PeopleTools Query Feature of Oracle

Does PeopleSoft support the Parallel Query Feature of Oracle?

PeopleSoft code has not been written to take advantage of the Parallel Query feature of Oracle. It is not used or supported by PeopleSoft. This resolution is applicable in relation to PeopleSoft version 7.x and 8.x.

The Customer can use the Oracle Functionality for his own purpose, but PeopleSoft will not support this Oracle feature.
Why? The Parallel queries are written differently than conventional query method. There is a certain degree of parallelism which you need to define within Oracle to make this feature work properly. Consult with ORACLE support and documentation for more information on how to use this feature.

The following documentation excerpt was taken from the Oracle Website. For more information and to access the sub-docs related to this section, please use the URL below. You must sign up for a USERNAME and PASSWORD on the ORACLE website to access this information:

http://otn.oracle.com/doc/server.815/a67781/c22paral.htm#7281

Parallel Query
You can parallelize queries and subqueries in SELECT statements, as well as the query portions of DDL statements and DML statements (INSERT, UPDATE, and DELETE). Previous sections in this chapter describe how queries are parallelized:

“Operations That Can Be Parallelized” lists the query operations that Oracle can parallelize.

“How Oracle Parallelizes Operations” describes dynamic parallelism by rowid range.

“Process Architecture for Parallel Execution” describes the processes that perform parallel queries.

“Parallelizing SQL Statements” explains how the processes perform parallel queries.

“Rules for Parallelizing Queries” explains the conditions for parallelizing a query and the factors that determine the degree of parallelism.

However, you cannot parallelize the query portion of a DDL or DML statement if it references a remote object. When you issue a parallel DML or DDL statement in which the query portion references a remote object, the operation is executed serially without notification. See “Distributed Transaction Restrictions” for examples.

Parallel Queries on Index-Organized Tables
The following parallel scan methods are supported on index-organized tables:

parallel fast full scan of a nonpartitioned index-organized table

parallel fast full scan of a partitioned index-organized table

parallel index range scan of a partitioned index-organized table

These scan methods can be used for index-organized tables with overflow areas and index-organized tables that contain LOBs.

Nonpartitioned Index-Organized Tables
Parallel query on a nonpartitioned index-organized table uses parallel fast full scan. The degree of parallelism is determined, in decreasing order of priority, by: the PARALLEL hint (if present), the parallel degree associated with the table (if specified in the CREATE TABLE or ALTER TABLE command).

The allocation of work is done by dividing the index segment into a sufficiently large number of block ranges and then assigning block ranges to parallel execution servers in a demand-driven manner. The overflow blocks corresponding to any row are accessed in a demand-driven manner only by the process which owns that row.

Partitioned Index-Organized Tables
Both index range scan and fast full scan can be performed in parallel. For parallel fast full scan, parallelization is exactly the same as for nonpartitioned index-organized tables. For parallel index range scan on partitioned index-organized tables, the degree of parallelism is the minimum of the degree picked up from the above priority list (like in parallel fast full scan) and the number of partitions in the index-organized table. Depending on the degree of parallelism, each parallel execution server gets one or more partitions (assigned in a demand-driven manner), each of which contains the primary key index segment and the associated overflow segment, if any.

Parallel Queries on Object Types
Parallel queries can be performed on object type tables and tables containing object type columns. Parallel query for object types supports all of the features that are available for sequential queries on object types, including:

methods on object types

attribute access of object types

constructors to create object type instances

object views

PL/SQL and OCI queries for object types

There are no limitations on the size of the object types for parallel queries.

The following restrictions apply to using parallel query for object types.

A MAP function is needed to parallelize queries involving joins and sorts (through ORDER BY, GROUP BY, or set operations). In the absence of a MAP function the query will automatically be executed serially.

Parallel queries on nested tables are not supported. Even in the presence of a parallel attribute for the table or parallel hints, the query will execute serially.

Parallel DML and parallel DDL are not supported with object types. DML and DDL statements are always performed serially.

In all cases where the query cannot execute in parallel because of any of the above restrictions, the whole query executes serially without giving an error message.

nVision Security Topics

This is a collection of resolutions and problems that are related with nVision Security.

Query security and security for nVision

Does query security also cover security for nVision?
Do you also need to setup separate security within nVision?

Do you need to implement and administer nVision Ledger Security in an environment with BU and Ledger security turned on and administered to the Operator Class, and with the secured reporting view specified in the record properties for each table that we want to secure on these two fields?

We have to add this view to the record properties for Query security. And if Query runs behind nVision, will the Query row level security be in force and be adequate to restrict the nVision results?

The nVision security is a separate security from GL security. User will need to turned both the Query security and the nVision security on

Operator Security: nVision Must set up security authorizing Operator access to nVision reports.

nVision Security and Reporting Views: Reporting views (secured views) allow you to take advantage of row level security within nVision. To use reporting views, you specify LED_RPTG_VW in the field ‘Report View’ on the Detail Ledger Definition panel. This is an optional field. If no view is specified, nVision allows anyone to report from that ledger. Then you set up the Business Units and ledgers that operators can access under Security Tables|Ledger Security. Access must be specifically granted for each business unit the operator can report from. If a user runs an nVision report and has zeros returned instead of the data expected, they may be using reporting views and not know it.

Setup Security by Set ID:

GO>DEFINE BUSINESS RULES>ADMINISTER SECURITY>USE>TABLESET CLASS SECURITY.

How do you secure nVision Report Requests: Report Request security is handled through the Security Administrator. Simply open up the operator id (or class) and go to the Menu Items section. You’ll see the menu item called “NVISION.” Double click on this and you can secure the various actions a user can perform with a report request. You can control their ability to Open, Run, Edit, and Delete them.

Currently it is not possible to secure the requests by business unit. Unfortunately the normal drop down security for the business unit field does not apply to the nVision dialog boxes. There is an enhancement to address this: T-EUYCHACO-7DG03. However, it is still possible to activate nVision row-level security for the business unit field. So, if a user runs a request for a business unit they don’t have access to (in the LED_AUTH_TBL) they’ll just get a report with all zeros on it. Please see the PeopleTools PeopleBook for a complete explanation on activating nVision row-level security.

Can you secure nVision reports and/or layouts by the report id:
The only way to secure nVision layouts is through network security. Each report “creator” can have a special network directory where their layouts are saved. No one else will have access to this directory. This prevents other people from accessing and modifying those layouts. In addition you cannot secure report requests by operator class. You can only secure the directory template via network security. When the report runs, if the user does not have access to the instance network directory the report will not complete successfully.

Tree-based Security: Using trees to create authorization tables combines ease of use with efficiency in implementing security provisions. Security is maintained using a tree that, for example, rolls up combinations of ChartFields. You would then use a batch process to translate the security provisions from the tree nodes into an authorization table. The detailed authorization table can be used with the ledger table to form a secured nVision Reporting View. The VIEW name is then entered on the Ledger Template panel in the Secured Reporting View field.

How do I build such a tree? Is it based off of OPERID or the particular ChartField, like department? I take it that there is a particular tree for each ChartField/security…ie one for departmental security and another tree is for account security and so one. Also, are there any examples of the batch files that we have to write to translate the trees into the authorization table? An example would be much appreciated.

PeopleSoft does not provide an example of a batch program that loads the LED_AUTH_TBL from a tree. However, building the security trees is easy. You’d have one tree for each chartfield you’re trying to secure. The nodes on the tree would correspond to the OPRCLASSes (or OPRID’s) you’re trying to secure. Underneath those nodes you can have the ranges (or singular values) of departments (or accounts, etc…) that those operator classes (or id’s) have access to. You do not need a special tree structure for this. The operator classes simply become node names.

Once the trees are built a custom program must be written to extract the tree data into the LED_AUTH_TBL. This authorization table is delivered as an example only. Your authorization table may differ significantly depending on your security design. To create the secured reporting view you simply join your authorization table to PS_LEDGER. Our delivered LED_RPTG_VW is just an example of a secured reporting view.

Options for securing data when nVision reports are run:
User has P&L reports that are run for every store in the USA. Each store has access to PeopleSoft but users are not able to run nVision reports. At month end all of the P&L reports are run from a centralized location (headquarters) and then they are distributed to each store via a secured web server. The User has to manually place each report in a secured location on the web server because the User does not want the stores to look at data for another store. The User only wants each store to see their own numbers. What are the options for securing these reports? Can anything be automated through nVision security options?

Options:

1) User can set up a Secured Reporting View for the “Stores” chartfield and they let the stores run their own nVision reports. (Each store does have access to PeopleSoft). This way if the store tried to run a report request that was for another store the report would just return zeros.

2) User set up a report request for each store. In the report request they hard code the network directory they want the report to land in. Each store would have their own secured network directory. Each report request would be pointed to each secured directory. Then, the reports would be run through Report Books. The output would automatically land in each secured directory and the stores would go into their directory and view the report.

The User understood both options. User said they do not want the stores to be able to run reports at all. (Training issues, etc.) User said that there is no common network that all of the stores can access so option 2 probably wouldn’t work for them. I told them that they are probably doing the best thing right now for their situation. User has to set up some sort of email distribution or web site thing but this would be outside of PeopleSoft at this point.

How do you secure nVision reports by business unit or any of the other chartfields:
This is accomplished by establishing a “Secured Reporting View” and attaching this view to the Ledger Templates. Detailed documentation is available in the PeopleTools PeopleBook under the nVision security section. PeopleSoft delivers an example of row level security by business unit and ledger. The two tables we deliver are LED_AUTH_TBL and LED_RPTG_VW.
If you want to change the delivered business unit and ledger security (and secure by another chartfield like DEPTID) you need to modify the LED_AUTH_TBL and add the new chartfields. You also need to modify the nVision security panel (in Security Administrator) to reflect the new fields.NV: nVision Row Level Security

Secure your XNV: You need to go to Start> People Tools>Operator Security >File > Open > select All Panel> This will bring up The select Menu Items Panel. From this screen you can set your security. Once you have chosen your security you must back out of People Soft and log back in. It is also a good idea to delete your Cache.

You may also may also create a protected directory and put your xnv’s in that and make it read only.

Apply Row-Level Security to nVision by OprClass instead of Oprid:
Clone LED_RPTG_VW record and save it according to your naming standards (e.g. LED_RPTG_VW_XXX).
? Add OPRCLASS (or ROWSECCLASS)
? Key Value
? Required
? Table Edit
? Prompt Table Edit
? Prompt Table = OPRCLASS_VW
? Delete OPRID
? Rebuild PeopleSoft view
? Rebuild Database view (Oracle)
2. Modify LED_AUTH_TBL record
? Add OPRCLASS (or ROWSECCLASS)
? Key Value
? Search Key
? List Box Item
? Required
? Table Edit
? Prompt Table Edit
? Prompt Table = OPRCLASS_VW
? Delete OPRID
? Add BUSINESS_UNIT, if not already included.
? Rebuild the PeopleSoft table
? Rebuild the Database table (Oracle)
? Change the Object Properties, Type SQL View text from OPRID to OPRCLASS
3. Modify the LEDGER_SECURITY panel
? Change Parent Record (labeled dummy name, if record already modified, OPRID otherwise) to OPRCLASS (or ROWSECCLASS)
? Change the label to RFT Short or Long
4. Modify the LEDGER_SECURITY panel group
? Change panel group properties search record to OPRCLASS_VW (or ROWSECCLASS) from OPRID_VW
5. Define LED_RPTG_VW_XXX in the Ledger Template
6. Enter all combinations of OPRCLASS (or ROWSECCLASS) and Business units in the nVsion security panel for operator class. If ranges are more desirable (i.e. BU?s are sequential), it is possible to accommodate. Will discuss further if needed.
7. Try the results in nVision

Note: Files in PSG Library under Joel Glidden “Secured Reporting View by Operator Class rather than Operator ID”

Limit Access to certain Report Books (Security):
This process can be done with some heavy customization. The User will first need to go into the NVS_BookDefn Panel under Application Designer and then find the search Record for that Panel which is PSNSVSBOOK. When the search record is open the next step is to Click on the PeopleCode Display. Then they will need to insert the customized code under the SearchInit which will need to contain a view to limit this access

nVision security for layouts is ignored:
The User wants users of nVision to be able to open an nVision instance (XLS file) only and run a drilldown. They do not want a certain class to be able to open a layout (XNV file) and/or run a report. They have tried operator security for the menu nVision and when they take security away, operators still have the access.

nVision is designed in such a way that operators can be set up so that they can bring up instances and run drilldowns without ever having permission to open a layout or run a report. This is done using operator security. (Security Administrator for release 7.) There are two things to keep in mind though:

1. After making any change to security, you must log that user off, and then back on. It is also best to clear the cache files for that workstation as well.

2. When security is taken away for a particular function, such as Report Request, you are still able to select that item from the menu. However, when the Report Request window appears, all fields will be greyed out and inactive.

NOTE: In Security Administrator when you unhighlight the option for Open_Report it still is not removed from the dropdown in nVision. This problem will be addressed in Release 8

nVision reports are returning zero amounts when row level security is activated:
The User is using a secured reporting view in order to enable row-level security in nVision. When they run the reports they are returning zero amounts.

The User’s LED_AUTH_TBL was empty. As a result, the LED_RPTG_VW contained no data and hence no amounts were retrieved when the nVision reports were run. The User populated the LED_AUTH_TBL (they had a custom panel since their LED_AUTH_TBL also secured by DEPTID) and the reports started retrieving data.

All of the operator Id’s or classes that will use nVision must be set up in the LED_AUTH_TBL. You cannot just activate security for a few operators and assume that all of the other operators will have full access.

nVision Security – Can view everything and run everything:
The Ledger reporting view was not specified through the Maintain Ledgers panel
User needed to specify the ledger reporting view (LED_RPTG_VW) through the Maintain Ledgers menu. Otherwise they had everything else set up incorrectly.

Business Unit, setid and ledger prompt security in nVision:
Currently, row-level security on BU, TableSet and Ledger in the on-line system does not apply to dialogs with nVision. Although nVision Ledger Security protects the data in particular Ledgers, it doesn’t prevent modifying/using Report Requests, Scopes, Trees, etc. keyed by BU or TableSet. In addition, users can create Layouts containing Ledgers which they are not authorized to access at run time.

This has been logged an Enhancement Request R-DXB-89 (Tools) and T-EMOU-IE91T
Status: Scope in Progress – Targeted for Release 9 of Tools.
Summary: Add BU, TableSet, Ledger Prompt Security to PS/nVision

Query-based drill downs don’t inherit the security established with Secured Reporting Views:
Users are using a security view to filter access to our Ledger table. Users have four drilldowns that won’t retain the security when the drill downs are run.

The four drill downs the user is having a problem with Query-based drill downs. The reason these drill downs are not inheriting the row-level security they have set up for the Ledgers is because these queries don’t access the PS_LEDGER table. nVision Secured Reporting Views only work when the data is being retrieved from the PS_LEDGER table (i.e., using a matrix layout for your drill down layout). When users are using a query based drill down, nVision does not use the Ledger table to get the data. It gets the data from the tables you’ve defined in your query.

Spreadsheet Journal Import not recognizing Business Unit security:
User has set up security through the Define Business Rules/Administer Security/Use/Operator Class to allow a user to have access to one Business Unit only. He entered the records and ran the FIN9001 to update PeopleTools security.

He logged under the ID having access to one Business Unit and entered items in the Spreadsheet Journal Import for a Business Unit other than the one he was assigned access to. He then pressed the Import button and the journals were successfully uploaded. Though he could not view or post the entries under the Business Unit he was restricted from, they were still processed and uploaded without incident. User believes this to be a significant issue.

Improper Joining of Security view and new Ledger Template:
User has created a new Ledger Template and added a custom View to the Secured Rptg Vw. He runs his report and it defaults back to the Standard Ledger Template.

This user had changed the Layout to use the new Ledger Template at a Global Level. He did not change the drilldown column criteria to use this new Ledger. The drilldowns where still referencing the delivered Standard Ledger.

nVision row level security does not work for budgets data:
User states that he set up his nVision row level security by the book, page 8-8 in the Reporting and Analysis Tools book, and is having problems getting it to work for their Budgets ledger. It will work for Actuals, but not for Budgets. Is this a known problem?

Where is the User storing their budgets data – in PS_LEDGER or PS_LEDGER_BUDG? If they’re using PS_LEDGER_BUDG the delivered example for nVision secured reporting won’t work. The PS_LED_RPTG_VW only looks at the PS_LEDGER table.

Issue: Any one who has access to the Report Request page will have access to run all the reports

PeopleSoft has recently discovered that someone has opened up NT Security to give full access to all users. When I tried to restrict access to the PeopleSoft program and reports directory to Add and Read only, no user was able to run nVision reports. Is there any documentation as to what the minimum access is needed for nVision to function properly from the NT4 Server (directory or file level needed)?

The User had changed the ‘Report Instance” directory (as defined in Configuration Manager) to be Read Only. This is a problem since nVision will write it’s output to this location (unless it is overridden by the Directory Template in the Report Request). The user must have Write access to the output destination or the report will fail. All of the other nVision directories in Configuration Manger can be changed to Read Only.

PeopleSoft Audit Issues – QRYBIN-1

QRYBN-1: Query Bind definition contains Fieldname that does not exist in Query Field table:

This portion of SYSAUDIT lists all the rows in PSQRYBIND and not in PSQRYFIELD for each query and field. What exactly is a Query Bind? Query Bind is a bind variable we provide for a prompt in a Query. When we create a query, we setup Criteria and when we want a prompt value for a condition (field), we select Prompt and Add Prompt in the dialog box. We can setup a new prompt value for the field. This prompt information is stored in PSQRYBIND table. During development/testing, we setup Queries and define a Prompt. Later, we change the prompt from field 1 to field 2. Now we have 2 binds for the field, identified by the BNDNUM field but we are using only one. There is no option in PS/Query to delete the unused binds and these unused binds show up in the SYSAUDIT as QRYBN-1 errors.

You can damage your application if you follow the below directions, you may be better off just leaving these issues as they are rather than cleaning them up.

NOTE: In SYSAUDIT, there is a check to see if all run-time prompts are valid field in the query record. However, there are truly some run-time prompts setup as expressions such as begin and end date that are not actual fields in the query record but are valid query run-time prompts. In this case, SYSAUDIT will flag this as errors but it is OK to ignore it are there is no other way to clean-up these kinds of errors.

CT can choose to clean-up run-time prompts that are not longer used by doing the following:

Go to Query Panel
1. File/open {Query}
2. Pull down Change >> Edit Prompts
3. Delete prompts flagged in sysaudit
4. Select one of the remaining prompts => press edit => OK => Done (To trick the system that a change occurred)
5. File => Save

Leaving these binds would cause no problems because they are some junk sitting out there. Sometimes, if you want to customize the queries, you may want to reuse one of the un-used binds. So you can leave it out there. But if you want a clean SYSAUDIT, then you can delete the rows identified in sysaudit from qrybind table.
**************************
NOTE: Be careful when running this SQL. This only applies to queries containing actual fields setup as run-time prompts that are not part of the query record. However, there are other run-time prompts setup as expressions (e.g. beg dt and end dt) that are valid run-time prompts but not part of the query record. Running the SQL below will delete all run-time prompts irregardless of whether they are valid or not.

To clean this, run the following delete using your SQL Tool:

DELETE FROM PSQRYBIND
WHERE OPRID = ‘oprid from report’
AND QRYNAME = ‘query name from the report’
AND BNDNUM = ‘bind num from the report’
AND FIELDNAME = ‘fieldname from the report’;

The above query has to be run for each and every row identified in the Report. Otherwise, you can run a single cleanup query like this:

DELETE FROM PSQRYBIND A
WHERE NOT EXISTS
(SELECT ‘X’
FROM PSQRYFIELD B
WHERE B.OPRID = A.OPRID
AND B.QRYNAME = A.QRYNAME
AND B.FIELDNAME = A.FIELDNAME);

———————————————————————————————————————-
After running these, you need to update PSQRYDEFN to reflect the new bndcount

SELECT COUNT(*) FROM PSQRYBIND WHERE QRYNAME = [query name from report];
UPDATE PSQRYDEFN SET BNDCOUNT = [count] where QRYNAME = [query name from report];
____________________________________________________________________
You can go into PS/Query and open the offending query. PS/Query will automatically repair and update the query definition in the database.

PeopleTools Web Query Manager Performance Issues

Pertains to PeopleTools versions 8.1x and 8.4x Web Query (online web query performance)

Slow performance experienced when working in Query Manager through the Web. The amount of time that it takes to create a Query is significantly longer than working through the Client Query Tool. This is the actual time it is taking working in the Tool, and not necessary getting into the Tool. For example, it takes a long time to click from one Tab to another.

Development made the following speed improvements:
1) When opening a Query, default all Records to closed in Query Tab.
2) Changed number of rows in scroll in Query and Fields Tab to 50 instead of unlimited.
3) When moving from Tab to Tab, clear out temporary rowsets from other Tabs.
4) Redesign select a Field Page in Criteria to only show one Record at a time.
5) Optimize rowset copy and transfer page operations.
6) Optimize bad PeopleCode.
7) Change Preview to execute every time, clear results when leaving Tab, add preference option to turn this on and off (8.4x only).

If the performance problem is with slow performance when opening the Query Tool or searching for a list of Records or existing Queries check network parameters, SQL*Net, Web Server and App Server settings

PeopleSoft Query Where is the Query Stored

The actual SQL that is generated for a query isn’t actually stored in text format but is generated on the basis of information stored in a number of tables and the numbers of tables can change with each new release of PeopleTools.

For example, PSQRYFIELD stores the names of all the fields used in a Query; this has a field SELNUM which is also included on the PSQRYSELECT table which stores the details of select requirements; then PSQRYCRITERIA stores the details of the criteria each query uses, etc.

The SQL that you see is generated on the basis of all these tables rather than being stored in one column in one table. The full list of tables involved with PeopleSoft Query varies but the list below is a starting place:

PSQRYFIELD – stores all fields used in all aspects of query operation
PSQRYDEFN – stores high-level query definitions with version numbers. Non-English detail is stored in PSQRYDEFNLANG and PSQRYHEADLANG
PSQRYRECORD – stores all records used in all aspects of query creation
PSQRYSELECT – stores all SELECT requirements by select type, i.e. union, subselect, join,….
PSQRYCRITERIA – stores all criteria expressions in code format
PSQRYBIND – stores all run-time prompt data
PSQRYEXPR – stores the text associated with each criteria expression
PSQRYLINK – stores the relationships to child queries

Convert Private Queries from One ID to Another ID

Alot of times an employee will leave the company and there will be many good private queries under their PeopleSoft ID. Alot of people would like to know if it is possible to convert those queries to another PeopleSoft ID.

Prior to PeopleTools 8.44 there wasn’t a delivered way to convert queries from one ID to another ID. PeopleTools 8.44 introduced a new feature called Query Monitor that allows you to assign a query to another user.

Prior to PeopleTools 8.44 you had two choices. Sign on as the departed user and make their queries public and then perform a Save As on each query to make them private and afterwards you would delete the original query.

The second option would be to change the PSQRYxxxxx tables behind the scenes to reflect a new Operator ID. This would be something that customers are generally wary to do and there could be audit concerns as well since you are manipulating the data outside of the PeopleSoft application.

Here is an example of the second choice:

update psqrydefn set oprid = ‘new oprid’ where query_name = ‘name of query’ and oprid = ‘old oprid’;

If you’re going to move ALL the users private queries over, you can leave out the query name part of the above clause. You would need to perform the above update on the following tables:

PSQRYDEFN
PSQRYFIELD
PSQRYRECORD
PSQRYCRITERIA
PSQRYBIND
PSQRYEXPR
PSQRYSELECT

Note: In later releases of PeopleTools you would be best serve to use the delivered PeopleTools method. If you elect to manually update the tables with SQL be sure to make sure you research all of the Query Tables involved because new releases of PeopleTools can introduce tables and table structure changes.

Microsoft has not been installed for the current user error message when you try and start an Office 2007 or Windows XP program for the first time

When you boot up a Virtual Machine either via Parallels Desktop for Mac OS X or VMware’s Fusion after installing Office 2007 and possibly another Windows application you can receive this very frustrating message. In my case it was after I installed Microsoft’s Live Office plugin. Before I discovered the fix I used the snapshot feature in Parallels Desktop for Mac OS X to rollback my installation to an earlier snapshot. This is a very nice feature but as a result I lost quite a few software programs that I had installed and as a result I had to re-install that software.

That was a lesson learned on several fronts: one take snapshots more often, they don’t require a tremendous amount of disk space and you can save yourself a lot of work by taking a snapshot after each major software installation or similar milestone event resulting in major registry entries, etc.

The cause of this problem is as follows according to Microsoft:

Troubleshoot Sync Services

1. Calendar Events are duplicated in Entourage, iCal and Outlook:

• Office 2008 and Mac OX 10.5.x had know issues with synchronization. There are problems with synchronization that are related to the Time Zone. If your exchange server is in a different time zone than you are, you receive Meeting Requests where the time zone is specified, you specifically pick a time zone for a Meeting Request and then that Meeting Request is updated…..
• The above and other problems are a result of problems with Apple’s Sync Services related to inconsistencies in the format of messages, calendar events, contact information, etc.

Users have reported problems with lost data using Sync Services. There are numerous documents, web pages, blogs, etc. that detail various steps to troubleshoot and attempt to correct this problem without taking the drastic measure of clearing out the contents of the SyncServices folder. However, in my case I have a Mac Book Pro which I purchased prior to Leopard. I updated to Leopard as soon as it was available and I updated Office 2004 to Office 2008 the day it hit the Apple Stores.

I checked the size of my SyncServices folder and found that it was greater than 6GB. Just about every piece of information I read warns you to stay away from the SyncServices folder in Mac OS X 10.4.x or 10.5.x. Removing or modifying in it – or in its subfolders – may cause unexpected issues. This folder is located in your ~/Library/Application Support/SyncServices. Deleting or modifying things in the SyncServices folder may cause unexpected results such as:

• Duplicate contacts in Address Book or appointments in iCal
• Data loss in Address Book or iCal. Important: This is very important – Any data lost or duplicate data could propagate to other devices and computers via iSync and .Mac sync. This means data could be lost on other computers.

There is a sample application you can download for free from the Apple Developer site. It is not so much as the sample application that you want to download but it is the program that comes with the sample program and code – Syncrospector. Syncrospecter is a Leopard program that is part of XCode 3. This application from Apple can help you query the state of your sync services and eventually trigger a slow sync, reset, etc. There is a tutorial for Syncrospector located at:

http://developer.apple.com/documentation/AppleApplications/Conceptual/SyncServicesTutorial/Articles/ViewingSyncResults.html

I used a more drastic approach. For the past few months I’ve been having nothing but problems. If I check the number of my non-recurring meeting requests in Outlook 2003 or 2007 I will see hundreds, associates at work will have meeting requests from me go missing, time zone problems – events will be in EDT on my calendar and the majority of the people I work with are in CDT but calendar events initiated from me will be in EDT on their calendars. I stopped syncing iCal and Entourage a month ago and I now use the tried and true method of dragging an Entourage Calendar event to my desktop and then importing it into iCal. If the meeting request is a recurring event at least iCal will import it as such. However, on the Exchange Server side I should have 30 or so recurring calendar events and instead at least count I had 366 non-recurring calendar events. Somewhere along the way Entourage or Outlook was generating a non-recurring meeting request (calendar event) for every recurring instance instead of creating recurring calendar entries.

I determined that I had to fix this and I had to take drastic measures to do so. In order to completely remove the SyncServices folder you have to shutdown and turn off all Sync Services. In Entourage you need to uncheck the Sync Services in the Preferences Sync Services tab, turn off Apple’s Sync in the System Preferences tab, do the same for Apple’s Address Book and iCal. Turn off every Sync Service you have enabled on your Apple computer. Then use the Activity Monitor or ps -ax|more in Terminal and kill every sync related process you see.

You should also backup any data first, export your Address Book entries, backup your Microsoft Office Identities, etc. Quit all of the above applications. After you remove the SyncServices folder you need to be aware that all of you data on .Mac will be lost and you will be syncing services for the first time.

If you choose to remove the SyncServices folder you need to open a Terminal session and do the following:

sudo killall SyncServer
rm -rf ~/Library/Application\ Support/SyncServices

This stops the Sync Server process then the second line deletes all of the Sync Service directory and subdirectory entries. Next you should run Disk Utility and Repair Permissions. This will ensure that you are starting out clean with all permissions set to how they are supposed to be. Before restarting Sync Services you should check the permissions on the SyncServices directory. In my case I found that the permission list only granted the owner read, write and execute. I updated the folder permission with the following command in a terminal session:

cd ~/Library/Application\ Support
chmod -R 755 SyncServices

You can now open the .Mac System Preferences pane and restart the Sync process. You can open Entourage and enable the SyncServices as well. You will most likely be presented with some prompts asking if you want to replace, merge or delete the sync data in your Apple Address Book and iCal with the Entourage data. In my case I lost all of my Entourage contacts but I have my Apple Address Book entries. I elected to wipe out anything on .Mac and replace it with my Mac’s data to ensure I started over clean. I also choose not to Synchronize my iCal and Address Book in Entourage. I have had so many problems that at some point I will replace my Entourage contacts with my Apple contacts – when Entourage prompts to replace, merge, delete – I will select the appropriate option to force my Apple Address Book entries into Entourage. I have several exports of my Apple Address Book just in case I need to re-import them in the future.

I turned off Time Zone support in iCal because I have read so many articles that state the cause of many sync services conflicts is the result of Microsoft and Apple using different formats for calendar events resulting in Time Zone data differences in the string data. I’m hoping to avoid having to trash my SyncServices folder again and I’ll wait and see if this problem is fixed.

I’ve had very good success with syncing the Entourage Contacts with my Apple’s Address Book but there are some gotchas there too. Some of the format issues are the number of children entries for a contact, the user of multiple email addresses, etc. Apple added a Look for Duplicates Menu Option that helps you to eliminate the duplicate entries.