Search Results

Search found 8766 results on 351 pages for 'integrated authentication'.

Page 206/351 | < Previous Page | 202 203 204 205 206 207 208 209 210 211 212 213 | Next Page >

IIS 7.5 default permission - is restriction needed?

- by Caroline Beltran

I am using IIS 7.5 and I do not need to explicitly specify permissions for my ISAPI application to execute. Additionally, the application can create subdirectories, create and delete files without me specifying permissions. Since I am using the default permissions, checked to see if web.config was safe from prying eyes over the web, and it can’t be read which is good. My app also creates some .log and .ini files which are also not viewable over the web. I did notice that .txt files are viewable. I really don’t know how default permissions allow my app to do so much. Is this safe or do I need to lock down? To be honest, I don’t know what accounts to restrict. App details: My ISAPI has an ‘allowed’ entry in ISAPI and CGI Restrictions Folder and subfolders containing my application has ‘default’ permissions set. Application pool is using ‘classic’ pipeline mode and no managed code. Pass-through authentication in use. Thank you for your time

Read the article
connect 2.1 stereo speakers to LG LCD-TV (5500 series)

- by rMaero

I bought a pair of speakers for my dad's TV, LG 32LE5500. When I installed them, it just sounded worse than the integrated ones and that's where I realized the subwoofer didn't work at all and both speakers make lower volume than the internal ones. The audio output jack says "H/P" (standing for headphones, and a matching symbol) before buying I checked this output with my phone's headphones and it worked so I figured it would work with a set of speakers since it's a standard audio output. I guess it's literally for headphones and not any other kind of sound players. There is only one other audio output and it is the optical-digital, so I can't use that. Not at least with these speakers.. am I screwed? or is there any workaround?

Read the article
401 - Unauthorized: Access is denied error from web app running in IIS 7.5 using App Pool Identity

- by Eric Gatesman

I have an ASP.NET app on a Windows 2008 server, IIS 7.5. When I try to access web site, I get a login popup. If I click "cancel" I get a 401 - Unauthorized: Access is denied due to invalid credentials. The app is using Windows authentication (anonymous is disabled). The app has it's own app pool, running under the App Pool Identity. If I change the app pool to run under the NetworkService account, my website functions just fine. I'm guessing that this is just a permissions issue, but can't figure out what permissions I need to change. I gave the App Pool Identity permissions on the physical directory of the app, but that didn't solve the problem.

Read the article
RDP and New Accounts

- by leeand00

I created a new user account on the domain and added them to the Remote Desktop Users group. I could login just fine locally, but when I logged in remotely I was basically told that I could not login from there using that user. I could login just fine as the administrator or anybody else other than that new account. So I researched it a bit more and found that my setting looked like this on the local machine: So I changed it to Allow connections only from computers running Remote Desktop with Network Level Authentication (NLA). Now when I tried this down at my office I connected with RDP just fine on another computer. But low and behold when I got home and simply try to connect to the machine, I get the message: There has to be some kind of in between setting, or additional setting that I need to change on the user that allows me to connect directly via remote desktop over the VPN. At the moment I can connect by connecting to another computer on the network and then RDPing from there into my machine, but this is not ideal.

Read the article
What is a good and safe way of sharing certificates?

- by Kaustubh P

I have a few certificates, that are used as authentication, to ssh into my servers on the Amazon cloud. I rotate those certificates weekly, manually. My question is, I need to share the certificates with some colleagues, a few on the LAN, and a few in another part of the country. What is the best practice to share the certificate? My initial thoughts were Dropbox and email. We dont host dedicated email servers with encryption and all, and dont have a VPN. Thanks.

Read the article
jump to page of a pdf in google docs / drive / apps

- by Aaron - Solution Evangelist

i want to jump to a specific page of a pdf file via the google docs via the editor url https://docs.google.com/file/d/xxx/edit or the embed url https://docs.google.com/file/d/xxx/preview i am not looking to use the http://docs.google.com/gview?url= referenced in the stackoverflow question how to open specific page on Google's docs viewer as i want to do this for documents where authentication is required the the document is not available via public url. is there some way of appending an anchor (i would have expected it to be https://docs.google.com/file/d/xxx/preview#10) or a query (e.g. https://docs.google.com/file/d/xxx/preview?page=10) to the google docs / drive / apps viewer?

Read the article
IIS 7.5 - Remove the pipe character from usernames for virtual hosts

- by glasnt

Currently I have a setup with a virtual FTP site in IIS 7.5 that requires the following authentication details for the anonymous account: Host: ftp.mydomain.com User: ftp.mydomain.com|anonymous Pass: <none> I have multiple FTP accounts setup on this same server. I know that this means I need to specify the domain in the username to let IIS know what I need site to authenticate against, but is it possible to make the username only be anonymous? Would I have to create a user by that name in the windows users and groups area to be and specifically link it there?

Read the article
htaccess rewrite and auth conflict

- by Michael

I have 2 directories each with a .htaccess file: html/.htaccess - There is a rewrite in this file to send almost everything to url.php RewriteCond %{REQUEST_URI} !(exported/?|\.(php|gif|jpe?g|png|css|js|pdf|doc|xml|ico))$ RewriteRule (.*)$ /url.php [L] and html/exported/.htaccess AuthType Basic AuthName "exported" AuthUserFile "/home/siteuser/.htpasswd" require valid-user If I remove html/exported/.htaccess the rewriting works fine and the exported directory can be access. If I remove html/.htaccess the authentication works fine. However when I have both .htaccess files exported/ is being rewritten to /url.php. Any ideas how I can prevent it?

Read the article
subversion problem on mac os x

- by user32942

This exists in my httpd.conf file: <Location /svn> DAV svn SVNParentPath /Users/iirp/Sites/svn Allow from all #AuthType Basic #AuthName "Subversion repository" #AuthUserFile /Users/iirp/Sites/svn-auth-file #Require valid-user </Location> This is working file When I change this to: <Location /svn> DAV svn SVNParentPath /Users/iirp/Sites/svn #Allow from all AuthType Basic AuthName "Subversion repository" AuthUserFile /Users/iirp/Sites/svn-auth-file Require valid-user </Location> and when I access my repository through URL, it gives me the authentication screen but after that screen my svn repository is not showing up correctly. to see message that it gives to me is: Internal Server Error The server encountered an internal error or misconfiguration and was unable to complete your request. Please contact the server administrator, [email protected] and inform them of the time the error occurred, and anything you might have done that may have caused the error. More information about this error may be available in the server error log.

Read the article
Failed reverse DNS and SPF only when using Thunderbird!

- by TruMan1

I have a reverse DNS and SPF records correctly setup for my mail server. Sending webmail from it works perfect. The problem is when Thunderbird sends out emails, it is using the client's IP address for the hostname. I have SMTP authentication and specified my mail server's as the outgoing SMTP. Mail is being sent, but it is not "signing" the email with the mail server's IP address.. it is using the client's. Is there any way to fix this? This is the spam error I get when sending from Thunderbird: Spam: Reverse DNS Lookup, SPF_SoftFail

Read the article
multiple-inheritance substitution

- by Luigi

I want to write a module (framework specific), that would wrap and extend Facebook PHP-sdk (https://github.com/facebook/php-sdk/). My problem is - how to organize classes, in a nice way. So getting into details - Facebook PHP-sdk consists of two classes: BaseFacebook - abstract class with all the stuff sdk does Facebook - extends BaseFacebook, and implements parent abstract persistance-related methods with default session usage Now I have some functionality to add: Facebook class substitution, integrated with framework session class shorthand methods, that run api calls, I use mostly (through BaseFacebook::api()), authorization methods, so i don't have to rewrite this logic every time, configuration, sucked up from framework classes, insted of passed as params caching, integrated with framework cache module I know something has gone very wrong, because I have too much inheritance that doesn't look very normal.Wrapping everything in one "complex extension" class also seems too much. I think I should have few working togheter classes - but i get into problems like: if cache class doesn't really extend and override BaseFacebook::api() method - shorthand and authentication classes won't be able to use the caching. Maybe some kind of a pattern would be right in here? How would you organize these classes and their dependencies? EDIT 04.07.2012 Bits of code, related to the topic: This is how the base class of Facebook PHP-sdk: abstract class BaseFacebook { // ... some methods public function api(/* polymorphic */) { // ... method, that makes api calls } public function getUser() { // ... tries to get user id from session } // ... other methods abstract protected function setPersistentData($key, $value); abstract protected function getPersistentData($key, $default = false); // ... few more abstract methods } Normaly Facebook class extends it, and impelements those abstract methods. I replaced it with my substitude - Facebook_Session class: class Facebook_Session extends BaseFacebook { protected function setPersistentData($key, $value) { // ... method body } protected function getPersistentData($key, $default = false) { // ... method body } // ... implementation of other abstract functions from BaseFacebook } Ok, then I extend this more with shorthand methods and configuration variables: class Facebook_Custom extends Facebook_Session { public funtion __construct() { // ... call parent's constructor with parameters from framework config } public function api_batch() { // ... a wrapper for parent's api() method return $this->api('/?batch=' . json_encode($calls), 'POST'); } public function redirect_to_auth_dialog() { // method body } // ... more methods like this, for common queries / authorization } I'm not sure, if this isn't too much for a single class ( authorization / shorthand methods / configuration). Then there comes another extending layer - cache: class Facebook_Cache extends Facebook_Custom { public function api() { $cache_file_identifier = $this->getUser(); if(/* cache_file_identifier is not null and found a valid file with cached query result */) { // return the result } else { try { // call Facebook_Custom::api, cache and return the result } catch(FacebookApiException $e) { // if Access Token is expired force refreshing it parent::redirect_to_auth_dialog(); } } } // .. some other stuff related to caching } Now this pretty much works. New instance of Facebook_Cache gives me all the functionality. Shorthand methods from Facebook_Custom use caching, because Facebook_Cache overwrited api() method. But here is what is bothering me: I think it's too much inheritance. It's all very tight coupled - like look how i had to specify 'Facebook_Custom::api' instead of 'parent:api', to avoid api() method loop on Facebook_Cache class extending. Overall mess and ugliness. So again, this works but I'm just asking about patterns / ways of doing this in a cleaner and smarter way.

Read the article
Update twitter profile image using OAuth

- by sjobe

I'm trying to get twitter update_profile_image to work using OAuth. I was using curl with regular authentication and everything was working fine, but I switched to OAuth using this library, and now everything except update_profile_image works. I read something about twitter OAuth having problems with multipart data, but that was a while ago and the plugin is supposed to have dealt with that issue. My working regular authentication with curl code $url = 'http://api.twitter.com/1/account/update_profile_image.xml'; $uname = $_POST['username']; $pword = $_POST['password']; $img_path = 'xxx'; $userpwd = $uname . ':' . $pword; $img_post = array('image' => '@' . $img_path . ';type=image/jpeg', 'tile' => 'true'); $format = 'xml'; //alternative: json $message = 'Test update with a random num'.rand(); $opts = array(CURLOPT_URL => $url, CURLOPT_FOLLOWLOCATION => true, CURLOPT_RETURNTRANSFER => true, CURLOPT_HEADER => true, CURLOPT_POST => true, CURLOPT_POSTFIELDS => $img_post, CURLOPT_HTTPAUTH => CURLAUTH_ANY, CURLOPT_USERPWD => $userpwd, CURLOPT_HTTPHEADER => array('Expect:'), CURLINFO_HEADER_OUT => true); $ch = curl_init(); curl_setopt_array($ch, $opts); $response = curl_exec($ch); $err = curl_error($ch); $info = curl_getinfo($ch); curl_close($ch); My current OAuth code [I had to cut it down, so do not minor look for syntax errors] include 'EpiCurl.php'; include 'EpiOAuth.php'; include 'EpiTwitter.php'; include 'secret.php'; $twitterObj = new EpiTwitter($consumer_key, $consumer_secret); $twitterObj->setToken($_GET['oauth_token']); $token = $twitterObj->getAccessToken(); $twitterObj->setToken($token->oauth_token, $token->oauth_token_secret); try{ $img_path = 'xxx'; //$twitterObj->post_accountUpdate_profile_image(array('@image' => "@".$img_path)); $twitterObj->post('/account/update_profile_image.json', array('@image' => "@".$img_path)); $twitterObj->post_statusesUpdate(array('status' => 'This is my new status:'.rand())); //This works $twitterInfo= $twitterObj->get_accountVerify_credentials(); echo $twitterInfo->responseText; }catch(Exception $e){ echo $e->getMessage(); } I've been trying to figure this out for a while, ANY help would be greatly appreciated. I'm not in any way tied to this library, so feel free to recommend others.

Read the article
SSH keys fail for one user

- by Eli

I just set up a new Debian server. I disabled root SSH and password auth, so you've gotta use a key file. For my primary user, everything works exactly as expected. I used ssh-keygen -t dsa and got myself a public and private key. Put one in authorized keys, put the other in a pem file locally. I wanted to create a user that I can deploy things with, so I did basically the same process. I addusered it, made a .ssh folder, ran ssh-keygen -t dsa (I also tried RSA), put the keys in their appropriate locations. No luck. I'm getting a Permission denied (publickey) error. When I use the exact same keys as the account that works, same error. When I enable password authentication, I can log in via SSH with the password. How do I debug this?

Read the article
OfficeLive email settings - Authorization Failed

- by serhio

Is there anybody who tried creating emails with Microsoft's OfficeLive I wonder how to add a created office live e-mail to Outlook? By e.g. my LiveId is [email protected], password: pmegmailcom officeLive site: www.mysite.com, email: [email protected], password: pcontactmysitecom I do new mail account in Outlook: Your name: MySiteTeam; Email address: [email protected] Incoming mail server: pop3.live.com; Outgoing mail server: smtp.live.com User Name: [email protected]; Password: pmegmailcom My outgoing server requires authentication - Yes Use same settings as my incoming mail server - Yes Pop3 port: 995 (SSL - Yes), Smtp port: 587 (SSL - Yes) In fact, I follow the following office live forum moderators instructions. When testing finds POP3 server, finds SMTP server, does not pass authorization. What I do wrong?

Read the article
Ideas for campus Internet Login mechanism?

- by miCRoSCoPiCeaRthLinG

Hello, I work at this university and I'm seeking an effective solution for an internet login mechanism. We have a leased-link at our campus, which is shared by both staff & students. All systems (desktops + laptops + handhelds) connect to the internal network via wifi and can then get onto the net. However, a local govt. regulation requires us to keep track of individual internet usage and hence we need a solution (pref. free / opensource) that'll enable us to implement some sort of an authentication mechanism once a user hooks onto the network. One requirement is that the software should be able to authenticate either against LDAP or some other custom user database (MySQL based) or both. Can anyone suggest any such software or mechanism? Most of our servers are Linux based... so something that runs off such a platform will be good. Thanks, m^e

Read the article
zabbix 2.2.1 no graphs in Web scenario

- by Mick

Hello for some time I have a problem with graphs in web scenarios on Zabbix 2.2.1, I put below the screen, this problem has appeared at every graph of web scenario This same scenario installed a second zabbixie that runs on my local virtual machine with zabbix. In my local machine all components of zabbix (server, frontend, agents), but in my production zabbix only zabbix frontend are separated from each other. Scenario for openerp ============================== Name: OpenERP Web Checks Application: New application: Authentication: Update interval (in sec): 60 Retries: 1 Agent: Internet Explorer 10.0 Steps: ============================== Name: OpenERP login page URL: http://openerp.test.com Post: Variables: Timeout: 15 Required string: Required status codes: 200 My zabbix server performance: Anybody have some idea how fix it ? Regards Mick

Read the article
PHP: Proper way of using a PDO database connection in a class

- by Cortopasta

Trying to organize all my code into classes, and I can't get the database queries to work inside a class. I tested it without the class wrapper, and it worked fine. Inside the class = no dice. What about my classes is messing this up? class ac { public function dbConnect() { global $dbcon; $dbInfo['server'] = "localhost"; $dbInfo['database'] = "sn"; $dbInfo['username'] = "sn"; $dbInfo['password'] = "password"; $con = "mysql:host=" . $dbInfo['server'] . "; dbname=" . $dbInfo['database']; $dbcon = new PDO($con, $dbInfo['username'], $dbInfo['password']); $dbcon->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $error = $dbcon->errorInfo(); if($error[0] != "") { print "<p>DATABASE CONNECTION ERROR:</p>"; print_r($error); } } public function authentication() { global $dbcon; $plain_username = $_POST['username']; $md5_password = md5($_POST['password']); $ac = new ac(); if (is_int($ac->check_credentials($plain_username, $md5_password))) { ?> <p>Welcome!</p>  <?php } else { ?> <p>Not a valid username and/or password. Please try again.</p> <?php unset($_POST['username']); unset($_POST['password']); $ui = new ui(); $ui->start(); } } private function check_credentials($plain_username, $md5_password) { global $dbcon; $userid = $dbcon->prepare('SELECT id FROM users WHERE username = :username AND password = :password LIMIT 1'); $userid->bindParam(':username', $plain_username); $userid->bindParam(':password', $md5_password); $userid->execute(); print_r($dbcon->errorInfo()); $id = $userid->fetch(); Return $id; } } And if it's any help, here's the class that's calling it: require_once("ac/acclass.php"); $ac = new ac(); $ac->dbconnect(); class ui { public function start() { if ((!isset($_POST['username'])) && (!isset($_POST['password']))) { $ui = new ui(); $ui->loginform(); } else { $ac = new ac(); $ac->authentication(); } } private function loginform() { ?> <form id="userlogin" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> User:<input type="text" name="username"/><br/> Password:<input type="password" name="password"/><br/> <input type="submit" value="submit"/> </form> <?php } }

Read the article
Mysterious login attempts to windows server

- by Jim Balo

I have a Windows 2008R2 server that is reporting failed login attempts from a number of workstations on our network. Some event log details: Event ID 4625, Status: 0xc000006d, Sub Status: 0xc0000064 Security ID: NULL SID, Account Name: joedoe, Account Domain: Acme Workstation Name: WINXP1, Source Network Address: 192.168.1.23, Source Port: 1904 Logon Process: NtLmSsp, Authentication Package: NTLM, Logon Type: 3 (network) I believe this is coming from some netbios service or similar (maybe the file explorer), keeping an inventory of its network neighborhood and also trying to authenticate. Is there a way to turn this off without having to turn off file sharing all together? In other words, clients authenticating against file servers that they use is of course no problem, but I want to eliminate clients trying to authenticate to servers that they are not using and have no business with. The above example is only one of thousands of log alerts for similar failed network authentications. What can I do to clean this up / handle this? Thanks.

Read the article
PHP Mail() to Gmail = Spam

- by grantw

Recently Gmail has started marking emails sent directly from my server (using php mail()) as spam and I'm having problems trying to find the issue. If I send an exact copy of the same email from my email client it goes to the Gmail inbox. The emails are plain text, around 7 lines long and contain a URL link in plain text. As the emails sent from my client are getting through fine I'm thinking that the content isn't the issue. It would be greatly appreciated if someone could take a look at the the following headers and give me some advice why the email from the server is being marked as spam. Email from Server: Delivered-To: [email protected] Received: by 10.49.98.228 with SMTP id el4csp101784qeb; Thu, 15 Nov 2012 14:58:52 -0800 (PST) Received: by 10.60.27.166 with SMTP id u6mr2296595oeg.86.1353020331940; Thu, 15 Nov 2012 14:58:51 -0800 (PST) Return-Path: [email protected] Received: from dom.domainbrokerage.co.uk (dom.domainbrokerage.co.uk. [174.120.246.138]) by mx.google.com with ESMTPS id df4si17005013obc.50.2012.11.15.14.58.51 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 15 Nov 2012 14:58:51 -0800 (PST) Received-SPF: pass (google.com: domain of [email protected] designates 174.120.246.138 as permitted sender) client-ip=174.120.246.138; Authentication-Results: mx.google.com; spf=pass (google.com: domain of [email protected] designates 174.120.246.138 as permitted sender) [email protected]; dkim=pass [email protected] DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=domainbrokerage.co.uk; s=default; h=Date:Message-Id:Content-Type:Reply-to:From:Subject:To; bh=2RJ9jsEaGcdcgJ1HMJgQG8QNvWevySWXIFRDqdY7EAM=; b=mGebBVOkyUhv94ONL3EabXeTgVznsT1VAwPdVvpOGDdjBtN1FabnuFi8sWbf5KEg5BUJ/h8fQ+9/2nrj+jbtoVLvKXI6L53HOXPjl7atCX9e41GkrOTAPw5ZFp+1lDbZ; Received: from grantw by dom.domainbrokerage.co.uk with local (Exim 4.80) (envelope-from [email protected]) id 1TZ8OZ-0008qC-Gy for [email protected]; Thu, 15 Nov 2012 22:58:51 +0000 To: [email protected] Subject: Offer Accepted X-PHP-Script: www.domainbrokerage.co.uk/admin.php for 95.172.231.27 From: My Name [email protected] Reply-to: [email protected] Content-Type: text/plain; charset=Windows-1251 Message-Id: [email protected] Date: Thu, 15 Nov 2012 22:58:51 +0000 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - dom.domainbrokerage.co.uk X-AntiAbuse: Original Domain - gmail.com X-AntiAbuse: Originator/Caller UID/GID - [500 500] / [47 12] X-AntiAbuse: Sender Address Domain - domainbrokerage.co.uk X-Get-Message-Sender-Via: dom.domainbrokerage.co.uk: authenticated_id: grantw/from_h Email from client: Delivered-To: [email protected] Received: by 10.49.98.228 with SMTP id el4csp101495qeb; Thu, 15 Nov 2012 14:54:49 -0800 (PST) Received: by 10.182.197.8 with SMTP id iq8mr2351185obc.66.1353020089244; Thu, 15 Nov 2012 14:54:49 -0800 (PST) Return-Path: [email protected] Received: from dom.domainbrokerage.co.uk (dom.domainbrokerage.co.uk. [174.120.246.138]) by mx.google.com with ESMTPS id ab5si17000486obc.44.2012.11.15.14.54.48 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 15 Nov 2012 14:54:49 -0800 (PST) Received-SPF: pass (google.com: domain of [email protected] designates 174.120.246.138 as permitted sender) client-ip=174.120.246.138; Authentication-Results: mx.google.com; spf=pass (google.com: domain of [email protected] designates 174.120.246.138 as permitted sender) [email protected]; dkim=pass [email protected] DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=domainbrokerage.co.uk; s=default; h=Content-Transfer-Encoding:Content-Type:Subject:To:MIME-Version:From:Date:Message-ID; bh=bKNjm+yTFZQ7HUjO3lKPp9HosUBfFxv9+oqV+NuIkdU=; b=j0T2XNBuENSFG85QWeRdJ2MUgW2BvGROBNL3zvjwOLoFeyHRU3B4M+lt6m1X+OLHfJJqcoR0+GS9p/TWn4jylKCF13xozAOc6ewZ3/4Xj/YUDXuHkzmCMiNxVcGETD7l; Received: from w-27.cust-7941.ip.static.uno.uk.net ([95.172.231.27]:1450 helo=[127.0.0.1]) by dom.domainbrokerage.co.uk with esmtpa (Exim 4.80) (envelope-from [email protected]) id 1TZ8Ke-0001XH-7p for [email protected]; Thu, 15 Nov 2012 22:54:48 +0000 Message-ID: [email protected] Date: Thu, 15 Nov 2012 22:54:50 +0000 From: My Name [email protected] User-Agent: Postbox 3.0.6 (Windows/20121031) MIME-Version: 1.0 To: [email protected] Subject: Offer Accepted Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - dom.domainbrokerage.co.uk X-AntiAbuse: Original Domain - gmail.com X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - domainbrokerage.co.uk X-Get-Message-Sender-Via: dom.domainbrokerage.co.uk: authenticated_id: [email protected]

Read the article
RHEL 5/CentOS 5 - sshd becomes unresponsive

- by ewwhite

I have a number of CentOS 5.x and RHEL 5.x systems whose SSH daemons become unresponsive, preventing remote logins. The typical error from the connecting side is: $ ssh db1 db1 : ssh_exchange_identification: Connection closed by remote host Examining /var/log/messages after a forced reboot shows the following leading up to the restart: Dec 10 10:45:51 db1 sshd[14593]: fatal: Privilege separation user sshd does not exist Dec 10 10:46:02 db1 sshd[14595]: fatal: Privilege separation user sshd does not exist Dec 10 10:46:54 db1 sshd[14711]: fatal: Privilege separation user sshd does not exist Dec 10 10:47:38 db1 sshd[14730]: fatal: Privilege separation user sshd does not exist These systems use LDAP authentication and the nsswitch.conf file is configured to look at local "files" first. [root@db1 ~]# cat /etc/nsswitch.conf # # /etc/nsswitch.conf # passwd: files ldap shadow: files ldap group: files ldap hosts: files dns The Privilege-separated SSH user exists in the local password file. [root@db1 ~]# grep ssh /etc/passwd sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin Any ideas on what the root cause is? I did not see any Red Hat errata that covers this.

Read the article
cannot add a user to sysadmin role in SQL Server

- by George2

I am using SQL Server 2008 Management Studio. The current logon account belongs to machine local administrator group. I am using Windows Integrated Security mode in SQL Server 2008. My issue is, after log into SQL Server Management Studio, I select my login name under Security/Logins, then select Server Roles Tab, then select the last item -- sysadmin to make myself belong to this group/role, but it says I do not have enough permission. Any ideas what is wrong? I think local administrator should be able to do anything. :-)

Read the article
ReadyNAS issue with Google Apps?

- by Jauder Ho

The power went out (again) in my house today so I decided to set up some alerting. Since I have a ReadyNAS and the latest version of Raidinator seems to have SMTP TLS support, I figured I would try setting things up to email to a domain I have hosted on Google Apps. At this point, I have everything working IF I use a Gmail account but as soon as I switch to a Google Apps email address, it stops working and complains with smtpstatus=535 smtpmsg='535-5.7.1 Username and Password not accepted. Learn more at \n535 5.7.1 http://mail.google.com/support/bin/answer.py?answer=14257 30sm16076226wfd.23' errormsg='authentication failed (GNU SASL, method PLAIN)' exitcode=EX_NOPERM I'm wondering if anyone else has encountered this. Google's extremely aggressive captcha does not help but I am able to log in now without a captcha from a browser so I'm open to any ideas why the simple switch of a user/password combo that is supposed to work does not. I'm also attaching my config so that others can see how to set things up.

Read the article
CNTLM issue with intranet (maybe DNS)

- by htorque

On my Linux box I need to use an ISA proxy that requires authentication to reach the internet. I therefore installed CNTLM and configured it to point to the proxy address and listen on port 4321. I then configured my GNOME distribution to use localhost:4321 as global proxy for HTTP and HTTPS. The result: I can connect to the internet. I can ping intranet IPs, I do receive name resolution for intranet sites, yet I cannot ping them or open any intranet site in a browser (configured to use the distributions proxy) unless I use the site's IP address. I tried blocking the intranet IP range in the CNTLM config file without luck.

Read the article
Trouble with cross network permissions for an image through iis7 in an asp.net virtual directory

- by EdenMachine

I have load balanced web servers My web application has a function that allows the user to upload their company logo to display in the application header obviously, when they upload the logo image file, it needs to be in a central location or otherwise, the file will not be accessible to the other server on the load balancer. in order to be able to upload the image through the application other on one of either servers and then display it on both servers I need a virtual directory in IIS on both servers that point to a third "file server" (this is the "AcctData" directory shown below with a sub folder "images") the problem is that no matter what I do, I run into a permissioning issue If I use pass-through authentication I get a 401 error. If I use a specific user that's set up on both boxes, I get a 500 error. The "Default" application under "CP" (shown in the image below) uses an AppPool that is a Domain Account that has admin permissions on all the servers. I've also tried sticking a Web.config file in the "AcctData" directory allowing anonymous access. Nothing is working though.

Read the article
Connect to SVN repository with Netbeans using SVN+SSH

- by shuby_rocks

I am trying to connect to a SVN server in order to import my project into it with svn+ssh authentication method. I am using the NetBeans IDE (6.8) with subversion plugin installed on Windows XP SP2. I have plink installed with its path set in the Windows PATH env variable. When I use the similar looking repository URL (XXXX and YYYY replaced with sensible things) svn+ssh://XXXX@YYYY/home/dce/svn/trunk along with this external tunnel command plink -l <myUserName> -i C:\\privateKey.ppk I keep getting this error: org.tigris.subversion.javahl.ClientException: Network connection closed unexpectedly I searched about it on the Internet and tried many things but didn't work out. Please help if anybody has some idea what may be going wrong. Thanks a lot in advance.

Read the article

< Previous Page | 202 203 204 205 206 207 208 209 210 211 212 213 | Next Page >