Search Results

Search found 22633 results on 906 pages for 'service accounts'.

Page 59/906 | < Previous Page | 55 56 57 58 59 60 61 62 63 64 65 66 | Next Page >

Why run apache under it's own user name?

- by cathy02

Hello, By default apache runs under user nobody. Is there a reason I would want to change that? Does it make things more secure?

Read the article
Users and Groups management on 7 Home Premium

- by AviD

Recently upgraded the home pc from XP pro, to Windows 7 Home Premium. I'm looking for a solution for a few things that seem to be missing from this edition... Since Local Users and Groups is blocked on Home Premium, I can't figure out how to manage groups, or even do anything even slightly advanced to users (basically, create/group/picture is it). net localgroup, net users, net etc dont seem to work - getting "system error 5". While I'm on the topic, I cant activate (what was once) "Local Security Policy"... Looking for any help, advice, or even a new direction cuz things is differ'nt on Winnows7... To clarify, I'm looking to do some of the following, which were simply back in XP-land: remote user only (i.e. no local logon) Grant special privileges for specific user grant access to e.g. C$ share for specific remote user create custom groups for users, to be able to separate privileges of say, my wife's from my kids define quite specifically what each user can do (beyond just standard users) Harden OS (hmm, i guess maybe what i'm looking for is security hardening guide for 7...?)

Read the article
System user authentication via web interface [closed]

- by donodarazao

Background: We have one pretty slow and expensive satellite Internet connection that is shared in a network with 5-50 users. To limit traffic, users shall pay a certain sum of money per hour. Routing and traffic accounting on user basis is done by a opensuse 10.3 server. Login is done via pppoe, and for each connection, username, bytes_sent, bytes_rcvd, start_time, end_time,etc are written into a mysql database. Now it was decided that we want to change from time-based to volume-based pricing. As the original developer who installed the system a couple of years ago isn't available, I'm trying to do the changes. Although I'm absolutely new to all this, there is some progress. However, there's one point I'm absolutely stuck. Up to now, only administrators can access connection details and billing information via a web interface. But as volume-based prices are less transparent to users than time-based prices, it is essential that users themselves can check their connections and how much they cost via the web interface. For this, we need some kind of user authentication. Actual question: How to develop such a user authentication? Every user has a linux system user account. With this user name and password, connection to the pppoe-server is made by the client machines. I thought about two possibles ways to authenticate users: First possibility: Users type username and password in a form. This is then somehow checked. We already have to possibilities to change passwords via the web interface. Here are parts of the code: Part of the Perl script the homepage is linked to: #!/usr/bin/perl use CGI; use CGI::Carp qw(fatalsToBrowser); use lib '../lib'; use own_perl_module; my @error; my $data; $query = new CGI; $username = $query->param('username') || ''; $oldpasswd = $query->param('oldpasswd') || ''; $passwd = $query->param('passwd') || ''; $passwd2 = $query->param('passwd2') || ''; own_perl_module::connect(); if ($query->param('submit')) { my $benutzer = own_perl_module::select_benutzer(username => $username) or push @error, "user not exists"; push @error, "your password?!?" unless $passwd; unless (@error) { own_perl_module::update_benutzer($benutzer->{id}, { oldpasswd => $oldpasswd, passwd => $passwd, passwd2 => $passwd2 }, error => \@error) and push @error, "Password changed."; } } Here's part of the sub update_benutzer in the own_perl_module: if ($dat-{passwd} ne '') { my $username = $dat-{username} || $select-{username}; my $system = "./chpasswd.pl '$username' '$dat-{passwd}'" . (defined($dat-{oldpasswd}) ? " '$dat-{oldpasswd}'" : undef); my $answer = $system; if ($? != 0) { chomp($answer); push @$error, $answer || "error changing password ($?)"; Here's chpasswd.pl: #!/usr/bin/perl use FileHandle; use IPC::Open3; local $username = shift; local $passwd = shift; local $oldpasswd = shift; local $chat = { 'Old Password: $' => sub { print POUT "$oldpasswd\n"; }, 'New password: $' => sub { print POUT "$passwd\n"; }, 'Re-enter new password: $' => sub { print POUT "$passwd\n"; }, '(.*)\n$' => sub { print "$1\n"; exit 1; } }; local $/ = \1; my $command; if (defined($oldpasswd)) { $command = "sudo -u '$username' /usr/bin/passwd"; } else { $command = "sudo /usr/bin/passwd '$username'"; } $pid = open3(\*POUT, \*PIN, \*PERR, $command) or die; my $buffer; LOOP: while($_ = <PERR>) { $buffer .= $_; foreach (keys(%$chat)) { if ($buffer =~ /$_/i) { $buffer = undef; &{$chat->{$_}}; } } } exit; Could this somehow be adjusted to verify users, but not changing user passwords? The second possibility I see: all pppoe connections are logged in the mysql database. If I could somehow retrieve the username (or uid) of the user connected by pppoe, this could be used to authenticate users. Users could only check their internet connections and costs when they are online (and thus paying money), but this could be tolerated. Here's a line of the script that inserts connections into the database: my $username = $ENV{PEERNAME}; I thought it would be easy to use this variable, but $username seems to be always empty in test-scripts (print $username). Any idea how to retrieve the user connected to the pppoe server? Sorry for the long question! Any help would be very much appreciated. :)

Read the article
Accessing the Local System Account to accept a software licence

- by Ryan French

Hi All, I have a server at the moment running ColdFusion which is being used to access a windows whois program on the server. Each time I call this command via ColdFusion (using cfexecute) the command times out. I believe the issue is because the first time a user runs the .exe file they are asked to accept the licence. ColdFusion is currently set to run under the Local System account and I am just wondering if it is possible to somehow log into this account and run the program manually via the console so that I can accept the licence. I guess my only other option is to change the account ColdFusion runs under, but I would rather not do this.

Read the article
Two users using the same same user profile while not in a domain.

- by Scott Chamberlain

I have a windows server 2003 acting as a terminal server, this computer is not a member of any domain. We demo our product on the server by creating a user account. The person logs in uses the demo for a few weeks and when they are done we delete the user account. However every time we do this it creates a new folder in C:\Documents and Settings\. I know with domains you can have many users point at one profile and make it read only so all changes are dumped afterwords, but is there a way to do that when the machine is not on a domain? I would really like it if I didn't have to remote in and clean up the folders every time.

Read the article
How to print all users from windows-group to a textfile?

- by Tim

Hello, i'm trying to print all users of a group "Students" to a Textfile "Students.txt". I'm not in a domain, so this does not work: net group "Students" >> students.txt because i get following: This command can be used only on a Windows Domain Controller. Thank you in advance If anybody is interested in a VB.Net solution, i've programmed a Winform solution with a multiline Textbox to copy/paste the members (anyway, thanks for your help): Imports System.DirectoryServices 'first add a refernce to it from .Net Tab' .... Private Sub PrintGroupMember_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load Dim students As List(Of DirectoryEntry) = MembersOfGroup("Students") For Each user As DirectoryEntry In students Me.TextBox1.Text &= user.Name & vbCrLf Next End Sub Public Function MembersOfGroup(ByVal GroupName As String) As List(Of DirectoryEntry) Dim members As New List(Of DirectoryEntry) Try Using search As New DirectoryEntry("WinNT://./" & GroupName & ",group") For Each member As Object In DirectCast(search.Invoke("Members"), IEnumerable) Dim memberEntry As New DirectoryEntry(member) members.Add(memberEntry) Next End Using Catch ex As Exception MessageBox.Show(ex.ToString) End Try Return members End Function

Read the article
Is it okay to use an administrator account for everyday use if UAC is on?

- by Valentin Radu

Since I switched to Windows 7 about 3 years ago, and now using Windows 8.1, I have become familiar with the concept of User Account Control and used my PC the following way: a standard account which I use for every day work and the built-in Administrator account activated and used only to elevate processes when they request so, or to ”Run as administrator” applications when I need to. However, recently after reading more about User Account Control, I started wondering if my way of working is good? Or should I use an administrator account for every day work, since an administrator account is not elevated until requested by apps, or until I request so via the ”Run as administrator” option? I am asking this because I read somewhere that the built-in Administrator account is a true administrator, by which I mean UAC doesn't pop up when logged in within it, and I am scared of not having problems when potential malicious software come into scene. I have to mention that I do not use it on a daily basis, just when I need to elevate some apps. I barely log in into it 10 times a year... So, how's better? Thanks for your answers! And Happy New Year, of course! P.S. I asked this a year ago (:P) and I think I should reiterate it: is an administrator account as safe these days as a standard account coupled with the built-in Administrator account when needed?

Read the article
How can I disable registry editing (with RegEdit) by a guest account?

- by user23950

How do I disable registry editing (with RegEdit) by a guest account in Windows XP?

Read the article
How to start wampp server automatically for standard user?

- by Ashvin

Is there a way to use WAMP in windows professional-standard user mode. I have to use wamp and i am given only a standard user account. My boss installed wamp for me through his admin account, but i am unable to open it via my user account. I have to call him everytime i have to open wamp and its being a real hazzle to me ? Is there a way my standard user account be given privileges to use wamp and other datababse related things?

Read the article
In Linux, what's the best way to delegate administration responsibilities, like for Apache, a database, or some other application?

- by Andrew Banks

In Linux, what's the best way to delegate administration responsibilities for Apache and other "applications"? File permissions? Sudo? A mix of both? Something else? At work we have two tiers of "administrators" Operating system administrators. These are your run-of-the-mill "server administrators." They are responsible for just the operating system. Application administrators. The people who build the web site. This includes not only writing the SQL, PHP, and HTML, but also setting up and running Apache and PostgreSQL or MySQL. The aforementioned OS admins will install this stuff, but it's mainly up to the app admins to edit all the config files, start and stop processes when needed, and so on. I am one of the app admins. This is different than what I am used to. I used to just write code. The sysadmin took care not only of the OS but also installing, setting up, and keeping up the server software. But he left. Now I'm in charge of setting up Apache and the database. The new sysadmins say they just handle the operating system. It's no problem. I welcome learning new stuff. But there is a learning curve, even for the OS admins. Apache, by default, seems to be set up for administration by root directly. All the config files and scripts are 644 and owned by root:root. I'm not given the root password, naturally, so the OS admins must somehow give my ordinary OS user account all the rights necessary to edit Apache's config files, start and stop it, read its log files, and so on. Right now they're using a mix of: (1) giving me certain sudo rights, (2) adding me to certain groups, and (3) changing the file permissions of various directories, to make them writable by one of the groups I'm in. This never goes smoothly. There's always a back-and-forth between me and the sysadmins. They say it's ready. Then I try certain things, and half of them I still can't do. So they make some more changes. Then finally I seem to be independent and can administer Apache and the database without pestering them anymore. It's the sheer complication and amount of changes that make me uncomfortable. Even though it finally works, more or less, it seems hackneyed. I feel like we're doing it wrong. It seems like the makers of the software would have anticipated this scenario (someone other than root administering it) and have a clean two- or three-step program to delegate responsibility to me. But it feels like we are really chewing up the filesystem and making it far and away from the default set-up. Any suggestions? Are we doing it the recommended way? P.S. For PostgreSQL it seems a little better. Its files are owned by a system user named postgres. So giving me the right to run sudo su - postgres gives me just about everything. I'm just now getting into MySQL, but it seems to be set up similarly. But it seems a little weird doing all my work as another user.

Read the article
SFTP access without hassle

- by enobayram

I'm trying to provide access to a local folder for someone over the internet. After googling around a bit, I've come to the conclusion that SFTP is the safest thing to expose through the firewall to the chaotic and evil world of the Internet. I'm planning to use the openssh-server to this end. Even though I trust that openssh will stop a random attacker, I'm not so sure about the security of my computer once someone is connected through ssh. In particular, even if I don't give that person's user account any privileges whatsoever, he might just be able to "su" to, say, "nobody". And since I was never worried about such things before, I might have given some moderate privileges to nobody at some point (not sudo rights surely!). I would of course value your comments about giving privileges to nobody in the first place, but that's not the point, really. My aim is to give SFTP access to someone in such a sandboxed state that I shouldn't need to worry about such things (at least not more so than I should have done before). Is this really possible? Am I speaking nonsense or worried in vain?

Read the article
Change User Folder

- by sazpaz

So I had a backup and when restored it to my computer the User folder didn't actually change to use the backed-up folder, so now I have an owner folder (which is pretty much empty) and a my_username folder below C:\Users. How can I make my account use the my_username folder as the user folder? EDIT: I've tried creating a new account and then changing the name of my old folder to the name of the new account, but somehow Windows still knows it's not the 'real' user folder and creates a TEMP folder. In which registry is this configured?

Read the article
Change ownership of directory and all contents to a new user from root.

- by Andrew Fashion

I created a website under /var/www/html/ all under root, all images, files, .htacess, directories, etc... I uploaded and configured everything as root. I want to make it it's own username/password so it's not owned by root. I currently do not have the user account made either, I want to also setup FTP for the user account. There is also about 30GB of images in the folder as well. How can I go about changing all of this? I am running CentOS 5.5 64 bit. Thank you!

Read the article
user profile cannot be loaded in Windows 7

- by alex

so I wake up this morning and my mother drops the Dell laptop. She starts it up and no desktop icons appear. I take a look (mind you I'm not totally awake yet), go to start menu, click a button (I forgot which one) and a window box pops up saying something a bout the hardrive (I think it might have said cannot be located) she's crying right now and waiting until 10 to take it to bestbuy. she wont let me touch the dell either. could this be because of the drop or from torrents (which never was a problem)? please help.

Read the article
`adduser [options] user group` fails ubuntu 11.04

- by Rob

I'm want to use adduser However it doesn't seem to work if I provide the second argument for the user's group root@a:~# adduser rick staff adduser: The user `rick' does not exist. The group exists root@a:~# addgroup staff addgroup: The group `staff' already exists. The man page says this should work... adduser [options] user group Any ideas? I can do: adduser --ingroup staff rick So no massive issue, just seems strange.

Read the article
How to set an executable white list?

- by izabera

Under Linux, is it possible to set a white-list of executables for a certain group of users? I need them to be unable to use, for example, make, gcc and executables on removable disks. How can this be done? Edit, let me explain better. I'm dealing with a high school IT system, young geeks that (during the lessons) want to play, surf the net, damage those computer however they can. The major step to achieve this goal was to remove the system they're familiar with and install Ubuntu in all the computers. This actually works quite well, but recent events proved that this is not enough. I want to allow them to execute certain safe programs, like Open Office, and to deny any other program, whether it is preinstalled software, something they carry in usb drives, a downloaded program or a script they program on site. It's possible to remove the 'x' permission on any file on the pc, but of course it would be impractical. Furthermore, they would be able to run anything they download. I thought the best solution would be to make a white-list of safe programs and to deny anything else, but I don't really know how to do it. Any idea is helpful.

Read the article
Link to user directory displayed with wrong name in start menu

- by wierob

In the start menu the link to my user directory is displayed with a wrong name e.g. foo When I click on the link in the start menu the explorer opens my correct user directory but the addressbar still names it foo. However, when I open a cmd from that directory the location is correctly shown as C:\Users\myUserName. Furthermore there is no C:\Users\foo directory. How can I fix this (i.e. ths link in the startmenu should be named myUserName)?

Read the article
Two users using the same same user profile while not in a domain.

- by Scott Chamberlain

I have a windows server 2003 acting as a terminal server, this computer is not a member of any domain. We demo our product on the server by creating a user account. The person logs in uses the demo for a few weeks and when they are done we delete the user account. However every time we do this it creates a new folder in C:\Documents and Settings\. I know with domains you can have many users point at one profile and make it read only so all changes are dumped afterwords, but is there a way to do that when the machine is not on a domain? I would really like it if I didn't have to remote in and clean up the folders every time.

Read the article
Expire windows user (license) after some time according to first login instead of a solid expiration date

- by smhnaji

In a project, we have lots of Windows user that have bought licenses for 1 month, 2 month,... 1 year and so... CURRENT SITUATION (WHAT I DON'T WANT): When users are created and added to the OS, a solid expiration date is given. WHAT I WANT: Users' expiration date should be calculated automatically after first login. The user might not need his account right when purchases the license. In another words: When a license is purchased at Jan 1, he should use the license until Feb 1. No matter whether he really logs in or not. He cannot come Feb 5 and begin using his license because that has expired then. What I want is that when he comes at Feb 5 and begins using, the license update until March 5. Environment: Windows Server 2012

Read the article
Google 2-step verification: Should my phone know my password? [closed]

- by Sir Code-A-Lot

Hi, Just enabled 2-step verification for my Google account. I have installed Google Authenticator on my Android phone, and I set up an application specific password for the Google account associated on my phone. This works great when just using installed apps like Gmail, Calendar and Google Reader. But if I want to access Google Docs, Google Tasks or any other website that requires a Google login, I don't seem to be able to use a application specific password. I have to use my real password and then use Google Authenticator to make a code for the next step. This means if my phone is stolen, revoking the password to my phone is pointless. The phone have already been verified, and all that is needed is my password, which the phones browser will have remembered. I realize that I can take measures to ensure the phones browser doesn't remember my password, but that's just not convenient at all. Am I missing something, or is there no elegant solution to this? Should I just let my phone know my real password? As I see it, being able to login with application specific passwords on websites (which apparently isn't possible) is the only way I can revoke my phones access in a meaningful way.

Read the article
Matching up HomeGroup users created in different versions of Windows

- by pdr

In our household, we have 2 laptops and a desktop, all currently on Windows 8.1. The desktop has been upgraded in stages from Windows 7. Laptop 1 was bought with Windows 8 and has now been upgraded. Laptop 2 is new and came with Windows 8.1. We've been trying to set up a HomeGroup such that we have one user on laptop 1, one on laptop 2 and both can log into the desktop, with each user able to edit their files on their laptop and desktop, while the other user has read-only access. And we now have that situation ... except ... because the user on laptop 1 was created in Windows 8 but the same user on the desktop was created in 8.1, they have different names in Windows Explorer (say, firstuser and first_000). Likewise, the other use was created on laptop 2 in Windows 8.1 and on the desktop in Windows 7 (so let's say secon_000 and seconduser). This is ultimately confusing. Now if we expand the HomeGroup, we get four users (firstuser, first_000, seconduser and secon_000) and each has a single computer inside it. What I'd like to see is firstuser = laptop1, desktop and seconduser = laptop2, desktop. An acceptable alternative is first_000 = laptop1, desktop and secon_000 = laptop2, desktop. But what I don't want to have to do is delete firstuser and seconduser and rebuild them. Is there a better way?

Read the article
Is there a "super-admin" account in Win 7 or SBS?

- by Craig Johnston

Is there a "super-admin" account in Win 7 or SBS?

Read the article
After binding Mac to AD, first login successfully creates mobile account and logs in, after that next login locks AD account

- by user132844

Mac os x 10.7 and 10.8 AD Server 2008 R2 Binding using AD Plugin or dsconfigad -add mydomain -username myuser -ou "OU=Computers,OU=Sites,OU=Mysite,DC=mycompany,DC=com" Works fine. First login happens fine. Creates mobile account, no issues noticed. After I logout, the next login attempt fails, and after only shaking one time, their AD account is locked out. opendirectory.log makes a vague mention of account being expired but honestly I don't see much in the logs that pops out as useful. Any help?

Read the article
How can I stop ntbackup requiring my new password every time I'm forced to change my Windows passwor

- by Lunatik

I have a scheduled job that runs each night using ntbackup which copies a folder on my HDD to a network share. The problem is that every time I'm required to change my Windows password I have to remember to change it in ntbackup aswell, otherwise the backup fails silently i.e. I get no warning that the backup isn't being done. Is there a way to schedule this job so it will automatically pick up my new Windows password, or somehow not be tied to my main login? My user account type is Debugger, not full Administrator, so I'm not sure if that would restrict me in any way, e.g. still forcing a four-weekly password change on a dedicated user account for this. The PC runs XP SP2 on a Windows Server 2003 R2 domain.

Read the article
Windows7: Gaining administrator rights in CLI without being prompted for password

- by liori

Hello, I am trying to write a script which includes disk defragmentation as one of its steps. defrag needs administrative rights to work. I tried to use runas /user:Administrator, but it always asked me for password (even though there isn't one set). The script needs to run unattended for a long time, and it needs to be started from standard user account (it is actually being run by cygwin), so I'd like to get rid of that prompt. Is this possible? Thanks,

Read the article

< Previous Page | 55 56 57 58 59 60 61 62 63 64 65 66 | Next Page >