Search Results

Search found 5084 results on 204 pages for 'policy routing'.

Page 137/204 | < Previous Page | 133 134 135 136 137 138 139 140 141 142 143 144 | Next Page >

When RDP as a Domain User, Smart Card Requested

- by Paul

My W8 machine is connected to domain zen. If I rdp to the W8 machine, I can log in as a local user without problems. If I try to log in as a domain user, I am prompted for a smart card instead of a password. Any ideas why? Note that Interactive login: require smart card is disabled in group policy: And here is the output from rsop.msc: Some additional information on this one. If my connecting machine is on the same domain/network as the W8 machine, then I am prompted for a password as usual. If the machine is remote, on a different domain, then I am prompted for a smart card. In addition, the machine I am connecting from that gets the smartcard prompt is an XP box. I haven't isolated exactly which of these factors triggers the different response.

Read the article
How to determine the source for wakeup in hibernate

- by Erik

I have a big problem with my home theater PC that runs Windows 7 64Bit. Normally, I send that PC to hibernate every evening, but from time to time, it keeps waking up for no obvious reason, and stays on until I realize, which is sometimes half a day later :( I have already checked for Windows update, which is not set to automatical, since I prefer installing updates manually. When I look in the system event log, there is an entry called "Power Troubleshooter" which tells me that my system was reactivated at a specific time, but it also says: Source = Unknown, which is the most annoying part. So how can I actually figure out, which process reactivates the PC? Is it possible to set a group policy which forbidds applications or services from scheduling tasks that allow waking up from hibernate at all?

Read the article
Change Win7 taskbar position (overriding GPO, Registry Editor, Admin. Rights)

- by diegocavazos53

I run the computer center of my Faculty and the problem is that users manage to change the Win7 taskbar position. I don't really know how they do this as far as I have applied many group policies that are specific to the taskbar (like locking it). I have also disallowed users from entering new registry keys or executing the command prompt (or employing scripts). They have regular user rights and many Win7 tweaking programs need administrator rights to make changes to the GUI. So in other words, the taskbar is locked, there is a policy that sets its position to the lower part of the screen, users can't see the control panel, add registry keys, use the command prompt and don't have admin. rights. How do they keep moving the taskbar position to the upper part of the screen? Any ideas would be greatly appreciated. Thank you.

Read the article
HTTPS vs. VPN for communication between business partners?

- by Andrew H

A business partner has asked to set up a site-to-site VPN just so that a few servers can communicate with each other over HTTPS. I'm convinced this isn't necessary, or even desirable. To be fair it must be part of a wider policy, potentially even a legal requirement. However I'd like to convince them to simply offer an IP to us (and us only) and a port of their choosing for HTTPS. Has anyone had a similar experience, or had to come up with a cast-iron argument against a VPN? Allow me to expand a little - we have a web service that initiates a connection to the partner's corresponding service using an encrypted HTTP connection. The connection uses a client certificate to authenticate. The connection is firewalled so only our IPs can contact the service. So why is a VPN necessary?

Read the article
Proxy Server suggestions

- by Jon Menefee

Here is the question I have that hopefully is not too general of a question. I have a network with approximately 25 PC's, 3 servers and 25 IP cameras. I have a firewall already on the network and it works fine for what I need, but my client is asking me if there is a way to put a Proxy server on the network to monitor where his employees are going when they surf the Internet. He is not wanting to block them (at least not thru the Proxy server), but he wants to make sure that they arent going to sites that would compromise the networked PCs. I have looked at TMG and it is a little more than what I want. I hesitate adding another firewall to the system because of the security cameras that are presently on the network (IP Cameras). I just want to put a policy in AD that would make certain Users (or Computers) use a Proxy server. Any suggestions on a good proxy server are welcome. Thank you

Read the article
How to manage a large email delivery volume from a Email Marketing App ?

- by Newtonx

We provide Email Marketing service through our online Application. We have about 30 customers. And each one has it's own mailling list (5k to 100k emails each). What we really want is to distribute email's delivery between 2 or more servers. I was wondering What kind of aproach/solutions MailChimp , Constant Contact uses to provide a great service ? use many servers ? many IPs ? Our spam policy suspends ANY user/customer that gets 10% bounced . We currently rotate our outgoing Mail Ip once deliveries limit per remote host is reached. Is it the best approach/solution ?

Read the article
How to manage a large email delivery volume from a Email Marketing App ?

- by Newtonx

We provide Email Marketing service through our online Application. We have about 30 customers. And each one has it's own mailling list (5k to 100k emails each). What we really want is to distribute email's delivery between 2 or more servers. I was wondering What kind of aproach/solutions MailChimp , Constant Contact uses to provide a great service ? use many servers ? many IPs ? Our spam policy suspends ANY user/customer that gets 10% bounced . We currently rotate our outgoing Mail Ip once deliveries limit per remote host is reached. Is it the best approach/solution ?

Read the article
Install multiport module on iptables

- by tarteauxfraises

I'am trying to install "fail2ban" on Cubidebian, a Debian port for Cubieboard (A raspberry like board). The following rule failed due to "-m multiport --dports ssh" options (It works, when i run manually the command without multiple options). $ iptables -I INPUT -p tcp -m multiport --dports ssh -j fail2ban-ssh" iptables: No chain/target/match by that name. When i make a cat on "/proc/net/ip_tables_matches", i see that multiport module is not loaded: $ cat /proc/net/ip_tables_matches u32 time string statistic state owner pkttype mac limit helper connmark mark ah icmp socket socket quota2 policy length iprange ttl hashlimit ecn udplite udp tcp What can i do to compile or to enable the multiport module? Thanks in advance for your help

Read the article
How do I configure the Google Chrome / Chromium address bar to perform a search instead of trying to access a file on the local file system?

- by Daniel Kauffman

How do I configure the Google Chrome / Chromium address bar to perform a search instead of trying to access a file on the local file system? I would like to be able to enter a file name in the address bar and to see Google search results for that file name similar to what I would see if I searched for the file name using something like https://www.google.com/#q=/path/to/interesting/file I am able to disable the file scheme using either of the following policy settings: "DisabledSchemes": ["file"], Which has been deprecated in favor of: "URLBlacklist": ["file://"], But in either case Google Chrome / Chromium continues to auto-detect that a file name was entered, automatically prepends the file scheme to the file name, and then reports that the webpage is blocked.

Read the article
Overrideen ASPNet.config does not apply for legacyImpersonationPolicy

- by Grumbler85

I tried to override the <legacyImpersonationPolicy> Element, so a single application, will enable this policy (which is necessary, since this application breaks if disabled). So my Framework64/aspnet.config states: <configuration> <runtime> <legacyUnhandledExceptionPolicy enabled="false" /> <legacyImpersonationPolicy enabled="false" /> <alwaysFlowImpersonationPolicy enabled="false" /> <SymbolReadingPolicy enabled="1" /> <shadowCopyVerifyByTimestamp enabled="true"/> </runtime> <startup useLegacyV2RuntimeActivationPolicy="true" /> </configuration> And a local aspnet.config file has this change: <legacyImpersonationPolicy enabled="false" /> Procmon tells me the file is read by the w3wp.exe, but the settings will not apply. Can anyone point out a way how to correctly override the setting? *The Server has been restarted meanwhile, but still no changes.

Read the article
What are the default/recommendet access rights for %ALLUSERSPROFILE%?

- by RED SOFT ADAIR-StefanWoe

We have a Windows application that reads and writes some data for all users. We place it at %ALLUSERSPROFILE%\OurProgram*.* We now encounter a few cases in larger companies, where users do not have write permission to %ALLUSERSPROFILE%. Most of these cases are running Windows 7. The problem does not occur on a normal desktop installation of Windows 7 though. What is the recommended policy for this location? I have not found any "official" information about this. Is there a different location where all users have write permission?

Read the article
HP 4530s: Fan is Always On even When Laptop/CPU is Idle

- by tolitius

Just bought an HP 4530s from newegg. Laptop is great, but.. The FAN is always on. I did some googling, found it is a known problem, but no easily googlable solution. Tried to: Update BIOS to the latest Disable "CPU fan always on when plugged in" BIOS setting Installed Windows 7 Home (came with), Live CDed Ubuntu, Windows XP Spent 2 hours with horrible HP support Some other things that I can't already recall = spent too much time on it Laptop is not refundable (learned it the hard way, after the fact, by looking at the NEWEGG clever policy that is hidden in "details") I would really appreciate a workable solution / workaround / hack. The laptop is for my friend who will most likely be running Windows XP/7.

Read the article
Centrally manage Windows 7 computers without Active Directory

- by Sean W.

I manage three Windows PCs at home using the principle of least privilege. This means that practically every other day when a new version of Java is released, I have to manually install the update using my administrative credentials on each machine. This is starting to become more work than I had expected. I would love to set up an active directory domain at home, but Microsoft has discontinued Windows home server; its replacement, Windows server 2012 essentials is much more expensive (about $500). Are there any free (preferably as in speech) that would allow me to centrally manage the software installed on each machine in a manner similar to that of active directory? I'd also like to find a way to centrally manage security settings, but I doubt there's an equivalent of group policy. Samba 4 would be an ideal solution, but according to its own developers, it is not yet stable enough for production use.

Read the article
Protecting a SVN server

- by user35072

For various reasons we are finding it increasingly difficult to work with remote workers. We are a very small developer shop and it's becoming impractical to do manual merges on a daily basis. So we're left with little choice (?) but to consider opening up our SVN servers. I'm looking into the following: Full HTTPS session Running non-80 port Strong password policy Is this enough to prevent someone hacking and stealing data? I will also look into VPN but first would like to understand any alternative solutions.

Read the article
How can I restrict the backuppc client user as much as possible? (rsync)

- by jxn

I have backuppc making full backups of servers, but I'd like to be sure that my set up is as paranoid as possible. BackupPC is set up to backup via rsync, and it is set up to use a specific user on each client to be backed up. Because the backuppc client user has to have access to every file on the client machine and the ability to ssh into the machine without an interactive password, I'm a little nervous about securing the clients, and I'd like to know I haven't overlooked any options. Here's what I have in place: in the client user's authorized_keys file, i've included from="IPTOSERVER",command="/usr/bin/rsync" before the user's public key, so that the user can only login coming from the BackupPC server. Next, in the sudoers file, I've added this line: backuppc ALL=NOPASSWD: /usr/bin/rsync to allow root-level permissions only for the rsync command for that user. Are there other user, policy, or ssh restrictions that I can add while still allowing the backup pc client user to rsync all files?

Read the article
NETSH : Set default ip address for an interface with multiple Ips

- by elarichi.y

To test a load balancer I need to switch my ip address several time a day, and keep other ips routing trough other Wans. I run these commands in a batch script: netsh interface ip set address "Connexion au réseau local" static %ipd% 255.255.255.0 192.168.1.1 1 netsh in ip add address "Connexion au réseau local" %ips1% 255.255.255.0 netsh in ip add address "Connexion au réseau local" %ips2% 255.255.255.0 ipd: is the default ip I want to set (all traffic should go trough it). ips1 and ips2 : are the secondary ips I want to keep but what ever I do all traffic goes trough one IP !! (first one in the range) Please help me with this issue.

Read the article
How to allow simple file sharing on Windows Server 2008R2 through VPN

- by Martin Wiboe

We are a small, distributed company with a Windows Server 2008R2 installation. I would like to set up a way for our employees to connect securely to this server via VPN and then be able to map a network drive. I have gotten this to work somewhat by installing the Network Policy and Access Services Role on the server and using the default settings. I have also created a network share on the server. The problem is that our connectivity is sporadic (sometimes the service stops listening on the port or simply refuses to authorize correct credentials) and slow. I can always connect through VPN, but mapping is problematic. I would be grateful for the answer on how to accomplish this as well as some guidance on whether I am on the right track. Thanks in advance!

Read the article
WSUS Looping 2 updates on 2003 servers

- by Ericrobert

Good afternoon, Hopefully I can articulate this so that people understand my problem. We have WSUS on windows server 2008. We have 8 Windows 2003 servers. There is an update ready to install KB2982792. We install it then it says there is another update to install KB2728973. Then it says there is another update to install, again KB2982792. This goes on and on. Talked to microsoft support and they confirmed that the update was infact installed and applied to the computer (Checking untrusted certifactions confirmed that for these updates) and their suggestion was to just "Hide update". This is fine except on the WSUS server it still shows failed updates which is not okay with our policy. I'm here to ask for help figuring this out and what I can do to trouble shoot it. Thank you in advanced.

Read the article
Concurrent wireless and wired network

- by Stew Megaw

Hi, I am concerned with maintaining a wireless and wired network connection on my laptop. Basically I can change the metric on each interface so that Windows prefers one connection over the other. I am wondering is following scenario possible.... Some applications uses the wireless while other applications use the wired... I want Internet Explorer (only) to use the wireless connection while Outlook and everything else uses the wired connection. Perhaps adding some lines to the routing table might work? - Adding the ip addresses of websites I want to view via the wireless connection? Many Thanks in advance for any replies!

Read the article
VPN Configuration

- by Josh

How can I allow incoming connections on a Windows 7 machine that is connected to VPN? I have some services listening on certain ports that I have forwarded from my router. When the VPN is disconnected, I can connect to these services from my internal network as well as from the Internet without issue. When I connect my VPN however, I am still able to access the ports from my internal network, but not remotely. I think I need a split tunnel setup, and there is an option in the VPN settings to Use Default Gateway on remote network. I want this option enabled so all my traffic is routed through the VPN, but I want incoming connections to be allowed on my internal network IP from the Internet. Is there some hybrid way to set this up with routing?

Read the article
Debian PPTP VPN can't get out to the internet

- by phidah

I've setup a Debian pptp server which seems to be running fine. I can successfully access the local services on the server when connected to the VPN, but I cannot go out of the LAN, i.e. I cannot just go to any server out on the internet. I guess this is come kind of routing issue that won't allow me to use the server as a gateway? I couldn't really find any articles or similar that could tell me how to set this up properly. Thanks in advance.

Read the article
How to configure postfix to dynamically choose different relayhosts?

- by user24315

I use my laptop at work on wireless and wired networks, at home on a wireless network, and at various other places (such as conferences, friends houses, etc). When at work I'd like postfix to use the corportate mail server to route emails. When at home I'd like it to use my personal mail server to route emails. When elsewhere I'd like to have the laptop attempt to deliver email in the normal smtp fashion. Is this possible using just postfix? Do I need something else (such as Lamson http://lamsonproject.org/, or scripts that dynamically patch my postfix configuration) when I want to do routing that depends on my current location?

Read the article
Restricting output to only allow localhost using iptables

- by Dave Forgac

I would like to restrict outbound traffic to only localhost using iptables. I already have a default DROP policy on OUTPUT and a rule REJECTing all traffic. I need to add a rule above that in the OUTPUT chain. I have seen a couple different examples for this type of rule, the most common being: -A OUTPUT -o lo -j ACCEPT and -A OUTPUT -o lo -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT Is there any reason to use the latter rather than the former? Can packets on lo have an address other than 127.0.0.1?

Read the article
Unable to renew certificate in certmgr.msc in windows 2003

- by VicF

I am trying to renew a certificate using CertManager on Windows 2003 Server. (I have also used the certificate plug-in in MMC but its the same thing.) I am logged in with the Administrator account. When I select any of my Personal certificates and go to the All-Tasks menu I only see Open and Export. I do not see the "Renew Certificate with New Key" or "Renew this certificate with the same key" options. How do I get those options to show up? I there some security policy or service that I need to run?

Read the article
How do I turn autocomplete on for a server running Windows Server 2008?

- by user16011

My end users are not able to use autocomplete when they use a web application hosted on a particular server. Autocomplete is usually a client-side setting. My users can use autocomplete when they are on other websites so I think it is a server setting in this case. How do I turn autocomplete on for a server running Windows Server 2008? Is this a setting in IIS, a registry setting, a group policy setting, or something else? Thanks in advance.

Read the article

< Previous Page | 133 134 135 136 137 138 139 140 141 142 143 144 | Next Page >