I need to build a query that pulls in all users with the *domain.com that are inactive.
(&(userPrincipalName=*domain.com)(!userAccountControl:1.2.840.113556.1.4.803:=2)
This is no problem, the problem is that there is another domain that has groups that are named the same as the production groups. So i tried something like this and it didn't work. I am trying to pull in the groups that are not in the dev domain.
(&(objectcategory=group)(!(ou:dn:=dev)))
I've also tried
(&(objectcategory=group)(!cn=dev.top.domain.com))
Edit: There are two potential ways to do Active Directory within the SharePoint tool. "ActiveDirectoryCustomQuery" and "ActiveDirectoryCustomFilter". I'm using the latter.
Related
So I am working on a project right now and I am facing an issue. In the company I work at we use two different resource groups, one for demo and then for productive. Before now we used to manually copy every new Logic App from the demo account and change the parameters so that it uses the correct ones for productive. We have around 80 logic apps as of now, and we seperate them in groups. The objective is to make it much easier and with as little as possible manual work required.
We are using them to sync SQL tables, CRM data and a lot of other stuff together. So I have many logic apps that use different parameters. For example, one can sync from the Calender to the SQL server, and the other one syncing two SQL tables but each table has to be accessed with a different user. What I want to do is have 6-7 parameter files depending on the sync. But when the deployment sees that I have parameter values that arent being used by a template, the deployment fails with the following error that makes it necessary to create a new parameter file for almost all new logic apps:
Code=InvalidTemplate; Message=Deployment template validation failed: 'The template parameters 'sql_server......' in the parameters file are not valid; they are not present in the original template and can therefore not be provided at deployment time. The only supported parameters for this template are 'logicAppName, logicAppLocation........ sql-8_username, sql-8_password, sql-8_sqlConnectionString'. Please see https://aka.ms/arm-deploy/#parameter-file for usage details.'.
Is there a way to make these parameters optional so that each templates uses the ones it needs? I googled around but the main thing I found did not help much => https://learn.microsoft.com/en-us/azure/azure-resource-manager/templates/template-best-practices#parameters
Thanks a lot for any help you guys can provide!
You can make it optional to provide a value for a param by using a defaultValue.
Any defaultValue supplied for a parameter must be valid for all users in the default deployment configuration.
Do not provide default values for user names, passwords (or anything that requires a secureString) or anything that will increase the attack surface area of the application
Do not use empty strings as default values (use language expressions to facilitate the scenario)
Template expressions can be used to create default values
Reference: https://github.com/Azure/azure-quickstart-templates/blob/master/1-CONTRIBUTION-GUIDE/best-practices.md#parameters
We have a few applications installed within a single "Web App" on Azure. We've configured each one as an Application (Configure>Virtual Applications and Directories and checkbox checked).
I've noticed that whenever we update a dll in one of the applications all of them get restarted. Any way to prevent this from happening other than creating a separate "Web App" for each application?
We need all of these apps to live under a single domain but remain independent.
I think it is because I have the main site under "/" and other applications nested in it. This was done to map the site to the root.
We have it defined this way: Site - "/" - mapped to site\wwwroot Application - /account mapped to site\account Pretty much the way it is set in this article. The physical folders are adjacent and the virtual folders are nested so one would expect that they would not affect each other.
We could not find a way to work around this issue. Eventually, we've resorted to azure slot swapping which provides zero downtime: https://azure.microsoft.com/en-us/documentation/articles/web-sites-staged-publishing/
I want to install multiple Sitecore instances to be hosted under one domain. So the root url of first instance will be http://example.com/instance-1 and so on.
The reason I want to have multiple instances is that, I want to split environments for each site. I know I can play with bindings and publish each instance on other port within same domain. I also know that I can install multiple sites under one instance. But I didn't found solution how to install instance in IIS site subdirectory.
Please if anyone was successful instaling multiple instances as child application or virtual directory, please share the knowledge.
I'm using Sitecore 6.5 and IIS 7.5
Sitecore does not support running in virtual directories.
It must run in its own website.
However, i did come up with a trick, but it is quite advanced and i don't have clear cut examples:
Setup one site that will be your main domain with sub folders (eg.
www.mydomain.com/site-a , www.mydomain.com/site-b
Setup your separate Sitecore instances as separate IIS websites
Give each site its own hostname and add it to your hosts file (so you get http://site-a, http://site-b, etc)
Install the IIS URL Rewrite feature, make sure rewriting of the HTTP_HOST server variable is allowed
Configure rewriting on your main site, so that http://www.mydomain.com/site-a/* is rewritten to http://site-a/*
Create a custom linkprovider that makes sure Sitecore links are being written using the correct domain and folder (so http://site-a/item is written as http://www.mydomain.com/site-a/item)
I'm sure this is possible as i've implemented a similar solution for a site that hosted clones if a site as 'virtual' folders.
I wonder why you have the need to host multiple Sitecore instances on the same domain. Sitecore has good solutions for multi site setup in the same instance. If the solution Ruud provided is not workable for your, check the multi site solution of Tim Ward ( https://github.com/jerrong/Sitecore-Multisite-Manager ) or the shared source module on the Sitecore Marketplace ( http://marketplace.sitecore.net/en/Modules/Multiple_Sites_Manager.aspx )
I am aware of weblogic templates, but out of curiosity I wanted to know, Is it ok to copy a domain in weblogic in situations where we need to have the same configuration? I have already done the same and have been successful in testing my application.
You can get away with doing this, but there are a couple of more reliable (and scriptable) ways to migrate the same configuration through the development team, or to create new deployment environments.
The domain template builder lets you build your own custom domain template from an existing domain: http://download.oracle.com/docs/cd/E13179_01/common/docs92/tempbuild/starttb.html
There's a couple of ways to get it done with WLST, as well:
You can use configToScript to spit out an entire WLST script (and properties file) to recreate the exact configuration you've got, or...
You can use readDomain and writeDomain in offline mode to recreate an existing configuration in a new domain:
readDomain: http://download.oracle.com/docs/cd/E13222_01/wls/docs92/config_scripting/reference.html#wp1003638
writeDomain: http://download.oracle.com/docs/cd/E13222_01/wls/docs92/config_scripting/reference.html#wp1003688
It's okay to copy the domains over and it worked exceptionally well prior to WebLogic 9.2. However, there are some weird bugs that pop up for versions that are using the portal for the console.
Also, after copying the file you would want to make sure that all listen addresses and ports have been modified accordingly so that your local managed server doesn't attempt to connect to the production administration server on startup.
I have been working to automate some deployment processes using just Nant for the time being. Once the Nant script scripts are fairly stable and proven, I'll be looking to incorporate CruiseControl.net or similar product.
With that being said, I ran into a snag today.
I have a Nant script that will copy files from a network share that is used as a staging area to the destination (very simple to start out with). In my snag today, I was attempting to copy the files to another file share that was on a separate domain. The two domains do now have any trust between them.
The user running the Nant script had accessed both locations via Windows Explorer first to ensure that he had an authenticated session with both domains. When he ran the script, he of course got an access denied error since Nant.exe was running under the credentials of the other domain. This was an oversight on my part.
Does anyone have any recommendations on how to address this issue without touching AD?
There isn't any way that I can think of without touching AD that wouldn't be a hack. The right way to do it is to setup a service account in the domain where the nant job is running that has rights in the other domain. Then have the nant job run under the service account. The only hacky way that I can think of is to find a way to have the user with rights in both domains kick off the nant job and I'm not even positive that that would work.
It's rather hacky, but you could have a NAnt task plug in the credentials for the foreign share, either by P/Invoking WNetUseConnection or by issuing a command like
net use \\host\share password /user:user#domain
before copying the files across.