Search Results

Search found 68 results on 3 pages for 'massimo ugues'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 2/3 | < Previous Page | 1 2 3  | Next Page >

  • Can't send commands via SSH to Juniper firewalls

    - by Massimo
    I have some Juniper SSG firewalls which I need to manage, and I'd like to be able to send commands to them from some monitoring scripts. I configured SSH access using public keys, and I'm able to automatically login to the firewalls. When I run SSH interactively, everything works fine: $ssh <firewall IP> FIREWALL-> <command> <command output> FIREWALL-> exit Connection to <firewall IP> closed. $ But when I try to run the command from the command line, it doesn't work: $ssh <firewall IP> <command> $ This, of course, works fine when sending a command to a remote Linux box: $ssh <linux box IP> <command> <command output> $ Why is this happening? What is the difference between running SSH interactively and specifying the command to run on the SSH command line? Update: It also works fine with a Cisco router. Only these Juniper firewalls seem to behave this way. From the debug output from SSH, it looks like the connection gets established correctly, but the Juniper box replies with an EOF when sending the command, while instead the Linux box replies with the actual command output: Linux: debug1: Authentication succeeded (publickey). debug1: channel 0: new [client-session] debug2: channel 0: send open debug1: Entering interactive session. debug2: callback start debug2: client_session2_setup: id 0 debug1: Sending command: uptime debug2: channel 0: request exec confirm 0 debug2: callback done debug2: channel 0: open confirm rwindow 0 rmax 32768 debug2: channel 0: rcvd adjust 131072 debug1: client_input_channel_req: channel 0 rtype exit-status reply 0 16:44:44 up 25 days, 1:06, 3 users, load average: 0.08, 0.02, 0.01 debug2: channel 0: rcvd eof debug2: channel 0: output open -> drain debug2: channel 0: obuf empty debug2: channel 0: close_write debug2: channel 0: output drain -> closed debug2: channel 0: rcvd close debug2: channel 0: close_read debug2: channel 0: input open -> closed debug2: channel 0: almost dead debug2: channel 0: gc: notify user debug2: channel 0: gc: user detached debug2: channel 0: send close debug2: channel 0: is dead debug2: channel 0: garbage collecting debug1: channel 0: free: client-session, nchannels 1 debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 0.1 seconds debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0 debug1: Exit status 0 Juniper: debug1: Authentication succeeded (publickey). debug1: channel 0: new [client-session] debug2: channel 0: send open debug1: Entering interactive session. debug2: callback start debug2: client_session2_setup: id 0 debug1: Sending environment. debug1: Sending env LANG = en_US.UTF-8 debug2: channel 0: request env confirm 0 debug1: Sending command: get system debug2: channel 0: request exec confirm 0 debug2: callback done debug2: channel 0: open confirm rwindow 2048 rmax 1024 debug2: channel 0: rcvd eof debug2: channel 0: output open -> drain debug2: channel 0: obuf empty debug2: channel 0: close_write debug2: channel 0: output drain -> closed debug1: client_input_channel_req: channel 0 rtype exit-status reply 0 debug2: channel 0: rcvd close debug2: channel 0: close_read debug2: channel 0: input open -> closed debug2: channel 0: almost dead debug2: channel 0: gc: notify user debug2: channel 0: gc: user detached debug2: channel 0: send close debug2: channel 0: is dead debug2: channel 0: garbage collecting debug1: channel 0: free: client-session, nchannels 1 debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 0.2 seconds debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0 debug1: Exit status 1

    Read the article

  • Why is the link between my switch and my router always negotiating half-duplex mode?

    - by Massimo
    I have a Cisco 2950 switch which has one of its ports connected to an Internet router provided by my ISP; I have no access to the router configuration, but I manage the switch. If I leave all switch ports with their default setup (auto-negotiation of speed and duplex mode), this link always connects at 100 MBit/s, but in half-duplex mode. I've tried replacing the cable, and also moving the link to another switch port: the result is always the same. A different device connected to the same port (or to any switch port, really) shows no problem at all. It could be guesed that someone configured the router to only connect in half-duplex mode... BUT, here's the catch: if I manually force the switch port to full-duplex mode (duplex full in the interface configuration), the link goes up, stays up and is completely stable. So: The connection is not forced to half-duplex mode by the router, otherwise it would not connect at all if I force the switch end to full-duplex. There is no actual link problem, otherwise the full-duplex connection would not go up or would at least show some errors. But if I leave the port free to auto-negotiate, it always connects in half-duplex mode. Why?

    Read the article

  • What the hell was THAT?!?

    - by Massimo
    My system is Windows XP SP3, updated with the latest patches. The PC is connected to a Cisco 877 ADSL router, which does NAT from the internal network to its single static public IP address. There are no forwarded ports, and the router's management console can only be accessed from the inside. I was doing two things: working on a remote office machine via VPN and browsing some web pages on the Cisco web site. The remote network is absolutely safe (it's a lab network, four virtual servers, no publicly accessible services and no users at all; also, none of what I'm going to describe ever happened there). The Cisco web site... well, I suppose is quite safe, too. Suddenly, something happened. Strange popups appears anywhere; programs claiming they're "antimalware", "antispyware" et so on begins autoinstalling; fake Windows Update and Security Center icons pop up in the system tray. svchost.exe began crashing repeatedly. Then, finally, after some minutes of this... BSOD. And, upon rebooting, BSOD again. Even in safe mode. Ok, that was obviously some virus/trojan/whatever. I had to install a new copy of Windows on another partition to clean things up. I found strange executables, services and DLLs almost anywhere. Amongst the other things, user32.dll and ndis.sys had been replaced. A fake software called "Antimalware Doctor" had been installed. There were services with completely random names or even GUIDs (!), and also ones called "IpSect" and "Darkness". There were executable files without an .exe extension. There were even two boot-class drivers, which I'm quite sure are the ones that finally caused the system to crash. A true massacre. Ok, now the questions: What the hell was that?!? It was something more than a simple virus! How did it manage to attack my computer, as I am behind a firewall and was not doing anything even only potentially harmful on the web at the time?

    Read the article

  • Apache rewrite rules and special characters

    - by Massimo
    I have a server where some files have an actual %20 in their name (they are generated by an automated tool which handles spaces this way, and I can't do anything about this); this is not a space: it's "%" followed by "2" followed by "0". On this server, there is an Apache web server, and there are some web pages which links to those files, using their name in URLs like http://servername/file%20with%20a%20name%20like%20this.html; those pages are also generated by the same tool, so I (again!) can't do anything about that. A full search-and-replace on all files, pages and URLs is out of question here. The problem: when Apache gets called with an URL like the one above, it (correctly) translates the "%20"s into spaces, and then of course it can't find the files, because they don't have actuale spaces in their names. How can I solve this? I discovered than by using an URL like http://servername/file%2520name.html it works nicely, because then Apache translates "%25" into a "%" sign, and thus the correct filename gets built. I tried using an Apache rewrite rule, and I can succesfully replace spaces with hypens with a syntax like this: RewriteRule (.*)\ (.*) $1-$2 The problem: when I try to replace them with a "%2520" sequence, this just doesn't happen. If I use RewriteRule (.*)\ (.*) $1%2520$2 then the resulting URL is http://servername/file520name.html; I've tried "%25" too, but then I only get a "5"; it just looks like the initial "%2" gets somewhat discarded. The questions: How can I build such a regexp to replace spaces with "%2520"? Is this the only way I can deal with this issue (other than a full search-and-replace which, as I said, can't be done), or do you have any better idea?

    Read the article

  • Can I use a Smart Array P410 controller on a HP Proliant DL 180 G5 server?

    - by Massimo
    This link says the HP Proliant DL 180 G5 server only supports Smart Array E200, E500, P400 and P800 controllers. Can I use a Smart Array P410 instead? Currently the server has only the default internal controller, I need an additional one for better performance and to support additional drives (the default controller only supports 4, with a Smart Array controller all 8 bays can be used). The disks are SATA ones.

    Read the article

  • How to integrate Windows Server 2008 R2's NPS with Cisco switches?

    - by Massimo
    I need to evaluate in a lab environment the use of Windows Server 2008 R2's NPS for 802.1x authentication with Cisco Catalyst 3750 switches; the general idea is to only let clients connect to the company network if they can provide valid domain logon credentials, placing them in a restricted VLAN instead if they can't. NAP would also be a bonus, but it can be evaluated later; the main point now is only 802.1x authentication. Although I have very good knowledge of Windows and Active Directory (on the Microsoft side) and quite good knowledge of Catalyst switches (on the Cisco side), I'm totally new to 802.1x; I'd really like some general guidelines and help here, and some sort of implementation guide would also be very useful.

    Read the article

  • Update BIOS on Sun Fire X4150 server

    - by Massimo
    I have some Sun Fire X4150 servers with a very old BIOS release (1ADQW015), which seems to have some compatibility problems with WMware ESX Server 3.5 and Windows 2008 R2 virtual machines; so I want to update the BIOS on them. The problem: according to this page, if your servers run ELOM (mine do), you first need to update to the latest ELOM release, then to the interim transition release, then finally you can update to the latest one. Ok, I'm willing to do that... but it looks like Sun (now Oracle) will happily let you download the latest firmware DVD (3.3.0), but it will not let you download the transition release (2.0) if you don't have a support contract. Well, I actuall don't care at all about the servers' management controllers (we don't even use them), so upgrading from ELOM to ILOM is totally irrelevant to me; but I need to update the servers' BIOS. So my question is: can I update the servers' BIOS to the latest version without doing the full ELOM-to-ILOM migration, or will this not work (or even make the servers unusable)? Do BIOS versions and SP ones need to be matched, or can one be updated without bothering with the other? Bonus question: if this whole ELOM-to-ILOM thing actually is needed in order to update the BIOS, can that 2.0 CD-ROM be obtained without having a support contract with Sun/Oracle (which we are definitely not going to sign, being that quite old hardware)? Update: I tried upgrading only the BIOS on one of the servers, and it didn't boot anymore. So it really looks like a full firmware upgrade is needed, and the management controller and BIOS versions should be kept in sync. So... where can I find that *&!£%$% 2.0 CD-ROM? Or at least the transition firmware that can be found on it?

    Read the article

  • Using both domain users and local users for Squid authentication?

    - by Massimo
    I'm working on a Squid proxy which needs to authenticate users against an Active Directory domain; this works fine, Samba was correctly set up and Squid authenticates users via ntlm_auth. Relevant lines in squid.conf: auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 5 auth_param ntlm keep_alive on acl Authenticated proxy_auth REQUIRED http_access allow Authenticated http_access deny all Now, I need a way to allow access to users which don't have a domain account. I know I could create an "internet user" account in the domain, but this would allow access, although limited, to domain resources (file shares, etc.); I need something that will allow only Internet access. The ideal solution would be using a local account on the proxy server, either a Linux account or a Squid one; I know Squid supports this, but I'm unable to have it use both domain authentication and Squid/local authentication if domain auth is unsuccesful. Can this be done? How?

    Read the article

  • How to auto mark tape as free in DPM 2012?

    - by Massimo
    I have a backup server running System Center Data Protection Manager 2012, connected to a couple of tape drives (no library). I also have, of course, some tapes. Tape rotation is manual. The tape have been used before, by DPM itself (but the server has been completely rebuilt) and by other backup softwares; they are not emtpy. But they contain no data that DPM knows and/or wants to preserve, so they can be marked as free without having to run forcefreetape.ps1. When a tape is placed into the drive, it is required to perform an inventory, have it recognized as an imported tape and then mark it as free; otherwise DPM will simply refuse to use it. How can I tell DPM to automatically treat those imported tapes as free? And, of course, I do not want to reuse real backup tapes if by chance they get put into the drives before their expiration date, so the solution should mark imported tapes as free, but should not do the same with real, non-expired tapes.

    Read the article

  • Can Windows logoff events be tracked?

    - by Massimo
    I'm working on an application to track network user logon/logoff events in an Active Directory domain; the application will work by auditing security logs on domain controllers. Auditing logon events can get somewhat tricky, but it can succesfully be done. My problem: how can I track logoff events? Based on some research I've done, it looks like these events are only logged locally on workstations, but not on DCs; also, the "lastLogoff" attribute exists on AD user objects, but it's not actually used by anyone. This is a very specific question: is something logged on DCs when a user logs off from a domain workstation? To clarify: I'm not intereseted in other auditing mehods, I can't deploy logon/logoff scripts and I can't install anything anywhere; I also know opened and closed network sessions are logged, but this is not what I'm looking for. I need to audit interactive logons and logoffs to domain workstations, and I can do this by only reading domain controllers security logs; reading each workstation's local event logs is out of question. If this can't be done, it's ok; but I need a clear answer on that. Can this be done? If yes, how?

    Read the article

  • How to implement dynamic web blacklists in ISA Server 2006?

    - by Massimo
    I'm looking for a way to implement web site blacklisting in ISA server 2006. I know how to manually define a destination set and block access to it, and I also know how to import XML lists. What I'm looking for is some publicly available and actively updated blacklist (i.e. "porn sites", or "gamble sites") from some trustworthy source, and for a way to automatically get updated versions when they are released and use them in ISA. Can this be done, and how?

    Read the article

  • How to hide a trusted domain in the logon screen?

    - by Massimo
    I need to create a bidirectional trust between two Active Directory domains. But management is worried that users will be puzzled out when seeing another domain name in the drop-down list in the Windows logon screen (many of them use Windows XP), and that help desk calls for failed logins due to having selected the wrong domain will skyrocket. Also, the two domain names are quite similar, adding to the possible user confusion. Is there any way to hide a trusted domain from the drop-down list in the Windows logon screen?

    Read the article

  • Intel Rapid Storage Technology service always crashes

    - by Massimo
    I'm running Windows 7 x64 on a system based on an Asus Z87-Deluxe motherboard; the storage is configured for RAID mode; there is a single SSD drive for the O.S. and two 4-TB disks in a RAID 1 setup for the data. I've installed the latest version of Intel's Rapid Storage Technology drivers, 12.8.0.1016. The program complains about its service not being running, and the service is actually stopped; if I try to start it, it crashes. I've already tried reinstalling the package, but nothing changed. All the disks work correctly, but the RST program is unusable. How can I fix this?

    Read the article

  • Installing Windows Management Framework 3.0 basically destroyed WMI, how can I fix it without reinstalling the O.S.?

    - by Massimo
    Related, of course, to this question. Before discovering it was somewhat... dangerous, I installed Windows Management Framework 3.0 on a number of Windows Server 2008 R2 SP1 servers, and WMI got completely trashed on all of them. This is what the WMI namespace looks like on a normal server (this is from Server Manager - Configuration - WMI Control): This is what it looks like after installing WMF 3.0: Yeah. Everything except WMF 3.0's new features is gone. Needless to say, nothing seems to work anymore on those servers. And no, this is not due to some strange installation error, this happened on three servers which were perfectly working before installing WMF 3.0, and on all of them the installation completed succesfully. Admittedly, one of them had a somewhat complex setup (various System Center products and SQL Server instances)... but two of them are just plain standard domain controllers which do nothing else at all. How can I fix this mess without having to reinstall the O.S. on these servers? And why did it happen in the first place?

    Read the article

  • How to statically configure DNS servers on a Cisco router when the WAN interface uses DHCP?

    - by Massimo
    I have a Cisco router (model 887VA, IOS 15.4) used to connect a LAN to the Internet via ADSL. The WAN interface uses DHCP: interface ATM0.1 point-to-point ip address dhcp I need the router to use a statically-defined DNS server for name resolution: ip name-server A.B.C.D However, the router insists on using the DNS servers supplied by the ISP via DHCP: Router#ping www.google.com Translating "www.google.com"...domain server (<ISP DNS>) [OK] Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 173.194.116.208, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 44/45/48 ms How can I tell the router to ignore the ISP-supplied DNS servers and only use the statically-configured one?

    Read the article

  • How did what appears to be a virus get on my computer? (explanation of situation enclosed)

    - by Massimo
    My system is Windows XP SP3, updated with the latest patches. The PC is connected to a Cisco 877 ADSL router, which does NAT from the internal network to its single static public IP address. There are no forwarded ports, and the router's management console can only be accessed from the inside. I was doing two things: working on a remote office machine via VPN and browsing some web pages on the Cisco web site. The remote network is absolutely safe (it's a lab network, four virtual servers, no publicly accessible services and no users at all; also, none of what I'm going to describe ever happened there). The Cisco web site... well, I suppose is quite safe, too. Suddenly, something happened. Strange popups appears anywhere; programs claiming they're "antimalware", "antispyware" et so on begins autoinstalling; fake Windows Update and Security Center icons pop up in the system tray. svchost.exe began crashing repeatedly. Then, finally, after some minutes of this... BSOD. And, upon rebooting, BSOD again. Even in safe mode. Ok, that was obviously some virus/trojan/whatever. I had to install a new copy of Windows on another partition to clean things up. I found strange executables, services and DLLs almost anywhere. Amongst the other things, user32.dll and ndis.sys had been replaced. A fake software called "Antimalware Doctor" had been installed. There were services with completely random names or even GUIDs (!), and also ones called "IpSect" and "Darkness". There were executable files without an .exe extension. There were even two boot-class drivers, which I'm quite sure are the ones that finally caused the system to crash. A true massacre. Ok, now the questions: What the hell was that?!? It was something more than a simple virus! How did it manage to attack my computer, as I am behind a firewall and was not doing anything even only potentially harmful on the web at the time?

    Read the article

  • Internet Explorer not working after establishing a SSTP VPN connection

    - by Massimo
    I have a problem which is constantly appearing on each Windows 7 computer I'm using, whenever I establish a SSTP VPN connection to a ForeFront TMG 2010 firewall; it only happens with SSTP connections, not PPTP/L2TP ones. The problem appears only if using a proxy server for Internet access; it doesn't happen when directly accessing the Internet (with or without NAT). It doesn't seem to depend on a specific proxy software being used (I've seen it happening with various ones). The problem is: as soon as I start the VPN connection, Internet Explorer can't access anything anymore. I'm not using the VPN connection as a default gateway, and I can succesfully ping the proxy server after the VPN connection is esatablished (and even telnet to its 8080 TCP port), so this is definitely not a routing problem. Also, the problem is specifically related to Internet Explorer: while it seems not able to connect to any site, other programs (such as FireFox) have no problem accessing the Internet through the same proxy. This behaviour can be easily reproduced on any Windows 7 computer (the service pack and patch level doesn't seem to matter at all). Have IE connect through a proxy, establish a SSTP VPN connection... and IE will just not work anymore until the VPN connection is dropped.

    Read the article

  • How to track which process is failing logons?

    - by Massimo
    Windows Server 2003, VMWare VirtualCenter 2.5. Something is continuously trying to log on to VirtualCenter using a disabled domain account; the failed logon attempts are logged by VirtualCenter in its own logs and by Windows in the Security event log. This happens roughly every minute or two. The source of the logon attempts is 127.0.0.1, so it must be some process running on the server itself. There are no services running as this user account and no scheduled jobs on the system. The task manager doesn't show any proces running under this account, either. The user account's name is nowhere to be found in the Registry. But some process is trying to use it, and failing. It probably is not some critical process, as everything looks fine; it could be something that was installed long ago and forgotten there. Whatever it is, it probably is running under another user account (possibly a system one), but is trying to log on to VC using those credentials, which are probably saved in some configuration file, since they're not stored in the Registry. How can I track which process is trying (and failing) those logon attempts, either using Windows or VirtualCenter?

    Read the article

  • ConfigMgr 2012 - How to automatically make updates available to computers without forcing them to be installed?

    - by Massimo
    I'm using System Center Configuration Manager 2012 with the Software Update Point feature; however, in this environment patching has to be strictly manual, because server reboots need to be approved and scheduled by different people; thus, I need to use ConfigMgr's SUP like I would use a plain WSUS server with auto-approval but with manual installation. I created some Automatic Deployment Rules to automatically download and deploy critical updates, and to have an installation dealine of "as soon as possible"; but then, I've also configured those rules to not do anything when the deadline is reached, and to not perform system restarts even if needed (see image). Also, I've configured the device collection to where those rules deploy updates to not have any valid maintencance window. However, I'm experiencing quite the opposite as what I was expecting: as soon as the new updates are processed by the ADRs, they get automatically installed on all systems by the Software Center, and the computers are subsequently restarted. Why is this happening? Am I getting something wrong or is just ConfigMgr 2012 not behaving like it should?

    Read the article

  • Do background processes get a SIGHUP when logging off?

    - by Massimo
    This is a followup to this question. I've run some more tests; looks like it really doesn't matter if this is done at the physical console or via SSH, neither does this happen only with SCP; I also tested it with cat /dev/zero > /dev/null. The behaviour is exactly the same: Start a process in the background using & (or put it in background after it's started using CTRL-Z and bg); this is done without using nohup. Log off. Log on again. The process is still there, running happily, and is now a direct child of init. I can confirm both SCP and CAT quits immediately if sent a SIGHUP; I tested this using kill -HUP. So, it really looks like SIGHUP is not sent upon logoff, at least to background processes (can't test with a foreground one for obvious reasons). This happened to me initially with the service console of VMware ESX 3.5 (which is based on RedHat), but I was able to replicate it exactly on CentOS 5.4. The question is, again: shouldn't a SIGHUP be sent to processes, even if they're running in background, upon logging off? Why is this not happening? Edit I checked with strace, as per Kyle's answer. As I was expecting, the process doesn't get any signal when logging off from the shell where it was launched. This happens both when using the server's console and via SSH.

    Read the article

  • multicast and iptables

    - by Massimo
    I have secured a linux box, starting with iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP and after adding rules to enable specific protocols and streams. Which are the correct rules to add multicast support ? I am trying with these - for both client and server multicast : iptables -A INPUT -m pkttype --pkt-type multicast -j ACCEPT iptables -A OUTPUT -m pkttype --pkt-type multicast -j ACCEPT iptables -A INPUT --protocol igmp -j ACCEPT iptables -A OUTPUT --protocol igmp -j ACCEPT iptables -A INPUT --dst "224.0.0.0/4" -j ACCEPT iptables -A OUTPUT --dst "224.0.0.0/4" -j ACCEPT Linux 2.6.38-12 / iptables 1.4.10 Is there any internet service to test my multicast set ( pc + adsl router + provider ) ?

    Read the article

  • Can IOS be upgraded on a Cisco Catalyst 6509 switch without downtime?

    - by Massimo
    There's this Cisco Catalyst 6509 switch with 2 (two) supervisor modules; one of them is active, the other is (almost always) in standby. We need to upgrade IOS; current version is 12.2.something (I can check exactly which one, if this does matter). Can this be done without service interruption? Something like "upgrade the standby supervisor, activate it, upgrade the other one"?

    Read the article

  • Is there any way to synchronize AD users with Office 365 but still be able to edit them online?

    - by Massimo
    I'm performing a migration to Office 365 from a third-party mail server (MDaemon); the local Active Directory doesn't include any Exchange server, and never had any. We will need directory synchronization in order to enable users to log on to Office 365 using their domain credentials; but it seems that as soon as you enable directory synchronization, you can't perform any action anymore on Office 365 users: all changes need to be made on the local Active Directory, and then replicated by the synchronization process. For ordinary users with a single e-mail address and standard features, this is not a big problem; but what about users which need an additional address? What if I need to configure some nonstandard setting, like "hide from address list" or a custom mailbox quota? From what I've gathered, the only supported way to do this, as you can't directly edit Office 365 objects anymore after synchronization is enabled, is to extend the local AD schema with Exchange attributes, and then manually edit them (!). Or, you can install at least one local Exchange server, and then use the Exchange administrative tools to configure the required settings. Is this correct or am I missing something? Is there any way to synchronize user accounts and password, but still be able to edit user settings directly in Office 365? If not (everything really needs to be set locally and then synchronized), is there any simpler way to do this than manually editing LDAP attributes or installing a local Exchange server?

    Read the article

  • Which firewall ports do I need to open in order for a domain trust to work?

    - by Massimo
    I have two Active Directory domains in two different forests; each domain has two DCs (all of them Windows Server 2008 R2). The domains are also in different networks, with a firewall connecting them. I need to create a two-way forest trust between the two domains and forest. How do I configure the firewall to allow this? I found this article, but it doesn't explain very clearly which traffic is required between DCs, and which traffic (if any) in needed instead between domain computers in one domain and DCs for the other one. I'm allowed to permit all traffic between the DCs, but allowing computers in one network to access DCs in the other one would be a little more difficult.

    Read the article

  • How to script printer creation on a Windows Server 2008 R2 clustered print server?

    - by Massimo
    As per subject. I've found some ways of scripting printer creation on Windows print servers using WMI, but it looks like WMI doesn't support clustered print servers (or clustered servers at all). The scripts in C:\Windows\System32\Printing_Admin_Scripts are useless because, they are not cluster-aware and end up creating the printers on the active cluster node (just like using WMI). The only tool I found that was able to work on a clustered print server is printui.exe (shortcut for rundll32 printui.dll, PrintUIEntry), but it can't create TCP printing ports: it can only add printers if the port already exists. How can I completely script printer creation (including TCP printing ports!) on a clustered Windows Server 2008 R2 print server?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 1 2 3  | Next Page >