Search Results

Search found 29574 results on 1183 pages for 'directory services'.

Page 165/1183 | < Previous Page | 161 162 163 164 165 166 167 168 169 170 171 172 | Next Page >

A network share folder is invisible to users

- by Myrddin Emrys

I have a network share folder that I was recently cleaning up permissions to. I took off the four individual names from the access permissions to the folder, and added a new security group (Universal) with standard Read/Write permissions to that folder, then added those 4 people to the group. However... now nobody can see the folder. The users can see the other 9 folders in that shared drive, but the 10th is missing. I cannot see any security permission in the parent folder or in the folder itself which would cause it to be invisible to anyone, regardless of whether they have permission to open it or edit files within.

Read the article
What linux is easy to attach to a windows domain.

- by Arthur Ulfeldt

for a development test bed I need to attach ANY linux machiene to a test AD Domain and do single sign on through it. Is there a Linux Distro that is easy to connect to AD?

Read the article
Group Policy fault - Students force

- by Richard 'Bean' Williams

Work at a school and we've got a scenario. We block F8 on all computers so students cannot access Safe Mode to bypass Group Policy... But students are logging into their accounts using AD, and they are turning them off half way through. Then they are claiming that when they login next time, they have Local Administrator accounts. Is this right, but we have blocked F8 and Startup repair, so wondering how they actually did it. Cheers Richard

Read the article
File ownership and permissions on web site PHP files

- by columbo

Hello, I am learning the basics of linux servers so I am green. I have an Ubuntu server upon which there are websites that I have inherited. In a fit of security worry I decided to check out the ownership of the web site files. They are all 2016:sites. If I run the command 'cat /etc/group | more' I can see that the group exists. But when I run 'lastlog' the user 2016 does not appear. I started to worry that 2016 might be the username of web users connecting from the web so I set the permissions on a testfile to chmod 600, giving read permissions to only the file owner. Sure enough I could still access the file from the web. Can anyone suggest what is going on here? I tried creating a new user and giving them file ownership but then when I access the file from the web it wants me to have all directories up stream owned by the same person. Thanks

Read the article
finger for Windows

- by tearman

Ok probably a bit of an odd question, but is there a way to enable "finger" like functionality on a Windows network? we'd basically like the ability to find out where a user is logged in on a network and possibly which users are logged onto a workstation if possible. We're currently on AD2003 functional level, with the intent of going to AD2008 very soon, so compatibility in that arena is preferable.

Read the article
Exchange 2010 install locks out high level accounts

- by tearman

Basically, when we installed Exchange 2010 alongside our Exchange 2003 server (we assume), this is what caused our problem. The Exchange 2010 server is not active, just running on the domain. What's actually going on is that user groups like Enterprise Admins are getting a single deny flag on Full Control over mailboxes currently residing on the Exchange 2003 server which is preventing any of us from making changes. It says these permissions are inherited from the Parent Object, but we have no idea which one that is. Any idea on how to go about fixing this?

Read the article
Clone roaming Appdata in two places

- by blsub6

I have my users appdata (roaming) stored on a external server in the location that they're normally in. I have some users that are in two locations equally. This provides a problem when someone tries to open up Firefox on a computer in a location other than where their appdata is stored, it takes forever. Is there a way that I can clone the redirected appdata (roaming) folder to two locations and have the folder redirection look for appdata (roaming) based on the location that the user is at?

Read the article
Windows VPN for remote site connection drawbacks

- by Damo

I'm looking for some thoughts on a particular way of setting up a estate of machines. We have a requirement to install machines into unmanned, remote locations. These machines will auto login and perform tasks controlled from a central server. In order to manage patching, AV, updates etc I want these machines to be joined to a dedicated domain for this estate. Some of the locations will only have 3G connectivity (via other hardware), others will be located on customer premises in internal networks. The central server (of ours) and the Domain Controller will be on a public WAN. I see two ways of facilitating this. Install a router at each location and have a site to site VPN between the remove device and the data centre where the servers are location Have the remote machine dial up and authenticate via a Windows VPN connection to the DC via RAS Option one is more costly to setup and has a higher operational cost. It also offers better diagnostics if the remote PC goes down. Option two works well but is solely dependent on the VPN connection been made before any communication can be made to the remote machine. In a simple test, I can got a Windows 7 machine to dial a VPN prior to authentication to a domain, then automatically login to the machine using domain credentials. If the VPN connection drops, it redials. I can also create a timed task to auto connect every hour in case of other issues. I'd like to know, why (if at all) is operating a remote network of devices which are located in various out of band locations in this way a bad idea? Consider 300-400 remote machines all at different sites. I'd rather have 400 VPN connections to a 2008 server than 400 routers, however I'd like to know other opinions on this.

Read the article
Multiple Domains on an Exchange Server

- by William

When I create a new user in exchange, it asks me to provide the User Logon Name. There is a dropdown box that supposedly allows you to select a domain for the user's login. What is this referring to? How can I make it so that I can create users with different domains in their user logon name? p.s. I am very aware of 'Accepted Domains' in Exchange allowing one user to have several email addresses in different domains. I am just curious how I can modify the user's Logon name specifically.

Read the article
How do you change the "scan this dir for additional ini files" path?

- by amvx

I managed to get the custom INI to load, but its still loading other .ini files from the default location. I created an fcgi wrapper that passed the ini value as a parameter. That worked. Now just these other ini's need to be loaded from the same dir as my custom ini. The problem is the other .ini files are overriding the settings in my custom php.ini =/ I realize the problem now is that the php.fcgi was compiled with a custom path parameter. So that's a problem. I might have to recompile it using a different location or none at all. I'd hate to have to compile an fcgi for each domain =/

Read the article
Squid on Linux Windows Pass through authentication

- by beakersoft

We are setting up a new proxy based on squid on an ubuntu server, and would like to have pass through authentication work for the Windows/Internet Explorer client. We have put the line into the squid.conf for squid_ldap_auth, but this prompts for a username and password in internet explorer. It does work ok once the user puts it in. Whats the 'best' (standard) way of using pass through authentication? Cheers Luke

Read the article
Cannot authenticate a domain user with SQL Server 2008

- by Sambo

I'm new to setting up Domains so I might be missing something simple here... I've installed SQL Server 2008 on a Windows Server 2008 R2 box and I have another WS2008 R2 box acting as the domain controller. I've joined the SQL server to the domain and it seems to be behaving itself fine. I can ping the DC by name and IP address. I created a domain user 'SPSQLAdmin' that I want to use for database access with SharePoint but I can't seem to log on to SQL with this user. SQL complains, saying that the user belongs to an untrusted domain. I've configured the DC to delegate control for any service to the SQL Server but it doesn't improve the situation. What should I try next? Thanks in advance.

Read the article
Gotomeeting MSI needs elevated privs?

- by DrZaiusApeLord

Typically I can deploy MSIs with no issue, but the Gotomeeting one refuses to install. SCE lists it as pending and AD just attempts to install it, gives up, and never tries again. When I tried running it by double-clicking its icon, it told me "needs to run with elevated privs." I don't see how I can get AD or SCE to run it with these higher privs. I can run it by using an elevated command prompt and running msiexec from there. The MSI is the one labeled "GoToMeeting MSI Installer (ZIP)" from here: http://support.citrixonline.com/GoToMeeting/search?search=msi Any ideas? I run an environment where the users are non-admins and would love to be able to upgrade this centrally.

Read the article
Send mail from a distribution group's email address

- by Campo

A user has send permission on a distro group on a WINDOWS SERVER 2003 domain. I am the admin. When either of us sends email using the distribution group's email adress we get a non delivery report Your message did not reach some or all of the intended recipients. Subject: TEST Sent: 4/19/2010 4:46 PM The following recipient(s) cannot be reached: [email protected] on 4/19/2010 4:46 PM You do not have permission to send to this recipient. For assistance, contact your system administrator. MSEXCH:MSExchangeIS:/DC=local/DC=DOMAIN:SERVERNAME Thanks, JC

Read the article
AFP AD ACL permissions issues with external drive

- by AlanGBaker

Mac OS X Server 10.4.11 connected to an AD domain system serving AFP shares to Mac OS X 10.5.8. If I create a share on the the internal RAID of the server with an ACL that allows RW to all ("Domain Users"), then it works, but a share created identically on the external RAID appliance (Drobo v2) doesn't. When the share from the Drobo is mounted, it shows no sign that it has any ACLs associated with it: neither in the Finder (Get Info), nor when checked via the terminal with "ls -lae". The Drobo does show that the ACLs exist when I ssh into the server and check it there, but when the clients mount that share, they just... ...disappear. Any thoughts?

Read the article
Certificate enrollment request chain not trusted

- by makerofthings7

I am working on a MSFT lab for Direct Access, and need to create a Web certificate. The instructions ask be to do the following: On EDGE1, click Start, type mmc, and then press ENTER. Click Yes at the User Account Control prompt. Click File, and then click Add/Remove Snap-ins. Click Certificates, click Add, click Computer account, click Next, select Local computer, click Finish, and then click OK. In the console tree of the Certificates snap-in, open Certificates (Local Computer)\Personal\Certificates. Right-click Certificates, point to All Tasks, and then click Request New Certificate. Click Next twice. On the Request Certificates page, click Web Server, and then click More information is required to enroll for this certificate. On the Subject tab of the Certificate Properties dialog box, in Subject name, for Type, select Common Name. In Value, type edge1.contoso.com, and then click Add. Click OK, click Enroll, and then click Finish. In the details pane of the Certificates snap-in, verify that a new certificate with the name edge1.contoso.com was enrolled with Intended Purposes of Server Authentication. Right-click the certificate, and then click Properties. In Friendly Name, type IP-HTTPS Certificate, and then click OK. Close the console window. If you are prompted to save settings, click No. In production, our company has overridden the Web Server template and it doesn't seem to be issuing certificates with the full CA chain. When I look at the issued certificate properties then both tiers of the 2 tier CA hierarchy are missing. How can I fix this? I'm not sure where to look outside the GUI.

Read the article
Effective Permissions displays incorrect information

- by Konrads

I have a security mystery :) Effective permissions tab shows that a few sampled users (IT ops) have any and all rights (all boxes are ticked). The permissions show that Local Administrators group has full access and some business users have too of which the sampled users are not members of. Local Administrators group has some AD IT Ops related groups of which the sampled users, again, appear not be members. The sampled users are not members of Domain Administrators either. I've tried tracing backwards (from permissions to user) and forwards (user to permission) and could not find anything. At this point, there are three options: I've missed something and they are members of some groups. There's another way of getting full permissions. Effective Permissions are horribly wrong. Is there a way to retrieve the decision logic of Effective Permissions? Any hints, tips, ideas? UPDATE: The winning answer is number 3 - Effective Permissions are horribly wrong. When comparing outputs as ran from the server logged on as admin and when running it as a regular user from remote computer show different results: All boxes (FULL) access and on server - None. Actually testing the access, of course, denies access.

Read the article
Allow Windows Domain users Local Admin rights on subset of Domain Computers

- by growse

I'm a bit new to AD management, so would appreciate some help in what may be a very simple task. I've got a domain that manages a bunch of different servers, and I want to grant local administrative rights to some domain users to some of the servers (the development webservers). I appreciate the group concept, so I imagine I would have to create a group containing the users in question another group containing the computers to grant them access to. What's the best way of going about this?

Read the article
Joining new DC to AD - DNS name does not exist

- by Andrew Connell

I had a DC fail on me recently and trying to add a new one to my domain, although I'm sensing I might have other issues in my domain. I'm a dev at heart and know just enough about AD to be dangerous so looking for some assistance. My working DC is RIVERCITY-DC12. I'm trying to promote RIVERCITY-DC14 as a DC to the RIVERCITY domain, but when I run DCPROMO, at the NETWORK CREDENTIALS step where I point to the name of the domain (rivercity.local), I get "An AD DC for the domain rivercity.local cannot be contacted" and in the details see "The error was DNS name does not exist" Looking at RIVERCITY-DC12, I can see DNS is working, I've been able to query it from other machines in my domain, and no errors are reported in the DNS category within the Event Viewer. When I checked the FMSO roles, it shows RIVERCITY-DC12 is the machine for all listed roles. Not sure what I should do next or how to troubleshoot/investigate after searching around for a solution... ideas? Environment: Domain: rivercity (rivercity.local) Forest functional level: Windows 2000 (I'm more than happy to raise this) Windows Server 2008 All servers are Windows Server 2008 R2 SP1 (fully patched)

Read the article
Is there an equivalent of SU for Windows

- by CodeSlave

Is there a way (when logged in as an administrator, or as a member of the administrators group) to masquerade as a non-privileged user? Especially in an AD environment. e.g., in the Unix world I could do the following (as root): # whoami root # su johnsmith johnsmith> whoami johnsmith johnsmith> exit # exit I need to test/configure something on a user's account, and I don't want to have to know their password or have to reset it. Edit: runas won't cut it. Ideally, my whole desktop would become the user's, etc. and not just in a cmd window.

Read the article
Running 1 DC physically and a second virtually

- by stead1984

I plan to create my first DC and forest on a physical server, then I want to run a second DC on a virtual server that will replicate the first DC. I understand that this will provide redundancy for AD that if the first domain controller went down the second would resume until the first is back online. Would this work and how?

Read the article
Password recovery of a Windows 2003 DNS server.

- by KronoS

I'm not going to lie, I feel like an idiot and would probably downvote this myself if I could, but here's my problem. I've just setup a Windows 2003 server as the DNS/AD for a replace of an old server. However, it appears that I don't know the password for the Administrator account. I entered the password and I setup the role, but apparently what I remember/wrote down and what I typed in are different. How do I recover a password? I can't log-on locally as it will only allow to log-on to the newly created domain.

Read the article
Firewall GPO not applying despite being enumerated by gpresult

- by jshin47

I have a need to open up the admin$ share on all of my domain's client PC's and I am trying to do so using group policy. I defined computer policy for Windows Firewall with Advanced Security in a policy object linked to the appropriate container and added the appropriate rules. However, they are not being applied! I feel like I have tried all of the obvious steps: I've checked gpresult and the resulting set of policy is the way that I would expect it to look. I've gpupdate /force and gpupdate /sync on a few client computers, but no matter what I do they don't seem to respond to my changes. I know that other computer policies in the GPO are being applied so it is strange that these are not. I have also disabled exceptions on clients in the firewall GPO, but that doesn't seem to be applying either. Here is a screenshot of the firewall.cpl from a client: Basically, although other options in the same GPO ARE applied for computer policy, the firewall settings seem to be ignored.

Read the article
LAMP: How do I set up http://myservername.com/~user access?

- by Travesty3

Been trying to Google this, but I can't figure out good search terms to find any info about what I need, since I don't really know what it's called. I'm pretty much being thrown to the wolves to figure out how to set up a LAMP server. We had someone who knew how to do it, he set one up and then quit. It was set up so that when I went to "http://{myservername}.com/~travis" it showed the contents of my /home/travis/public_html folder. This worked fine, then we lost power and the server restarted (I know, battery backup, but this is a dev server in a dev building so it's OK). Now, the browser can't find that URL. I also need to know how to set this up on a new server, so instead of wasting time diagnosing this problem (probably just something dumb I did messing with settings or something), I really need to know how to set this up from scratch. Thanks for taking the time to read this and (hopefully) answer!

Read the article
What alternatives are there to ActiveDirectory to administer a large number of computers?

- by Zubair

I would like to know what the different options are or if ActiveDirectory is the only choice.

Read the article

< Previous Page | 161 162 163 164 165 166 167 168 169 170 171 172 | Next Page >