Search Results

Search found 20029 results on 802 pages for 'directory permissions'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 160/802 | < Previous Page | 156 157 158 159 160 161 162 163 164 165 166 167  | Next Page >

  • Can a GPO Startup Script starts a background process and exit immediately?

    - by pepoluan
    I have Googled, and not yet found an answer. Scenario: One of my GPOs have a Startup Script that takes a long time to finish. For some reasons, we have to run the scripts synchronously. Naturally, this causes slow startup time (sometimes as long as 15 minutes!) before the Logon screen appears. After profiling and analyzing the perpetrator script, I conclusively determined that the step where it's taking a long time to finish will not affect the result of the succesive GPOs. In other words, that particular step (and all steps afterwards) can run in the background. My Question: Is it possible for the Startup Script to just 'trigger' another script/program that will run to completion even when the Startup Script exits? That is, the "child processes" of the Startup Script continues to live even when the Startup Script's process ends? Additional Info: The Domain Controllers are 2008 and 2008 R2's. The workstations are Windows XP.

    Read the article

  • Is there a security concern exposing NTLM authentication over http or should it only be https?

    - by Shane
    We are setting up a SharePoint 2010 site. Don't worry, this is not a Sharepoint question, just adding it for context. Most of the site will be anonymous, but some users are able to authenticate in and edit content. They use NTLM (users exist in AD). Is there any concern about exposing NTLM login for users that can modify content over the internet via http or should that only be exposed via https?

    Read the article

  • How to eliminate the domain suffix off my user profile folder when migrating to a new domain?

    - by Jerry Dodge
    We have just upgraded a decade old SBS 2003 server to a brand new SBS 2011 machine. During the process, over 30 other client/server machines on that domain also needed to be dis-joined and re-joined from the old domain to the new one. These domains have different names and is not migrated in any way. It's built from scratch. Since each client machine had very unique user profiles under this domain, we needed to make sure these were all backed up and migrated over to the new domain. For the most part, profiles were migrated with no hassle, just by renaming the user profile folder names. However, in one case, when I log in to my domain account, it creates a profile folder with a suffix of the new domain name. I have replaced all the files in the profile's root which begin with "ntuser" with the files of the new profile. The only problem is half the applications can't find their data, because the folder name is different. How can I change this folder name and maintain this profile on the new domain? I have deleted every user account (except admin), deleted their profiles/folders, removed them from the registry, and made sure every trace of this account was gone. The computer was basically a dummy with only an admin account. Then, I log into the machine under my new domain user account (same username as the old domain). It creates a profile folder with my username plus a suffix extension of the new domain name. The client machine is Windows 7 Ultimate, the old server was SBS 2003, and the new server is SBS 2011.

    Read the article

  • ADFS 2.0 Server Prompts For Credentials When Using FQDN

    - by ncaudill
    We have an ADFS test enviroment set up, but we are running into issues with login prompts. If we browse to ADFS from Domain A we get a token sucessfully from ADFS, however when we browse from Domain B we are getting prompted for credentials. Domain A trusts Domain B but Domain B does not trust Domain A. The weird thing is, if we replace the full domain name with the server's IP address we can sucessfully get through from both domains. I feel like this should be a really simple solution, but we're stumped.

    Read the article

  • Why would the servers network type change from Private to Public?

    - by Phil Hannent
    Just found a fault with a server, other users have had problems connecting to it. The setting on the network card had changed from Private (domain) network to Public (the other option being Home). The switch to the network interface would have caused the firewall to block a lot of normal functions. I am guessing that since the event log showed no reason for the change that it might be due to a complete shutdown we had recently where someone powered up the machines, however the domain controllers might not have been booted up first. Any confirmation that this might be the case?

    Read the article

  • What are the components required to run taskpads on a workstation?

    - by Darktux
    we are planning to implement task pads in our enviroment for delegation for user administration.I have few questions regarding this. 1.) To run a taskpad (with AD users and computers) ; does the workstation contain whole set of Administrative tools oris there a way just to compy dsa.msc to all workstations and get done with? Note: All tak pads will be shared on a file share and users access them via powershell scripts. 2.) We are creating MMC's in Windows 7 and keeeping them in a share; will the work with Windows XP too or do we need to develop 2 versions of them? We are aiming to keep away software from workstations and maintain it as much as possible on centralized file shares. Please shoot me any questions or clarifications pertaining to my query.

    Read the article

  • Migrate to SSD - NTFS mount point for Program Files

    - by Icode4food
    Here is my thought. I have a new computer that I just built and am considering migrating to a SSD. I have Windows all setup and my Development environment configured so I want to avoid having to re-install a bunch of stuff. My thought is to clone my OS (win7) to the SSD and then mount a HDD partion to C:\Program Files (x86)\ with C being my SSD. This way as far as the programs are concerned they still live on the C drive but in reality they are physically located on the HDD. This seems to me like a good idea but after searching around a bit and not having found anyone else that had the same idea, I'm wondering why not. Maybe I am missing something that is obvious to everyone but me. Why is this a good or a bad idea?

    Read the article

  • AD reset user passwords for a security group

    - by Nathan C
    I'm not quite sure if this is possible or not, but I need to force a certain security group's users to have their passwords expire so they'll be forced to change them on next login. The reason for this is because I applied a FGPP (password policy) to this particular group in order to enforce strong passwords. Well, many users have really weak passwords and they won't be changed unless they're forced. Is there a way to do this without forcing everyone to a single password?

    Read the article

  • Do I need to transfer Server license CALs to new Domain Controller during AD transition?

    - by drpcken
    I have an old Server 2003 domain controller I'm ready to decommission. I notice in Server 2003 there is a Licensing module under Administrative Tools that seems to manage and track user CAL's for the domain controller. I don't see this on my newly promoted Server 2008 domain controller, nor do I see any roles to add it. Does this need to be transferred to my new Server 2008 domain controller or will it all happen when the old server is decommissioned? I've already transferred all my Terminal Server licenses to the new server. Thank you!

    Read the article

  • Is there a way in IE9 on a Virtual Machine to do AD auth in IE9 without the machine being added to the domain but the host machine is?

    - by Micah Armantrout
    I have a virtual machine that is running IE 9 and windows 7 Latest Updates that I want to use to test my intranet site (ASP.Net Application). I can't add the virtual machine to the domain and I don't want to have to type my ad cruds everytime I load the site up. Is there a way for the IE on the virtualbox to Authenticate as my AD Cruds on the host machine so I don't have to always put my username and password in ? I guess I can just have IE on the virtual machine remember my username and password but other than that is there another way to do this ?

    Read the article

  • How to prevent slow printer performance when AD is not available

    - by AKoran
    When I take a domain based computer (Windows XP) and plug it into a network that doesn't have access to the AD, the first time I select a local printer (printing directly to printer) on the current network it takes a good 20-30 seconds before I can select the printer. Doing a little investigating using wireshark I can see the computer is trying to hit AD for some reason and it just keeps timing out. I also tried the same experiment with just a plain workgroup computer and it was able to bring the printer up immediately. Does anyone know how to prevent the machine from trying to contact AD?

    Read the article

  • When is a domain computer account scheduled to change the password?

    - by Jason Stangroome
    I understand domain-joined computers have machine accounts in AD and these accounts have passwords that expire (apparently every 30 days by default) and those passwords are automatically changed without user intervention. Given that this is known to cause issues when restoring snapshots of domain-joined virtual machines, is it possible to query the domain-joined computer or AD to determine when the machine account password is next scheduled to be changed?

    Read the article

  • Using cd Command in Windows Command Line, Can't Navigate to D:\

    - by nicorellius
    This may be a stupid question, and I think I have looked elsewhere to find the answer... Might be a path issue, but when I open the command line and type from the C:\>: cd D:\ I cannot get to the D drive. Even if I type: cd D:\<folder name> The command.exe will auto-complete the line with the tab key, so it knows where I'm at. It just doesn't print to screen the result or actually get me there. This problem exists for the network drives as well. Now, if I use the chdir (cd) command like this: chdir D: or cd d: I get the print out of the D:\ below the command but it still says I'm in the C:\. I feel like I'm missing something simple.

    Read the article

  • Disabling parallel network connections on workstation

    - by sumar
    Is it possible to disable prarallel network connections on workstation, when workstation is connected to corporate LAN? I want to avoid users bypassing Internet access policies by concurently connect to LAN and 3G/Hotspot. We have many developers and they have local administrator rights on workstations. Developers should be able to connect virutual networks (VMware/VirutalPC/Hyper-V/VirutalBox). Other users should be able to use only one network connection concurently.

    Read the article

  • Cross domain LDAP

    - by Adam
    For a system we are developing we have 2 domains an internal and an external domain with bi directional trust between them. However the servers are only able to connect to their own DC's. We have an application server on the internal domain which needs to use an LDAP query to gather a list of users from a group on the external domain. How do i go about writing an LDAP query that asks one DC to go ask another DC for a list of users. I tried querying the internal DC with the same LDAP query I would use if it could hit the external DC directly but this does not work. When i use Softerra LDAP Administraor I can view the full hierarchy of the interal domain but despite the trust relationship between domains i am unable to see any of the external doamin. Any suggestions or help would be greatly appreciated

    Read the article

  • Laptops on Windows Domain sometimes have problems accessing internet when off-site

    - by FSUScoot
    Hi all-- We've had this problem for a long time. When users travel, sometimes they can't get internet access from a wired or wireless connection. Here are a couple examples: 1) A user goes to a hotel and tries to access the wireless in their room. They can connect to the access point. They open a web browser and they can't get re-directed to the hotel's login page. Because they can't log in, there's no internet access. 2) A user goes to another laboratory/university and tries to access the wired network. They connect, link is fine, PC gets IP from DHCP but no internet access. There's no login page to be re-directed to. It should just "work". What I've found is that it's a DNS issue. Because the computer is on a Windows Domain, it seems it MUST use our DNS servers. Even if you connect to an outside network and do an ipconfig /all, it looks like everything is ok. It'll even show their DNS servers listed in the config. The computer just won't use the other network's DNS server. I found a reg key that keeps our DNS servers listed and it seems that they take priority every time: HKLM\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient All the values under that key are for our AD domain. NameServer and Searchlist never change. What I've found is if the user edits the NameServer string and puts the DNS server of the network they're on, everything works just fine. They get re-directed to the hotel's correct login page or their internet access starts working. It's only a problem if the network they're on blocks outside DNS or a hotel that uses an internal name in their front page redirection that only their DNS server knows about, i.e., not public. If the re-direct page starts with an IP, like 10.10.10.10, it'll work just fine. Obviously this isn't a fix for everyone. Most of my users are pretty knowledgeable so it’s easy for me to walk them through or send them a .reg file that they can edit and run. This problem isn't limited to Windows 7. It was like this with XP as well. It's not hardware related. The problem exists on both wired and wireless, Intel or Broadcom, laptops or desktops. Anyone else have this problem? Is there a GPO I can change that I missed? Got a good work-around for this? Thanks for any help!

    Read the article

  • Simulate a DFS share for a user not on domain with a folder in path

    - by user223655
    I have a consultant whose computer is not on the domain and needs to access various network resources. Unfortunately while adding a computer to the domain is a difficult bureaucratic process (and would disallow much of his development software from even running given the domain restrictions), we can allow him to have credentials to access network resources. As such, he accesses various network resources via NET USE etc. without using DFS. There is one piece of software which requires him to have the same hardcoded path as other domain users but that path is a DFS path which he can't map (i.e., the software checks the path at runtime and will only run if it matches the registered path and will reject it in the context of using a DFS versus conventional machine path) I was wondering if there's some method to simulate the DFS path without actually using DFS. e.g., the path the software needs to see is "\ABC\DFS\software\app.exe" whereas the non DFS path is "\DEF\Software\app.exe" while I could make his hosts file point DEF to ABC, I'm not sure if I can somehow make it point there with the DFS "folder" as well are there any methods for this short of making changes to the AD to allow him to use DFS or add him to the domain (both of which are politically/technically challenging sadly)? Thanks guys

    Read the article

  • When to raise domain functional level?

    - by Joel Coel
    We very recently completed a project to retire two old domain controllers running Server 2003 R2. They are now replaced with shiny new 2008 R2 boxes. However, the functional level of the domain has not yet been updated for the 2008 R2 servers, just in the long-shot case of the need for a rollback to the old controllers. I expect to have the all clear to update the domain by next weekend. I also want to note that our desktop clients are still 95% Windows XP. However, we're about to start a project to update our 200 or so clients to Windows 7 before the end of the calendar year. Is there any advantage to holding the domain at the 2003 functional level while we are still supporting more Windows XP than Windows 7, especially given that some of the management stations are still XP? Update: I forgot to mention earlier that we still have a pair of windows 2000 servers (not domain controllers) that support some legacy software. I'm working to replace those, but in the meantime I need to be sure that Windows 2000 can still participate in a 2008 R2 domain.

    Read the article

  • Replacement for NIS/YP

    - by mdpc
    The company that I am working for is embarking on replacing the current locally developed NIS/YP structure with LDAP. We already have AD in house for the Windows stuff and would like to consider using an AD system. The AD people are quite restrictive and would not support extensive modifications. We have needs to have the replacement include the support the full capabilities of the NIS/YP suite include netgroups, login restrictions to specific servers for specific users or groups of users, consistent passwords between the *nix and Windows environment,etc. Our environment is a mixture of Linux (suse, RH, Debian), Sun, IBM, HP and MPRAS as well as a NETAPP. So whatever we use must be totally inclusive to all environment. We have looked at Likewise, but our management wants other alternatives to compare with. What other things should I be looking at and what is you assessment of the alternative? Thanks

    Read the article

  • kerberos NTLM authentication

    - by rockbala
    Hi, Where can I check in Windows Server 2008 that Kereberos/NTLM is the authentication protocol used after the whole network is set up/installed. There is only 1 domain controller with AD services and is not affiliated with any other domains. Regards, Balaji S

    Read the article

  • User receives group membership error to terminal server even though has rights

    - by BlueToast
    http://www.hlrse.net/Qwerty/TSLoginMembership.png To log on to this remote computer, you must be granted the Allow log on through Terminal Services right. By default, members of the Remote Desktop Users group have this right. If you are not a member of the Remote Desktop Users group or another group that has this right, or if the Remote Desktop User group does not have this right, you must be granted this right manually. Only as of today a particular user began receiving this message for a second terminal server they use; otherwise, they have never had any problems authenticating into this server. We have no restrictions on simultaneous and multiple logins. On each terminal server, we have a group and security group like "_Users" locally in the Builtin\Remote Desktop Users group. For this particular user, on this particular terminal server we have locally given him Administrator, Remote Desktop Users, and Users membership; in AD we have given him DOMAIN\Administrator, Builtin\Remote Desktop Users, DOMAIN\_Users. It still gives us that error message. We gave him membership to another terminal server (random) by simply making him member of another DOMAIN\_Users group -- successfully able to login to that random terminal server. So, from scratch we created an AD account 'dummy' (username) with only Domain Users membership. Tried to login to this particular server, no success. So I added 'dummy' to DOMAIN\_Users group, and then was successfully able to login. Other users from this user's department are able to login to this particular server just fine as well. We checked the Security logs on this particular server, and while it is logging everything, the only thing it appears to not log are these failed login attempts from this particular user who receives this error message. We have tried rebooting the server, and the user is still receiving that error message.

    Read the article

  • Block Domain User login

    - by Param
    I have created a Domain User id ( for example - Auser ). I have integrated my LDAP login with Firewall. I use this user to login in to firewall only. So, I want to block all the login for this User except on Firewall. Is there any way to accomplish this? As per my knowledge, we can specify :- By right click on Domain User -- Properties -- Account tab -- Logonto ( but here we have to specify Computer Name, we don't have any computer name for Firewall -- So i can't use this option ) Through Group Policy Window Setting -- Security Setting -- Local Policies -- User Rights Assignment -- Allow logon Locally (But it has to apply on Computer OU -- So i can't use this option also ) Any Other Option you know ??

    Read the article

  • Revamping an old and unstable office IT-solution using Windows Server and OpenVPN

    - by cmbrnt
    I've been given the cumbersome task to totally redo the IT-infrastructure for a customer's office. They are currently running Windows XP all over, with one computer acting as a file server with no control over which users have access to which files, and so on. To top it off, this file server also functions as a workstation, which means it gets rebooted every time the user notices some sluggish behavior or experiences problems with flash games. To say the least, this isn't working for them. Now - I've got a very slim budget, but I need to set up a new server, and I wish to run Windows Server 2008 on it. I also need the ability to access the network remotely via VPN. Would it be a good idea to install VMware ESXi 4.1 onto the new server, and then run Windows Server 2008 as well as a separate Debian install for openvpn on it? I don't like the Domain Controller for the future AD to also run a VPN-server, because of stability issues when something goes to hell with either of them. There will be no redundancy though. However, I'm not sure if there is something to gain by installing a VPN solution on the Windows Server itself, when it comes to accessing file shares on the network via VPN. I don't know how to enable users logging in via the VPN to access the remote files, since they will be accessing the network from their own home computers (which is indeed a really bad idea, but this is what I've got to work with). They won't be logged in to the windows Domain, but rather their home workgroups. I need to be able to grant access to files in certain directories based on the logged in AD-user, but every computer won't necessarily be configured to log into the domain. I'm not sure how to explain this in a good way, but I'd be happy to clarify if somethings not clear. Any help would be great, because I've got a feeling that I can't do this without introducing a bunch of costly new rules when it comes to their IT-solution. I'd rather leave that untouched and go on my merry way to the next assignment.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 156 157 158 159 160 161 162 163 164 165 166 167  | Next Page >