Search Results

Search found 60836 results on 2434 pages for 'system io directory'.

Page 128/2434 | < Previous Page | 124 125 126 127 128 129 130 131 132 133 134 135  | Next Page >

• Publishing and setting permissions to a Linux share to AD

  - by blsub6

  I have a Linux share that I want to publish to users on my Active Directory domain. I'd like to be able to control the permissions to access that share using security groups. So say I have a share named "Share" on my Linux machine named "Linux" with IP address 192.168.1.2. I publish \\192.168.1.2\Share in AD and make it so that only people who are part of the "IT" security group can access it. What's to stop anyone who's not in the "IT" security group from just going to explorer and typing in \\192.168.1.2\Share or \\Linux\Share into their Explorer to access this share? Do I need to set up permissions on the Linux file server?

  Read the article

• Why my AD domain doesn't work on my laptop

  - by Frederick Marcoux

  I have installed Windows Server 2008 R2 on a virtual machine with a bridged network card and installed Active Directory. I configured it and when I try to connect my laptop to the domain name, in this case, creationsmicroweb.ca (doesn't exist, don't try, for local only), I can't get connected. My laptop just doesn't see it. I don't know why! There's a resume of my config: Domain Name: creationsmicroweb.ca Forest: new, principal domain controller IP: Fixed (192.168.1.100) DNS Name: none (just for local, I ignored them) NETBIOS name: MICROWEB If someone as found why, please help me! This is for my business that I'm starting and I can't find why it doesn't work!

  Read the article

• Demoted domain controller and now IIS has permissions issues

  - by tladuke

  I have a machine that was a domain controller and everything else, includin an IIS site. I built new 2 new domain controllers and transferred the FSMO roles and waited a day and then demoted the original domain controller. Now the IIS site says : HTTP Error 401.2 - Unauthorized You are not authorized to view this page due to invalid authentication headers. I have a call in with the web app vendor, but maybe someone can guess what I need to fix now. I haven't looked at IIS since this was installed and am pretty lost. I thought about restoring the machine from a backup, but I think that would be an Active Directory disaster, right? The server is Windows 2008 (not R2). The new DCs are 2008 R2

  Read the article

• Adding a Windows Server 2012 Essentials server to an existing domain, without migrating the AD

  - by TiernanO

  I have an existing Active Directory in house, a mix between a Win2K8R2 and Win2K3 domain, and i would like to test out Windows Server 2012 Essentials BETA on the network. When walking though the install, it gives me the option of a new domain, or migrating from an existing domain. when clicking existing, it tells me i can only have one SBS server running on a domain at a time... So, i dont have any existing SBS servers in house (both are full standard or enterprise editions) but i do plan on keeping at least one of these extra servers running... So, how do i get a 2012 Essentials server to join a domain, and not migrate the existing domain? or if i do migrate, can i still get one of the other boxes to act as secondary controllers?

  Read the article

• Best way to find the computer a user last logged on from?

  - by Garrett

  I am hoping that somewhere in Active Directory the "last logged on from [computer]" is written/stored, or there is a log I can parse out? The purpose of wanting to know the last PC logged on from is for offering remote support over the network - our users move around pretty infrequently, but I'd like to know that whatever I'm consulting was updating that morning (when they logged in, presumably) at minimum. I'm also considering login scripts that write the user and computer names to a known location I can reference, but some of our users don't like to logout for 15 days at a time. If there is an elegant solution that uses login scripts, definitely mention it - but if it happens to work for merely unlocking the station, that would be even better!

  Read the article

• SharePoint 2010 User Profile Sync - Remove Disabled Users

  - by ScaleOvenStove

  I have SharePoint 2010 set up to sync active directory users and it is working great. I am getting disabled users in the sync though. I have tried what all the blogs say, filter on userAccountControl bit on equals 2 but to no avail, the disabled users are still syncing. I am at a loss on where to look next. My last resort would be to create a ou/folder in AD and move disabled users there and remove that from the sync connector, but I don't really want to go there. Any ideas?

  Read the article

• deploying AV via GPO only to workstations

  - by jeremy

  We have a small (100 machines) Windows domain running Server 2008R2. We use Symantec Endpoint Protection 12.1 I want to have GPO deploy the AV software to client machines automatically, but only to client workstations, not to servers, which run a different software. I've set it up before using a GPO linked to the domain mycompany.local and it works, but it deploys the AV software to ALL machines on the domain, including my servers. I can create an OU in active directory for Servers, and perhaps create one for client machines too, but I'd rather not have to go and move new domain members from the default under Computers into a different folder. How can I use GPO to deploy this AV software only to workstations on our network, and not to servers?

  Read the article

• How do you configure ISC Bind to support GSS-TSIG Updates?

  - by netlinxman

  First, has anyone EVER configured ISC bind 9.5.0 OR greater with support for GSS-TSIG Dynamic DNS Updates AND gotten it to work? If so, what is the configuration that was used to make that happen? I feel close to having this working. I see that GSS cred passes w/o apparent error during the TKEY negotiation with an Active Directory DC and the BIND DNS server: client 192.168.0.30#52314: query gss cred: "DNS/[email protected]", GSS_C_ACCEPT, 4294967256 gss-api source name (accept) is [email protected] process_gsstkey(): dns_tsigerror_noerror client 192.168.0.30#52314: send But, when the Update is sent, it is refused: client 192.168.0.30#58330: update client 192.168.0.30#58330: updating zone 'example.com/IN': update failed: rejected by secure update (REFUSED) client 192.168.0.30#58330: send Does anyone have this working in the real world?

  Read the article

• Windows server 2003 mapping home drive wrong

  - by Sandman2010

  hey all, first question... we have around 30 servers in an Active Directory environment with 600 student computers and 100 staff desktops with XP SP2/3, the win server 2003 has the staff home drives on a NAS and in the last few days after some server updates is now mapping home drives to the \servername\home instead of \severname\home\%username%, its simple to re map the network drive but is annoying. we dont use login script to map home drive but use a VB script for other network drives and if we add the home drive mapping to that it works, but shouldnt the profile option in users AD account map that correctly? which do you all recommend, AD profile mapping or VB Script mapping Home drives? thanks Steven

  Read the article

• Cloning a Windows server with VMWare ESXi without domain membership conflicts

  - by Brad

  We are using VMWare ESXi 3.5, and have found it quite useful for cloning a live server to then use the virtualized version to test/practice software upgrades. The trouble is, when the virtualized version fires up, it registers itself on our domain (Active Directory), causing the original server to no longer be accessible via Windows shares. The fix is to remove the virtualized version from the domain, configuring it to use a workgroup instead, deleting the Computer account in AD, and then removing the real server from the domain and re-adding it. Is there a better procedure? Note, we cannot simply disconnect the virtual network from the virtualized server, as it needs to be connected to the network to actually be removed from the domain.

  Read the article

• Map the 'Domain Admins' group into the local Ubuntu 'admin' group

  - by Miquella

  I have configured an Ubuntu 10.04 box to connect to our domain (Windows 2003 R2) using Likewise-Open. All the users can authenticate as expected. However, the domain administrators do not have administrative privileges to the machine. After working at this for a few hours, I've determined what I think may be a solution: if I map the 'Domain Admins' group from the Active Directory into the local 'admin' group, the users should get the appropriate permissions. But I have no idea how to do that. Does this even sound like the correct approach? A similar question was asked on StackOverflow and then migrated here. But it was never answered as it was recommended to be asked here instead. Thanks in advance!

  Read the article

• winbind not working

  - by Yon

  I'm trying to set up winbind with an Active Directory running on Win2003. This works: net rpc user -S SOMEDOMAIN -U Administrator Password: Administrator ASPNET Demo Guest IUSR_SERVER20 IWAM_SERVER20 krbtgt RemoteUser SUPPORT_388945a0 This does not: wbinfo -u Error looking up domain users From the winbindd log: [2012/05/31 16:45:38, 1] nsswitch/winbindd_ads.c:ads_cached_connection(128) ads_connect for domain SOMEDOMAIN failed: Operations error [2012/05/31 16:46:38, 1] nsswitch/winbindd_util.c:trustdom_recv(230) Could not receive trustdoms ADS is not working with this domain. Why is winbind trying to use it instead of RPC? How can I force it to use only RPC and for all of this to work?

  Read the article

• Can arbitrary email addresses be stored in AD userPrincipalName?

  - by Rob Potter

  I have a web app that is front-ended by ISA, natively authenticating against AD. All users currently log on with sAMAccountName. I would like to allow users to provide a personal email address and be able to authenticate against this instead. From what I understand the AD userPrincipalName is typically used for an internally generated logon name, which by convention, is often their internally generated email address. The web app that I have is web scale (circa 3 million accounts*) and not an internal, corporate app, so the email addresses will be from diverse domains. Can I just set the AD userPrincipalName attribute to the user's email address, and then will ISA natively authenticate against this attribute instead? I heard rumours of AD having a maximum number of domain suffixes that it allows in AD userPrincipalName...? (presumably it catalogues them). [*I realise that AD is not the ideal authentication directory for a user population of this scale.]

  Read the article

• How to make WinServer's AD work with Linux DNS/DHCP on VMware?

  - by Borald

  Hope you're fine. I got 2 virtual machines : Windows Server 2008 with Active Directory installed. Linux that works as a DNS and DHCP Server I need to make them work together, but I don't if this is going to be possible because VMWARE is sharing the NIC with other virtual machines and computer itself. I've assigned different IP static adresses to the servers. Is there a way for me to make these things get interconnected and test them on some virtual clients ? Any help will be much appreciated... (useful links,tutorials,..) Thanks in advance !

  Read the article

• "Unknown user name or bad password" when I launch ADUC

  - by Chris

  When I open up Active Directory Users and Computers from my workstation, I receive an error: Naming information cannot be located because: Logon failure: unknown user name or bad password. Contact your system administrator to verify that your domain is properly configured and is currently online. If I log in to my workstation as somebody else, it works. If I log into a different workstation using my account, it works. All the workstations in question are running Windows Vista (32 and 64 bit) or Windows Server 2008. The domain controller in question is running Windows Small Business Server 2008. Everything else (that I tried) in the Remote Server Administration Tools runs just fine. Any thoughts? Edit: I just tried reinstalling RSAT. No such luck.

  Read the article

• Which firewall ports do I need to open in order for a domain trust to work?

  - by Massimo

  I have two Active Directory domains in two different forests; each domain has two DCs (all of them Windows Server 2008 R2). The domains are also in different networks, with a firewall connecting them. I need to create a two-way forest trust between the two domains and forest. How do I configure the firewall to allow this? I found this article, but it doesn't explain very clearly which traffic is required between DCs, and which traffic (if any) in needed instead between domain computers in one domain and DCs for the other one. I'm allowed to permit all traffic between the DCs, but allowing computers in one network to access DCs in the other one would be a little more difficult.

  Read the article

• nagios ldap-group based front end login permission issues

  - by Eleven-Two

  I want to grant users access to the nagios 3 core frontend by using an active directory group ("NagiosWebfrontend" in the code below). The login works fine like this: AuthType Basic AuthName "Nagios Access" AuthBasicProvider ldap AuthzLDAPAuthoritative on AuthLDAPURL "ldap://ip-address:389/OU=user-ou,DC=domain,DC=tld?sAMAccountName?sub?(objectClass=*)" AuthLDAPBindDN CN=LDAP-USER,OU=some-ou,DC=domain,DC=tld AuthLDAPBindPassword the_pass Require ldap-group CN=NagiosWebfrontend,OU=some-ou,DC=domain,DC=tld Unfortunately, every nagios page just shows "It appears as though you do not have permission to view information for any of the services you requested...". I got the hint, that I am missing a contact in nagios configuration which is equal to my login, but creating one with the same name as the domain user had no effect on this issue. However, it would be great to find a solution without manually editing nagios.conf for every new user, so the admins could grant access to nagios by just putting the user to "NagiosWebfrontend" group. What would be the best way to solve it?

  Read the article

• SharePoint 2010 with AD

  - by Tim Decuypere

  We are students and we have to make a project by using SharePoint. We have already learned the basic steps of SharePoint 2010 but now we have some problems with using the Active Directory. We've deleted SharePoint from the server and afterwards we've installed the AD-role and finished dcpromo. When we’ve reinstalled SharePoint 2010, we have some problems in the configuration of SharePoint. It automatically ask for a Databaseserver but we don't have one in the company of our project. My question is if there is any possibility to use SharePoint with AD and without a Databaseserver. If it is possible it would be nice to tell me how.

  Read the article

• Samba file shares - ownership of folder accessible for 1 group verified by MS active direcctory

  - by jackweirdy

  I have a machine set up to share a folder /srv/sambashare, here's an exerpt of the config file: [share] path = /srv/sambashare writable = yes The permissions of that folder are set at 700 and it is owned by nobody:nogroup at the moment. The problem I face is probably a simple one but I'm fairly new to Samba so I'm not sure what to do. The contents of the share should be accessible to a particular user who will authenticate with domain credentials, checked against Active Directory by kerberos. I haven't got kerberos configured yet as I wanted to test the share as soon as samba was configured, albeit basically, to ensure that it works. I've noticed that I can only access & write to the share when the folder is either owned by the user logging in or made world writable. The key issues are that this folder can't be world writable as it contains sensitive stuff, but at the same time can't be owned by a user or group since they come from the AD server. Anyone know what I should do?

  Read the article

• How are cached Windows credentials stored on the local machine?

  - by MDMarra

  How are cached Active Directory domain credentials stored on a Windows client? Are they stored in the local SAM database, thus making them susceptible to the same rainbow table attacks that local user accounts are susceptible to, or are they stored differently? Note, that I do realize that they are salted and hashed, so as not to be stored in plain-text, but are they hashed in the same way as local accounts and are they stored in the same location? I realize that at a minimum they're be susceptible to a brute force attack, but that's a much better situation than being vulnerable to rainbow tables in the event of a stolen machine.

  Read the article

• Migrating Gmail to Office 365

  - by user218699

  Good Morning, I have been setting up Office 365 for my organization. We are currently using Gmail. I have synced our local Active Directory server w/ Office 365, as well as our domains. The problem I am having has to do with migrating mailboxes from Gmail to Office 365. I have been using this article to walk me through the process: http://technet.microsoft.com/en-us/library/dn568114.aspx The issue arises when I begin to sync the mailboxes. Currently I have been trying to sync my own mailbox as a test. The synchronization process has been going on for about 15 hours (for just one mailbox) with no errors or any information given by Office 365, other than the "Syncing" status on the migration page in the Exchange Admin Center. Is syncing a single mailbox supposed to take this long, or have I missed a step? Thanks!

  Read the article

• Data loss with roaming profiles on login on two different computers

  - by Jurriaan Pijpers

  We have a Windows server 2003 system with Active Directory and all of our users have roaming profiles. One of the users let someone login with his username and password on a different computer (2) while he was working on his own computer (1). Now when this user logs in on his own computer (1), the profile that is loaded is one that dates back many months (i think from the last time he logged on to computer 2). My suspicion is that the profile that was cached on computer 2 from many months back when this user last logged on on this computer, on logoff, synced over the newer profile on the server. so that now when he logs in, he gets this old profile. Now my questions: Is it possible to retrieve te newer profile? Is it possible to keep this from happening in the future?

  Read the article

• Use Google Apps/Cloud Services as a Domain Controller Replacement

  - by user124548

  This is a Canonical Question about Cloud Services replacing Active Directory. Is it possible to use Google Apps or another Cloud Service as a replacement for a Windows Domain Controller (replacing my whole AD infrastructure)? Specifically, I want to remove our dependence on a local Windows Server; currently it acts as a Domain Controller with File and Print Services. I'd like to seamlessly replace this server with something based on hosted applications. I do not just want to move the server to a dedicated or collocated server. I have yet to figure out how to piece together printer/etc sharing. If anyone has any insight into this, it would be appreciated. The goal is to eventually move all my servers to the cloud then write up a case study on the whole affair.

  Read the article

• Finding Locked Out Users

  - by Bart Silverstrim

  Active Directory up to 2008 network (our servers are a mix of 2008, 2003...) I'm looking for a quick way to query AD to find out what users are locked out, preferably from a batch or script file, to monitor for possible issues with either user accounts being attacked by an automated attack or just anomalies in the network. I've Googled and my Google-fu has failed; I found a query off Microsoft's own knowledgebase that cites a string to use on Server 2003 with the management snap-in's saved queries (http://support.microsoft.com/kb/555131) but when I entered it, the query returned 400 users that a spot-check showed did NOT have a checkmark in the "Account is locked out" box under "account." In fact, I don't see anything wrong with their accounts. Is there a simple utility (wisesoft bulkadusers apparently uses this method behind the scenes, since it's results were also wrong) that will give a count of users and possibly their user object names? Script? Something?

  Read the article

• LDAP authentication: Windows Server2k3 vs. 2k8

  - by wolfgangsz

  We have around 70% linux users, all of which are configured to authenticate against Active Directory through LDAP. In order for this to work, we used the "Windows Services for Unix" under Windows Server 2003, and it all works fine. We are now at a point where the server running this contraption is getting a bit tired and will be replaced with a newer machine, running Windows Server 2008 (where the relevant services such as user name mapping and password changes, etc., are integrated with the OS). And here's the rub: If a new user is configured through the Win2k3 server, then it all works fine. If the same thing is done through the Win2k8 server, then : The ADS plugin on the 2k3 server does not recognize it and behaves as if the UNIX attributes were never set. The user cannot authenticate against ADS using LDAP. Has anybody encountered this problem? If so, how did you overcome this? If you need any additional information to provide further help, just ask and I shall provide it.

  Read the article

< Previous Page | 124 125 126 127 128 129 130 131 132 133 134 135  | Next Page >