Search Results

Search found 28288 results on 1132 pages for 'home directory'.

Page 133/1132 | < Previous Page | 129 130 131 132 133 134 135 136 137 138 139 140 | Next Page >

Can not find the source of Grant permission on a folder

- by Konrads

I have a security mystery :) Effective permissions tab shows that a few sampled users (IT ops) have any and all rights (all boxes are ticked). The permissions show that Local Administrators group has full access and some business users have too of which the sampled users are not members of. Local Administrators group has some AD IT Ops related groups of which the sampled users, again, appear not be members. The sampled users are not members of Domain Administrators either. I've tried tracing backwards (from permissions to user) and forwards (user to permission) and could not find anything. At this point, there are two options: I've missed something and they are members of some groups. There's another way of getting full permissions. Effective Permissions are horribly wrong. Is there a way to retrieve the decision logic of Effective Permissions? Any hints, tips, ideas?

Read the article
Looking for Free or Open Source Software to email new AD users after accounts have been created

- by mrdenny

I'm looking for a free or open source way to send emails to new employees when there account is created. I'm ok if its a powershell script, or something else which runs once per day. I'd like to be able to give is a couple of email files exported from outlook as there's a couple of emails I need all the new employees to get.

Read the article
Disabling parallel network connections on workstation

- by sumar

Is it possible to disable prarallel network connections on workstation, when workstation is connected to corporate LAN? I want to avoid users bypassing Internet access policies by concurently connect to LAN and 3G/Hotspot. We have many developers and they have local administrator rights on workstations. Developers should be able to connect virutual networks (VMware/VirutalPC/Hyper-V/VirutalBox). Other users should be able to use only one network connection concurently.

Read the article
When is a domain computer account scheduled to change the password?

- by Jason Stangroome

I understand domain-joined computers have machine accounts in AD and these accounts have passwords that expire (apparently every 30 days by default) and those passwords are automatically changed without user intervention. Given that this is known to cause issues when restoring snapshots of domain-joined virtual machines, is it possible to query the domain-joined computer or AD to determine when the machine account password is next scheduled to be changed?

Read the article
Permissions required to look up a domain user's group memberships

- by adrianbanks

I am writing some code to look up the members of particular domain groups. Does the user that this application runs as need any particular permissions on the domain to get this information? Background: I have already determined that the application needs to be run as a domain user to be able to query information from the domain. I have a list of group names and for each group, I need to look up the members of that group on the domain and get their names/usernames.

Read the article
Is there a way in IE9 on a Virtual Machine to do AD auth in IE9 without the machine being added to the domain but the host machine is?

- by Micah Armantrout

I have a virtual machine that is running IE 9 and windows 7 Latest Updates that I want to use to test my intranet site (ASP.Net Application). I can't add the virtual machine to the domain and I don't want to have to type my ad cruds everytime I load the site up. Is there a way for the IE on the virtualbox to Authenticate as my AD Cruds on the host machine so I don't have to always put my username and password in ? I guess I can just have IE on the virtual machine remember my username and password but other than that is there another way to do this ?

Read the article
How to prevent slow printer performance when AD is not available

- by AKoran

When I take a domain based computer (Windows XP) and plug it into a network that doesn't have access to the AD, the first time I select a local printer (printing directly to printer) on the current network it takes a good 20-30 seconds before I can select the printer. Doing a little investigating using wireshark I can see the computer is trying to hit AD for some reason and it just keeps timing out. I also tried the same experiment with just a plain workgroup computer and it was able to bring the printer up immediately. Does anyone know how to prevent the machine from trying to contact AD?

Read the article
Using cd Command in Windows Command Line, Can't Navigate to D:\

- by nicorellius

This may be a stupid question, and I think I have looked elsewhere to find the answer... Might be a path issue, but when I open the command line and type from the C:\>: cd D:\ I cannot get to the D drive. Even if I type: cd D:\<folder name> The command.exe will auto-complete the line with the tab key, so it knows where I'm at. It just doesn't print to screen the result or actually get me there. This problem exists for the network drives as well. Now, if I use the chdir (cd) command like this: chdir D: or cd d: I get the print out of the D:\ below the command but it still says I'm in the C:\. I feel like I'm missing something simple.

Read the article
What filesystem comes closest to matching NTFS for support of ACLs, and highly-granular permissioning?

- by warren

It seems that most other filesystems handle the basic *nix permissions (ugo±rwx), with maybe an addition here or there. Or can be "made" to handle ACLs through the use of other tools on top of the system. On the wikipedia pages about filesystems (http://en.wikipedia.org/wiki/List%5Fof%5Ffile%5Fsystems & http://en.wikipedia.org/wiki/Comparison%5Fof%5Ffile%5Fsystems), it appears that while some do support extended meta-data, none support natively the level of permissioning that NTFS does. Am I wrong in this understanding?

Read the article
Cross domain LDAP

- by Adam

For a system we are developing we have 2 domains an internal and an external domain with bi directional trust between them. However the servers are only able to connect to their own DC's. We have an application server on the internal domain which needs to use an LDAP query to gather a list of users from a group on the external domain. How do i go about writing an LDAP query that asks one DC to go ask another DC for a list of users. I tried querying the internal DC with the same LDAP query I would use if it could hit the external DC directly but this does not work. When i use Softerra LDAP Administraor I can view the full hierarchy of the interal domain but despite the trust relationship between domains i am unable to see any of the external doamin. Any suggestions or help would be greatly appreciated

Read the article
Laptops on Windows Domain sometimes have problems accessing internet when off-site

- by FSUScoot

Hi all-- We've had this problem for a long time. When users travel, sometimes they can't get internet access from a wired or wireless connection. Here are a couple examples: 1) A user goes to a hotel and tries to access the wireless in their room. They can connect to the access point. They open a web browser and they can't get re-directed to the hotel's login page. Because they can't log in, there's no internet access. 2) A user goes to another laboratory/university and tries to access the wired network. They connect, link is fine, PC gets IP from DHCP but no internet access. There's no login page to be re-directed to. It should just "work". What I've found is that it's a DNS issue. Because the computer is on a Windows Domain, it seems it MUST use our DNS servers. Even if you connect to an outside network and do an ipconfig /all, it looks like everything is ok. It'll even show their DNS servers listed in the config. The computer just won't use the other network's DNS server. I found a reg key that keeps our DNS servers listed and it seems that they take priority every time: HKLM\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient All the values under that key are for our AD domain. NameServer and Searchlist never change. What I've found is if the user edits the NameServer string and puts the DNS server of the network they're on, everything works just fine. They get re-directed to the hotel's correct login page or their internet access starts working. It's only a problem if the network they're on blocks outside DNS or a hotel that uses an internal name in their front page redirection that only their DNS server knows about, i.e., not public. If the re-direct page starts with an IP, like 10.10.10.10, it'll work just fine. Obviously this isn't a fix for everyone. Most of my users are pretty knowledgeable so it’s easy for me to walk them through or send them a .reg file that they can edit and run. This problem isn't limited to Windows 7. It was like this with XP as well. It's not hardware related. The problem exists on both wired and wireless, Intel or Broadcom, laptops or desktops. Anyone else have this problem? Is there a GPO I can change that I missed? Got a good work-around for this? Thanks for any help!

Read the article
Simulate a DFS share for a user not on domain with a folder in path

- by user223655

I have a consultant whose computer is not on the domain and needs to access various network resources. Unfortunately while adding a computer to the domain is a difficult bureaucratic process (and would disallow much of his development software from even running given the domain restrictions), we can allow him to have credentials to access network resources. As such, he accesses various network resources via NET USE etc. without using DFS. There is one piece of software which requires him to have the same hardcoded path as other domain users but that path is a DFS path which he can't map (i.e., the software checks the path at runtime and will only run if it matches the registered path and will reject it in the context of using a DFS versus conventional machine path) I was wondering if there's some method to simulate the DFS path without actually using DFS. e.g., the path the software needs to see is "\ABC\DFS\software\app.exe" whereas the non DFS path is "\DEF\Software\app.exe" while I could make his hosts file point DEF to ABC, I'm not sure if I can somehow make it point there with the DFS "folder" as well are there any methods for this short of making changes to the AD to allow him to use DFS or add him to the domain (both of which are politically/technically challenging sadly)? Thanks guys

Read the article
When to raise domain functional level?

- by Joel Coel

We very recently completed a project to retire two old domain controllers running Server 2003 R2. They are now replaced with shiny new 2008 R2 boxes. However, the functional level of the domain has not yet been updated for the 2008 R2 servers, just in the long-shot case of the need for a rollback to the old controllers. I expect to have the all clear to update the domain by next weekend. I also want to note that our desktop clients are still 95% Windows XP. However, we're about to start a project to update our 200 or so clients to Windows 7 before the end of the calendar year. Is there any advantage to holding the domain at the 2003 functional level while we are still supporting more Windows XP than Windows 7, especially given that some of the management stations are still XP? Update: I forgot to mention earlier that we still have a pair of windows 2000 servers (not domain controllers) that support some legacy software. I'm working to replace those, but in the meantime I need to be sure that Windows 2000 can still participate in a 2008 R2 domain.

Read the article
Replacement for NIS/YP

- by mdpc

The company that I am working for is embarking on replacing the current locally developed NIS/YP structure with LDAP. We already have AD in house for the Windows stuff and would like to consider using an AD system. The AD people are quite restrictive and would not support extensive modifications. We have needs to have the replacement include the support the full capabilities of the NIS/YP suite include netgroups, login restrictions to specific servers for specific users or groups of users, consistent passwords between the *nix and Windows environment,etc. Our environment is a mixture of Linux (suse, RH, Debian), Sun, IBM, HP and MPRAS as well as a NETAPP. So whatever we use must be totally inclusive to all environment. We have looked at Likewise, but our management wants other alternatives to compare with. What other things should I be looking at and what is you assessment of the alternative? Thanks

Read the article
kerberos NTLM authentication

- by rockbala

Hi, Where can I check in Windows Server 2008 that Kereberos/NTLM is the authentication protocol used after the whole network is set up/installed. There is only 1 domain controller with AD services and is not affiliated with any other domains. Regards, Balaji S

Read the article
WSS audiences dont show all AD Groups

- by Mike

Not all of my AD Groups are showing in the Audience list. I want to create a new audience based on if the user is in a group. Some AD groups show up, and others don't. Many the newer ones do not show up. My connection is pulling (im pretty sure) the whole AD via primary domain controller. MOS2007 win2003 Any ideas?

Read the article
Block Domain User login

- by Param

I have created a Domain User id ( for example - Auser ). I have integrated my LDAP login with Firewall. I use this user to login in to firewall only. So, I want to block all the login for this User except on Firewall. Is there any way to accomplish this? As per my knowledge, we can specify :- By right click on Domain User -- Properties -- Account tab -- Logonto ( but here we have to specify Computer Name, we don't have any computer name for Firewall -- So i can't use this option ) Through Group Policy Window Setting -- Security Setting -- Local Policies -- User Rights Assignment -- Allow logon Locally (But it has to apply on Computer OU -- So i can't use this option also ) Any Other Option you know ??

Read the article
Adding Internal DNS server in Host file

- by Param

I have added Global DNS server ip address to one of my Desktop ( please see the Network configuration screenshot ). and after that i have added my both domain controller ip address in host file, and it is working fine. ( please see the below screen-shot for your reference ) Can you please guide, what problem can i face if i kept my configuration in this way. but i am wondering, can this setting can create a problem? because the computer will be able to reach corp.abc.com easily, with the help of host file.

Read the article
User receives group membership error to terminal server even though has rights

- by BlueToast

http://www.hlrse.net/Qwerty/TSLoginMembership.png To log on to this remote computer, you must be granted the Allow log on through Terminal Services right. By default, members of the Remote Desktop Users group have this right. If you are not a member of the Remote Desktop Users group or another group that has this right, or if the Remote Desktop User group does not have this right, you must be granted this right manually. Only as of today a particular user began receiving this message for a second terminal server they use; otherwise, they have never had any problems authenticating into this server. We have no restrictions on simultaneous and multiple logins. On each terminal server, we have a group and security group like "_Users" locally in the Builtin\Remote Desktop Users group. For this particular user, on this particular terminal server we have locally given him Administrator, Remote Desktop Users, and Users membership; in AD we have given him DOMAIN\Administrator, Builtin\Remote Desktop Users, DOMAIN\_Users. It still gives us that error message. We gave him membership to another terminal server (random) by simply making him member of another DOMAIN\_Users group -- successfully able to login to that random terminal server. So, from scratch we created an AD account 'dummy' (username) with only Domain Users membership. Tried to login to this particular server, no success. So I added 'dummy' to DOMAIN\_Users group, and then was successfully able to login. Other users from this user's department are able to login to this particular server just fine as well. We checked the Security logs on this particular server, and while it is logging everything, the only thing it appears to not log are these failed login attempts from this particular user who receives this error message. We have tried rebooting the server, and the user is still receiving that error message.

Read the article
How to clean up orphaned SID's in ACEs in AD?

- by geoffc

As a follow up to my question Do backlinks clear in AD for deleted users I have another related but different question. Since I am informed in the answers there that a deleted object's SID (Group or User, so assigning rights to group only minimizes the issue, and does not fix it) will remain within ACEs they have been assigned, leaving them orphaned. Lotus Domino, which has similar issues with back references, has an adminp process to clean up such orphaned references. Is there a similar process in AD that would allow you to clean up such orphaned SIDs floating around your domain?

Read the article
Introducing a Windows Domain Controller into an all mac-client network

- by Anon

A company is about to hire me to be their I.T. Admin. (They currently have no Admin). In the interview, they stated one of the things they want me to do is put in a MS Domain Controller. The thing is, they are a graphic design company with about 100 Mac Clients and maybe 5 Windows Clients. So other than login-credentials and network shares, what is the benefit of this? Should I just tell them to use the OSX equivalent of AD? How hard is it to learn whatever OSX's AD is?

Read the article
Group Policy is not being applied from Server 2003 to win7 client

- by John Hoge

Hi, I'm experimenting with Group Policy settings. My DC is running Server 2003, and the client I am using for this test is running Win7. I've restarted the client a few times, and tried running gpupdate/force for good measure. This machine is in it's own OU with a group policy applied to change one setting, Computer Configuration/Administrative Templates/Network/Offline Files. When I run MMC and look at Local Computer Policy on the client this setting shows up as "not configured". Thanks, John

Read the article
optimal folder structure for storing 100k files on a USB drive

- by cherouvim

I need to store 100k files (around 40GB) in a USB drive. Each file has a unique int id (e.g 45000). Option one is to put all files in a single folder: root/ root/1.pdf root/2.pdf root/3.pdf ... root/567.pdf root/568.pdf root/569.pdf ... root/10001.pdf root/10002.pdf root/10003.pdf ... root/99998.pdf root/99999.pdf root/100000.pdf Option two is to create a [1-9][0-9]* folder hierarchy based on that id: root/ root/1/file.pdf root/2/file.pdf root/3/file.pdf ... root/5/6/7/file.pdf root/5/6/8/file.pdf root/5/6/9/file.pdf ... root/1/0/0/0/1/file.pdf root/1/0/0/0/2/file.pdf root/1/0/0/0/3/file.pdf ... root/9/9/9/9/8/file.pdf root/9/9/9/9/9/file.pdf root/1/0/0/0/0/0/file.pdf Which option will scale better? I can understand that the second option will require tons of folders but each folder will at most contain 10 folders and 1 file. Maintenance will not be an issue since everything will be controlled by an application. Note that this is a USB drive on linux and based on the above I'd also like to know whether I should go with FAT32 or NTFS.

Read the article
Use vmconnect from another AD domain

- by user1459015

I try to connect remotly to the KVM (console) of an Hyper-V Virtual Machine using vmconnect.exe but I'm dealing with some kind of a problem : When I connect from a computer within the same AD of my Hyper-V Host, everything work fine but when I try to connect from a computer not within the same AD, wmconnect say that my RCP services is not running on the host The problem is that it doesn't ask me for any credentials and so, i can't authenticate in the AD Does someone have any clues ?

Read the article
SharePoint Returning a 401.1 for a Specific User/Computer

- by Joe Gennari

We have a SharePoint Services 3.0 site set up supporting about 300 users right now. This report is isolated and has never been duplicated. We have one AD user who cannot log into the SharePoint site with his account from his machine and is subsequently returned a 401.1 error. If any other user tries to log on with their account from his machine, it works okay. If he moves to another machine and logs on, it works okay. The only solution to this point has been to install FireFox on the machine. When he authenticates with FF, everything is okay. Remedies tried so far: Cleared cookies/cache Turned off/on Integrated Windows Authentication in IE Downgraded IE 8 to IE 6 Removed site from Intranet Sites zone Renamed the machine Disjoined/Rejoined Domain

Read the article

< Previous Page | 129 130 131 132 133 134 135 136 137 138 139 140 | Next Page >