Search Results

Search found 45382 results on 1816 pages for 'two factor authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 62/1816 | < Previous Page | 58 59 60 61 62 63 64 65 66 67 68 69  | Next Page >

  • LDAP Authentication woes

    - by Marcelo de Moraes Serpa
    Hello list, I have a local OpenLDAP server with a couple of users. I'm using it for development purposes, here's the ldif: #Top level - the organization dn: dc=site, dc=com dc: site description: My Organization objectClass: dcObject objectClass: organization o: Organization #Top level - manager dn: cn=Manager, dc=site, dc=com objectClass: organizationalRole cn: Manager #Second level - organizational units dn: ou=people, dc=site, dc=com ou: people description: All people in the organization objectClass: organizationalunit dn: ou=groups, dc=site, dc=com ou: groups description: All groups in the organization objectClass: organizationalunit #Third level - people dn: uid=celoserpa, ou=people, dc=site, dc=com objectclass: pilotPerson objectclass: uidObject uid: celoserpa cn: Marcelo de Moraes Serpa sn: de Moraes Serpa userPassword: secret_12345 mail: [email protected] So far, so good. I can bind with "cn=Manager,dc=site,dc=com" and the 12345678 password (the local server password, setup on slapd.conf). However, I would like to bind with any user in under the people OU. In this case, I'd like to bind with: dn: uid=celoserpa, ou=people, dc=site, dc=com userPassword: secret_12345 But I'm getting a "(49) - Invalid Credentials" error everytime. I have tried through CLI tools (such as ldapadd, ldapwhoami, etc) and also ruby/ldap. The bind with these credentials fails with a invalid credentials error. I thought that it could be an ACL issue, however, the ACLs on slapd.conf seem to be right: access to attrs=userPassword by self write by dn.sub="ou=people,dc=site,dc=com" read by anonymous auth access to * by * read I was suspecting that maybe OpenLDAP doesn't compare against userPassword? Or maybe some ACL configuration I am missing that is somehow affecting the read access to userPassword for the specific DN. I'm really lost here, any suggestion appreciated! Cheers, Marcelo.

    Read the article

  • WEP authentication suddenly failing in Ubuntu

    - by kellishaver
    I'm running Ubuntu 9.10 and after a recent reboot, I'm now unable to authenticate to wireless networks using WEP encryption. I can connect fine to open networks (no idea about WPA). When trying to connect via WEP, I'm continually prompted for the network key, which I know I have entered correctly (and should have been/is saved in my keyring anyway). Everything had been working fine until the reboot. No updates had been installed or configuration changes made. Hardware-wise, everything looks fine (http://pastebin.org/113777), and the fact that connecting to an open network works just fine leads me to think this is a software issue. I just don't know where to begin fixing it. Any insights would be greatly appreciated.

    Read the article

  • LDAP authentication issue with Kerio Connect

    - by djk
    Hi, We have Kerio Connect (mail server) running on a Windows Server 2003 server on a domain. In the webmail client, users are able to change their domain password. This functionality used to work fine until a user tried to change their password a few days ago, when every password they'd try would result in the webmail client claiming their password was "invalid". I spoke to Kerio about this and they claim that this error is returned by the domain controller, which supports my initial investigations. The error that the DC is logging when an attempt is made to change the password is this: "80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 52e, vece" The "data 52e" part indicates that this is an "invalid credentials" error. I don't see how this can be as I've tried (in the Kerio Connect configuration) various accounts that have privileges to modify accounts, including my own as I am a domain admin. I have ran 'dcdiag' (all tests) on the DC and it came back passing every single one of them. I've searched high and low for an answer to this and came up empty. Does anyone have any idea why this may have suddenly started happening? Thanks! Edit: I should mention that the passwords we are changing to do comply with the complexity policy.

    Read the article

  • Two Ubuntu Instances (Guest) networking with XP (Host) in virtual box v3.1.4

    - by EnthuCrazy
    So here is my current objective: I need to create two guest instances of Ubuntu Desktop 9.10 in VirtualBox on a WindowsXP host. (This is needed for communications later on.) (this step is almost done) I need to establish networking between all three OS's, the host and two guests (Guest1 - Host - Guest2). I know that generally, to establish networking between Windows host and Ubuntu guest, we set up a bridge connection. But here there are two guests, and primarily I need networking between the two guests (Ubuntu to Ubuntu). So will there need to be a change in tap0 and tap1 interfaces when we set up a bridge, or is there a better way to implement this? Please explain the procedure.

    Read the article

  • Dell Studio 17 with two headphone outs

    - by eych
    Got a Studio 17 with two headphone out jacks. It also has Soundblaster X-Fi Hi Def Audio Software enabled. Would it be possible to use one of the headphone outs as a monitor and the other as a master out with the Soundblaster sofware (for djing), or do you think the two jacks are just one output split into two?

    Read the article

  • VirtualBox serial port, limit of two?

    - by Evan Carroll
    Using VirtualBox, Is there a limit of two serial ports per VM? I'm currently engaging in a task that requires more than two, but less than or equal to four ports. I'm at a loss of what to do to get COM3 and COM4 up? How do I do it if the Virtual Box GUI doesn't currently support more than two serial host devices? Can I configure them external to the GUI? Is there a hard-cap on two devices? And, if so, for the love of god, please entertain me with the reasoning? I know Windows and Linux don't impose such a limit, it would seem awkward to impose it in virtualization layer. This is for cheap dial-in project with proprietary Windows tools. I'm using a Quatech serial multiport adapter to provide the ports to multimodems.

    Read the article

  • Use Apache authentication + authorization to control access to Subversion subdirectories

    - by Stefan Lasiewski
    I have a single SVN repo at /var/svn/ with a few subdirectories. Staff must be able to access the top-level directory and all subdirectories within it, but I want to restrict access to subdirectories using alternate htpasswd files. This works for our Staff. <Location /> DAV svn SVNParentPath /var/svn AuthType Basic AuthBasicProvider ldap # mod_authnz_ldap AuthzLDAPAuthoritative off AuthLDAPURL "ldap.example.org:636/ou=people,ou=Unit,ou=Host,o=ldapsvc,dc=example,dc=org?uid?sub?(objectClass=PosixAccount)" AuthLDAPGroupAttribute memberUid AuthLDAPGroupAttributeIsDN off Require ldap-group cn=staff,ou=PosixGroup,ou=Unit,ou=Host,o=ldapsvc,dc=example,dc=org </Location> Now, I am trying to restrict access to a subdirectory with a separate htpasswd file, like this: <Location /customerA> DAV svn SVNParentPath /var/svn # mod_authn_file AuthType Basic AuthBasicProvider file AuthUserFile /usr/local/etc/apache22/htpasswd.customerA Require user customerA </Location> I can use Firefox and curl to browse to this folder fine: curl https://svn.example.org/customerA/ --user customerA:password But I cannot use check out this SVN repository: $ svn co https://svn.example.org/customerA/ svn: Repository moved permanently to 'https://svn.example.org/customerA/'; please relocate And on the server logs, I get this strange error: # httpd-access.log 192.168.19.13 - - [03/May/2010:16:40:00 -0700] "OPTIONS /customerA HTTP/1.1" 401 401 192.168.19.13 - customerA [03/May/2010:16:40:00 -0700] "OPTIONS /customerA HTTP/1.1" 301 244 # httpd-error.log [Mon May 03 16:40:00 2010] [error] [client 192.168.19.13] Could not fetch resource information. [301, #0] [Mon May 03 16:40:00 2010] [error] [client 192.168.19.13] Requests for a collection must have a trailing slash on the URI. [301, #0] My question: Can I restrict access to Subversion subdirectories using Apache access controls? DocumentRoot is commented out, so it's not clear that the FAQ at http://subversion.apache.org/faq.html#http-301-error applies.

    Read the article

  • How can I make gitosis distinguish between two users with the same username

    - by bryan kennedy
    I have a gitosis system that seems to be working correctly except for a common problem we run into where I can't distingush permissions between two users who have the same username, but different hosts. For example: [email protected] 's SSH key is in the key folder. And so is [email protected] 's SSH is also in the key folder. These two jsmith's are two different people on two different computers. However, when I configure them in the gitosis.conf file with the usernames jsmith@computer or jsmith@machine, it seems like each user just gets the same permission. Can gitosis not distinguish the full username (name and host)? If not, how do I deal with multiple users accessing our system with common usernames? Thanks for any help.

    Read the article

  • Remove Live ID authentication from user account

    - by slugster
    I've just run in to a really annoying issue with Windows 8.1 - it seems I cannot remove the need to use Live ID credentials from an account without completely deleting that account. I know the process to do it - use the Disconnect link from the Accounts-Your account screen. The trouble comes when you get to the Switch to a local account screen, it will not let you enter the current account for the user name, instead you must enter a new one thus creating a new user account. Can I revert back to using just a local login without having to recreate the account? It seems quite retarded that I have to recreate the account, as deep down the only change required is which credential provider is used to authenticate the login. (Note that this Live ID linkage was created by using the Windows Store, not as a result of an upgrade from 8 to 8.1).

    Read the article

  • Membership in two domains

    - by imagodei
    Hello! I would your suggestions for an effective solution for a person, who needs to access resources in two Windows domains and wants to use one computer. It's about our CEO, who has accepted a second position in another company. Accessing files and folders isn't big problem. The greatest challenge I see is that he wants to conveniently access Exchange accounts in both companies; he would like to send and receive mail in single Outlook if possible (two profiles?) There is also a challenge with calendars: he would like to have one calendar for all activities from both Exchange accounts. Creating a POP3 account for accessing second Exchange server is a last resort, because obviously there is a problem with scheduling meetings and other calendar related tasks. Forwarding and receiving all mail/tasks on primary Exchange server is inconvenient because simple replying to original sender is disabled; and also when manually changing the recepient, he will receive mail from the wrong address. We were considering Virtualisation, that is setting up an instance of virtual machine inside existing installation and then joining this virtual computer to a second domain. Then installing another MS Outlook. This would of course mean two different Outlook accounts, two different calendars, but would at least enable our CEO to access all information from a single laptop. Does anyone have any other idea? I know setting up two domains on a single computer is a no-go (without much hacking at least), but effective workarounds are appreciate. The thing I am looking here is high usage/efficiency/productivity, but also as elegant solution from the administration point of view. Thank you very much (if you managed to read this through, this is a good sign ^_^ )

    Read the article

  • Private key authentication with pam_ldap

    - by Gareth
    I'd like to set up pam_ldap on some of our servers so that we can centrally manage who has access to which server, and easily revoke access if e.g. someone leaves the company. I've done some research and got this working. Hooray! However I'd also like to be able to use public-private key logins - i.e. allow users to store their public keys in the LDAP directory and have these work for logins too. I can't find any documentation about being able to do this, but I also can't find any reasons that it shouldn't be possible. Is there a way to do it, or is there some fundamental reason that it won't work?

    Read the article

  • Machine account authentication on Radius server

    - by O.Shevchenko
    My workstation is under Linux. I have an Active Directory domain controller + Radius server on Windows 2008. I can verify user account 'radius-01' using 'radtest' tool: $ radtest -t pap radius-01 password123 195.234.133.32 1812 password123 Sending Access-Request of id 98 to 195.234.73.2 port 1812 User-Name = "radius-01" User-Password = "password123" NAS-IP-Address = 127.0.1.1 NAS-Port = 1812 rad_recv: Access-Accept packet from host 195.234.133.32 port 1812, id=98, length=84 Framed-MTU = 1344 Framed-Protocol = PPP Service-Type = Framed-User Class = 0x537004f00000013700010200ac1c0... I have joined my Linux PC to Active Directory domain ARB-HRK using Samba: [root@shev-arb]# net ads testjoin Join is OK I can dump machine password: [root@shev-arb]# tdbdump /var/lib/samba/private/secrets.tdb { key(34) = "SECRETS/MACHINE_PASSWORD/ARB-HRK" data(15) = "yGgXJsquRnpT0g\00" } How can i authenticate my machine account on Radius server? Do anybody know any tools for this, like: radtest shev-arb$ yGgXJsquRnpT0g 195.234.133.32 1812 password123 (this command fails)

    Read the article

  • PAM / LDAP authentication with Ubuntu 10.04

    - by t6d
    I can't wrap my brain around the new pam.d configuration syntax used in Ubuntu 10.04. How do I setup PAM so that it allows users stored in my LDAP database to login. I already configured nscd, so id <user> or getent passwd are already listing my LDAP users, but PAM doesn't work, whether the normal shell login nor su.

    Read the article

  • I am trying to write an htaccess file performs authentication and redirects authenticated users to a

    - by racl101
    This is what I have so far but I can't get the RewriteCond and RewriteRule properly. RewriteEngine On RewriteCond %{LA-U:REMOTE_USER} (\d{3})$ RewriteRule !^%1 http://subdomain.mydomain.com/%1 [R,L]. AuthName "My Domain Protected Area" AuthType Basic AuthUserFile /path/to/my/.htpasswd Require valid-user This is what I mean the ReWriteCond and RewriteRule to say: "If the REMOTE_USER has a username ending in 3 digits then capture the three digits that match and for whatever url they are trying to access if it does not start with the 3 digits captured then redirect them to the sub directory with the name equal to those captured three digits." In other words, if a user named 'johnny202' is authenticated then if he's requesting any directory other than http://subdomain.mydomain.com/202/ then he should be redirected to http://subdomain.mydomain.com/202/ The only thing I can think of that is wrong is the first instance of '%1'.

    Read the article

  • How to use public-key ssh authentication

    - by Poma
    I have 2 ubuntu 12.04 (beta) servers (node1 and node2) and want to establish passwordless root access between them. Other users should not have access to other boxes. Also note that ssh default port is changed to 220. Here's what I did: sudo -i cd /root/.ssh ssh-keygen -t rsa # with default name and empty password cat id_rsa.pub > authorized_keys then copied id_rsa & id_rsa.pub to node2 and added id_rsa.pub to authorized_keys. Both hosts have the same /root/.ssh/config file: Host node1 Hostname 1.2.3.4 Port 220 IdentityFile /root/.ssh/id_rsa Host node2 Hostname 5.6.7.8 Port 220 IdentityFile /root/.ssh/id_rsa Now the problem is that when I type ssh node2 it asks me for password. What may be the problem?

    Read the article

  • Forms Authentication across Sub-Domains on local IIS

    - by Parminder
    I asked this question at SO http://stackoverflow.com/questions/8278015/forms-nauthentication-across-sub-domains-on-local-iis Now asking it here. I know a cookie can be shared across multiple subdomains using the setting <forms name=".ASPXAUTH" loginUrl="Login/" protection="Validation" timeout="120" path="/" domain=".mydomain.com"/> in Web.config. But how to replicate same thing on local machine. I am using windows 7 and IIS 7 on my laptop. So I have sites localhost.users/ for my actual site users.mysite.com localhost.host/ for host.mysite.com and similar.

    Read the article

  • How to change password schema for Dovecot user authentication for an already existing mail server

    - by deb_lrnr
    Hello, I have an email server setup on Debian Lenny with Postfix, Dovecot, SASL and MySQL. Currently, the password scheme in my dovecot-sql.conf file is set to: CRYPT default_pass_scheme = CRYPT I would like to globally change the scheme to something stronger like SSHA, or MD5-CRYPT and re-hash all passwords with SSHA. What is the best way to do this? The Dovecot wiki mentions how passwords that don't follow the default scheme defined in dovecot-sql.conf can be prefixed with "{ssha}password", but I couldn't see anything regarding changing an already-existing scheme to a new one for all passwords that are already in the database. Thanks for your help!

    Read the article

  • Samba as a PDC and offline authentication

    - by Aimé Barteaux
    Say I have a Windows laptop which has been connected to a domain. The domain has a Samba server as a PDC. Now say that I move the laptop outside of the network (the network is completely inaccessible). Will I be able to logon into accounts I have accessed before on the laptop (through GINA)? Update: Looking at the smb.comf documentation I noticed the setting winbind offline logon: This parameter is designed to control whether Winbind should allow to login with the pam_winbind module using Cached Credentials. If enabled, winbindd will store user credentials from successful logins encrypted in a local cache.. To me it looks like this solves the issue but can anyone else confirm it and/or point out if any additional values need to be set?

    Read the article

  • Authentication Order with SSH

    - by Oz123
    i am still have troubles mastering sshd - when I login with -v I see that ssh is authenticating the following way debug1: Authentications that can continue: publickey,gssapi-with-mic,password,hostbased I would like to change the order ... any idea how ? My bigger problem is that user with locked accounts, can still login via public-keys. I have found that I could add the user to a group "ssh-locked" add deny that group from sshing, but I am still wondering if there is a way to tell ssh'd : Please check password before keys ... Thanks, Oz

    Read the article

  • mount.nfs: access denied by server while mounting (Kerberos authentication)

    - by Nick
    There's plenty of references to this error on Goggle, and even a question here with the same title, but it seems that "access denied by server while mounting" is a catch-all error. I've tried suggestions that others have used to fix this problem, but they did not work in my case. I'm trying to set-up a Kerberos-based NFS file server with shared homes for a Linux network. I'm using Ubuntu 11.04 Servers and clients. When trying to mount a share using: mount 192.168.1.115:/export/home/ /media/tmp I get: mount.nfs: access denied by server while mounting 192.168.1.115:/export/home/ This is the same if I mount it from a client machine or from the server itself. On the server, in /var/log/syslog I get: Aug 25 06:22:37 nfs mountd[1580]: authenticated mount request from 192.168.1.115:835 for /export/home (/export/home) Aug 25 06:22:37 nfs mountd[1580]: authenticated unmount request from 192.168.1.115:766 for /export/home (/export/home) Which is odd, since it says it's authenticated the request, not denying it. /etc/exports: /export *(rw,fsid=0,crossmnt,insecure,async,no_subtree_check,sec=krb5p:krb5i:krb5) /export/home *(rw,insecure,async,no_subtree_check,sec=krb5p:krb5i:krb5) On client: me@dt1:/$ rpcinfo -p 192.168.1.115 program vers proto port 100000 2 tcp 111 portmapper 100024 1 udp 37320 status 100024 1 tcp 48460 status 100003 2 tcp 2049 nfs 100003 3 tcp 2049 nfs 100003 4 tcp 2049 nfs 100227 2 tcp 2049 100227 3 tcp 2049 100003 2 udp 2049 nfs 100003 3 udp 2049 nfs 100003 4 udp 2049 nfs 100227 2 udp 2049 100227 3 udp 2049 100021 1 udp 58625 nlockmgr 100021 3 udp 58625 nlockmgr 100021 4 udp 58625 nlockmgr 100021 1 tcp 49616 nlockmgr 100021 3 tcp 49616 nlockmgr 100021 4 tcp 49616 nlockmgr 100005 1 udp 45627 mountd 100005 1 tcp 60265 mountd 100005 2 udp 45627 mountd 100005 2 tcp 60265 mountd 100005 3 udp 45627 mountd 100005 3 tcp 60265 mountd Any suggestions I could try?

    Read the article

  • How to display SSH banner at login, but only for password authentication

    - by banjer
    I have a warning message that is displayed to a user after they enter their username to log in to our Linux servers. I only want to display this message for password authentications, and not when keys are used. It should only show to a user who is logging into a host, and not when they are sshing from one host to another (our hosts all have keys set up so we can ssh from one to another without entering passwords). Currently, I have a line for Banner in the /etc/ssh/sshd_config file which points to a text file containing the warning message. Banner doesn't appear to have any further config options, so I'm wondering if there is a way to do this with pam or some other mechanism? Thanks.

    Read the article

  • <authentication mode=“Windows”/>

    - by kareemsaad
    I had this error when I browse new web site that site sub from sub http://sharp.elarabygroup.com/ha/deault.aspx ha is new my web site Configuration Error Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately. Parser Error Message: It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level. This error can be caused by a virtual directory not being configured as an application in IIS. Source Error: Line 61: ASP.NET to identify an incoming user. Line 62: -- Line 63: Line 64: section enables configuration Line 65: of what to do if/when an unhandled error occurs I note other web site as sub from sub hadn't web.config is that realted with web.config and all subs and domain has one web.config

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 58 59 60 61 62 63 64 65 66 67 68 69  | Next Page >