Search Results

Search found 1305 results on 53 pages for 'dr tchock'.

Page 9/53 | < Previous Page | 5 6 7 8 9 10 11 12 13 14 15 16  | Next Page >

  • OpenLDAP ACLs are not working

    - by Dr I
    First things first, I'm currently working with an OpenLDAP: slapd 2.4.36 on a Fedora release 19 (Schrödinger’s Cat). I've just install the openldap with yum and my configuration is the following one: ##### OpenLDAP Default configuration ##### # ##### OpenLDAP CORE CONFIGURATION ##### include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema pidfile /var/lib/ldap/slapd.pid loglevel trace ##### Default Schema ##### database mdb directory /var/lib/ldap/ maxsize 1073741824 suffix "dc=domain,dc=tld" rootdn "cn=root,dc=domain,dc=tld" rootpw {SSHA}SECRETP@SSWORD ##### Default ACL ##### access to attrs=userpassword by self write by group.exact="cn=administrators,ou=builtin,ou=groups,dc=domain,dc=tld" write by anonymous auth by * none I launch my OpenLDAP service using: /usr/sbin/slapd -u ldap -h ldapi:/// ldap:/// -f /etc/openldap/slapd.conf As you can see it's a pretty simple ACL which aim to allow access to the userPassword attribute to a specific group read only, then to the owner read and write to anonymous requiring auth and refuse the access to everyone else. The problem is: Even using a valid user with correct password my ldapsearch ends with zero informations retrieved from the directory, plus I've got a strange response on the result line. # search result search: 2 result: 32 No such object # numResponses: 1 here is the ldapsearch request: ldapsearch -H ldap.domain.tld -W -b dc=domain,dc=tld -s sub -D cn=user,ou=service,ou=employees,ou=users,dc=domain,dc=tld I did not specify any filter as I want to check that ldapsearch is correctly printing only allowed attribute.

    Read the article

  • Struggling with proper way to setup Permissions on Linux/Apache Web Server

    - by Dr. DOT
    Your expert experience and assistance is great, greatly appreciated here. I have been running a LAMP server for a long time, yet I still struggle with the best way to set file & directory permissions for FTP and WWW protocol activity. My Control panel is WHM/cPanel (not that it makes a difference), and out-of-the box: files are owned by the user account setup in WHM (eg, "abc") files have a group setting of "abc" as well file permissions are created with 644 directories are owned by "abc" directories have a group setting of "abc" directories permissions are created with 0755 Again, these are the default permission settings. Now everything is fine with FTP activity, but please advise me if any of these file/directory settings create issues, especially with security. Here's where my struggle comes into play. I have PHP apps that allow a visitor to create, edit, rename, delete, etc. sub-directories and files in certain selected directories. PHP runs as "nobody" on my server. So in order to get my PHP/Web apps to work, I have had to: chown nobody * chgrp nobody * chmod 0777 * to everything in these certain & selected sub-directories. I know this is probably a huge security whole (so don't ask me for any links :) but how should I set all the permissions to allow my FTP user to do his thing while allowing the PHP apps to do their thing will also "minimizing" any security risks and exposures? I know that big CMS systems like Drupal, Joomla, WordPress and so on, handle this. Thanks ahead of time for reading through this and offering your expert advice!

    Read the article

  • Does my Oracle DBA need root access?

    - by Dr I
    I'm currently discussing with my Oracle DBA Collegue that request a root access on our production servers. I'm not so hot to let him use the root access on our production servers. He is arguing that he need it to perform some operations like restarting the server and some other obscure arguments. The point is that I'm not agree with him because I've set him a Oracle user/group and a dba group where Oracle user belong. Everything is running smoothy and without any root permissions for now. I also think that all administrative tasks like scheduled server restart and so one need to be operated by the proper administrator (The Systems administrator on our case) to avoid any kind of issues related to a misunderstanding of the infrastructure interactions. So, I need the help of both, sysadmins and Oracle DBAs to lead me on the correct direction. If my collegue really need this rights I'll give him, but I'm just basically quite affraid of that because of security and integrity concerns. I know that my collegue is really good as a Oracle DBA and he know is work very well, but I also know that I've very few cases where a software and its admin really need root access. Once again, I'm not looking for pros/cons but rather an advice on the way that I should take to deal with this situation.

    Read the article

  • Upgrading from php 5.3 to php 5.4 with Macport

    - by dr.stonyhills
    PHP5.4 has been available for sometime now and Macport recently caught up with the release of port php54 but the process of upgrading is not as clear as possible. Even worst for those who are new to maintaining multiple versions of PHP on the same machine. I am keen on trying out some of the new features in PHP5.4 like traits, new array form etc but falling back on to php5.3 for other compatibility stuff. So i sudo port install php5+ (all the variants, apache2 etc) Then i tell it what PHP port to use as default sudo port select --set php php54 Check what version of PHP is active in the terminal using php -v outputs php 5.4.3. But i seem to be having issues with choosing the right non cli version as in the version of the module run by apache etc is still php5.3.12. Do i have to change the reference to the libphp5 in apache httpd.conf? Any advice on the right workflow for switching between php version on macport greatly appreciated!

    Read the article

  • Reverse Proxy Question!

    - by Dr Hydralisk
    I know that Nginx does not support .htaccess files, but if you used Nginx as a reverse proxy (is that the correct term, Nginx handles static, Apache handles dynamic) with Apache, would you be able to use .htaccess files then?

    Read the article

  • What kind of eye wear can I use to protect my eyes from being irritated from staring at a screen all

    - by dr dork
    Many of us stare at computer screens all day. Lately, my eyes have been irritated from prolonged staring at my computer screens. Does anyone use or know of any eye wear technology that helps with this? About five years back, I bought a pair of non-prescription eye glasses that had a no-glare layer put on them by an optometrist. It slightly helped, so I'm considering getting another pair. Is this the best option I have at this point? Thanks so much in advance for your wisdom!

    Read the article

  • How to authorize standard users to install drivers on Windows XP

    - by Dr I
    I'm currently looking for a way to autorize my non administrators users to perform an installation of drivers. Here is the speech: All my users are standard users, they got a VirtualBox Hypervisor if they need the administrator rights. But if they put an USB device on the local machine and try to redirect the device to the Virtual Machine, Windows ask for some Administrator rights. I've try to set up those GPO: Allow standard users to install drivers. Install WHQL Drivers: Allow Silently. I don't know how to do this.

    Read the article

  • What kind of eye wear can I use to protect my eyes from staring at a screen all day?

    - by dr dork
    Many of us stare at computer screens all day. Lately, my eyes have been irritated from prolonged staring at my computer screens. Does anyone use or know of any eye wear technology that helps with this? About five years back, I bought a pair of prescription-1 eye glasses that had a no-glare layer put on them. It slightly helped, so I'm considering getting another pair. Is this the best option I have at this point? Thanks so much in advance for your wisdom!

    Read the article

  • Start vino-server (VNC) before login on Linux CentOS

    - by Dr. Gianluigi Zane Zanettini
    I'm using the default vino-server package to access my CentOS 6 workstation via VNC. It works ok, but only AFTER I locally login on the workstation. I need to have vino-server start BEFORE the login, right at the Gnome login screen where I choose username and password. Due to personal reasons, I need to use Vino and not vnc-server or any other packages. I already tried to insert /usr/libexec/vino-server & in /etc/gdm/Init/Default but this didn't solve the issue.

    Read the article

  • How to authorize standard users to install drivers

    - by Dr I
    I'm currently looking for a way to autorize my non administrators users to perform an installation of drivers. Here is the speech: All my users are standard users, they got a VirtualBox Hypervisor if they need the administrator rights. But if they put an USB device on the local machine and try to redirect the device to the Virtual Machine, Windows ask for some Administrator rights. I've try to set up those GPO: -Allow standard users to install drivers. -Install WHQL Drivers: Allow Silently. I don't know how to do this.

    Read the article

  • How can I start an X11 session on my headless Fedora 13 server?

    - by DR
    I have a small home server using Fedora 13 as operating system. Since the upgrade to Fedora 13 I cannot start the X11 server. (I need it to use vnc) When I try to start the server, both the nouveau and the original NVIDIA driver claim that there's no physical monitor attached (which is true) and that the X server cannot start because the initial display modes cannot be probed. I tried to manually add the display modes to xorg.conf but they seem to be ignored. Some forums suggest to simply use the VESA driver in this situation, but since I can't get it run either (different, more obscure message) I want to get it working with the nouveau driver as a matter of principle. Temporarily attaching a monitor would mean a lot of work for me ( 1 hour and currently it's almost 35°C/95°F in my home) I want to try that only if that definitely fixes the problem and stays that way if I remove the monitor again) How can I make the driver work without having a physical monitor attached? Thank you for your time and your help!

    Read the article

  • Truecrypt system partion partially encryted but then drive corrupted and won't boot - decrypting so I can access files to backup?

    - by Dr.Seuss
    So I was attempting to encrypt my (Windows 7) system drive with Truecrypt and it stopped at around 15% and said that there was a segment error and that it could not proceed until it was fixed. So, I restarted the computer and ran HDD Regenerator which subsequently fixed the bad sectors on the drive, but now my system cannot boot. So, I run a number of recovery disks to no avail (Windows repair is unable to fix) and the drive won't mount on a linux version run from a CD because the drive is encrypted. So I tried mounting the drive using Truecrypt under the Linux distribution on the disk and selected "Mount partition using system encryption without pre-boot authentication" so I can decrypt, but I get an error message about it only being possible once the entire system is encrypted. How do I get out of this mess? I need to be able to back up the data that's on that partially encrypted drive so I can reinstall my operating system.

    Read the article

  • Understanding Unix Permissions (w/ ACL)

    - by Dr. DOT
    I am trying to set permissions on my server properly. Currently I have a number of directories and files chmod'd at 0777 -- but I am not comfortable with it being this way. So at the advice of a serverfault specialist, I had my hosting provider install ACL on my shared virtual server. When I FTP to the server as my FTP user account "abc", I can do everything I need to do (and rightfully so) because all my dirs and files are owned by "abc", the group is "abc", and the 1st octet is set to 7 (rwx). That much I get. But here's where it gets dark gray for me. PHP is set to user "nobody". so when someone browses on of my web pages that either ends in .php or has some embedded PHP, I assume the last octet controls the access. Because all my dirs and files are owned by "abc" and assigned to group "abc", if the last octet was a 4 (r--) then the server would let the browser read the file. If it were a 6 (rw-) then the server would let the browser also write to the file or directory, correct? what if the web document does not end in .php or does not have any PHP embedded? What is the user then? how can I use ACL to not set the permission to 6 (rw-) or even 7 (rwx)? [not sure what execute does or means] Just looking for some sort of policy settings to best lock down my dirs and files while allowing my PHP scripts to do uploads and write to files (so my users don't call me to tell me "permission denied". Ok, thanks to anyone out there willing to lend me a hand. It is greatly appreciated.

    Read the article

  • Apache mod_wsgi elegant clustering method

    - by Dr I
    I'm currently trying to build a scalable infrastructure for my Python webservers. Actually, I'm trying to find the most elegant way to build a scalable cluster to host all my Python WebServices. For now, I'm using three servers like this: 1 x PuppetMaster to deploy my servers. 2 x Apache Reverse Proxy Front-end servers. 1 x Apache HTTPd Server which host the Python WSGI Applications and binded to using mod_wsgi. 4 x MongoDB Clustered server. Everything is OK concerning the Reverse proxy and the DB Backend, I'm able to easily add a new Reverse Proxy and a new DB Node, but my problem is about the Python WebServer. I thinked to just provision a new node with exactly the same configuration and a rsync replication between the two nodes, but It's not really usefull in term of deployement for my developpers etc. So if you have a solution which is as efficient and elegant that the Tomcat Cluster I'll be really happy to ear it ;-)

    Read the article

  • Can you configure multiple KMS hosts in a primary / secondary relationship?

    - by Mark Hall
    We have two datacenters in our environment: primary and DR. I need to deploy a KMS service, and to be proactive, I would like to have a host in both datacenters. From what I have read, you can have up to 6 hosts without calling Microsoft, and it appears that what will happen is that a SRV record for each host will be placed in DNS. The client will query for those SRV records and randomly choose a host for the initial activation and will use that same server for all renewals. The server can be changed manually through a script and will automatically change if the initial server is unavailable when activating or renewing. My question is has anyone found a way to designate one server as the primary KMS host and designate the other as failover only? The reason I ask is that it is preferred that the client communicate with the primary datacenter during normal operations and only talk to the DR datacenter when needed because the bandwidth between the offices and the DR datacenter is limited compared to the primary. I am sure that this has been done before but I can not find it MSFT's documentation. Thanks, Mark

    Read the article

  • ESX 3.5 refuses to update

    - by Speeddymon
    I have a set of ESX 3.5 servers in 2 different datacenters. One is DR, one is production. They are on the same vlan and so I can access any of them on the private network from my vCenter server. Last month, as a learning experience (I hadn't dealt with ESX much before), I updated the DR server. Other than finding out that a couple of bundles had to be installed manually in order to get the rest to install from vCenter, it went off without a hitch. Now, I'm trying to do the same for our production servers and it is not working. I've googled around for the error I get during scan, and investigate loads of different solutions (editing the integrity file, checking DNS, etc) -- I did install the 2 bundles that had to be installed manually already -- but scan from vCenter is just not working. Side note: I did just scan the DR server again and that scan works fine so shouldn't be a problem with vCenter that has cropped up recently -- it has to be something else. The error I get is: Patch metadata for (servername) missing. Please download updates metadata first. Failed to scan (servername) for updates. I'm all out of ideas on how to make this work, so any help would be hugely appreciated.

    Read the article

  • asp.net gridview

    - by arjun
    I have a gridview which has bound fields and a template field for checkbox.I wrote a code for deletion of records as per checking checkboxes.My problem is HtmlInputCheckBox chk; foreach(GridViewRow dr in dgvdetails.Rows) { chk = (HtmlInputCheckBox)dr.FindControl("ch"); chk.Checked = true; if (chk.Checked)/// **here checkbox is not checked even if I'm check it** { pl.id = int.Parse(chk.Value); bl.deletedgvdetails(pl); } }

    Read the article

  • Global Thermonuclear War [closed]

    - by Vivin Paliath
    Hey there, I'm Dr. Falken and I'm trying to make a computer program on my computer (WOPR) that simulates Global Thermonuclear War. So far I've simulated Checkers and Tic-Tac-Toe, but I've never tried to do anything on this scale. Any pointers on how I should start? Sincerely, Dr. Falken

    Read the article

  • ASP.Net check value with DBNULL

    - by c11ada
    hey all, i have the following code foreach (DataRowView dr in Data) { if (dr == System.DBNull.Value) { nedID = 1; } } but i get the following error Operator '==' cannot be applied to operands of type 'System.Data.DataRowView' and 'System.DBNull' please can some one advice me on how i can check if the value is null or DBNULL

    Read the article

< Previous Page | 5 6 7 8 9 10 11 12 13 14 15 16  | Next Page >