Search Results

Search found 6525 results on 261 pages for 'restful authentication'.

Page 184/261 | < Previous Page | 180 181 182 183 184 185 186 187 188 189 190 191  | Next Page >

• Using Credentials with network scanners

  - by grossmae

  I'm testing out both Tenable's Nessus scanner as well as eEye's Retina for scanning network devices. I am trying to supply credentials to get deeper, more accurate results, however there seems to be no difference in the results whether I supply the credentials or not. I've read the documentation and it seems like I've tried all the logical settings in the Credential options. I've submit along with usernames and passwords for many different accounts and types of accounts (both SSH Credentials and Web Application Credentials) on the devices as well as their respective domain names (when applicable). Is there possibly a good test for either (or both) scanners to tell where these credentials are being provided (if at all) and if any of them are successfully getting authentication?

  Read the article

• Can arbitrary email addresses be stored in AD userPrincipalName?

  - by Rob Potter

  I have a web app that is front-ended by ISA, natively authenticating against AD. All users currently log on with sAMAccountName. I would like to allow users to provide a personal email address and be able to authenticate against this instead. From what I understand the AD userPrincipalName is typically used for an internally generated logon name, which by convention, is often their internally generated email address. The web app that I have is web scale (circa 3 million accounts*) and not an internal, corporate app, so the email addresses will be from diverse domains. Can I just set the AD userPrincipalName attribute to the user's email address, and then will ISA natively authenticate against this attribute instead? I heard rumours of AD having a maximum number of domain suffixes that it allows in AD userPrincipalName...? (presumably it catalogues them). [*I realise that AD is not the ideal authentication directory for a user population of this scale.]

  Read the article

• Window 2003 Server - Logon Failure error message in Event Viewer

  - by user45192

  Hi guys, I received alot of event logged in the event viewer with this message. I notice is always the same user id which encounters this error. The user id is use by an application to access the database. However, this account does not exits on this server. How do I trace the services/program use by this user id which causes these error messages? Reason=Unknown user name or bad password&&User Name=&&Domain=&&Logon Type=3&&Logon Process=NtLmSsp&&Authentication Package=NTLM&&Workstation Name=&&Caller User Name=-&&Caller Domain=-&&Caller Logon ID=-&&Caller Process ID=-&&Transited Services=-&&Source Network Address=-&&Source Port=-&&User=SYSTEM&&ComputerName=

  Read the article

• Spam mail through SMTP and user spoofing

  - by Josten Moore

  I have noticed that it's possible to telnet into a mailserver that I own and send spoofed messages to other clients. This only works for the domain that the mail server is regarding; I cannot do it for other domains. For example; lets say that I own example.com. If I telnet example.com 25 I can successfully send a message to another user without authentication: HELO local MAIL FROM: [email protected] RCPT TO: [email protected] DATA SUBJECT: Whatever this is spam Spam spam spam . I consider this a big problem; how do I secure this?

  Read the article

• how to have publishing, blog and wiki features together?

  - by George2

  Hello everyone, I am using SharePoint 2007 Enterprise + Publishing portal template + Windows Server 2008. I want to have blog and wiki features as well as publishing portal features. Any ideas how to integrate publishing portal, blog and wiki? For integrate, I mean using the same user name and password to pass through authentication of publishing portal, blog and wiki. And should I setup 3 different site collections for publishing portal, blog and wiki (I find if I setup publishing portal site collection, I can not create blog and wiki sub-site)? thanks in advance, George

  Read the article

• 389 DS Achitecture for Multiple Sites

  - by Kyle Flavin

  I'm looking to deploy 389 Directory in my environment to replace an existing iPlanet installation. I would be using it primarily to store user account data for authentication purposes. I have two physically separate data centers that I would like to share the same directory tree. My initial thinking is to setup 389 DS as follows: -A Master/Consumer in DataCenter A -A Master/Consumer in DataCenter B -Replication agreement between both masters, to mirror the directory tree in both environments. Does this sound like a reasonable approach? Is there a better way to do it? (ie: four masters?) Is there documentation for best practices when setting up 389 DS in situations such as this? Thanks.

  Read the article

• How does pptpd (poptop) or pppd work with eap-tls and mppe-128?

  - by Henk

  To create a VPN I've installed pptpd on an Ubuntu domU (Debian domUs can also be created). MSCHAPv2 isn't a very strong authentication protocol so I'd like to use EAP-TLS. I've set up a FreeRADIUS server and certificates for EAP-TLS before (for use with WPA), and I've also set up a pptp server with mschap-v2 auth, but I can't figure out how to combine the two. Maybe pppd can use EAP-TLS on its own, but I can't find support for it in the Ubuntu package. If I need to patch the package, that's fine, I know how to patch Debian packages (provided the patch applies cleanly). Also, can MPPE still be used when pppd is configured to use EAP? Because it says in the manual several times that MPPE requires MSCHAP. However, other docs like this one: http://www.nikhef.nl/~janjust/ppp/ seem to refute that. The clients are running Mac OS X Leopard and GNU/Linux, there's no need to fix anything for Windows.

  Read the article

• Samba domain trust errors on a specific interface

  - by John K

  We have a windows domain that also has RHEL member servers in it. All the servers have a primary network connection to the LAN, but some servers also have private dedicated links to one of our RHEL servers, which serves as a head to our SAN storage. This particular server is running Samba 3.5.15, and is running in domain authentication mode. Users can access shares on this server without a problem over the LAN connection from our Windows servers, but if a user tries to access the shares over a private link (i.e. a 192.168.1.2 address to the RHEL server) users get an error "The trust relationship between this workstation and the primary domain failed."

  Read the article

• Accepts Nested Attributes For - edit form displays incorrect number of items ( + !map:ActiveSupport:

  - by Brightbyte8

  Hi, I have a teacher profile model which has many subjects (separate model). I want to add subjects to the profile on the same form for creating/editing a profile. I'm using accepts_nested_attributes for and this works fine for creation. However on the edit page I am getting a very strange error - instead of seeing 3 subjects (I added three at create and a look into the console confirms this), I see 12 subjects(!). #Profile model class Profile < ActiveRecord::Base has_many :subjects accepts_nested_attributes_for :subjects end #Subject Model class Subject < ActiveRecord::Base belongs_to :profile end #Profile Controller (only showing deviations from normal RESTFUL setup) def new @profile = Profile.new 3.times do @profile.subjects.build end end #Here's 1 of three parts of the subject output of = debug @profile errors: !ruby/object:ActiveRecord::Errors base: *id004 errors: !map:ActiveSupport::OrderedHash {} subjects: - &id001 !ruby/object:Subject attributes: exam: Either name: "7" created_at: 2010-04-15 10:38:13 updated_at: 2010-04-15 10:38:13 level: Either id: "31" profile_id: "3" attributes_cache: {} # Note that 3 of these attributes are displayed despite me seeing 12 subjects on screen Other info in case it's relevant. Rails: 2.3.5 Ruby 1.8.7 p149 HAML I've never had so much difficulty with a bug before - I've already lost about 8 hours to it. Would really appreciate any help! Thanks to any courageous takers Jack

  Read the article

• configure HTTPS server on a cisco router

  - by Sara

  For the past week I was trying to configure an HTTPS server on a cisco 2900 router, I've used the following commands and assigned a username and password to privilege 15 however, when Im trying to access a given ip it requires a username and password however when I insert the username and password I configured it does not allow me to enter and i'm not sure where the problem is. Router(config)# ip http secure-server Router(config)# ip http authentication local These were the commands i used for the https server and also I used the following to assign the username and password Router(config)#username name privilege 15 secret 0 password where 'name' and 'password' represent the username and password respectively I'm trying to access the 192.168.14.1 interface on the router and the username and password i created are not authorized to enter (I got the commands from a cisco router manual)

  Read the article

• Encrypt temporary password using public ssh key

  - by David M. Syzdek

  I manage a virtual office and our staff uses both SSH keys and passwords for authentication. If one of our staff forgets his password, is there a way to encrypt a temporary password using his public RSA ssh key so I can send it to him via e-mail? I've seen other questions related to this one, however the "answers" generally recommend against using the public/private SSH keys to perform general encryption/decryption and do not actually state if this is possible. I would like to know if it is indeed possible and what are the steps to encrypt and then decrypt the password.

  Read the article

• AIX 7.1 su root password bug?

  - by exxoid

  In our AIX 7.1 machine there is a weird bug we've ran into.. If you are logged into the AIX box via SSH as a regular user and you try to su - you get prompted for the password, lets say our password is "P@$$w0rd23", you can type "P@$$w0rd2ANYTHING" and it will still grant you root. As long as you have "P@$$w0rd2" it will grant you root regardless of what else you specify in the authentication and even though the actual password is "P@$$w0rd23". This seems to be a bug? Anyone see anything like this before? Thanks.

  Read the article

• Account not getting completed deleted within linux

  - by lbanz

  I've got a nas box running some flavour of linux 2.6.31.8.nv+v2 with an arm processor. It has got a samba share called 'all' that has full read write access to everyone. However one Windows machine cannot access it without prompting for authentication and I found out from the logs that the windows account matches a local account on the nas box. What I then went to do is delete the local account on the nas. I can see that /home,/etc/password + /etc/shadow the account doesn't exist anymore. However the samba logs, shows that it thinks it is still there as it says account is disabled. I've tried rebooting both nas + windows box. Is there somewhere else that it stores account information? I logged on with a different account on that Windows machine and I can access the share fine. The smb logs shows that it can't find the user and then allows anonymous access.

  Read the article

• Structuring the UI code of a single-page EXTjs Web app using Rails?

  - by Daniel Beardsley

  I’m in the process of creating a large single-page web-app using ext-js for the UI components with Rails on the backend. I’ve come to good solutions for transferring data using Whorm gem and Rails support of RESTful Resources. What I haven’t come to a conclusion on is how to structure the UI and business logic aspects of the application. I’ve had a look at a few options, including Netzke but haven’t seen anything that I really think fits my needs. How should a web-application that uses ext-js components, layouts, and controls in the browser and Rails on the server best implement UI component re-use, good organization, and maintainability while maintaining a flexible layout design. Specifically I’m looking for best-practice suggestions for structuring the code that creates and configures UI components (many UI config options will be based on user data) Should EXT classes be extended in static JS for often re-used customizations and then instantiated with various configuration options by generated JS within html partials? Should partials create javascript blocks that instantiate EXT components? Should partials call helpers that return ruby hashes for EXT component config which is then dumped to Json? Something else entirely? There are many options and I'd love to hear from people who've been down this road and found some methodology that worked for them.

  Read the article

• Postfix configuration w.r.t. port 25

  - by Monkey Boson

  After a considerable amount of research, I have configured my postfix server to use dovecot to accept SMTPS connections over port 465 and everything works swimmingly. Unfortunately, I forgot that, unless I listen to port 25, I'm not going to receive any e-mail from the net. I'm hoping somebody knows off the top of their head how to open up port 25 on Postfix for anonymous users, but disallow relaying and any other bad things on that port. And to leave the port 465 the way it is. As to my current configuration, I changed the master.cf file: smtps inet n - n - - smtpd and the main.cf file: # Use our SSL certificates smtpd_tls_cert_file = .....cer smtpd_tls_key_file = .....key smtpd_tls_security_level = may # Use Dovecot for SASL authentication smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_sasl_authenticated, reject_unauth_destination Any help is appreciated!

  Read the article

• Should I impersonate PHP via FastCGI?

  - by AKeller

  I am installing the latest version of PHP onto IIS 7.5 via FastCGI, and all of the instructions say that FastCGI should impersonate the calling client by setting fastcgi.impersonate = 1 If my website will have this configuration dedicated application pool application pool identity of ApplicationPoolIdentity anonymous authentication only (as IUSR) why do I want to impersonate? I come from an ASP.NET background, where the IUSR gets read-only permissions and the application pool identity gets any write permissions. Giving write access to the IUSR usually opens the door for WebDAV vulnerabilities. So I hesitate to let PHP run as the IUSR. I can't find many people asking this question (1 | 2) so I think I must be missing something. Can someone clarify this for me?

  Read the article

• Is is possible to determine a password input string as plaintext or hashed?

  - by Godders

  I have a RESTful API containing a URI of /UserService/Register. /UserService/Register takes an XML request such as: <UserRegistrationRequest> <Password>password</Password> <Profile> <User> <UserName>username</UserName> </User> </Profile> </UserRegistrationRequest> I have the following questions given the above scenario: Is there a way (using C# and .Net 3.5+) of enforcing/validating that clients calling Register are passing a hashed password rather than plaintext? Is leaving the choice of hashing algorithm to be used to the client a good idea? We could provide a second URI of /UserService/ComputePasswordHash which the client would call before calling /UserService/Register. This has the benefit of ensuring that each password is hashed using the same algorithm. Is there a mechanism within REST to ensure that a client has called one URI before calling another? Hope I've explained myself ok. Many thanks in advance for any help.

  Read the article

• How to back up OWA exchange emails without Outlook

  - by fpghost

  My university uses Microsoft Outlook Web Access (OWA) e-mail. Soon they will close my e-mail account as my course has ended, but I really do not want to lose the archive of emails and attachments. I've read a backup to something called a .pst can be made if one has access to Microsoft Outlook but I do not. Is there any other way I could back these up? (preferably on Ubuntu 12.04 but I also have access to Win 7 if need be). One idea I played with is using davmail to allow access via Thunderbird and performing some kind of backup with that. However, I cannot seem to get past Authentication failed: invalid user or password, retry with domain\user.

  Read the article

• Strange problems with the Spring RestTemplate in Android application

  - by HarryCater

  I begin to use RESTful api of the Spring Framework in my android client application. But I have encountered with problems when I tried to execute HTTP request via postForObject/postForEntity methods. Here is my code: public String _URL = "https://noticemed.com/app/mobile/login"; public void BeginAuthorization(View view) { HttpHeaders requestHeaders = new HttpHeaders(); requestHeaders.setContentType(MediaType.APPLICATION_JSON); HttpEntity<String> _entity = new HttpEntity<String>(requestHeaders); RestTemplate templ = new RestTemplate(); templ.setRequestFactory(new HttpComponentsClientHttpRequestFactory()); templ.getMessageConverters().add(new MappingJacksonHttpMessageConverter()); ResponseEntity<String> _response = templ.postForEntity(_URL,_entity,String.class); //HERE APP CRASHES String _body = _response.getBody(); And here is a stack trace in logcat after app crashing. As you see there is no definite error message. So the question what am I doing wrong? How to fix this? May there is other way to do it?I really need a help. Thanks in advance!

  Read the article

• Dealing with LDAP failure when using it for PAM/NSS?

  - by Insyte

  I use a redundant pair of OpenLDAP servers for PAM auth and directory services via NSS. It's been 100% reliable so far, but nothing runs flawlessly forever. What steps should I take now so I have a fighting chance of recovering from failure of the LDAP server(s)? In my informal testing, it appears that even already authenticated shells are largely useless as all username/uid lookups hang until the directory server comes back. So far I've come up with only two things: Do not use NSS-LDAP and PAM-LDAP on the LDAP servers themselves. Create a root-level account on all boxes that only accepts publickey authentication from our local subnet and protect that key well. I'm not sure how much good this would do me as once I'm logged in, I suspect I wouldn't be able to accomplish anything since all the userid lookups would be hanging. Any other suggestions?

  Read the article

• Can't ssh from Ubuntu to RHEL or CentOS

  - by Alex N

  I am trying to setup publickey based authenitcation for 2 different boxes. One RHEL another on e is CentOS. I am having same issue with both where ssh fails and falls back to password based authentication. Error that seems to be causing this is quite obscure: debug1: Unspecified GSS failure. Minor code may provide more information Credentials cache file '/tmp/krb5cc_1000' not found Both boxes are completely unrelated. I have my public key in .ssh/authorized_keys file on both boxes, all permissions are checked and good(700 for .ssh and 600 for internals) I have bunch of other servers that are running on various flavors(Gentoo, Fedora, FreeBSD etc.) and publickey ssh works just fine, but CentOS and RHEL giving me this for some reason :( Anyone experienced this before? I am not even sure how to further analyze this issue :(

  Read the article

• Can vCenter 4 authenticate and authorize against a virtual directory server??

  - by iforeman

  Hi I am looking into Identity managment in our environment. We currently use Active Directory and Sun's Enterprise Directory server (6.3). I was wondering if I used the Virtual Directory Server of the Enterprise Directory server, would we be able to point the vCenter clients to this Directory service for authentication and authorization rather than at the AD source. The reason for this is that we have more users we want to add to the management role of this server but not all are in AD, a fair number are in the Sun LDAP v3. directory. Thanks in advance Ian

  Read the article

• Dediced server for all network functions?

  - by Alan

  I want to set up a fictional network configuration for a school in my neighborhood. They have about 50 computers altogether, 2X20 in computer rooms for students and another 10 scattered around for various professors. They should all access the internet through a dedicated Linux router machine. What they would like is to have domain names for those three computer groups. Lab1, Lab2 and Professors. The computers in Lab2 and Lab1 should have static ip and should all be named by numbers. So there should be 1@Lab1, 2@Lab1.... etc. And the Professors network should have a DHCP, with authentication. Is it an ok solution to have all these functions on a single server? (The one which will be used as a router) Do I have to set a local DNS for domain naming? Do the host names for Lab computers have to be set on the clients, or can they be automatically assigned?

  Read the article

• how to make SFTP work on Windows

  - by cyberkiwi

  What is the correct way to set up sshwindows for SSH key authentication? Does the user need to be created in Windows first or can a login be inserted into passwd without a Windows equivalent? I've searched on Google and have tried the tutorials and quick start guides. So far, exactly 0 have worked. None pointed out that to work in Windows 2008 R2, you need to change the properties of cygrunsrv.exe to "Windows XP SP3" compability mode to even get past the service startup "error 1067". Although it is running, no amount of configuration allowed me to log on to the SFTP server, even though I tried (from another machine): same user account added using "mkpasswd" + windows password same user account added using "mkpasswd" + public ssh key (added to /home/theuser/.ssh) On Windows 2003 R2 (a different attempt), the service would crash every time it started up. Some links I went through http://pigtail.net/LRP/printsrv/cygwin-sshd.html http://forevergeeks.com/how-to-setup-a-secure-ftp-sftp-site-with-openssh-on-windows/ http://support.moonpoint.com/os/windows/server2003/openssh-service-not-starting.html

  Read the article

• What's the use of writing tests matching configuration-like code line by line?

  - by Pascal Van Hecke

  Hi, I have been wondering about the usefulness of writing tests that match code one-by-one. Just an example: in Rails, you can define 7 restful routes in one line in routes.rb using: resources :products BDD/TDD proscribes you test first and then write code. In order to test the full effect of this line, devs come up with macros e.g. for shoulda: http://kconrails.com/2010/01/27/route-testing-with-shoulda-in-ruby-on-rails/ class RoutingTest < ActionController::TestCase # simple should_map_resources :products end I'm not trying to pick on the guy that wrote the macros, this is just an example of a pattern that I see all over Rails. I'm just wondering what the use of it is... in the end you're just duplicating code and the only thing you test is that Rails works. You could as well write a tool that transforms your test macros into actual code... When I ask around, people answer me that: "the tests should document your code, so yes it makes sense to write them, even if it's just one line corresponding to one line" What are your thoughts?

  Read the article

< Previous Page | 180 181 182 183 184 185 186 187 188 189 190 191  | Next Page >