Search Results

Search found 56081 results on 2244 pages for 'working directory'.

Page 135/2244 | < Previous Page | 131 132 133 134 135 136 137 138 139 140 141 142  | Next Page >

• How do I login once I promote my Windows Server 2012 to domain controller in my Amazon VPC?

  - by Developr

  I am following this guide: http://d36cz9buwru1tt.cloudfront.net/pdf/EC2_AD_How_to.pdf to setup my domain controller. I get AD installed correctly, but when I do the promotion to DC, the server restarts and when I try to access it, I am unable to login using any of the local system accounts. I even created my own separate user account, but that did not help. I made sure to disable the amazon settings for renaming the machine, the machine has a static ip and has been renamed.

  Read the article

• Putting a Windows DC, Exchange in a DMZ

  - by blsub6

  I have one guy at my company telling me that I should put FF:TMG in between my main Internet-facing firewall (Cisco 5510) and put my Exchange server and DC on the internal network. I have another guy telling me that I should put the Exchange server and DC in a DMZ I don't particularly like the idea of having my mailboxes and DC's usernames/passwords in a DMZ and I think that Windows authentication would require me opening up so many ports between my DMZ and my internal network that it would be a moot point to have it out there anyways. What are some thoughts? How do you have it set up?

  Read the article

• AFP AD ACL permissions issues with external drive

  - by AlanGBaker

  Mac OS X Server 10.4.11 connected to an AD domain system serving AFP shares to Mac OS X 10.5.8. If I create a share on the the internal RAID of the server with an ACL that allows RW to all ("Domain Users"), then it works, but a share created identically on the external RAID appliance (Drobo v2) doesn't. When the share from the Drobo is mounted, it shows no sign that it has any ACLs associated with it: neither in the Finder (Get Info), nor when checked via the terminal with "ls -lae". The Drobo does show that the ACLs exist when I ssh into the server and check it there, but when the clients mount that share, they just... ...disappear. Any thoughts?

  Read the article

• Multi- authentication scenario for a public internet service using Kerberos

  - by StrangeLoop

  I have a public web server which has users coming from internet (via HTTPS) and from a corporate intranet. I wish to use Kerberos authentication for the intranet users so that they would be automatically logged in the web application without the need to provide any login/password (assuming they are already logged to the Windows domain). For the users coming from internet I want to provide traditional basic/form- based authentication. User/password data for these users would be stored internally in a database used by the application. Web application will be configured to use Kerberos authentication for users coming from specific intranet ip networks and basic/form- based authentication will be used for the rest of the users. From a security perspective, are there some risks involved in this kind of setup or is this a generally accepted solution? My understanding is that server doesn't need access to KDC (see Kerberos authentication, service host and access to KDC) and it can be completely isolated from AD and corporate intranet. The server has a keytab file stored locally that is used to decrypt tickets sent by the users coming from intranet. The tickets only contain username and domain of the incoming user. Server never sees the passwords of authenticated users. If the server would be hacked and the keytab file compromised, it would mean that attacker could forge tickets for any domain user and get access to the web application as any user. But typically this is the case anyway if hacker gains access to the keytab file on the local filesystem. The encryption key contained in the keytab file is based on the service account password in AD and is in hashed form, I guess it is very difficult to brute force this password if strong Kerberos encryption like AES-256-SHA1 is used. As the server has no network access to intranet, even the compromised service account couldn't be directly used for anything.

  Read the article

• How do I set up a one way trust when some DCs are firewalled off from each other?

  - by makerofthings7

  I have two Windows 2008 forests in Win2003 mode and I need to set up a one way trust between them. The validation button in Domains And Trusts works in one forest but not in the other. I think this is because not all DCs can see all the other DCs. I'm not sure if I need to set up the hosts file, so I did so with company.com in the respective domain along with the relevant DC. (do I need _msdcs _tcp zones etc) How do I set up a one way trust when some DCs are firewalled off from each other?

  Read the article

• Running 1 DC physically and a second virtually

  - by stead1984

  I plan to create my first DC and forest on a physical server, then I want to run a second DC on a virtual server that will replicate the first DC. I understand that this will provide redundancy for AD that if the first domain controller went down the second would resume until the first is back online. Would this work and how?

  Read the article

• How to change the default domain controller when querying AD in a different site ?

  - by Linefeed

  We have 2 different locations, and at both site we have multiple domain controllers (Win2008). In our application we use Serverless Binding to execute our LDAP queries http://msdn.microsoft.com/en-us/library/ms677945(v=vs.85).aspx. If we look at de DnsHostName of the LDAP://RootDse on site B we always get the default domain controller of site A. Therefor all LDAP queries go much slower. Is there a way to change the default domain controller per site ?

  Read the article

• How to bulk mail-enable contacts from AD in Exchange 2007?

  - by George Hewitt

  We have several thousand 'contacts' setup in AD already for a faxing system. We're migrating to an online fax provider that uses e-mail rather than plain old telephone. So, we've bulk edited all the AD records so that the 'mail' attribute is populated with the right e-mail address in the right format. Now, how do we enable these contacts within Exchange 2007? I've looked through http://technet.microsoft.com/en-us/library/bb684891.aspx but that only seems to talk about manually editing the CSV output to specify the external addresses. AD already knows the external e-mail addresses - I just need the info in Exchange! Any thoughts?

  Read the article

• Send mail from a distribution group's email address

  - by Campo

  A user has send permission on a distro group on a WINDOWS SERVER 2003 domain. I am the admin. When either of us sends email using the distribution group's email adress we get a non delivery report Your message did not reach some or all of the intended recipients. Subject: TEST Sent: 4/19/2010 4:46 PM The following recipient(s) cannot be reached: [email protected] on 4/19/2010 4:46 PM You do not have permission to send to this recipient. For assistance, contact your system administrator. MSEXCH:MSExchangeIS:/DC=local/DC=DOMAIN:SERVERNAME Thanks, JC

  Read the article

• Windows 7 accounts on a 2008r2 DC keep getting locked out randomly

  - by Matt

  As the title states, this happens randomly to Windows 7 accounts on our Windows 2008R2 domain controller. We just had this start happening after changing from 123together hosted exchange to Rackspace hosted exchange. Also around this time our passwords on the DC started expiring, but not the exact day, and everyone has different days they need to change it before. It has only affected 10 out of 30 accounts, and I see no link between them. What are some fixes I should run or things to look for?

  Read the article

• Why does my downloads folder take so long to load?

  - by msbg

  When I open my downloads folder, no files appear, just a message saying "This folder is empty". I see the address bar progress slowly creeping along, and after about thirty seconds the files and folders appear. This problem only occurs in the downloads folder. If I search for a file in the downloads folder, it comes up, and if I right click on it and select "Open File Location", everything shows up instantly. I am using Windows 8, but I think I had a similar problem once in Windows 7. Sadly I can't remember how I fixed it.

  Read the article

• Computers on preexisting Windows 2008 domain accepting accounts from Samba3/4 domain

  - by Ivan Vucica

  I have a web application written in PHP where I would like to allow existing users to log into Windows computers, too. Re-hash of their passwords is doable (by requesting them to change the password). And to solve desync of passwords, I intend to have webapp authenticate users primarily against the domain. I don't want to give webapp users accounts on the existing domain, which we can call example.local. Instead, I want to provide them accounts on a new domain, let's call it webapp.example.local. From some research I have done, setting up a Samba4 domain and joining computers into this webapp.example.local domain would be one way to allow webapp users to log in. But, the computers should be members of the example.local domain. How can I get computers that are members of and are authenticating against Windows 2008-based example.local to also authenticate users against webapp.example.local? Magic keywords seem to be "trust relationship", "forest", etc, but at this point I haven't found a concrete example on how to establish this trust.

  Read the article

• do I need to create an AD site for VPN network

  - by ykyri

  I have Windows Domain level 2008 R2. There are four GC DC in four different physical locations. I have Kerio-based VPN network for replication and remote administration. Here is how network configured: dc1: local IP: 192.168.0.10 VPN IP: 192.168.1.10 dc2: local IP: 10.10.8.11 VPN IP: 192.168.1.11 dc3: local IP: 10.10.9.12 VPN IP: 192.168.1.12 dc4: local IP: 10.10.10.13 VPN IP: 192.168.1.13 That's simple, replication and all works fine but when running dcdiag on dc3 I have an error: A warning event occurred. EventID: 0x000016AF During the past 4.12 hours there have been 216 connections to this Domain Controller from client machines whose IP addresses don't map to any of the existing sites in the enterprise. <...> The log(s) may contain additional unrelated debugging information. To filter out the needed information, please search for lines which contain text 'NO_CLIENT_SITE:'. The first word after this string is the client name and the second word is the client IP address. Here is netlogon.log lines example: 05/30 12:07:39 DOMAIN.NAME: NO_CLIENT_SITE: dc2 192.168.1.11 05/31 09:52:11 DOMAIN.NAME: NO_CLIENT_SITE: dc4 192.168.1.13 05/31 19:49:31 DOMAIN.NAME: NO_CLIENT_SITE: adm-note 192.168.1.101 07/01 05:16:26 DOMAIN.NAME: NO_CLIENT_SITE: dc1 192.168.1.10 All VPN-joined computers are generates same log line as above. Computer amd-note is for example administrator's notebook, also have VPN. Question is should I add new AD site and bind VPN subnet 192.168.1.0/24 with that site?

  Read the article

• how to create stub DNS zone for emulating my customer production environment ?

  - by Albert Widjaja

  Hi All, Is it possible to emulate my customer production environment inside my AD domain by just creating the same domain inside my primary DNS server ? Can I created mycustomer.com DNS zone (STUB) just for the sake of listing few database servers and application servers and then for the other DNS records eg. MX, NS and the other refer to the REAL MX record entry so that my Exchange Server email flow is unaffected to mycustomer.com ? because if I just create A record in my current domain for some of the servers, the FQDN is not exactly what I want. Thanks.

  Read the article

• LAMP: How do I set up http://myservername.com/~user access?

  - by Travesty3

  Been trying to Google this, but I can't figure out good search terms to find any info about what I need, since I don't really know what it's called. I'm pretty much being thrown to the wolves to figure out how to set up a LAMP server. We had someone who knew how to do it, he set one up and then quit. It was set up so that when I went to "http://{myservername}.com/~travis" it showed the contents of my /home/travis/public_html folder. This worked fine, then we lost power and the server restarted (I know, battery backup, but this is a dev server in a dev building so it's OK). Now, the browser can't find that URL. I also need to know how to set this up on a new server, so instead of wasting time diagnosing this problem (probably just something dumb I did messing with settings or something), I really need to know how to set this up from scratch. Thanks for taking the time to read this and (hopefully) answer!

  Read the article

• Is it possible, via GPO or other method, to turn Internet Explorer's intranet compatibility mode OFF across a domain?

  - by dunc

  Our school's VLE has a few problems when running in IE8/IE9's Compatibility View. Mainly it causes difficulties with uploading files. This problem is easily remedied by un-ticking the Display intranet sites in Compatibility View option from Internet Explorer's Compatibility View options. However, I'm unable to find a way of doing this en masse. I can't find anything regarding this in GPO - would a registry hack or similar do the trick? Thanks in advance,

  Read the article

• AD Authentication fails in local machine but works from Production server

  - by jesu

  Hi i am using a AD authentication and facing 2 problems. Authentication works fine when i move the application to a production server but FAILS in my LOCAL machine. Both local machine and server are in same domain and used same domain account logging in. When the machine logs in the users with domain account , AD authentication from the application says that the account is not valid. Please suggest me , if you can find out the problem and ways to recover. thanks in advance! Regards jesu

  Read the article

• Which Version Control Systems support LDAP/AD users and groups

  - by Jason Irwin

  Does anyone know which of the big players (if any) support LDAP/AD users and groups for authentication AND database permissions? Specifically, I'm wondering if SVN, GIT, Mercurial etc. will allow users to login/connect based on AD permissions and also allow granular permissions to be applied to folders within the VC database based on groups within AD. So far my research has not shown this to be possible....

  Read the article

• Using Folder Redirection GPO and Offline Files and Folders

  - by user132844

  I want to use Folder Redirection to redirect user's My Documents to a network share. First question is: What is best practices for mapping the drive? Should I use the profile tab in AD with the %username% variable, or a net use logon script, or something else? Second question is: How do I deal with laptops and syncing the network with the local storage? I want to have 2-way syncing so if they manually map their networked home drive and edit it from a different computer, it will sync the newer version to their My Documents folder the next time they connect their normal work computer. I also want to be sure that if they edit a file offline on their laptop while away from the office, that the network version syncs the changes the next time they connect that laptop. Please advise best practices for this scenario in a 2008 R2/Win7 environment. I am also interested in Mac clients for this environment, and while I am very Mac savvy, I would like to hear what others consider to be best practices for Mac network homedirs in a Win environment.

  Read the article

• What alternatives are there to ActiveDirectory to administer a large number of computers?

  - by Zubair

  I would like to know what the different options are or if ActiveDirectory is the only choice.

  Read the article

• Encrypt shared files on AD Domain.

  - by Walter

  Can I encrypt shared files on windows server and allow only authenticated domain users have access to these files? The scenario as follows: I have a software development company, and I would like to protect my source code from being copied by my programmers. One problem is that some programmers use their own laptops to developing the company's software. In this scenario it's impossible to prevent developers from copying the source code for their laptops. In this case I thought about the following solution, but i don't know if it's possible to implement. The idea is to encrypt the source code and they are accessible (decrypted) only when developers are logged into the AD domain, ie if they are not logged into the AD domain, the source code would be encrypted be useless. Can be implemented this ? What technology should be used?

  Read the article

• Encrypt shared files on AD Domain.

  - by Walter

  Can I encrypt shared files on windows server and allow only authenticated domain users have access to these files? The scenario as follows: I have a software development company, and I would like to protect my source code from being copied by my programmers. One problem is that some programmers use their own laptops to developing the company's software. In this scenario it's impossible to prevent developers from copying the source code for their laptops. In this case I thought about the following solution, but i don't know if it's possible to implement. The idea is to encrypt the source code and they are accessible (decrypted) only when developers are logged into the AD domain, ie if they are not logged into the AD domain, the source code would be encrypted be useless. How can be implemented this using EFS?

  Read the article

• PowerShell - Finding all of users' group memberships and kicking it out of them

  - by NirPes

  as title says, I have to find all the groups that the user is a member of, and deleting its membership from all of them. I've tried this: get-adgroup -filter * | where {(Get-ADGroupMember $_ | foreach {$_.PrimarySmtpAdress}) -contains "[email protected]"} but it doesnt return anything (although THERE ARE some items that have to be returned) as for the deletion I found no way to do it, could someone give me an example of a code that does this? Im talking about security groups.

  Read the article

• Windows AD: Is loopback processing absolutely necessary in order to apply a user policy to users logging into computers in the OU?

  - by Brett

  I've had our AD setup running on server 2008r2 and now 2012, and I swear, a user policy applied to an OU containing only computers actually does apply to users logging into those computers, without loopback processing enabled. Everything I read seems to say that is not how it should work, but it does. Is this normal behavior? Just tested again - created a policy with a drive map (which is a user policy), applied it to an OU containing my terminal server, forced a gpupdate, logged out/in, and sure enough, the drive is mapped. I did NOT turn on loopback processing.

  Read the article

• How to collect Security Event Logs for a single category via Powershell

  - by Darktux

  I am trying to write a script which collects security log from all of our domain controllers hourly and stores them remotely; i can collect the security logs , but is there a way to collect the security logs by category or event number from the DC? please do let me know if any additional questions. My Code: $Eventlogs = Get-WmiObject -Class Win32_NTEventLogFile -ComputerName $computer Foreach($log in $EventLogs) { if($Log.LogFileName -eq "Security") { $Now = [DateTime]::Now $FileName = "Security" +"_"+$Now.Month+$Now.Day+$Now.Year+"_"+$Now.Hour+$Now.Minute+$Now.Second $path = "\\{0}\c$\LogFolder\$folder\$FileName.evt" -f $Computer $ErrBackup = ($log.BackupEventLog($path)).ReturnValue if($clear) { if($ErrBackup -ne 0) { "Backup failed" "Backup Error was " + $ErrBackup } } } } Copy-EventLogsToArchive -path $path -Folder $Folder }

  Read the article

< Previous Page | 131 132 133 134 135 136 137 138 139 140 141 142  | Next Page >