 27 27  .  .  .
  --More-- or (q)uit
  (-A   ,-AR  ) BR : 27 27 27 27 27 27 27 27 27 27 27  .  .  .
  (-E   ,-    ) BY : 20 20 20 20 20 20 20 20 20 20 20 20 20  .
  (-A   ,-ABN ) CA : 27 27 27 27 27 27 27 27 27 27 27  .  .  .
  (-A   ,-ABN ) CA2: 27 27 27 27 27 27 27 27 27 27 27  .  .  .
  (-E   ,-E   ) CH : 20 20 20 20 20 20 20 20 20 20 20 20 20  .
  (-AER ,-AR  ) CL : 20 20 20 20 20 20 20 20 20 20 20 20 20  .
  (-E   ,-E   ) CM : 20 20 20 20 20 20 20 20 20 20 20 20 20  .
  (-CE  ,-CE  ) CN : 20 20 20 20 20 20 20 20 20 20 20 20 20  .
  And for 802.11a:
  -----------------:+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--
     802.11A       :                                      1  1  1  1  1  1  1  1  1  1  1  1  1  1  1  1  1  1
     Channels      :  3  3  3  4  4  4  4  4  5  5  6  6  0  0  0  1  1  2  2  2  3  3  4  4  5  5  6  6  6  7
                   :  4  6  8  0  2  4  6  8  2  6  0  4  0  4  8  2  6  0  4  8  2  6  0  9  3  7  1  5  9  3
  -----------------:+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--
  (-CE  ,-C   ) AE :  . 23  . 23  . 23  . 23 23*23*23*23*30*30*30*30*30*30*30*30*30*30*30*23 23 23 23 23  .  .
  (-A   ,-A   ) AR :  . 23  . 23  . 23  . 23 23*23*23*23*23*23*23*23*23* .  .  . 23*23*23*30 30 30 30 30  .  .
  (-E   ,-E   ) AT :  . 20  . 20  . 20  . 20 20*20*20*20*27*27*27*27*27*27*27*27*27*27*27* .  .  .  .  .  .  .
  (-NZ  ,-NZ  ) AU :  . 23  . 23  . 23  . 23 23*23*23*23*30*30*30*30*30*30*30*30*30*30*30*30 30 30 30 30  .  .
  (-E   ,-    ) BA :  . 20  . 20  . 20  . 20 20*20*20*20*27*27*27*27*27*27*27*27*27*27*27* .  .  .  .  .  .  .
  (-N   ,-    ) BB :  . 23  . 23  . 23  . 23 23*23*23*23* .  .  .  .  .  .  .  .  .  .  . 30 30 30 30 30  .  .
  (-E   ,-E   ) BE :  . 20  . 20  . 20  . 20 20*20*20*20*27*27*27*27*27*27*27*27*27*27*27* .  .  .  .  .  .  .
  (-E   ,-E   ) BG :  . 20  . 20  . 20  . 20 20*20*20*20*27*27*27*27*27*27*27*27*27*27*27* .  .  .  .  .  .  .
  (-E   ,-    ) BH :  . 20  . 20  . 20  . 20 20*20*20*20*27*27*27*27*27*27*27*27*27*27*27* .  .  .  .  .  .  .
  (-S   ,-    ) BN :  . 20  . 20  . 20  . 20 20*20*20*20* .  .  .  .  .  .  .  .  .  .  . 30 30 30 30 30  .  .
  --More-- or (q)uit
  (-A   ,-A   ) BO :  . 23  . 23  . 23  . 23 23*23*23*23*23*23*23*23*23* .  .  . 23*23*23*30 30 30 30 30  .  .
  (-T   ,-AN  ) BR :  .  .  .  .  .  .  .  .  . 17*17*17*27*27*27*27*27*27*27*27*27*27*27*30 30 30 30 30  .  .
  (-I   ,-    ) BY :  . 20  . 20  . 20  . 20 20*20*20*20* .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .
  (-A   ,-ABN ) CA :  . 23  . 23  . 23  . 23 23*23*23*23*23*23*23*23*23* .  .  . 23*23*23*30 30 30 30 30  .  .
  (-A   ,-ABN ) CA2:  . 23  . 23  . 23  . 23 23*23*23*23*23*23*23*23*23* .  .  . 23*23*23*30 30 30 30 30  .  .
  (-E   ,-E   ) CH :  . 20  . 20  . 20  . 20 20*20*20*20*27*27*27*27*27*27*27*27*27*27*27* .  .  .  .  .  .  .
  (-SA  ,-A   ) CL :  . 20  . 20  . 20  . 20 20*20*20*20*27*27*27*27*27*27*27*27*27*27*27*30 30 30 30 30  .  .
  (-    ,-    ) CM :  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .
  (-C   ,-C   ) CN :  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  . 23 23 23 23 23  .  .
  So from that you can confirm that for 802.11bg you can use E and C regulatory domains.

• Public Sector AR - Multiple Receivable Lines

  Has anyone implemented with the Multiple Receivables Lines option enabled and made an enhancement to the Lock-box to get full functionality. Or visa versa, has anyone implemented with Multiple Receivable Lines set to no and created any extionsion to get the mulitple receivable line functionality and allow for COTS Lockbox?

  Hello Monique,
  Well you can have one invoice generated for an order with multiple lines. This is possible by changing some rules in Account Receivables. Use the grouping rules under setups->autoinvoice in AR. You can club your invoices based on any of the columns of ra_interface_lines_all. Hope this works for you.
  Arvind

• LDAP supporting multiple DNS domains

  I have an environment with multiple DNS domains, and am configuring a Directory server (DS 6.3.1) to centralize various OS configuration maps including user authentication. None of the DNS domains have unique data, so I'd like to do something like storing all the real data in one suffix, then somehow have all clients look to that primary suffix. I am aware that the Solaris Native LDAP client wants to bind to a nisDomainObject that matches its DNS domain. I'm just having a hard time believing that I really need to manage all those individual suffixes when they don't have unique data requirements.
  Take as an example the following domains to be supported: foo.example.com, bar.example.com, dev.example.com, qa.example.com, prd.example.com (no hosts are actually in "example.com", they are all in subdomains). Again, all share common configuration data, same user IDs, etc - no unique maps are required.
  I created a suffix, "dc=example, dc=com", set it up with idsconfig. All is well there.
  [A] My first thought is to bind all Solaris clients, regardless of their DNS domain, to the baseDN of "dc=example, dc=com" in order to avoid having a separate suffix for each DNS domain. I tried to do this using "-a defaultSearchPath=dc=example,dc=com" with ldapclient init, but it failed with an error indicating it wants to see the nisDomainObject of its real DNS domain.
  The second though I had, which I don't believe is possible, is to find some sort of a LDAP equivalent of a symbolic link so that I could actually have an object for each DNS domain, but it would simply point back to "dc=example,dc=com". I can't find anything in the documentation which suggests this is possible, but I'd love to be wrong!
  [C] Perhaps this could be somehow done with a rats nest of SSDs, but that really seems unwieldy, right? I plan on using a fair amount of the available objects, so it would be many SSDs per suffix. Yuck.
  Can anyone comment on my above thoughts, or provide how they would go about supporting multiple DNS domains that have common configuration data?
  Thank you,
  Chris

  Ok, I answered my own question. Turns out it's pretty easy. Just use the "-a domainName=example.com" option with `ldapclient` then make sure that the FQDN of the LDAP server is available (or use its IP address). My problem was that the ldapclient overwriting nsswotch.conf was clobbering the SSL session because I used the FQDN which couldn't resolve.
  This leaves an interesting condition of having the output of "domainname" not match the DNS domain. I'm testing now to see if this causes any unexpected issues with our environmnet, but I suspect it's not a problem.

• Migrate itunes from pc to mac with multiple user accounts

  I've read the numerous articles on transferring one's itunes library from a windows machine to a mac and I *think* I've got the details sorted (have itunes copy everything and then organize my library, then copy whole folder to external drive). I only have one itunes account but it my full library and itunes account is used across different windows user accounts.
  My mac is setup with multiple user accounts and I'd like to have a single library and single itunes account (same apps, etc.,). I'm not quite sure how to migrate the library from windows and then set it up on the mac such that all mac user accounts are sharing the same library and itunes account. Any guidance?
  Forgot to mention, have 2 iphones and 1 ipad as well, all attached to the same apple id.

  See these support documents:
  How to share iTunes between multiple accounts on a single computer:  http://support.apple.com/kb/HT1203
  How to use multiple iPods, iPads, or iPhones with one computer, http://support.apple.com/kb/HT1495