Search Results

Search found 45382 results on 1816 pages for 'two factor authentication'.

Page 251/1816 | < Previous Page | 247 248 249 250 251 252 253 254 255 256 257 258  | Next Page >

  • Why is piping dd through gzip so much faster than a direct copy?

    - by Foo Bar
    I wanted to backup a path from a computer in my network to another computer in the same network over a 100MBit/s line. For this I did dd if=/local/path of=/remote/path/in/local/network/backup.img which gave me a very low network transfer speed of something about 50 to 100 kB/s, which would have taken forever. So I stopped it and decided to try gzipping it on the fly to make it much smaller so that the amount to transfer is less. So I did dd if=/local/folder | gzip > /remote/path/in/local/network/backup.img.gz But now I get something like 1 MB/s network transfer speed, so a factor of 10 to 20 faster. After noticing this, I tested this on several paths and files and it was always the same. Why does piping dd through gzip also increase the transfer rates by a large factor instead of only reducing the bytelength of the stream by a large factor? I'd expected even a small decrease in transfer rates instead, due to the higher CPU consumption while compressing, but now I get a double plus. Not that I'm not happy, but just wondering. ;)

    Read the article

  • New, separate window in PowerPoint

    - by bobobobo
    I'm trying to open two PowerPoint 2007 documents, and they are open, but they're STUCK in the same window. I can't look at both presentations simultaneously, which is what I want to do. I want to open each presentation in ITS OWN, SEPARATE WINDOW, like in MS-Word how you can have two documents open and they'd be in two separate, draggable windows. I want OUT of the MDI and just have two completely separate windows! How?

    Read the article

  • Exchange 2007 and migrating only some users under a shared domain name

    - by DomoDomo
    I'm in the process of moving two law firms to hosted Exchange 2007, a service that the consulting company I work for offers. Let's call these two firms Crane Law and Poole Law. These two firms were ONE firm just six months ago, but split. So they have three email domains: Old Firm: craneandpoole.com New Firm 1: cranelaw.com New Firm 2: poolelaw.com Both Firm 1 & Firm 2 use craneandpoole.com email addresses, as for the other two domains, only people who work at the respective firm use that firm's domain name, natch. Currently these two firms are still using the same pre-split internal Exchange 2007 server, where MX records for all three domains point. Here's the problem. I'm not moving both companies at the same time. I'm moving Crane Law two weeks before Poole Law. During this two weeks, both companies need to be able to: Continue to receive emails addressed to craneandpoole.com Send emails between firms, using cranelaw.com and poolelaw.com accounts I also have a third problem: I'd like to setup all three domains in my hosting infrastructure way ahead of time, to make my own life easier What would solve all my problems would be, if there is some way I can tell Exchange 2007, even though this domain exists locally forward on the message to the outside world using public MX record as a basis for where to send it (or if I could somehow create a route for it statically that would work too). If this doesn't work, to address points #1 when I migrate Crane Law, I will delete all references locally to cranelaw.com on their current Exchange server, and setup individual forwards for each of their craneandpool.com mailboxes to forward to our hosted exchange server. This will also take care of point #2, since the cranelaw.com won't be there locally, when poolelaw.com tries to send to cranelaw.com, public MX records will be used for mail routing decisions and go to my hosted exchange. The bummer of that though is, I won't be able to setup poolelaw.com ahead of time in hosted Exchange, will have to wait to do it day of :( Sorry for the long and confusing post. Just wondering if there is a better or simpler way to do what I want? Three tier forests and that kind of thing are out, this is just a two week window where they won't be in the same place.

    Read the article

  • Duplication of Architecture State means physically extra?

    - by Doopy Doo
    Hyper-Threading Technology makes a single physical processor appear as two logical processors; the physical execution resources are shared and the architecture state is duplicated for the two logical processors. So, this means that there are two sets of basic registers such as Next Instruction Pointer, processor registers like AX, BX, CX etc physically embedded in the micro-processor chip, OR they(arch. state) are made to look two sets by some low level duplication by software/OS.

    Read the article

  • How to link specific ports to specific domains with Apache virtual hosts?

    - by theJoe
    We have a forward-facing linux box running Apache HTTP server that is acting as a reverse proxy for several back-end servers. The servers are accessed through specific domain names and ports and are set up as virtual hosts within Apache as such: Listen 8001 Listen 8002 <Virtualhost *:8001> ServerName service.one.mycompany.com ProxyPass / http://internal.one.mycompany.com:8001/ ProxyPassReverse / http://internal.one.mycompany.com:8001/ RewriteEngine On RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) RewriteRule .* - [F] </Virtualhost> <Virtualhost *:8002> ServerName service.two.mycompany.com ProxyPass / http://internal.two.mycompany.com:8002/ ProxyPassReverse / http://internal.two.mycompany.com:8002/ RewriteEngine On RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) RewriteRule .* - [F] </Virtualhost> The proxy server has only one IP address, and both domains are pointing to it. Accessing internal.one via service.one works fine, as does accessing internal.two via service.two. Now the problem is that Apache does not take the requesting domain into account when accessing the virtual hosts. What I mean is that both domains work for both ports: requests for service.one:8002 proxies to internal.two:8002, and requests for service.two:8001 proxies to internal.one:8001, where ideally both these requests should be denied. I can get around this by creating more virtual hosts that explicitly deny these requests: NameVirtualHost *:8001 NameVirtualHost *:8002 <Virtualhost *:8001> ServerName service.two.mycompany.com Redirect permanent / http://errorpage.mycompany.com/ </Virtualhost> <Virtualhost *:8002> ServerName service.one.mycompany.com Redirect permanent / http://errorpage.mycompany.com/ </Virtualhost> But this is not an ideal solution, since we plan to add more services to the proxy, and each new port would need to be explicitly denied on all the other domains, and each new domain would need to be explicitly denied on all ports it is not utilizing. As we add more services, the number of virtual hosts can get out of hand quickly. My question, then, is whether there is a better way? Can we explicitly tie specific ports to specific domains in a virtual host so that only that domain-port combination is processed, and all other combinations are not? Things I’ve tried: Adding NameVirtualHost *:8001, etc. without the additional virtual hosts. Setting ProxyRequests On and Off, as well as ProxyPreserveHost On and Off Adding the server name or IP address to the virtual host header, e.g. <VirtualHost service.one.mycompany.com:8001> Using the <proxy> directive inside the virtual host directive. Lots and lots of googling. The proxy server is running CentOS 6.2 64-bit, Apache HTTPD server 2.2.15. As mentioned, the proxy server has only one IP address, and all the domains we are using are pointing to it.

    Read the article

  • Squid, NTLM, Windows 7 and IE8

    - by Harley
    I'm running Squid 2.7-stable4, Samba 3 and the Windows 7 RC with IE8. I have NTLM authentication setup on my squid proxy server and it works fine for every combination of browser and Windows (including IE8 on XP and Firefox on Win7), but it doesn't work (keeps asking for authentication) for IE8 on Windows 7. I can get it to work using the LmCompatibilityLevel registry hack, but I'd really prefer to get it working on the server. Does anyone have any experience with this? Or know where to start looking? The samba logs don't reveal much. EDIT: Here's what the wb-MYDOMAIN log says when I attempt to authenticate: [2009/08/20 15:13:36, 4] nsswitch/winbindd_dual.c:fork_domain_child(1080) child daemon request 13 [2009/08/20 15:13:36, 10] nsswitch/winbindd_dual.c:child_process_request(478) process_request: request fn AUTH_CRAP [2009/08/20 15:13:36, 3] nsswitch/winbindd_pam.c:winbindd_dual_pam_auth_crap(1755) [ 4127]: pam auth crap domain: MYDOMAIN user: MYUSER [2009/08/20 15:13:36, 0] nsswitch/winbindd_pam.c:winbindd_dual_pam_auth_crap(1767) winbindd_pam_auth_crap: invalid password length 24/282 [2009/08/20 15:13:36, 2] nsswitch/winbindd_pam.c:winbindd_dual_pam_auth_crap(1931) NTLM CRAP authentication for user [MYDOMAIN]\[MYUSER] returned NT_STATUS_INVALID_PARAMETER (PAM: 4) [2009/08/20 15:13:36, 10] nsswitch/winbindd_cache.c:cache_store_response(2267) Storing response for pid 4547, len 3240

    Read the article

  • ActiveSync gives a 401.2 error

    - by Justin James
    Hello - I've been struggling for a while with a problem with ActiveSync, it is giving 401.2 errors when trying to access the mailboxes. Oddly enough, clients can get to the calendars just fine. I've tried from an Android device as well as the Exchange remote connectivity troubleshooter, same error both times. Here is the configuration: Connectivity through ISA 2006 Exchange 2007 on Windows 2008 Basic authentication is on ISA is passing through all authentication directly to the Exchange server The user IS allowed to get to ActiveSync in their Exchange mailbox settings I have tried the following, without success: * Making SSL not required * Enabling Windows Integrated and Digest authentication Here is an example of the errors in the IIS log: OPTIONS /Microsoft-Server-ActiveSync/default.eas - 443 - 192.168.32.18 TestActiveSyncConnectivity 401 2 5 0 Here is what I am seeing in my trace log: ModuleName IIS Web Core Notification 2 HttpStatus 401 HttpReason Unauthorized HttpSubStatus 2 ErrorCode 2147942405 ConfigExceptionInfo Notification AUTHENTICATE_REQUEST ErrorCode Access is denied. (0x80070005) I'm 100% stumped. Any clues? Thanks! J.Ja

    Read the article

  • Setting up a VPN connection to Amazon VPC - routing

    - by Keeno
    I am having some real issues setting up a VPN between out office and AWS VPC. The "tunnels" appear to be up, however I don't know if they are configured correctly. The device I am using is a Netgear VPN Firewall - FVS336GV2 If you see in the attached config downloaded from VPC (#3 Tunnel Interface Configuration), it gives me some "inside" addresses for the tunnel. When setting up the IPsec tunnels do I use the inside tunnel IP's (e.g. 169.254.254.2/30) or do I use my internal network subnet (10.1.1.0/24) I have tried both, when I tried the local network (10.1.1.x) the tracert stops at the router. When I tried with the "inside" ips, the tracert to the amazon VPC (10.0.0.x) goes out over the internet. this all leads me to the next question, for this router, how do I set up stage #4, the static next hop? What are these seemingly random "inside" addresses and where did amazon generate them from? 169.254.254.x seems odd? With a device like this, is the VPN behind the firewall? I have tweaked any IP addresses below so that they are not "real". I am fully aware, this is probably badly worded. Please if there is any further info/screenshots that will help, let me know. Amazon Web Services Virtual Private Cloud IPSec Tunnel #1 ================================================================================ #1: Internet Key Exchange Configuration Configure the IKE SA as follows - Authentication Method : Pre-Shared Key - Pre-Shared Key : --- - Authentication Algorithm : sha1 - Encryption Algorithm : aes-128-cbc - Lifetime : 28800 seconds - Phase 1 Negotiation Mode : main - Perfect Forward Secrecy : Diffie-Hellman Group 2 #2: IPSec Configuration Configure the IPSec SA as follows: - Protocol : esp - Authentication Algorithm : hmac-sha1-96 - Encryption Algorithm : aes-128-cbc - Lifetime : 3600 seconds - Mode : tunnel - Perfect Forward Secrecy : Diffie-Hellman Group 2 IPSec Dead Peer Detection (DPD) will be enabled on the AWS Endpoint. We recommend configuring DPD on your endpoint as follows: - DPD Interval : 10 - DPD Retries : 3 IPSec ESP (Encapsulating Security Payload) inserts additional headers to transmit packets. These headers require additional space, which reduces the amount of space available to transmit application data. To limit the impact of this behavior, we recommend the following configuration on your Customer Gateway: - TCP MSS Adjustment : 1387 bytes - Clear Don't Fragment Bit : enabled - Fragmentation : Before encryption #3: Tunnel Interface Configuration Your Customer Gateway must be configured with a tunnel interface that is associated with the IPSec tunnel. All traffic transmitted to the tunnel interface is encrypted and transmitted to the Virtual Private Gateway. The Customer Gateway and Virtual Private Gateway each have two addresses that relate to this IPSec tunnel. Each contains an outside address, upon which encrypted traffic is exchanged. Each also contain an inside address associated with the tunnel interface. The Customer Gateway outside IP address was provided when the Customer Gateway was created. Changing the IP address requires the creation of a new Customer Gateway. The Customer Gateway inside IP address should be configured on your tunnel interface. Outside IP Addresses: - Customer Gateway : 217.33.22.33 - Virtual Private Gateway : 87.222.33.42 Inside IP Addresses - Customer Gateway : 169.254.254.2/30 - Virtual Private Gateway : 169.254.254.1/30 Configure your tunnel to fragment at the optimal size: - Tunnel interface MTU : 1436 bytes #4: Static Routing Configuration: To route traffic between your internal network and your VPC, you will need a static route added to your router. Static Route Configuration Options: - Next hop : 169.254.254.1 You should add static routes towards your internal network on the VGW. The VGW will then send traffic towards your internal network over the tunnels. IPSec Tunnel #2 ================================================================================ #1: Internet Key Exchange Configuration Configure the IKE SA as follows - Authentication Method : Pre-Shared Key - Pre-Shared Key : --- - Authentication Algorithm : sha1 - Encryption Algorithm : aes-128-cbc - Lifetime : 28800 seconds - Phase 1 Negotiation Mode : main - Perfect Forward Secrecy : Diffie-Hellman Group 2 #2: IPSec Configuration Configure the IPSec SA as follows: - Protocol : esp - Authentication Algorithm : hmac-sha1-96 - Encryption Algorithm : aes-128-cbc - Lifetime : 3600 seconds - Mode : tunnel - Perfect Forward Secrecy : Diffie-Hellman Group 2 IPSec Dead Peer Detection (DPD) will be enabled on the AWS Endpoint. We recommend configuring DPD on your endpoint as follows: - DPD Interval : 10 - DPD Retries : 3 IPSec ESP (Encapsulating Security Payload) inserts additional headers to transmit packets. These headers require additional space, which reduces the amount of space available to transmit application data. To limit the impact of this behavior, we recommend the following configuration on your Customer Gateway: - TCP MSS Adjustment : 1387 bytes - Clear Don't Fragment Bit : enabled - Fragmentation : Before encryption #3: Tunnel Interface Configuration Outside IP Addresses: - Customer Gateway : 217.33.22.33 - Virtual Private Gateway : 87.222.33.46 Inside IP Addresses - Customer Gateway : 169.254.254.6/30 - Virtual Private Gateway : 169.254.254.5/30 Configure your tunnel to fragment at the optimal size: - Tunnel interface MTU : 1436 bytes #4: Static Routing Configuration: Static Route Configuration Options: - Next hop : 169.254.254.5 You should add static routes towards your internal network on the VGW. The VGW will then send traffic towards your internal network over the tunnels. EDIT #1 After writing this post, I continued to fiddle and something started to work, just not very reliably. The local IPs to use when setting up the tunnels where indeed my network subnets. Which further confuses me over what these "inside" IP addresses are for. The problem is, results are not consistent what so ever. I can "sometimes" ping, I can "sometimes" RDP using the VPN. Sometimes, Tunnel 1 or Tunnel 2 can be up or down. When I came back into work today, Tunnel 1 was down, so I deleted it and re-created it from scratch. Now I cant ping anything, but Amazon AND the router are telling me tunnel 1/2 are fine. I guess the router/vpn hardware I have just isnt up to the job..... EDIT #2 Now Tunnel 1 is up, Tunnel 2 is down (I didn't change any settings) and I can ping/rdp again. EDIT #3 Screenshot of route table that the router has built up. Current state (tunnel 1 still up and going string, 2 is still down and wont re-connect)

    Read the article

  • UITableView: Juxtaposing row, header, and footer insertions/deletions

    - by jdandrea
    Consider a very simple UITableView with one of two states. First state: One (overall) table footer One section containing two rows, a section header, and a section footer Second state: No table footer One section containing four rows and no section header/footer In both cases, each row is essentially one of four possible UITableViewCell objects, each containing its own UITextField. We don't even bother with reuse or caching, since we're only dealing with four known cells in this case. They've been created in an accompanying XIB, so we already have them all wired up and ready to go. Now consider we want to toggle between the two states. Sounds easy enough. Let's suppose our view controller's right bar button item provides the toggling support. We'll also track the current state with an ivar and enumeration. To be explicit for a sec, here's how one might go from state 1 to 2. (Presume we handle the bar button item's title as well.) In short, we want to clear out our table's footer view, then insert the third and fourth rows. We batch this inside an update block like so: // Brute forced references to the third and fourth rows in section 0 NSUInteger row02[] = {0, 2}; NSUInteger row03[] = {0, 3}; [self.tableView beginUpdates]; state = tableStateTwo; // 'internal' iVar, not a property self.tableView.tableFooterView = nil; [self.tableView insertRowsAtIndexPaths:[NSArray arrayWithObjects: [NSIndexPath indexPathWithIndexes:row02 length:2], [NSIndexPath indexPathWithIndexes:row03 length:2], nil] withRowAnimation:UITableViewRowAnimationFade]; [self.tableView endUpdates]; For the reverse, we want to reassign the table footer view (which, like the cells, is in the XIB ready and waiting), and remove the last two rows: // Use row02 and row03 from earlier snippet [self.tableView beginUpdates]; state = tableStateOne; self.tableView.tableFooterView = theTableFooterView; [self.tableView deleteRowsAtIndexPaths:[NSArray arrayWithObjects: [NSIndexPath indexPathWithIndexes:row02 length:2], [NSIndexPath indexPathWithIndexes:row03 length:2], nil] withRowAnimation:UITableViewRowAnimationFade]; [self.tableView endUpdates]; Now, when the table asks for rows, it's very cut and dry. The first two cells are the same in both cases. Only the last two appear/disappear depending on the state. The state ivar is consulted when the Table View asks for things like number of rows in a section, height for header/footer in a section, or view for header/footer in a section. This last bit is also where I'm running into trouble. Using the above logic, section 0's header/footer does not disappear. Specifically, the footer stays below the inserted rows, but the header now overlays the topmost row. If we switch back to state one, the section footer is removed, but the section header remains. How about using [self.tableView reloadData] then? Sure, why not. We take care not to use it inside the update block, per Apple's advisement, and simply add it after endUpdates. This time, good news! The section 0 header/footer disappears. :) However ... Toggling back to state one results in a most exquisite mess! The section 0 header returns, only to overlay the first row once again (instead of appear above it). The section 0 footer is placed below the last row just fine, but the overall table footer - now reinstated - overlays the section footer. Waaaaaah … now what? Just to be sure, let's toggle back to state two again. Yep, that looks fine. Coming back to state one? Yecccch. I also tried sprinkling in a few other stunts like using reloadSections:withRowAnimation:, but that only serves to make things worse. NSRange range = {0, 1}; NSIndexSet *indexSet = [NSIndexSet indexSetWithIndexesInRange:range]; ... [self.tableView reloadSections:indexSet withRowAnimation:UITableViewRowAnimationFade]; Case in point: If we invoke reloadSections... just before the end of the update block, changing to state two hides the first two rows from view, even though the space they would otherwise occupy remains. Switching back to state one returns section 0's header/footer to normal, but those first two rows remain invisible. Case two: Moving reloadSections... to just after the update block but before reloadData results in all rows becoming invisible! (I refer to the row as being invisible because, during tracing, tableView:cellForRowAtIndexPath: is returning bona-fide cell objects for those rows.) Case three: Moving reloadSections... after tableView:cellForRowAtIndexPath: brings us a bit closer, but the section 0 header/footer never returns when switching back to state one. Hmm. Perhaps it's a faux pas using both reloadSections... and reloadData, based on what I'm seeing at trace-time, which brings us to: Case four: Replacing reloadData with reloadSections... outright. All cells in state two disappear. All cells in state one remain missing as well (though the space is kept). So much for that theory. :) Tracing through the code, the cell and view objects, as well as the section heights, are all where they should be at the opportune times. They just aren't rendering sanely. So, how to crack this case? Clues welcome/appreciated!

    Read the article

  • Remote Desktop, Host: 2008, Client: Windows 7, The remote computer requires Network Level Authentica

    - by deerchao
    Hi, today I accidently changed one option of Teminal Services, I checked "Allow connections only from computers running Remote Desktop with Network Level Authentication". After that, I can't connect to my server any more. The error says: The remote computer requires Network Level Authentication, which your computer does not support. But my client pcs(both home and at office) are running Windows 7, as far as I know, it shoud support NLA; And in About dialog of Remote Desktop Connection there says "Supports Network Level Authentication". My server is running Windows Server 2008, placed in IDC center; I could connect to it before I change the settings. All other sevices(like IIS, SQL Server) are running normally. For clients, I tried two PCs running Windows 7, and two virtual windows XP machine running in Virtual PC and Virtual Box, all of them gives the same error message. Is there a way I can make things right without go to IDC which is far away? Thanks.

    Read the article

  • DKIM passes everywhere apart from Yahoo!

    - by Ian
    Hi, I'm using dkim-milter, Postfix on Ubuntu (I think I used these instructions for setting up). Anyway, using the reflectors such as Port25, BlackOps and Altn.com I get passes for DKIM: X-DKIM: OpenDKIM Filter v2.0.1 medusa.blackops.org o2SGTMSg005616 Authentication-Results: medusa.blackops.org; dkim=pass (1024-bit key) [email protected]; dkim-adsp=pass dkim=pass header.d=example.com (b=miSIxi7TMX; 1:0:good); Authentication-Results: verifier.port25.com header.d=example.com; dkim=pass (matches From: [email protected]); Yahoo gives this: Authentication-Results: mta1031.mail.ukl.yahoo.com from=; domainkeys=neutral (no sig); from=example.com; dkim=permerror (key failed) Where, obviously, example.com is my site address. Is anyone aware of anything different with Yahoo! that would stop these from signing? TIA

    Read the article

  • Mercurial SSH process blocks when run from Local System

    - by Liedman
    We are using Mercurial over SSH for our development. We use Hudson for continous integration, and have deployed it on Tomcat, running on a Windows 2003 Server using the Local System account. Mercurial is configured to use Putty's plink.exe as its ssh command in Mercurial.ini, together with a private key for SSH authentication. When Hudson attempts any Mercurial command over SSH, the operation just blocks. I can see the three processes being started: hg.exe, cmd.exe and plink.exe. On the remote machine, I can also see the SSH session being opened and the authentication key being accepted. After that, nothing appears to happen, and everything just blocks, seemingly forever. (As a side note, subversion/SVN over SSH works from Hudson to the same server, using the same user and authentication key). A solution would of course be the best, but at least a hint for how I should debug it to get further would be nice, since I'm stuck and haven't even got an error message right now.

    Read the article

  • IE Kerberos failure on some machines with CNAME web server (with SPN for host's A record)

    - by Eric Thames
    It's fairly well known that IE doesn't like to do Kerberos against hosts that are registered in DNS as CNAMEs. What happens is that IE turns around and uses the underlying A record for the host for looking up the Service Principal Name (SPN). On a test network we are able to get Kerberos working by having the SPN registered for the A record of the host, so that Kerberos authentication happens successfully when accessing the web server via it's CNAME in the browser. Kerberos authentication works properly when directly accessing the web server with the A record host in the URL, but for various reasons that are beyond my control, it is desired to use the CNAME. On the production network, this same configuration fails though and I can't figure out why. Any thoughts? This is a java web application using the SPNEGO library - not IIS. Kerberos authentication is working properly in both the test and production networks (and has been confirmed to not fail back to NTLM), but the CNAME access only works in test.

    Read the article

  • Able to connect by SSH, but not x2go

    - by Mike
    I am having trouble connecting to a remote server with X2GO using a DSA key. Connecting works fine over SSH, but when I try to connect with X2GO, it goes immediately to the username/password box and doesn't want to use the private key I specify in the options. If I select "Try auto login" it appears to try to connect and then I get the following error: No public key matched Access denied. Authentication that can continue: publickey It was working previously, but I reinstalled the client OS and since then I am unable to connect. I copied all of the SSH keys over from the previous installation. I also tried deleting my ~/.ssh/known_hosts file and adding the key to ssh-agent with no success, but the key is definitely added correctly: $ ssh-add -l 1024 b9:3d:e5:ef:48:ea:fc:c6:6e:45:89:b5:35:e7:58:39 server.com_dsa (DSA) Note, if I enable password authentication on the server, I can connect fine, however I would like to use publickey. Any ideas how I can connect with public key authentication?

    Read the article

  • prevent domain controller using wpad for windows update

    - by BeowulfNode42
    We have a 2012 domain controller in an environment where we are running a web proxy auto discovery (WPAD) setup for client devices, and that proxy server requires authentication. However windows update does not support proxy servers requiring authentication. So we want to prevent windows update on our servers from using the WPAD proxy settings. On a domain member server we can log in to the local administrator account (not domain admin) and un-tick the the "Auto detect proxy settings" in IE internet options and that fixes the issue on those servers. But a domain controller does not have a local admin account, as that account is the domain admin account. Doing this to the domain admin account on the DC does not prevent it from using WPAD. Our whole purpose of running a proxy server that requires authentication is so we can identify what the users on our session based remote desktop servers are doing on the internet. See this MS KB Article for some info about Windows update and proxy servers "How the Windows Update client determines which proxy server to use to connect to the Windows Update Web site" - http://support.microsoft.com/kb/900935

    Read the article

  • Issue in extending webapplication sharepoint

    - by GHIYA
    I have extended a webapplication in a farm. main server vsmoss1 where i did vsmoss1 ->webapplication(80) vm.com -> extended web app(of above one)anonymous WFE server name vsmoss2 WFE server name vsmoss3 i have load balanced it to got to vsmoss2 and vsmoss3 when someone hits vm.com when i hit vm.com it works fine without authentication(shows content query webpart also on my page) I know there is no need to do that but when I hit vsmoss2 and vsmoss3 it shows me error on my content query webpart ....any solution for that? Finding this strange tried this : I closed both extended webapp in vsmoss2 and vsmoss3 result: site is up and running but this time with authentication I closed both extended and main webapplication site in vsmoss2 and vsmoss3 is down I closed main webapplication in vsmoss2 and vsmoss3 site is up and running without authentication Anyone is having idea why this is showing behaviour like this...?

    Read the article

  • FreeBSD 8.2 + Apache 2.2 + mod_auth_pam2: unable to authenticate

    - by zneak
    I've installed Apache 2.2 and mod_auth_pam2 from ports, but I can't get local UNIX authentication to work. When I access the protected part of my local website, I do get the authentication request, and with pam_permit.so, it works. However, when I change pam_permit.so to the real thing, pam_unix.so, I get this message in httpd-error.log: [error] PAM: user 'foo' - not authenticated: authentication error This is the relevant part of my Apache config, though I don't think it's the problem as it works with pam_permit.so: <Location /foo> AuthBasicAuthoritative Off AuthPAM_Enabled on AuthPAM_FallThrough off AuthType Basic AuthName "Secret place" Require valid-user </Location> This is my /etc/pam.d/httpd, though I don't think it's the problem either, since it works with pam_permit.so: auth required pam_unix.so account required pam_unix.so So what am I missing? What does it take to have pam_unix.so work for httpd under FreeBSD?

    Read the article

  • DKIM, SPF, PTR records are not working properly with my domain

    - by shihon
    I configured my server and well authenticate email system with DKIM key, SPF record and PTR records, when i start to sent out mails from phplist interface to my users ~50000, my domain is spammed by google. In headers, signed by and mailed by tag shows by my domain : appmail.co, I also test my domain via check mail provide by port25, report is: This message is an automatic response from Port25's authentication verifier service at verifier.port25.com. The service allows email senders to perform a simple check of various sender authentication mechanisms. It is provided free of charge, in the hope that it is useful to the email community. While it is not officially supported, we welcome any feedback you may have at . Thank you for using the verifier, The Port25 Solutions, Inc. team ========================================================== Summary of Results SPF check: pass DomainKeys check: neutral DKIM check: pass Sender-ID check: pass SpamAssassin check: ham ========================================================== Details: HELO hostname: app.appmail.co Source IP: 108.179.192.148 mail-from: [email protected] SPF check details: Result: pass ID(s) verified: [email protected] DNS record(s): appmail.co. SPF (no records) appmail.co. 14400 IN TXT "v=spf1 +a +mx +ip4:108.179.192.148 ?all" appmail.co. 14400 IN A 108.179.192.148 DomainKeys check details: Result: neutral (message not signed) ID(s) verified: [email protected] DNS record(s): DKIM check details: Result: pass (matches From: [email protected]) ID(s) verified: header.d=appmail.co Canonicalized Headers: content-type:multipart/alternative;'20'boundary=047d7b2eda75d8544d04c17b6841'0D''0A' to:[email protected]'0D''0A' from:shashank'20'sharma'20'<[email protected]>'0D''0A' subject:Test'0D''0A' message-id:<CADnDhbH9aDBk3Ho2-CrG7gwOoD6RNX0sFq4bWL64+kmo=9HjWg@mail.gmail.com>'0D''0A' date:Sat,'20'2'20'Jun'20'2012'20'16:44:50'20'+0530'0D''0A' mime-version:1.0'0D''0A' dkim-signature:v=1;'20'a=rsa-sha256;'20'q=dns/txt;'20'c=relaxed/relaxed;'20'd=appmail.co;'20's=default;'20'h=Content-Type:To:From:Subject:Message-ID:Date:MIME-Version;'20'bh=GS6uwlT+weKcrrLJ2I+cjBtWPq9nvhwRlNAJebOiQOk=;'20'b=; Canonicalized Body: --047d7b2eda75d8544d04c17b6841'0D''0A' Content-Type:'20'text/plain;'20'charset=UTF-8'0D''0A' '0D''0A' Hello'20'Senders'0D''0A' '0D''0A' --047d7b2eda75d8544d04c17b6841'0D''0A' Content-Type:'20'text/html;'20'charset=UTF-8'0D''0A' '0D''0A' Hello'20'Senders'0D''0A' '0D''0A' --047d7b2eda75d8544d04c17b6841--'0D''0A' DNS record(s): default._domainkey.appmail.co. 14400 IN TXT "v=DKIM1; k=rsa; p=MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhALGCOdMeZRxRHoatH7/KCvI1CKS0wOOsTAq0LLgPsOpMolifpVQDKOWT2zq/6LHVmDVjXLbnWO2d4ry/riy7ei66pLpnAV5ceIUSjBRusI8jcF9CZhPrh/OImsKVUb9ceQIDAQAB;" NOTE: DKIM checking has been performed based on the latest DKIM specs (RFC 4871 or draft-ietf-dkim-base-10) and verification may fail for older versions. If you are using Port25's PowerMTA, you need to use version 3.2r11 or later to get a compatible version of DKIM. Sender-ID check details: Result: pass ID(s) verified: [email protected] DNS record(s): appmail.co. SPF (no records) appmail.co. 14400 IN TXT "v=spf1 +a +mx +ip4:108.179.192.148 ?all" appmail.co. 14400 IN A 108.179.192.148 SpamAssassin check details: SpamAssassin v3.3.1 (2010-03-16) Result: ham (-0.1 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay domain 0.0 HTML_MESSAGE BODY: HTML included in message -0.5 BAYES_05 BODY: Bayes spam probability is 1 to 5% [score: 0.0288] -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.5 SINGLE_HEADER_1K A single header contains 1K-2K characters ========================================================== Original Email Return-Path: <[email protected]> Received: from app.appmail.co (108.179.192.148) by verifier.port25.com id hp7qqo11u9cc for <[email protected]>; Sat, 2 Jun 2012 07:14:52 -0400 (envelope-from <[email protected]>) Authentication-Results: verifier.port25.com; spf=pass [email protected] Authentication-Results: verifier.port25.com; domainkeys=neutral (message not signed) [email protected] Authentication-Results: verifier.port25.com; dkim=pass (matches From: [email protected]) header.d=appmail.co Authentication-Results: verifier.port25.com; sender-id=pass [email protected] DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=appmail.co; s=default; h=Content-Type:To:From:Subject:Message-ID:Date:MIME-Version; bh=GS6uwlT+weKcrrLJ2I+cjBtWPq9nvhwRlNAJebOiQOk=;b=pNw3UQNMoNyZ2Ujv8omHGodKVu/55S8YdBEsA5TbRciga/H7f+5noiKvo60vU6oXYyzVKeozFHDoOEMV6m5UTgkdBefogl+9cUIbt5CSrTWA97D7tGS97JblTDXApbZH; Received: from mail-pb0-f46.google.com ([209.85.160.46]:57831) by app.appmail.co with esmtpa (Exim 4.77) (envelope-from <[email protected]>) id 1SamIF-00055f-Om for [email protected]; Sat, 02 Jun 2012 16:44:51 +0530 Received: by pbbrp8 with SMTP id rp8so4165728pbb.5 for <[email protected]>; Sat, 02 Jun 2012 04:14:51 -0700 (PDT) MIME-Version: 1.0 Received: by 10.68.216.33 with SMTP id on1mr19414885pbc.105.1338635690988; Sat, 02 Jun 2012 04:14:50 -0700 (PDT) Received: by 10.143.66.13 with HTTP; Sat, 2 Jun 2012 04:14:50 -0700 (PDT) Date: Sat, 2 Jun 2012 16:44:50 +0530 Message-ID: <CADnDhbH9aDBk3Ho2-CrG7gwOoD6RNX0sFq4bWL64+kmo=9HjWg@mail.gmail.com> Subject: Test From: shashank sharma <[email protected]> To: [email protected] Content-Type: multipart/alternative; boundary=047d7b2eda75d8544d04c17b6841 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - app.appmail.co X-AntiAbuse: Original Domain - verifier.port25.com X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - appmail.co --047d7b2eda75d8544d04c17b6841 Content-Type: text/plain; charset=UTF-8 Hello Senders --047d7b2eda75d8544d04c17b6841 Content-Type: text/html; charset=UTF-8 Hello Senders --047d7b2eda75d8544d04c17b6841-- I also tried to send mail on yahoo , rediff but i get mails in spam. Please help me to sort out this issue

    Read the article

  • Authenticating AIX Users Against OID (Oracle Internet Directory)

    - by mwilkes
    We have a need to authenticate local users on an AIX server against OID using LDAP. We have a branch within OID where we've placed and synchronized Active Directory users. We've also configured external authentication on OID so that it verifies username/passwords against AD. Has anyone configured authentication for AIX in this type of environment? We believe we need to populate unix specific attributes on the user's directory entry in OID, but are unsure which attributes are needed. Additionally, we are looking to authenticate Oracle database users against OID but because of external authentication we are unable to populate the ORCLPASSWORD attribute on the user's directory entry on OID (which is the attribute Oracle is looking for password in). Help with either or both are welcome.

    Read the article

  • http proxy caching headers

    - by David Hagan
    I have a service for which I'm about to upgrade the authentication. However, I'm trying to ensure that I make the right decision about where the encryption algorithms occur. I currently have two options: option 1) the authentication module is deployed to the client as a javascript library over https and executes client-side, so that the client can POST back an encrypted string. option 2) the authentication module is kept server-side so that the client need only POST back an unencrypted string. I know that many http proxies cache/log the query-string (and therefore any query parameters), but does anyone know of any http proxies that cache the headers as well? If the headers are being cached, then I'll clearly want to encrypt the password inside the SSL encryption, because to my understanding the headers of an HTTPS request may not always be encrypted (depending on the capabilities of the browser etcetera). Can anyone shed any light on the caching of headers by http proxies? Do you have one that does, or know of one that does?

    Read the article

  • How can i estimate memory usage of stl::map?

    - by Drakosha
    For example, I have a std::map with known sizeof(A) and sizefo(B), while map has N entries inside. How would you estimate its memory usage? I'd say it's something like (sizeof(A) + sizeof(B)) * N * factor But what is the factor? Different formula maybe? Update: Maybe it's easier to ask for upper bound?

    Read the article

  • Can Linux works as 802.1X authenticator in bridge mode ?

    - by Kartoch
    I want to create a lab for my students with netkit (a network emulator based on 802.1X) to study 802.1X. I can create the authentication server (FreeRadius) and configure the client with XSupplicant connected by a switch (a Linux in bridge mode). I'm looking to a way to configure the switch as Authenticator, i.e.: when the client is connected, the switch only forwards EAP packets to the authentication server. then the switch lets the user access to the local network when the authentication server authorizes the client. At the present time there is a lot of documentation to do this with a wireless point but no one for a switch. Does anyone have an idea or know the good software for it ?

    Read the article

  • How to use IIS as a trusted proxy for ActiveDirectory SSO?

    - by brofield
    I'm trying to add Active Directory single-sign-on support to an existing SOAP server. The server can be configured to accept a trusted reverse-proxy and use the X-Remote-User HTTP header for the authenticated user. I want to configure IIS to be the trusted proxy for this service, so that it handles all of the Active Directory authentication for the SOAP server. Basically IIS would have to accept HTTP connections on port X and URL Y, do all the authentication, and then proxy the connection to a different server (most likely the same X and Y). Unfortunately, I have no knowledge of IIS or AD (so I am trying my best to learn enough to build this solution) so please be gentle. I would assume that this is not an uncommon scenario, so is there some easy way to do this? Is this sort of functionality built into IIS or do I need to build some sort of IIS proxy program myself? Is there a better option for getting the authentication done and the X-Remote-User HTTP header set than requiring IIS?

    Read the article

  • unwanted password prompt pops up on web server?

    - by Paul
    my web server randomly asks for a password as though basic authentication is turned on. It's an IIS 7 web server and you have to specifically install basic authentication in the roles section. It isn't installed. The message that pops up is "Warning: This server is requesting that your username and password be sent in an insecure manner (basic authentication without a secure connection)" I cannot reproduce the problem but a number of customers have reported the problem and it only seems to appear to a small number of customers. It pops up when they visit the homepage, nothing is generated by the IIS logs to indicate a password box is being served (e.g. no 401 errors etc) Can anyone offer any advice? Thanks

    Read the article

  • How can I copy Data from one sheet to another Sheet in Excel 07 Through Macro

    - by Mwaseem Alvi
    Hello, I am using MS Office 2007. Please let me know that how can I copy whole data from sheet one to sheet two. I want to copy the whole data from row 5 to onward in sheet two. The whole scenrio is given below in detail. Sheet one: Copy the data from column B and Row 3 Sheet Two: Paste the Copied Data in Column B and Row 3 Sheet One: Copy the whole data from Column B to Column G and Row 5 to onward Sheet Two: Paste whole copied data in sheet two from last filled row to onward Data dont overwrite on any row or column. Every data will be add in sheet two from sheet one when macro will be run. Thanks

    Read the article

< Previous Page | 247 248 249 250 251 252 253 254 255 256 257 258  | Next Page >