Search Results

Search found 8071 results on 323 pages for 'active director'.

Page 6/323 | < Previous Page | 2 3 4 5 6 7 8 9 10 11 12 13  | Next Page >

  • get username from active directory in C#.net [closed]

    - by Jahangeer Ahmed
    get username from active directory in C#.net ManagementObjectSearcher Usersearcher = new ManagementObjectSearcher("Select * From Win32_ComputerSystem"); ManagementObjectCollection Usercollection = Usersearcher.Get(); string[] sep = { "\" }; string[] UserNameDomain = Usercollection.Cast().First()["UserName"].ToString().Split(sep, StringSplitOptions.None); null reference exception

    Read the article

  • Monitoring Active Directory (AD) Replication in Windows Server 2008 R2

    - by Kyle Brandt
    With Active Directory, what is a good way to monitor replication? I have multiple sites and multiple locations, so ideally both replication between sites and within sites would be monitored. I'm not really sure if each DC needs to be monitored, each NTDS connection, or each DC * Each NTDS connection. For the purposes of fitting into a standard alerting methodology, perfmon counters that would allow me to alert if replication was behind X minutes seems like it might be ideal.

    Read the article

  • Websphere federated repository for Active Directory

    - by Drakiula
    Hi, What I am trying to achieve is to have Websphere 6.1 use Active Directory users authentication. Websphere is running on Windows 2008 R2. What I've done already: Succesfully setup a federated repository for Windows Active Directory (LDAP); Create a realm definition for the federated repository previously defined; Set the realm definition as the current real definition. Stop the Websphere service. When I attempt to start the Websphere service again, it crashes with the following stacktrace: ------Start of DE processing------ = [9/3/10 2:36:14:133 PDT] , key = com.ibm.websphere.security.EntryNotFoundException com.ibm.ws.security.registry.UserRegistryImpl.createCredential 824 Exception = com.ibm.websphere.security.EntryNotFoundException Source = com.ibm.ws.security.registry.UserRegistryImpl.createCredential probeid = 824 Stack Dump = com.ibm.websphere.wim.exception.EntityNotFoundException: CWWIM4001E The 'null' entity was not found. at com.ibm.ws.wim.registry.util.UniqueIdBridge.getUniqueUserId(UniqueIdBridge.java:233) at com.ibm.ws.wim.registry.WIMUserRegistry$6.run(WIMUserRegistry.java:351) at com.ibm.ws.wim.security.authz.jacc.JACCSecurityManager.runAsSuperUser(JACCSecurityManager.java:500) at com.ibm.ws.wim.security.authz.ProfileSecurityManager.runAsSuperUser(ProfileSecurityManager.java:964) at com.ibm.ws.wim.registry.WIMUserRegistry.getUniqueUserId(WIMUserRegistry.java:340) at com.ibm.ws.security.registry.UserRegistryImpl.createCredential(UserRegistryImpl.java:750) at com.ibm.ws.security.ltpa.LTPAServerObject.authenticate(LTPAServerObject.java:776) at com.ibm.ws.security.server.lm.ltpaLoginModule.login(ltpaLoginModule.java:453) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:79) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:618) at javax.security.auth.login.LoginContext.invoke(LoginContext.java:795) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:209) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:709) at java.security.AccessController.doPrivileged(AccessController.java:246) at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:706) at javax.security.auth.login.LoginContext.login(LoginContext.java:603) at com.ibm.ws.security.auth.JaasLoginHelper.jaas_login(JaasLoginHelper.java:376) at com.ibm.ws.security.auth.ContextManagerImpl.login(ContextManagerImpl.java:3513) at com.ibm.ws.security.auth.ContextManagerImpl.login(ContextManagerImpl.java:3306) at com.ibm.ws.security.auth.ContextManagerImpl.login(ContextManagerImpl.java:3086) at com.ibm.ws.security.auth.ContextManagerImpl.getServerSubjectInternal(ContextManagerImpl.java:2180) at com.ibm.ws.security.auth.ContextManagerImpl.getServerSubjectInternal(ContextManagerImpl.java:1972) at com.ibm.ws.security.auth.ContextManagerImpl.initialize(ContextManagerImpl.java:2530) at com.ibm.ws.security.auth.ContextManagerImpl.initialize(ContextManagerImpl.java:2560) at com.ibm.ws.security.core.SecurityContext.enable(SecurityContext.java:83) at com.ibm.ws.security.core.distSecurityComponentImpl.initialize(distSecurityComponentImpl.java:379) at com.ibm.ws.security.core.distSecurityComponentImpl.startSecurity(distSecurityComponentImpl.java:336) at com.ibm.ws.security.core.SecurityComponentImpl.startSecurity(SecurityComponentImpl.java:105) at com.ibm.ws.security.core.ServerSecurityComponentImpl.start(ServerSecurityComponentImpl.java:283) at com.ibm.ws.runtime.component.ContainerImpl.startComponents(ContainerImpl.java:977) at com.ibm.ws.runtime.component.ContainerImpl.start(ContainerImpl.java:673) at com.ibm.ws.runtime.component.ApplicationServerImpl.start(ApplicationServerImpl.java:197) at com.ibm.ws.runtime.component.ContainerImpl.startComponents(ContainerImpl.java:977) at com.ibm.ws.runtime.component.ContainerImpl.start(ContainerImpl.java:673) at com.ibm.ws.runtime.component.ServerImpl.start(ServerImpl.java:526) at com.ibm.ws.runtime.WsServerImpl.bootServerContainer(WsServerImpl.java:192) at com.ibm.ws.runtime.WsServerImpl.start(WsServerImpl.java:140) at com.ibm.ws.runtime.WsServerImpl.main(WsServerImpl.java:461) at com.ibm.ws.runtime.WsServer.main(WsServer.java:59) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:79) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:618) at com.ibm.wsspi.bootstrap.WSLauncher.launchMain(WSLauncher.java:183) at com.ibm.wsspi.bootstrap.WSLauncher.main(WSLauncher.java:90) at com.ibm.wsspi.bootstrap.WSLauncher.run(WSLauncher.java:72) at org.eclipse.core.internal.runtime.PlatformActivator$1.run(PlatformActivator.java:78) at org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.runApplication(EclipseAppLauncher.java:92) at org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.start(EclipseAppLauncher.java:68) at org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:400) at org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:177) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:79) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:618) at org.eclipse.core.launcher.Main.invokeFramework(Main.java:336) at org.eclipse.core.launcher.Main.basicRun(Main.java:280) at org.eclipse.core.launcher.Main.run(Main.java:977) at com.ibm.wsspi.bootstrap.WSPreLauncher.launchEclipse(WSPreLauncher.java:329) at com.ibm.wsspi.bootstrap.WSPreLauncher.main(WSPreLauncher.java:92) Dump of callerThis = Object type = com.ibm.ws.security.registry.UserRegistryImpl com.ibm.ws.security.registry.UserRegistryImpl@68a068a0 Anybody maybe has a hint on this? I followed the exact steps described in the IBM Infocenter for setting this up. Thanks in advance for the help.

    Read the article

  • jquery navbar active state stays through refresh

    - by bob
    Hello, I am building a web application and because it has a layout. I don't want to have to create a seperate navigation bar for each page. I am wondering if I can assign an active class to a link that gets clicked on my navbar which will keep the active class even after a page refresh. html <div id="navbar"> <ul id = "main_nav"> <li><%= link_to '', root_path, :class => "home" %></li> <li><%= link_to '', junklists_path, :class => "buy" %></li> <li><%= link_to '', post_junk_path, :class => "sell" %></li> <li><%= link_to '', contact_path, :class => "contact" %></li> </ul> </div> jquery $("#main_nav li a").click(function(){ $("#main_nav li a.active").removeClass('active'); $(this).stop().addClass('active'); }) What options do I have? Thanks in advance!

    Read the article

  • jquery hasClass "active" on ul#navigation li on page load not working

    - by Ross
    $(document).ready(function(){ $("li").click(function(){ if ($(this).hasClass("active") ) $(this).fadeTo("slow", 1.0); }); }); I have a navigation bar made and am using this code to add a transparency effect on hover: $(document).ready(function(){ $(".thumbs").fadeTo("slow", 0.6); $(".thumbs").hover(function(){ $(this).fadeTo("slow", 1.0); },function(){ $(this).fadeTo("slow", 0.4); }); }); I'm also using hoverIntent. The opacity rollover works a treat, but I'd like my "active" page to have 100% opacity, but I can't seem to get it to work..what am I doing wrong? the link in questions HTML is: <ul id="navigation"> <li class="active"><a href="page.htm"></a></li> </ul> the nav works perfect minus my "active" class so I think I provided all the necessary code. thank you.

    Read the article

  • Active Directory - Lightweight Directory Services and Domain Password Policy

    - by Craig Beuker
    Greetings all, We have an active directory domain which enforces a strict password policy. Hooray! Now, for the project we are working on, we are going to be storing users of our website Microsoft's AD-LDS service as well as using that for authentication of our web users. By default, it is my understanding that AD-LDS inherits its password policy from the domain of the machine it's installed on. Is there any way to break that link such that we can define a lighter password policy (or none if we so choose) for users in AD-LDS without affecting our domain? Note: AD-LDS is going to be hosted on a machine which is part of the domain. Thanks in advance.

    Read the article

  • Ubuntu 10.04 & IBM DS3524 with FC multipath, inactive path is [failed][faulty] instead of [active][ghost]

    - by Graeme Donaldson
    OK, this is my setup: FC Switches IBM/Brocade, Switch1 and Switch2, independent fabrics. Server IBM x3650 M2, 2x QLogic QLE2460, 1 connected to each FC Switch. Storage IBM DS3524, 2x controllers with 4x FC ports each, but only 2x connected on each. +-----------------------------------------------------------------------+ | HBA1 Server HBA2 | +-----------------------------------------------------------------------+ | | | | | | +-----------------------------+ +------------------------------+ | Switch1 | | Switch2 | +-----------------------------+ +------------------------------+ | | | | | | | | | | | | | | | | | | | | +-----------------------------------+-----------------------------------+ | Contr A, port 3 | Contr A, port 4 | Contr B, port 3 | Contr B, port 4 | +-----------------------------------+-----------------------------------+ | Storage | +-----------------------------------------------------------------------+ My /etc/multipath.conf is from the IBM redbook for the DS3500, except I use a different setting for prio_callout, IBM uses /sbin/mpath_prio_tpc, but according to http://changelogs.ubuntu.com/changelogs/pool/main/m/multipath-tools/multipath-tools_0.4.8-7ubuntu2/changelog, this was renamed to /sbin/mpath_prio_rdac, which I'm using. devices { device { #ds3500 vendor "IBM" product "1746 FAStT" hardware_handler "1 rdac" path_checker rdac failback 0 path_grouping_policy multibus prio_callout "/sbin/mpath_prio_rdac /dev/%n" } } multipaths { multipath { wwid xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx alias array07 path_grouping_policy multibus path_checker readsector0 path_selector "round-robin 0" failback "5" rr_weight priorities no_path_retry "5" } } The output of multipath -ll with controller A as the preferred path: root@db06:~# multipath -ll sdg: checker msg is "directio checker reports path is down" sdh: checker msg is "directio checker reports path is down" array07 (xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx) dm-2 IBM ,1746 FASt [size=4.9T][features=1 queue_if_no_path][hwhandler=0] \_ round-robin 0 [prio=2][active] \_ 5:0:1:0 sdd 8:48 [active][ready] \_ 5:0:2:0 sde 8:64 [active][ready] \_ 6:0:1:0 sdg 8:96 [failed][faulty] \_ 6:0:2:0 sdh 8:112 [failed][faulty] If I change the preferred path using IBM DS Storage Manager to Controller B, the output swaps accordingly: root@db06:~# multipath -ll sdd: checker msg is "directio checker reports path is down" sde: checker msg is "directio checker reports path is down" array07 (xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx) dm-2 IBM ,1746 FASt [size=4.9T][features=1 queue_if_no_path][hwhandler=0] \_ round-robin 0 [prio=2][active] \_ 5:0:1:0 sdd 8:48 [failed][faulty] \_ 5:0:2:0 sde 8:64 [failed][faulty] \_ 6:0:1:0 sdg 8:96 [active][ready] \_ 6:0:2:0 sdh 8:112 [active][ready] According to IBM, the inactive path should be "[active][ghost]", not "[failed][faulty]". Despite this, I don't seem to have any I/O issues, but my syslog is being spammed with this every 5 seconds: Jun 1 15:30:09 db06 multipathd: sdg: directio checker reports path is down Jun 1 15:30:09 db06 kernel: [ 2350.282065] sd 6:0:2:0: [sdh] Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE Jun 1 15:30:09 db06 kernel: [ 2350.282071] sd 6:0:2:0: [sdh] Sense Key : Illegal Request [current] Jun 1 15:30:09 db06 kernel: [ 2350.282076] sd 6:0:2:0: [sdh] <<vendor>> ASC=0x94 ASCQ=0x1ASC=0x94 ASCQ=0x1 Jun 1 15:30:09 db06 kernel: [ 2350.282083] sd 6:0:2:0: [sdh] CDB: Read(10): 28 00 00 00 00 00 00 00 08 00 Jun 1 15:30:09 db06 kernel: [ 2350.282092] end_request: I/O error, dev sdh, sector 0 Jun 1 15:30:10 db06 multipathd: sdh: directio checker reports path is down Jun 1 15:30:14 db06 kernel: [ 2355.312270] sd 6:0:1:0: [sdg] Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE Jun 1 15:30:14 db06 kernel: [ 2355.312277] sd 6:0:1:0: [sdg] Sense Key : Illegal Request [current] Jun 1 15:30:14 db06 kernel: [ 2355.312282] sd 6:0:1:0: [sdg] <<vendor>> ASC=0x94 ASCQ=0x1ASC=0x94 ASCQ=0x1 Jun 1 15:30:14 db06 kernel: [ 2355.312290] sd 6:0:1:0: [sdg] CDB: Read(10): 28 00 00 00 00 00 00 00 08 00 Jun 1 15:30:14 db06 kernel: [ 2355.312299] end_request: I/O error, dev sdg, sector 0 Does anyone know how I can get the inactive path to show "[active][ghost]" instead of "[failed][faulty]"? I assume that once I can get that right then the spam in my syslog will end as well. One final thing worth mentioning is that the IBM redbook doc targets SLES 11 so I'm assuming there's something a little different under Ubuntu that I just haven't figured out yet. Update: As suggested by Mitch, I've tried removing /etc/multipath.conf, and now the output of multipath -ll looks like this: root@db06:~# multipath -ll sdg: checker msg is "directio checker reports path is down" sdh: checker msg is "directio checker reports path is down" xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxdm-1 IBM ,1746 FASt [size=4.9T][features=0][hwhandler=0] \_ round-robin 0 [prio=1][active] \_ 5:0:2:0 sde 8:64 [active][ready] \_ round-robin 0 [prio=1][enabled] \_ 5:0:1:0 sdd 8:48 [active][ready] \_ round-robin 0 [prio=0][enabled] \_ 6:0:1:0 sdg 8:96 [failed][faulty] \_ round-robin 0 [prio=0][enabled] \_ 6:0:2:0 sdh 8:112 [failed][faulty] So its more or less the same, with the same message in the syslog every 5 minutes as before, but the grouping has changed.

    Read the article

  • Active Directory using Samba/Open LDAP for user accounts

    - by Jon Rhoades
    I know this is the wrong way round... but Is it possible to use AD in front of Samba for our PC clients, so that the user accounts are in Samba/Open LDAP. Managing our fleet of Windows PC's is becoming more and more difficult with just Samba v3 - until Samba v4 comes along, it would be great if we could leverage Active Directory, but have the accounts stored in Samba/Open LDAP. Windows PC's are a minority in our organisation & Samaba/Open LDAP are used for just about every service (Zimbra/RADIUS/Intranet/SAN/Printing/...) so it will have to remain the definitive account source. Anyway, it probably can't be done, but I thought I would ask for ideas anyway.

    Read the article

  • Plone Active Directory group filter

    - by Jason Weber
    I am currently trying to configure the Plone LDAP plugin for Active directory. Thus far all is good and I’m getting users and groups through. The usage is for Cyn.In However the problem I’m facing is thus: The users search has the ability to filter, which is great. I can use the memberOf or department filter to just grab the users I want. However all our groups simply live in one OU, which means I’m getting over 30 pages of groups of which 99% are just not necessary. Sadly I don’t have control over our AD, so can’t just shift the ones I want into their own OU. Is there any way you can think of to also filter groups based on some kind of LDAP criteria?

    Read the article

  • Wrong DNS query in Active directory network with NetBIOS enabled client

    - by koankoder
    The setup: Active Directory is enabled on the network (abcd.com) We have a single character host name (1.abcd.com) one of the desktop has an old XP with NetBIOS stuff enabled The Problem Whenever we query for any host name from the XP machine, the first character alone is taken for DNS query (one.abcd.com will query for o.abcd.com, two.abcd.com will query for t.abcd.com) Even if we give some IP, the application queries with numeric prefix (10.x.x.x will query for 1.abcd.com).Since we already have 1.abcd.com, all query and traffic ends up in 1.abcd.com After discussion with network guys, it seems netbios DNS queries by having some prefix etc. but none of them is actually sure on what is happening. Is there any docs which can explain this behavior ? Is this valid behavior in NetBIOS environment ?

    Read the article

  • Active Directory intergration with linux users and zimbra

    - by Juan Diego
    I have the following questions about setting an active directory, that already has users and a domain, (i.e. internaldomain.edu) and real domain (i.e mydomain.edu.), and I have seeing many examples of the integration of AD with linux and usually they have a domain like intranet.mydomain.edu. Should I change "internaldomain.edu" to intranet.mydomain.edu or to mydomain.edu, or I can leave that internaldomain.edu like it is and create another domain. I am a littlebit confused with these, I know one is the windows domain but I dont know if that affects my email users.

    Read the article

  • Cannot create a new domain in an existing active directory forest

    - by Mackenzie Carr
    I have a domain controller setup on Windows Server 2008 R2 (Forest) and I have another Windows Server 2008 R2 (New Domain) and I want to create a new domain in an existing forest. I get the following error: An Active Directory domain controller for the domain mackdev.mackenziecarr.com could not be contacted The error was "no records found for the given DNS query" The query was for the SRV record for: _ldap._tcp.dc._msdcs.mackdev.mackenziecarr.com I've seem to have tried everything even tried adding this record to the DNS server of the primary forest. I even successfully joined this server to the domain without any issues but trying to create a new domain under the existing forest is no luck. The primary forest I.P. address is 192.168.2.20 the server that I am using to try to make a child domain is 192.168.2.21 My ipconfig are as follows: I.P. Address: 192.168.2.21 Subnetmask: 255.255.255.0 Gateway: 192.168.2.1 Primary DNS: 192.168.2.20

    Read the article

  • Active Directory Password Policy Problem

    - by Will
    To Clarify: my question is why isn't my password policy applying to people in the domain. Hey guys, having trouble with our password policy in Active Directory. Sometimes it just helps me to type out what I’m seeing It appears to not be applying properly across the board. I am new to this environment and AD in general but I think I have a general grasp of what should be going on. It’s a pretty simple AD setup without too many Group Policies being applied. It looks something like this DOMAIN Default Domain Policy (link enabled) Password Policy (link enabled and enforce) Personal OU Force Password Change (completely empty nothing in this GPO) IT OU Lockout Policy (link enabled and enforced) CS OU Lockout Policy Accouting OU Lockout Policy The password policy and default domain policy both define the same things under Computer ConfigWindows seetings sec settings Account Policies / Password Policy Enforce password History : 24 passwords remembered Maximum Password age : 180 days Min password age: 14 days Minimum Password Length: 6 characters Password must meet complexity requirements: Enabled Store Passwords using reversible encryption: Disabled Account Policies / Account Lockout Policy Account Lockout Duration 10080 Minutes Account Lockout Threshold: 5 invalid login attempts Reset Account Lockout Counter after : 30 minutes IT lockout This just sets the screen saver settings to lock computers when the user is Idle. After running Group Policy modeling it seems like the password policy and default domain policy is getting applied to everyone. Here is the results of group policy modeling on MO-BLANCKM using the mblanck account, as you can see the policies are both being applied , with nothing important being denied Group Policy Results NCLGS\mblanck on NCLGS\MO-BLANCKM Data collected on: 12/29/2010 11:29:44 AM Summary Computer Configuration Summary General Computer name NCLGS\MO-BLANCKM Domain NCLGS.local Site Default-First-Site-Name Last time Group Policy was processed 12/29/2010 10:17:58 AM Group Policy Objects Applied GPOs Name Link Location Revision Default Domain Policy NCLGS.local AD (15), Sysvol (15) WSUS-52010 NCLGS.local/WSUS/Clients AD (54), Sysvol (54) Password Policy NCLGS.local AD (58), Sysvol (58) Denied GPOs Name Link Location Reason Denied Local Group Policy Local Empty Security Group Membership when Group Policy was applied BUILTIN\Administrators Everyone S-1-5-21-507921405-1326574676-682003330-1003 BUILTIN\Users NT AUTHORITY\NETWORK NT AUTHORITY\Authenticated Users NCLGS\MO-BLANCKM$ NCLGS\Admin-ComputerAccounts-GP NCLGS\Domain Computers WMI Filters Name Value Reference GPO(s) None Component Status Component Name Status Last Process Time Group Policy Infrastructure Success 12/29/2010 10:17:59 AM EFS recovery Success (no data) 10/28/2010 9:10:34 AM Registry Success 10/28/2010 9:10:32 AM Security Success 10/28/2010 9:10:34 AM User Configuration Summary General User name NCLGS\mblanck Domain NCLGS.local Last time Group Policy was processed 12/29/2010 11:28:56 AM Group Policy Objects Applied GPOs Name Link Location Revision Default Domain Policy NCLGS.local AD (7), Sysvol (7) IT-Lockout NCLGS.local/Personal/CS AD (11), Sysvol (11) Password Policy NCLGS.local AD (5), Sysvol (5) Denied GPOs Name Link Location Reason Denied Local Group Policy Local Empty Force Password Change NCLGS.local/Personal Empty Security Group Membership when Group Policy was applied NCLGS\Domain Users Everyone BUILTIN\Administrators BUILTIN\Users NT AUTHORITY\INTERACTIVE NT AUTHORITY\Authenticated Users LOCAL NCLGS\MissingSkidEmail NCLGS\Customer_Service NCLGS\Email_Archive NCLGS\Job Ticket Users NCLGS\Office Staff NCLGS\CUSTOMER SERVI-1 NCLGS\Prestige_Jobs_Email NCLGS\Telecommuters NCLGS\Everyone - NCL WMI Filters Name Value Reference GPO(s) None Component Status Component Name Status Last Process Time Group Policy Infrastructure Success 12/29/2010 11:28:56 AM Registry Success 12/20/2010 12:05:51 PM Scripts Success 10/13/2010 10:38:40 AM Computer Configuration Windows Settings Security Settings Account Policies/Password Policy Policy Setting Winning GPO Enforce password history 24 passwords remembered Password Policy Maximum password age 180 days Password Policy Minimum password age 14 days Password Policy Minimum password length 6 characters Password Policy Password must meet complexity requirements Enabled Password Policy Store passwords using reversible encryption Disabled Password Policy Account Policies/Account Lockout Policy Policy Setting Winning GPO Account lockout duration 10080 minutes Password Policy Account lockout threshold 5 invalid logon attempts Password Policy Reset account lockout counter after 30 minutes Password Policy Local Policies/Security Options Network Security Policy Setting Winning GPO Network security: Force logoff when logon hours expire Enabled Default Domain Policy Public Key Policies/Autoenrollment Settings Policy Setting Winning GPO Enroll certificates automatically Enabled [Default setting] Renew expired certificates, update pending certificates, and remove revoked certificates Disabled Update certificates that use certificate templates Disabled Public Key Policies/Encrypting File System Properties Winning GPO [Default setting] Policy Setting Allow users to encrypt files using Encrypting File System (EFS) Enabled Certificates Issued To Issued By Expiration Date Intended Purposes Winning GPO SBurns SBurns 12/13/2007 5:24:30 PM File Recovery Default Domain Policy For additional information about individual settings, launch Group Policy Object Editor. Public Key Policies/Trusted Root Certification Authorities Properties Winning GPO [Default setting] Policy Setting Allow users to select new root certification authorities (CAs) to trust Enabled Client computers can trust the following certificate stores Third-Party Root Certification Authorities and Enterprise Root Certification Authorities To perform certificate-based authentication of users and computers, CAs must meet the following criteria Registered in Active Directory only Administrative Templates Windows Components/Windows Update Policy Setting Winning GPO Allow Automatic Updates immediate installation Enabled WSUS-52010 Allow non-administrators to receive update notifications Enabled WSUS-52010 Automatic Updates detection frequency Enabled WSUS-52010 Check for updates at the following interval (hours): 1 Policy Setting Winning GPO Configure Automatic Updates Enabled WSUS-52010 Configure automatic updating: 4 - Auto download and schedule the install The following settings are only required and applicable if 4 is selected. Scheduled install day: 0 - Every day Scheduled install time: 03:00 Policy Setting Winning GPO No auto-restart with logged on users for scheduled automatic updates installations Disabled WSUS-52010 Re-prompt for restart with scheduled installations Enabled WSUS-52010 Wait the following period before prompting again with a scheduled restart (minutes): 30 Policy Setting Winning GPO Reschedule Automatic Updates scheduled installations Enabled WSUS-52010 Wait after system startup (minutes): 1 Policy Setting Winning GPO Specify intranet Microsoft update service location Enabled WSUS-52010 Set the intranet update service for detecting updates: http://lavender Set the intranet statistics server: http://lavender (example: http://IntranetUpd01) User Configuration Administrative Templates Control Panel/Display Policy Setting Winning GPO Hide Screen Saver tab Enabled IT-Lockout Password protect the screen saver Enabled IT-Lockout Screen Saver Enabled IT-Lockout Screen Saver executable name Enabled IT-Lockout Screen Saver executable name sstext3d.scr Policy Setting Winning GPO Screen Saver timeout Enabled IT-Lockout Number of seconds to wait to enable the Screen Saver Seconds: 1800 System/Power Management Policy Setting Winning GPO Prompt for password on resume from hibernate / suspend Enabled IT-Lockout

    Read the article

  • LDAP search filter for Active Directory

    - by Francesco De Vittori
    Hello, I'm trying to look for users inside Active Directory through a LDAP query. Basically I'm searching for the user in this way: Search DN: dc=mydomain, dc=com Filter: (sAMAccountName=USER) where USER is replaced with the provided username. Now if USER is only the username without domain (for ex. "Joe") this works fine. However I receive them in the form (domain\username, for ex. "myDomain\Joe") and obviously the search fails. I see two ways: using a regex inside the Search Filter to discard the domain using a completely different search filter I'm no LDAP expert and I don't even know if it's possible to use regular expressions inside the search filters. Does anyone know if it's possible and how? P.S. I cannot pre-process the username to strip the domain. This cannot be changed, as it's all part of a large system.

    Read the article

  • Streamline Active Directory account creation via automated web site

    - by SteveM82
    In my company we have high employee turnover, and hence our helpdesk receives about a dozen requests per week for new Active Directory accounts. Currently, we receive these requests simply via e-mail or voice-mail, and rarely do we have all of the information necessary to create the account. I would like to find a web application that can be used by a manager or supervisor to formalize the requests they make for AD accounts for new employees under their command. Ideally, the application would prompt for all of necessary information, and allow the helpdesk to review the requests and approve or deny each one. If approved, the application would take care of creating the account and send an e-mail to the manager. I have found several application on the Internet that handle self-service account management (i.e., password resets or update contact info), which is also nice to have, but nothing that streamlines the new account request and creation part. Can anyone make suggestions on such an application? Thanks.

    Read the article

  • Mac Joining Active Directory Still Prompts For Authentication

    - by David Potter
    My Mac is joined to an Active Directory domain. What I expected to see was the same ease of access to file shares and internal websites that Windows computers joined to the domain experience (i.e., no authentication needed; it just uses Windows Integrated Authentication). Instead I am asked for credentials each time I try to access those shares and protected websites (e.g. SharePoint). Is this normal behavior, or is something wrong with my Mac that it prompts me for my username and password for the domain when I access Windows file shares or intranet sites protected by NTLM/Kerberos? Machines include: MacBook Pros running Mountain Lion MacBook Pros running Lion MacServer running Lion Server

    Read the article

  • Setting Mercurial with Active Directory authentication and authorisation

    - by jbx
    I am evaluating the possibilities of moving my organisation to Mercurial, however I am stumbling on 2 basic requirements which I can't find proper pointers to. How do I set up Mercurial's central repository to authenticate users with the central active directory and only allow them to push or pull if they have the right credentials? How do I set up a Mercurial project repository to only allow users pertaining to a specific group to push / pull source code? We need this to have per-project authorisation. On which HTTP servers (IIS or Apache etc.) are the above 2 requirements supported? Apologies if I am asking something obvious or if I am missing something fundamental about how authentication and authorisation works. Thanks.

    Read the article

  • Sql Server 2008, Active Directory Groups, and Failed Logins

    - by Ryan Michela
    I keep getting a Login Failed error in my ASP.net application when connecting to my SQL Server 2008 database. I am trying to login with the user domain\foo. When I grant a database login (server and database level) for domain\foo, my application can connect. When I put domain\foo in a group called domain/goo and give domain\goo a database login, the user domain\foo cannot authenticate. This does not make any sense. Am I doing something wrong? domain\foo and domain\goo are configured identically. The only difference is that on is a user and one is a group containing a user. Adding active directory groups as users to SQL Server 2008 is supposed to work.

    Read the article

  • SharePoint 2010 not seeing Active Directory users

    - by user117927
    I'm pretty new to Active Directory and SharePoint but I was given to understand they are supposed to play well together. Now I have successfully set up AD with multiple user accounts that work on any member computer. I have also successfully installed SharePoint 2010 Server on an AD machine. Both the AD server and SharePoint servers are on separate machines (VMs running on ESXi to be precise). I can only log on with user accounts I create on the local server. Furthermore the user browser thing for adding users will only see local users. I've followed the advice here http://technet.microsoft.com/en-us/library/cc262350.aspx#section2 for Classic authentication and also NTLM claims based authentication but to no avail. Is there something fundamental I am getting wrong here? I'd be really thankful for any help you can lend me; I've been googling and scratching my head for a couple of days now. P

    Read the article

  • Simple active directory permissions issue

    - by Antonio2011a
    So I've created a domain controller (DC) as well as 3 machines (SQL-A, SQL-B, SQL-CORE). All are running Windows Server2008R2 (on virtualbox). I have successfully joined the 3 machines to the domain controller. Next I created a user in active directory called Kim_Akers who is a member of "Domain Admins", "Domain users", "Enterprise Admins" and "Schema Admins". However when I login to SQL-A for example as contso/Kim_Akers and then try and run something like the ServerManager.msc I can't do it due to lack of permissions "Windows cannot access the specified device, path or file. You may not have the appropriate permissions". What am I doing wrong that Kim_Akers doesn't have permissions to do this? Thanks.

    Read the article

  • Mounting windows shares with Active Directory permissions

    - by Jamie
    I've managed to get my Ubuntu (server 10.04 beta 2) box to accept logins from users with Active Directory credentials, now I'd like those users to access there permissible windows shares on a W2003 R2 server. The Windows share ("\srv\Users\") has subdirectories named according to the domain account users and permissions are set accordingly. I would like to preserve these permissions, but don't know how to go about it. Would I mount as an AD administrator or have each user mount with there own AD credentials? How do determine between using mount.smbfs or mount.cifs?

    Read the article

  • "This computer has dynamically assigned IP addresses" error when installing Active Directory Domain Controller

    - by smhnaji
    This is a working Windows Server 2008 that I should install Active Directory on it. I found http://www.howtogeek.com/99323/ and followed the steps. After Additional Domain Controller Options, I'm asked the question "This computer has dynamically assigned IP addresses". As I see, the message states that Dynamic IP addressing has been used for the server, while this is wrong. When I come to Network And Sharing Center, and click on Local Area Connections - Properties - Internet Protocol Version 4 (TCP/IPv4) - Properties, I see that the main IP address (as well as DNS Server) and also all other IP addresses are assigned statically. So it should be OK. I cannot believe any server using dynamic IP(s)! Note: No IPv6 has been set for the server. Please tell me why the error is given and which of the options available, should I choose? Note that it's a production server and is working with many users in WORKGROUP. No change should be affected nor to the IPs, neither to users connecting to the server.

    Read the article

  • Using Active Directory Security Groups as Hierarchical Tags

    - by Nathan Hartley
    Because active directory security groups can... hold objects regardless of OU. be used for reporting, documentation, inventory, etc. be referenced by automated processes (Get-QADGroupMember). be used to apply policy be used by WSUS I would like to use security groups as hierarchical tags, representing various attributes of a computer or user. I am thinking of (computer centric) tags something like these: /tag/vendor/vendorName /tag/system/overallSystemName /tag/application/vendorsApplicationName /tag/dependantOn/computerName /tag/department/departmentName /tag/updates/Group1 Before fumbling through implementing this, I thought I would seek comments from the community. Specifically in the areas: Does this make sense? Would it work? Has anyone else attempted this? Is there a good reference on the matter I should read? How best to implement the hierarchy? Tag_OU\Type_OU\GroupName (limits quantity in OU, uniqueness not guaranteed) Tag_OU\Type_OU\Tag-Type-GroupName (limits quantity in OU, uniqueness guaranteed, verbose) etc ... Thanks in advance!

    Read the article

  • How to Automatically Create Home Directory for Active Directory User on Solaris (using PowerBroker)

    - by neildeadman
    I have a number of existing users in Active Directory that need a home directory created. They don't log directly in to Solaris but into a service running on that box. If I login as them their home directory gets created and then they can login. This is the same for new users too! As there are a lot of users, I need a way to automate this so new users and existing users have it created automatically. Is this possible??

    Read the article

< Previous Page | 2 3 4 5 6 7 8 9 10 11 12 13  | Next Page >