Group activity
Compensation, except when should use the group activity?Hey you,.
One of the useful things about a group in a process is when you are able to set a group around several automatic activities. Once "grouped" these automatic activities can have a property defined at the level of the group to make a transaction. It also means that database engine instance is not read or written for before and after each automatic activity. As limit transaction within the group if an automatic fails all fail.
Note that this will only work if the activities within the group are all automatic. Also note that you could have done the same thing (set a single atomic transaction limit) If you used instead of a procedure.
Dan
Tags: Fusion Middleware
Similar Questions
-
How to export users and groups Active Directory of hyperion shared services
Hello
We are on 11.1.2.3 and in a situation where we need to export all users and groups of shared services, including the native directory and Active Directory users and groups.
Current method of LCM export only the NativeDirectory user and groups. -is this correct?
Is there a way to export all users and groups including NativeDirectory and ActiveDirectory?
Please suggest.
Thank you
I don't think that there is a way to make the groups and users to the AD, and I wouldn't.
You need to connect the next AD system and pull on the users and groups in this way.
-
replication of cache stanby group active on the same machine
Hello
To validate a design of replication, I'm putting in place a pair of active standby of a cache on a group my portable linux (ubuntu). I have installed two data warehouses on the same instance of TT - cgdsn and master2
I created a group of active usermanaged on DS TT cache and began an active standby replication using the following sql:
command > create the pair of Eve active cgdsn on "simulation-t61', master2 on"simulation-t61' acknowledgement STORE cgdsn PORT 21000 TIMEOUT 30 STORE master2 PORT 20000 TIMEOUT 30;
I read in a thread earlier that replication on the same machine will require ports to be expressly provided for in the replication command.
Here the result to check the status of the main data store:
< output >
Oracle@SIMU-T61: ~ $ ttrepadmin showstatus - cgdsn_tt70
Enter the password for "ora":
State of replication Agent as: 2010-03-14 20:22:43
DSN: cgDSN_tt70
Process ID: 18496 (started)
Strategy of replication agent: manual
Host: Simulation-T61
RepListener Port: 21000
Last LSN write time: 0.19340024
Last LSN forced to disk: 0.19340024
Replication hold LSN: 0.19320752
Peers in replication:
Name: MASTER2
Host: Simulation-T61
Port: 0 (not connected)
Replication status: STARTED
Communication protocol: 24
ISSUER or the threads:
For: MASTER2
Start/number: 1
Send LSN: 0.19320752
Sent transactions: 0
Total packets sent: 0
Check packets sent: 0
The packets received total: 0
< / output >
I then tried to reproduce the day before but got following error
< output >
Oracle@SIMU-T61: ~ $ ttRepAdmin-duplicate - of cgdsn_tt70 - host "simulation-t61" - keepCG - cacheUid ora - cachePwd ora - localhost "simulation-t61" - verbosity 2 "dsn = master2_tt70; UID =; PWD ="
Password for "ora":
* 20:27:02 how to contact remote main demon to the 127.0.1.1 port 17000 *.
* 20:27:02 double operation ends *.
TT12039: Could not get port number of TimesTen replication agent on the remote host. The replication agent has not been started or it has just started and has not communicated his port number on the demon TimesTen
< / output >
Log file
< output >
00:30:33.20 Info: 8143: had pid 20405 Hello, type utility (/ usr/lib/oracle/xe/TimesTen/tt70/bin/ttRepAdminCmd - duplicate - of cgdsn_tt70 - host simulation-t61 - keepCG - cacheUid ora - cachePwd ora - localhost simulation-t61-verbosity 2 dsn = master2_tt70;) UID =; PWD =)
00:30:33.20 Info: 8143: accepts the incoming message from 127.0.1.1 with remote Protocol (we're TimesTen 7.0.5.0.0.tt70, they are 7.0.5.0.0.tt70 TimesTen remote)
00:30:33.20 Info: 8143: 20405 -: utility program registration
00:30:33.20 Info: 8143: labour: with request #1336.4606
00:30:33.20 Info: 8143: labour 1336: socket closed, call for recovery (last cmd was 4607)
00:30:33.20 Info: 8143: from daRecovery to 20405
00:30:33.20 Info: 8143: finished daRecovery for pid 20405.
00:30:33.20 Info: 8143: labour got 20405, not in the restaurant #1335.4608: path = / tmp/master2
* 00:30:33.20 Err: 8143: TT14000: internal error of TimesTen daemon: Got notInRestore command with data store unknowns "/ tmp/master2."
00:30:33.20 Info: 8143: labour: with request #1335.4608
00:30:33.20 Info: 8143: labour 1335: socket closed, call for recovery (last cmd was 4608)
00:30:33.20 Info: 8143: from daRecovery to 20405
00:30:33.20 Info: 8143: 20405 -: process is released
00:30:33.20 Info: 8143: finished daRecovery for pid 20405.
00:30:34.14 Info: REP: 20246: CGDSN:transmitter.c (1358): TT16114: connect to the MASTER2 on Simulation-T61 (127.0.1.1); Port: 20000
00:30:35.14 Info: REP: 20246: CGDSN:transmitter.c (1358): TT16114: connect to the MASTER2 on Simulation-T61 (127.0.1.1); Port: 20000
00:30:36.14 Info: REP: 20246: CGDSN:transmitter.c (1358): TT16114: connect to the MASTER2 on Simulation-T61 (127.0.1.1); Port: 20000
0
< / output >
Output of netstat
< output >
Oracle@SIMU-T61: ~ $ netstat - a | grep 21000
TCP 0 0 *: 21000 *: * LISTEN
< / output >
I am supposed to provide the port number of my Active ds in order somehow duplicate?
Thank you
REDA
Published by: user8936481 on March 14, 2010 21:41What is the DSN definition for cgdsn_tt70?
It could be a problem with the - from clause in the - duplicate order. Assuming that your dsn definition is defined with the attribute of DATA store to be similar to the following:
[mydsn]
Data store = / tmp/storedsAnd your ttRepAdmin-double command is similar to the following:
ttRepAdmin-double - mydsn...
You need the value of the parameter for - the option to reflect the prefix of the file name of the data store. The ttRepAdmin command above should be:
ttRepAdmin-double - storeds
That is to say - of mydsn
becomes
-of storeds
-
Can I programmatically change the active group on a Hypertrend in DSC?
I would like to know how to change the active group of a hypertrend program in Labview DSC. I saw a link that says it can be done at Lookout. But in the module DSC, the active group is read-only.
I know a hard way to do it. I could save the settings of hypertrend as xmlSettings in a temporary file. The active group is one of the parameters. I could then change the group active in this file text to point to the new group, and then reload the settings. But this isn't a clean way of dong it.
Anyone know if there is an easy way?
I found a way to do it but not very clean. I don't know why there is no function to change the current group.
Here's how I did it.
-
Multiple users Active Directory membership mapping group
Hi all
We got 4.2 ACS and two types of user access to our network:
1_ we got some users in 'CiscoAdmins' Active Directory, corresponding group mapped Cisco ACS group is "switch Admins.
2_ we also have some users in "VPN_Users' group Active Directory, corresponding mapped Cisco ACS group is"VPN_Users.
In the "Command mapping" page on Cisco ACS 4.2, we put tte group 'CiscoAdmins' Active Directory mapping at the top "VPN_Users' Active Directory group mapping. So what happens is, if a user belongs to two "CiscoAdmins" and "VPN_Users" groups in Active Directory, users always goes in the "Switch_Admins" group in Cisco ACS.
However for some users (who belong to two groups in Active Directory), we need to apply some IP allocation and specific authorization.
The suggestiongs are welcome.
Thanks in advance.
Dumlu
Yes, check ACS for belonging to the user group and it can determine if the user is a member of several groups and then map the corrosponding ACS group. Little additional material on the ACS group mapping
-
Note: Please rate the answer if it helped
-
Active Directory groups can be put into service in the FDMEE places?
Hi experts FeeDMEE:
We are upgrading to HFM/FDMEE 11.1.2.4. We would like to use only the Active Directory groups for our security in Shared Services.
I did a lot of audit looking at whether we can use security location FDMEE ad groups. So far, the only way I found to make the security location uses the native approach (settings / security settings / security location...) Security by location, click on keep usergroup to set up groups). But it doesn't seem to be an option if you create groups such as native or ad groups (FDMEE them creates only natively).
Does anyone know if it is possible in FDMEE to use security of the location ad groups?
Thank you
Mark SmithI discovered that it is more possible for FDMEE create Aboriginal groups for the security of the location.
However, Active Directory groups can be added as members of indigenous groups. In this way, users should only be added to Active Directory groups. The only maintenance is to add or remove groups active directory to or from the indigenous groups of FDMEE.
-
Passwords enable ISE device Administration (ACS) integrating with Active Directory
I'm working on a standalone application ISE and running into a problem where the password to enable for a device is not shoot properly. I have the original connection related AD and I policy conditions/results/sets all as they should be working. My test run is a 2960 S. I tried to set up ' group aaa authentication enable default
Activate ', but the only way I could do a login enabled with which was if the user has configured locally in ISE identity management > identity > users. Is there something that I missed that tie will enable passwords for a group active directory as I work for the initial logon? I see just a mistake with your failure to enable aaa authentication enable. You must specify the Group of Ganymede.
Right now, I don't have access to my lab with ISE.
Here's my config for switches used with ACS.
AAA authentication login GANYMEDE-SRV Group Ganymede + local
local authentication AAA Console connection
Group AAA dot1x default authentication RADIUS
AAA authorization exec GANYMEDE-SRV Group Ganymede + local
AAA authorization commands 15 GANYMEDE-SRV Group Ganymede + local
Group AAA authorization network default RADIUS
AAA accounting exec GANYMEDE-SRV arrhythmic group Ganymede +.
orders accounting AAA 15 GANYMEDE-SRV arrhythmic group Ganymede +.If you give me all out maybe we can understand why your GANYMEDE ISE works do not with the AD. I see no reason except a misconfiguration or another issue.
Just to go to the mode, you need more aaa authentication command activate by default enable. This activation mode is pushed to the user if he gets the privilege 15. Your problem should be on the profile or politics. With the approval journal, we can see whether or not ISE pushes politics and why?
-
Enable ASA 9.1 problems with tunnel-group-list
Hello!
I try to get a working configuration where the Cisco VPN / DTLS phones VPN connect, while allowing access remotely via client AnyConnect of PCs. I have two groups of tunnel and configured for this purpose of group policy and use Group-URL.
Phones are connect very well, but I don't get the drop down menu to choose between the two groups of tunnel when connecting to a remote computer.
An excerpt from the config.
Moreover, I had the menu work previously when I used group instead of group-URL aliases. However, the phones seem to require the URL group. Now that I have those configured, the menu does not work. If I get the full URL in the AnyConnect window, both URLs work, and I can connect.
Thank you in advance for any suggestions you may have!
Deb
WebVPN
allow outside
AnyConnect image disk0:/anyconnect-win-2.5.2014-k9.pkg 1
AnyConnect image disk0:/anyconnect-macosx-i386-2.5.2014-k9.pkg 2
AnyConnect image disk0:/anyconnect-linux-2.5.2014-k9.pkg 3
AnyConnect enable
tunnel-group-list activate
ABC Group-Policy internal
ABC Group Policy attributes
value of server WINS 10.10.16.17 10.10.16.12
value of 10.10.16.17 DNS server 10.10.16.12
VPN - connections 3
SSL VPN-tunnel-Protocol l2tp ipsec client ssl clientless
Split-tunnel-policy tunnelall
field default value abc.com
the address value AnyConnectPool pools
WebVPN
activate AnyConnect ssl dtls
AnyConnect Dungeon-Installer installed
time to generate a new key ssl AnyConnect 1440
AnyConnect ssl generate a new method ssl key
AnyConnect client of dpd-interval 5
dpd-interval gateway AnyConnect 30
AnyConnect ask none
internal strategy of group ABC - STG
ABC - STG group policy attributes
value of server DNS 8.8.8.8
VPN - connections 3
SSL VPN-tunnel-Protocol l2tp ipsec client ssl clientless
Split-tunnel-policy tunnelspecified
Split-tunnel-network-list value Split-Tunnel-encrypt-ACL
field default value abc.com
the address value AnyConnectPool pools
WebVPN
activate AnyConnect ssl dtls
AnyConnect Dungeon-Installer installed
time to generate a new key ssl AnyConnect 1440
AnyConnect ssl generate a new method ssl key
AnyConnect client of dpd-interval 5
dpd-interval gateway AnyConnect 30
AnyConnect ask none
type tunnel-group Split-Tunnel-Group remote access
attributes global-tunnel-group Split-Tunnel-Group
address pool AnyConnectPool
Group Policy - by default-ABC-STG
tunnel-group Split-Tunnel-Group webvpn-attributes
allow group-url https://asa.abc.com/ABC-STG
tunnel-group ABC - Tunnel - type remote access Group
attributes global-tunnel-group ABC - Tunnel - Group
address pool AnyConnectPool
Group-ACTIVE DIRECTORY authentication server
Group Policy - by default-ABC
password-management
ABC - Tunnel tunnel-group - webvpn-attributes Group
allow group-url https://asa.abc.com/ABC
Hello
You can have group-alias and group-url at the same time in the configuration so that the phones can connnect with Group-url and users can click on the drop down menu to select the right connection profile.
tunnel-group
webvpn-attributes
Group-aliasenable
Group-urlhelp Kind regards
Dinesh MoudgilPS Please rate helpful messages.
-
Is there a way to match the groups active directory external to internal? It seems that I cannot use the internal groups in political posturing and politics of provisioning of customer. Is this correct?
Hello
You can create the policy so that the external group attribute ad is a component of the policy.
When adding a new condition on the left side, select the advanced option, you'll see AD select it the external group attribute.
From there, you can choose the operator followed by the value that you selected on the tab groups under Ad settings.
-
LobbyAdmin authentication via Active Directory
Hi all
I have a requirement to apply webauth on my network of comments and therefore need to configure the functionality of lobbyadmin. We will have several users login (Help Desk, receptionists, etc.) using an account of lobbyadmin and from a management point of view I prefer simply to drop existing users in a group active directory that grants them access to the rights of the lobbyadmin.
I know the authentication can be done through RADIUS - but is it possible using AD?
See you soon
Rob
No I don't think so.
Since the lobbyAdmin are like the users who try to access the WLC through management. That's why somebody has to tell the WLC what privilege therefore have user account. Basically, LDAP can provide this info is why you ought to use the radius server if you want to use external users from an LDAP.
But if what you want is to authenticate users AD in your authentication on the web, it can be done:
http://www.Cisco.com/en/us/products/ps6366/products_configuration_example09186a0080a03e09.shtml
Let me know if it answers the question.
-
Hello
I have configured an import ldap to use my groups active directory for the assignment of roles and rights.
I'm able to import an ldap group, but it only shows me that the band without members.
So the members of the group are not able to connect.
Any ideas?
Frank
I know why, but after having changed the import for mode easy Don t and get the root domain information, it works.
;-)
-
VCAC 6.0, I can't add a USER to the AD Group to a company includes the user role
IF I goto to MODIFY an existing group of companies, I can not ad any group Active Directory the "USER ROLE" on the bottom of the page, I'm not sure what I am doing wrong
in the attachment, I try to FIND ad GROUPS, I see the users but not groups
Thank you!
Post edited by: quantum_2
"" Message edited by: quantum_2 I also have the same problem with the "Group Manager ROLE" and the "support role" I can't announces an ad GROUP
He can not see the group - I think that it is a known problem, type the name of the Group anyway, and press ENTER. vCAC will throw an error if it does not recognize the name of the group. vCAC didn't need to 'find' the name of the group to accept it.
-
Create Active Directory accounts for vSphere 5.1 Services
To put in place the pieces of vSphere management, I need to have an account or accounts created in Active Directory. I need to figure out how to create and what permissions they need.
In authentication single server, I need to choose an account that vCenter server will use when it connects to the PSO. I can use a default admin@system-domainvalue. Or I can add an account configured in Active Directory. Or, I can also use a group active directory instead of an individual user. What is the best way to do it and if I use an AD account, what permissions need at the domain level and at the local level on the SSO Server? (I use multisite mode, so I can't use local accounts)
In SQL Server, I need to choose an account to use for the SQL server service. This account or an active directory account or a local user account? If so, what are the permissions should be assigned to the account in Active Directory and the permissions that should be assigned to the it on the local computer? This group of ads, if no it should be part of? Should what local authorities?
In vCenter Server, I need to choose an account to run the "vCenter Server Service" in. It is best to use the default "system" account or use an Active Directory account or a local account?
I'm trying to get an overview of account/group AD use policy which covers the main parts of vSphere management - vCenter Server, Single Sign on, inventory Service, Web customer service.
For example, create a group called 'vSphere Services', then create separate accounts for each element of the management and assign them specific permissions on specific systems. Or create separate groups for each element of the management and assign permissions to the groups. Is it better to consolidate some of these user names or split out them? Experiences / suggestions welcome. Thank you.
Hello
For general services, I use a specific service account in the ad. That was before the SSO and I use the same after SSO. SSO is used by only two services that I know not yet (the inventory Service and perhaps vCloud). However, there are several other service accounts to be created. You want an account by service and I use AD to do so, this way I can create a group of service accounts and give it appropriate roles and privileges. For example, I have service accounts for:
- VMware View
- XenDesktop
- vCops
- HPSIM
- SolarWinds
- VMTurbo
- NetApp
- etc.
A service, a service account, each with a general role or a custom role according to the requirements of access to vCenter.
For SSO, I have to wait on general information, but I created mine enough basically to cover only the resources that use SSO. Given that the vast majority of the items to not use the SSO, the rule still applies. Once the SSO is supported by more than one or two tools, you always have to maintain this separation.
Then I say yes, tie SSO to AD and do everything in one place, unfortunately, is not very clear, or at least wasn't for me and these issues SSO are either beng fixed, documented, or both.
Best regards
Edward L. Haletky aka Texiwill
-
Impossible to move a group of Redo Log
Hello
My database is running on version 11.1.0.7 on platform OEL.
I am trying to remove one of the Redo Log group Active, it fails with the error below. Could someone please help me solve this problem?
It was previously a node 3 CARS, and when he was moved to another machine, he got to build with a 2 RAC nodes.SQL > select * from v$log; GROUP# THREAD# SEQUENCE# BYTES MEMBERS ARCHIVED STATUS FIRST_CHANGE# FIRST_TIME ---------- ---------- ---------- ---------- ---------- --------- ------------------------------------------------ ------------- -------------------------- 10 1 8017 524288000 2 YES INACTIVE 1.2120E+13 17-JUN-2012 19:43:49 11 1 8018 524288000 2 YES INACTIVE 1.2120E+13 18-JUN-2012 06:49:45 12 1 8019 524288000 2 YES INACTIVE 1.2120E+13 18-JUN-2012 16:56:43 13 1 8021 524288000 2 YES INACTIVE 1.2120E+13 18-JUN-2012 23:18:07 14 1 8020 524288000 2 YES INACTIVE 1.2120E+13 18-JUN-2012 23:14:27 15 1 8022 524288000 2 NO CURRENT 1.2120E+13 19-JUN-2012 01:07:27 16 2 6835 524288000 2 YES INACTIVE 1.2120E+13 18-JUN-2012 23:15:46 17 2 6836 524288000 2 YES INACTIVE 1.2120E+13 18-JUN-2012 23:18:04 18 2 6837 524288000 2 YES INACTIVE 1.2120E+13 18-JUN-2012 23:20:22 19 2 6838 524288000 2 YES INACTIVE 1.2120E+13 18-JUN-2012 23:22:38 20 2 6839 524288000 2 NO CURRENT 1.2120E+13 19-JUN-2012 01:07:24 21 2 6832 524288000 2 YES INACTIVE 1.2120E+13 18-JUN-2012 23:11:45 22 3 3771 524288000 2 YES INACTIVE 1.2103E+13 09-SEP-2011 22:04:11 23 3 3772 524288000 2 YES INACTIVE 1.2103E+13 09-SEP-2011 23:55:55 24 3 3773 524288000 2 YES ACTIVE 1.2103E+13 09-SEP-2011 23:55:59 25 3 3766 524288000 2 YES INACTIVE 1.2103E+13 08-SEP-2011 22:05:29 26 3 3767 524288000 2 YES INACTIVE 1.2103E+13 08-SEP-2011 22:05:50 27 3 3768 524288000 2 YES INACTIVE 1.2103E+13 09-SEP-2011 14:02:05 SQL > archive log list; Database log mode Archive Mode Automatic archival Enabled Archive destination /archive/MYCSMA/MYCSMA2 Oldest online log sequence 6832 Next log sequence to archive 6839 Current log sequence 6839 SQL > archive log all; ORA-00271: there are no logs that need archiving SQL > ALTER SYSTEM ARCHIVE LOG GROUP 24; ALTER SYSTEM ARCHIVE LOG GROUP 24 * ERROR at line 1: ORA-16013: log 24 sequence# 3773 does not need archiving SQL > alter database drop LOGFILE group 24; alter database drop LOGFILE group 24 * ERROR at line 1: ORA-01623: log 24 is current log for instance MYCSMA3 (thread 3) - cannot drop ORA-00312: online log 24 thread 3: '/u247/oradata/MYCSMA/redo24_1.log' ORA-00312: online log 24 thread 3: '/u247/oradata/MYCSMA/redo24_2.log'
So, 3 wire is no more necessary. This is why I intend to drop these of Redo Log groups.
Thank you!Try
ALTER DATABASE DISABLE THREAD 3.
-
Add Group LDAP of the Organization, users still can not connect?
Hello!
I am setting up Lab Manager for my company and facing me a weird problem. I have set up 2 bodies so far and related security groups active directory each. In organisation1, users in AD security group (let's call it group1) is able to connect without a problem. However, when I installed organization2 and the security group (let's call Group2) import from active directory, users who are in these groups to get the following error message:
"You are not a member of an organization in vCenter Lab Manager".
If I add organization2 group1, group1 members are able to see organization2 in Lab Manager resources. For some reason, I can't users in group2 connect!
It seems that the problem lies in the configuration of the group...? Does anyone have pointers? I have to look out for any kind of nesting of user account?
I configured my LDAP server to point to the root of the domain - 'dc = blah, dc is com' and it seems to work OK. I set up a service account (in a totally different OU of the other groups) and perform the test works very well.
Just as a tip, I use Lab Manager in evaluation mode that my company provided no funding to buy the licenses yet. I am set up and will insert the licenses once they are available.
Thank you!
-Jesse Reinhart
Which has helped tremendously! I found that I needed to delegate rights, and I was able to connect to Lab Manager.
Since I was with a standard domain user account to run the Lab Manager slot, this account needed authorizations in the field for two objects. First of all, I need to delegate control to the domain level to read all properties for all user accounts in the domain. I'm sure you could limit to a specific set of attributes on user account objects, but that does not matter to me. Secondly, I had only allow read permissions at the domain level for the specific member attribute on the group objects. of course, I would have allowed "Read all properties", but this is the only attribute required by Lab Manager for groups.
Maybe you are looking for
-
Satellite Pro M30, it is recommended to install the new nVIDIA display driver?
I own a laptop Satellite Pro M30, which includes a GeForce FX Go5200 GPU from nVIDIA. On 27 July, nVIDIA has released a new driver and related software (version 61.77), as indicated by nVIDIA, fits all the its GPU. I tried to install this new driver
-
How to add a string to another string?
Hello I have a program that reads a string of data (included from 9 columns) of a Subvi (microcontroller) and another string of data an another Subvi (cold room) (column 1) .so I want to joing the two parts together, so that, in the end, I have 10 co
-
Analysis of response of HttpConnection
Hello! I have the same problem as in this thread http://supportforums.BlackBerry.com/T5/Java-development/parsing-response-of-HttpConnection/m-p/13985...When I use this code: httpConn = GetConnection(_url); responseCode = httpConn.getResponseCode(); i
-
/ * Style definitions * / table. MsoNormalTable {mso-style-name: "Table Normal" "; mso-knew-rowband-size: 0; mso-knew-colband-size: 0; mso-style - noshow:yes; mso-style-priority: 99; mso-style-parent:" ";" mso-padding-alt: 0 to 5.4pt 0 to 5.4pt; mso-
-
I got this error when I tried to change the details of MP3 format! Error 0x8007000D: the data are incorrect.