Search Results

Search found 5330 results on 214 pages for 'django auth'.

Page 172/214 | < Previous Page | 168 169 170 171 172 173 174 175 176 177 178 179  | Next Page >

• Using both domain users and local users for Squid authentication?

  - by Massimo

  I'm working on a Squid proxy which needs to authenticate users against an Active Directory domain; this works fine, Samba was correctly set up and Squid authenticates users via ntlm_auth. Relevant lines in squid.conf: auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 5 auth_param ntlm keep_alive on acl Authenticated proxy_auth REQUIRED http_access allow Authenticated http_access deny all Now, I need a way to allow access to users which don't have a domain account. I know I could create an "internet user" account in the domain, but this would allow access, although limited, to domain resources (file shares, etc.); I need something that will allow only Internet access. The ideal solution would be using a local account on the proxy server, either a Linux account or a Squid one; I know Squid supports this, but I'm unable to have it use both domain authentication and Squid/local authentication if domain auth is unsuccesful. Can this be done? How?

  Read the article

• Windows 7 keep internet connection after IPSec established

  - by mmc18

  How I can keep internet connection after establishing IpSec connection to server? I have followed to following link to establihed IpSec server http://rootmanager.com/ubuntu-ipsec-l2tp-windows-domain-auth/setting-up-openswan-xl2tpd-with-native-windows-clients.html then following the below one to connect this server from Windows 7 machine. http://confoundedtech.blogspot.com/2012/07/windows-l2tp-ipsec-vpn-connection-to.html I am able to connect and properly sending data. But after establihing IpSec conenction, my internet conenction is dropped. How I can keep both connection alive?

  Read the article

• hosts.deny not working

  - by Captain Planet

  Currently I am watching the live auth.log and someone is continuously trying the brute force attack for 10 hours. Its my local server so no need to worry but I want to test. I have installed denyhosts. There is already an entry for that IP address in hosts.deny. But still he is trying the attacks from same IP. System is not blocking that. Firstly I don't know how did that IP address get entered in that file. I didn't enter it, is there any other system script which can do that. hosts.deny is sshd: 120.195.108.22 sshd: 95.130.12.64 hosts.allow ALL:ALL sshd: ALL Is there any iptable setting that can override the host.deny file

  Read the article

• OpenVPN Configuration - Windows 7 client & debian server

  - by Guillaume

  I recently formatted my Windows 7 computer and lost my client's config files for OpenVPN. I recovered the certificates and default config that were left on the server but I haven't managed to make the whole thing work again. I assume the server's config and routing table are OK because it was working before (although quite some time ago). Would any of you experts be able to help? server.conf # Serveur TCP/666 mode server proto udp port 666 dev tun # Cles et certificats ca ca.crt cert server.crt key server.key dh dh1024.pem tls-auth ta.key 0 cipher AES-256-CBC # Reseau server 10.8.0.0 255.255.255.0 #push "redirect-gateway def1 bypass-dhcp" push "dhcp-option DNS 208.67.222.222" push "dhcp-option DNS 208.67.220.220" push "redirect-gateway def1" keepalive 10 120 # Securite user nobody group nogroup chroot /etc/openvpn/jail persist-key persist-tun comp-lzo # Log verb 3 mute 20 status openvpn-status.log log-append /var/log/openvpn.log client.conf # Client client dev tun proto udp remote *my server's ip address*:666 cipher AES-256-CBC # Cles ca ca.crt cert client1.crt key client1.key tls-auth ta.key 1 # Securite nobind persist-key persist-tun comp-lzo verb 3 Routing table on debian server when OpenVPN server is running: Destination Gateway Genmask Indic Metric Ref Use Iface 10.8.0.2 * 255.255.255.255 UH 0 0 0 tun0 10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0 my server's ip * 255.255.255.0 U 0 0 0 eth0 default 72815.trg.dedic 0.0.0.0 UG 0 0 0 eth0 Routing table on Windows 7 client (OpenVPN not working) =========================================================================== Interface List 19...00 f0 8a 1b 6e 5c ......TAP-Win32 Adapter V9 12...90 2e 34 33 84 7b ......Atheros AR8151 PCI-E Gigabit Ethernet Controller ( NDIS 6.20) 1...........................Software Loopback Interface 1 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2 =========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.11 20 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 192.168.1.0 255.255.255.0 On-link 192.168.1.11 276 192.168.1.11 255.255.255.255 On-link 192.168.1.11 276 192.168.1.255 255.255.255.255 On-link 192.168.1.11 276 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.1.11 276 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.1.11 276 =========================================================================== Persistent Routes: None IPv6 Route Table =========================================================================== Active Routes: [...] =========================================================================== Persistent Routes: None And when the link is established between my client and the server: The server's routing table stays the same. The client's becomes: =========================================================================== Interface List 19...00 f0 8a 1b 6e 5c ......TAP-Win32 Adapter V9 12...90 2e 34 33 84 7b ......Atheros AR8151 PCI-E Gigabit Ethernet Controller ( NDIS 6.20) 1...........................Software Loopback Interface 1 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2 =========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.11 20 0.0.0.0 128.0.0.0 10.8.0.5 10.8.0.6 30 10.8.0.1 255.255.255.255 10.8.0.5 10.8.0.6 30 10.8.0.4 255.255.255.252 On-link 10.8.0.6 286 10.8.0.6 255.255.255.255 On-link 10.8.0.6 286 10.8.0.7 255.255.255.255 On-link 10.8.0.6 286 my server's ip 255.255.255.255 192.168.1.1 192.168.1.11 20 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 128.0.0.0 128.0.0.0 10.8.0.5 10.8.0.6 30 192.168.1.0 255.255.255.0 On-link 192.168.1.11 276 192.168.1.11 255.255.255.255 On-link 192.168.1.11 276 192.168.1.255 255.255.255.255 On-link 192.168.1.11 276 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.1.11 276 224.0.0.0 240.0.0.0 On-link 10.8.0.6 286 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.1.11 276 255.255.255.255 255.255.255.255 On-link 10.8.0.6 286 =========================================================================== Persistent Routes: None What's working: Server and client do connect to each other, SSL certificates are OK. The client gets an IP (10.8.0.6) from the server OpenVPN client is started as an administrator. But: I cannot ping the other one on either side. 'Gateway' value is empty on client's side (in the adapter's "status" window). Client has got no internet access when the link is up. Ideal configuration: I only want the client to be able to use the server's Internet access and access its resources (MySQL server in particular). I do not need or want the server to access the client's local network. The client needs to be able to access it's local network, although all Internet traffic should be redirected to the VPN link. I spent a considerable amount of time on this but it's still not working, any help would be much appreciated. Thanks :)

  Read the article

• Using Default Document with Forms Authentication

  - by John Rabotnik

  I have a site hosted on IIS7 with a default document specified as default.aspx. This works fine but my app uses Forms Authentication and I want to disable Anonymous Authentication completely. When I do disable anonymous authentication for everything except the login page, everything works fine but the default document setting stops working. With Anonymous authentication switched on if I visit http://mysite I get passed to http://mysite/default.aspx (which then redirects to the login page if the user hasn't already logged in) If I disable anonymous authentication (leaving only forms based auth enabled) and I visit http://mysite I get a permission denied page from IIS. Yet, if I visit http://mysite/default.aspx directly then the site works fine. I just want to disable anonymous authentication and have http://mysite go to http://mysite/default.aspx. Any ideas would be greatly appreciated.

  Read the article

• Installing httpssl module on a running NGINX server

  - by Rob

  Hi, New to NGINX, we inherited a project that runs Django/FCGI/NGINX on a hosted RHEL box. A requirement has come in that the site now needs to have ssl enabled. Client was pretty sure the person who had built the site had made it so they could use ssl. I backed up the conf file, added the server block for the ssl instance and tried to reload. Reload failed because it didn't recognize the ssl in this line: ssl on; Not an NGINX expert, but the David Caruso in me tells me that the server (sunglasses on) is not secure. I know that you need to configure NGINX at install with this module. If this didn't happen, how hard/risky is it to reconfigure a running nginx box with this module given that we didn't configure it in the first place.

  Read the article

• Why does iChat Server keep connecting to proxy.eu.jabber.org?

  - by Tom Hamming

  I have OS X Server 10.6.5 running on a new Mac Mini (server model), serving several functions among which is iChat Server (iChat and Pidgin on Windows as clients). In the iChat log in Server Admin, I kept seeing entries about connecting to proxy.eu.jabber.org. It's for our office network and I wasn't excited about external access to it, so I disabled server-to-server XMPP federation and now the connections just time out. But why is it doing that in the first place? Sample log entry: (datetime) (servername)jabberd/resolver[portnum]: [xmpp-server._tcp.proxy.eu.jabber.org resolved to 208.68.163.220:5269 (300 seconds to live) then: sending dialback auth request for route '(full server hostname)/proxy.eu.jabber.org' A couple minutes later, it comes back with: dialback for outgoing route '(full server hostname)/proxy.eu.jabber.org' timed out

  Read the article

• How to configure JAAS on JBoss?

  - by AntonioP

  Hey Im having a problem with "Failed to load users/passwords/role files: java.io.IOException: No properties file: users.properties or defaults: defaultUsers.properties found" error from jboss. No matter what I change in conf/login-config.xml always that same error. Turning on TRACE for org.jboss.security shows that it does Security domain: myapp followed by findResource: null and the above error. Ive tryed adding a users.properties to my .war WEB-INF/classes/users.properties to no avail. Why is jBoss doing like this? What is this JAAS and why does it need it? What does it require, where to put what files, if its possible Ill remove all of this org.jboss.security.auth.spi.UsersRolesLoginModule completly, just let me use my app. Thanks

  Read the article

• How to establish SIP connection, when SIP-proxy is required?

  - by LA_

  I have Asterisk/1.8.13.1 Asterisk GUI-version : SVN--r Yes, quite old one, but I can not update it since this is installed on my Synology NAS. NAS is connected to internet thru router Asus RT-N16. I should use the following data to connect to the server: Auth name – 7499952XXXX User name/User ID/Display Name – nickname Authorization user name - [email protected] Domain - sip.beeline.ru SIP proxy server - msk.sip.beeline.ru I've also found the following string: [email protected]:password:[email protected]@msk.sip.beeline.ru:5060/7499952XXXX I've tested the parameters on my PC thru X-Lite and it works well (so, assume there is no any problem with the router, no need to do anything with router's NAS settings). But since I am quite new to Asterisk, I can not understand where to input all these data. Asterisk GUI doesn't have fields for proxy: Can somebody please help me with step-by-step instruction? Thank you in advance!

  Read the article

• Best practices for setting lm-factor in Squid refresh patterns

  - by Mpentecost

  I am running a Squid (3.1) cache in front of Django. The content of the site does not change very often, so Squid gives our backend much needed breathing room. Currently, this is the refresh pattern that we are using to cache the content: refresh_pattern . 60 100% 60 We basically want to cache everything for at least an hour (and only an hour) before Squid then re-validates the content. My question is on the "100%" parameter, which sets the lm-factor. I'm not sure if setting that to 100% is doing what we want it to. The assumption was that by setting it to 100%, it would ensure that objects stay in the cache for the max cache time. Is this an incorrect assumption? What are the best practices that one should follow when setting up a refresh pattern like this?

  Read the article

• Can't login to SQL Server after moving machine to different office/domain

  - by Dan

  Our company has just been bought and the over the weekend I have brought up the last few machines to plug into their network (they are under a different Windows Domain). The last machine is our Vault system and the SQL Server was using Windows Authentication. I have plugged it into their network and its working fine, but i cannot connect to SQL Server with Management Studio and, I fear, no backup jobs will also be working. When I try to login under Windows Auth, it has the user name of "NEWDOMAIN\Administrator" (greyed out) and then presents a "login failed" message with error code "18456". Can anyone help me with this, or will I just have to reinstall SQL Server, Vault and restore the backup I took before the move?

  Read the article

• Source of Unexplained Requests in Server Logs

  - by Synetech inc.

  Hi, I am baffled by some entries in my server logs, specifically the web-server logs. Other than normal, expected traffic, I have noticed three types of request errors (eg 404, etc.): Broken links, ie links from old, external pages that point to pages that are no longer here Sequences of probes, ie some jerk trying to hack in by scanning my server for a series of exploitable admin type pages and such What appear to be completely random requests for things that have never existed on the server or even have anything to do with the server, and appear by themselves (ie not a series of requests like the probes) Could it somehow be a mistyped URL or IP? That’s about the only thing that I can think of, but still, how could I get a request on say, foobar.dyndns.org (12.34.56.78) for something like www.wantsfly.com/prx2.php or /MNG/LIVE or http://ant.dsabuse.com/abc.php?auth=45V456b09m&strPassword=X%5BMTR__CBZ%40VA&nLoginId=43. (Those are a few actual requests from my logs.) Can someone please explain scenario three to me? Thanks.

  Read the article

• Why does iChat Server keep connecting to proxy.eu.jabber.org?

  - by Tom Hamming

  I have OS X Server 10.6.5 running on a new Mac Mini (server model), serving several functions among which is iChat Server (iChat and Pidgin on Windows as clients). In the iChat log in Server Admin, I kept seeing entries about connecting to proxy.eu.jabber.org. It's for our office network and I wasn't excited about external access to it, so I disabled server-to-server XMPP federation and now the connections just time out. But why is it doing that in the first place? Sample log entry: (datetime) (servername)jabberd/resolver[portnum]: [xmpp-server._tcp.proxy.eu.jabber.org resolved to 208.68.163.220:5269 (300 seconds to live) then: sending dialback auth request for route '(full server hostname)/proxy.eu.jabber.org' A couple minutes later, it comes back with: dialback for outgoing route '(full server hostname)/proxy.eu.jabber.org' timed out

  Read the article

• Is there any danger in disabling windows firewall on a azure worker role?

  - by NullReference

  I'm trying to troubleshoot a bug on our Azure worker role where we occasionally get the error "Unable to read data from the transport connection: An established connection was aborted by the software in your host machine". This error occurs when we are connecting to outside resources like google auth servers. A few people have recommended disabling the firewall\antivirus on the server. I'm just wondering what kind of security risk we would take by doing this. The server doesn't have iis installed but would it be vulnerable to hacking without the firewall? Thanks

  Read the article

• Want to SASL/TLS authentication

  - by Naval

  I want to send mail from remote client from my server(centos 5 and 64 bit) for this i need to sasl auth but i have no idea about it what changes i have to make in my server and client here I want to make things more clear my server's hostname/Ip is = test02.s80.in/176.67.172.209 now i want to authenticat remote client vps2.smail.info and vps1.smail.info to deliver mail .. so plz help me if any systematic way to do sasl/tls authentication for these clients... i am using DNS load-balancing(round-robin) mx record lookup technique for load balancing..

  Read the article

• How do I configure NTLM authentication in Firefox on Linux?

  - by tolomea

  Our IT department have NTLM deployed through the intranet servers. I've set network.automatic-ntlm-auth.trusted-uris value in Firefox on some of the Windows machines and that works fine. However setting it in Firefox on the Linux machines is not working. This doesn't surprise me at all, I've no notion of where Firefox on Linux is supposed to get the authentication details from. So how is this process supposed to work? what bits of config / infrastructure am I missing?

  Read the article

• Added autossh in rc.local, but the dynamic port forwarding won't work

  - by rankjie

  I am using Rasbian on my newly arrived Rasp.Pi, and decided to make it my own proxy server. Now I need to set up a ssh tunnel on the Pi to my Linode server, and make it auto start with the system. What did I do: Add this line to /etc/rc.local autossh -f theRemoteServer -N -D 5555 -L 1234:localhost:22 After I reboot, I found out that I can't use the localhost:5555 as a socks proxy. So I type the command ps -A | grep ssh then I can see the autossh and ssh all running: pi@raspberrypi ~ $ ps -A | grep ssh 2018 ? 00:00:00 sshd 2116 ? 00:00:00 autossh 2119 ? 00:00:00 sshd 2195 ? 00:00:00 sshd 3173 ? 00:00:00 ssh (I've installed autossh, and the command works if I type it manually.) (I use the passwordless key auth, so I don't have to enter password.) Much appreciated and sorry for my poor English.

  Read the article

• How to failover to local account on a cisco switch/router if radius server fails?

  - by 3d1l

  I have the following configuration on a switch that I testing for RADIUS authentication: aaa new-model aaa authenticaton login default group radius local aaa authentication enable default group radius enable aaa authorization exec default group radius local enable secret 5 XXXXXXXXX ! username admin secret 5 XXXXXXXXX ! ip radius source-interface FastEthernet0/1 radius-server host XXX.XXX.XXX.XXX auth-port 1812 acct-port 1813 key XXXXXXXXX radius-server retransmit 3 ! line con 0 line vty 5 15 Radius authentication is working just fine but if the server is not available I can not log into the router with the ADMIN account. What's wrong there? Thanks!

  Read the article

• phpbb behind a reverse proxy

  - by asciitaxi

  Hi, i've got a django app running on apache behind an nginx reverse proxy. Nginx takes requests on port 80 and forwards them to apache on 127.0.0.1:81. This works fine. Now I want to run phpbb on apache under /forums. My problem is that when phpbb does a redirect, it seems to redirect to the internal apache port, rather than port 80. So, for instance when I first go to http://my-dev-server/forums to configure php bb, it immediately redirects to http://127.0.0.1:81/forums/install/index.php. Is there something I need to do in nginx/apache/phpbb config to get it to redirect to the external port? Thanks very much!

  Read the article

• Unable to access the server via SSH

  - by Rishee

  when I am trying to access the server through ssh it says: ssh: connect to host xx.yyy.zzz.x port 22: Connection refused and on the server in auth.log it shows following log entry: Address xx.yyy.zzz.x maps to xx.yyy.zzz.x.static-pune-vsnl.net.in, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! I have created a user account for that user and it is also in enabled status. Requested info It is Ubuntu 11.10 It is configured as SSH Server using openssh-server I am trying to connect to this server using Putty from Windows 7 i.e. My Desktop I have also asked this on AskUbuntu: http://askubuntu.com/questions/118556/unable-to-access-the-server-via-ssh

  Read the article

• Unreasonably slow stunnel

  - by Kit Sunde

  I setup stunnel on OSX to tunnel traffic to my Django dev server because Facebook needs HTTPS these days but I noticed it's being absurdly slow. It seems like it can only handle a single connection at a time and even the connection is slow when I'm connecting to localhost. I've tried using some performance tips found online and so my config is setup as: pid= # foreground=yes cert=./cacert.pem key=./privkey.pem libwrap=no debug=0 socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1 [https] accept=8443 connect=8000 Is there a way to get more performance or more suitable way of setting up HTTPS for my dev server?

  Read the article

• vsftpd with pam_winbind.so

  - by David

  I'm trying to setup vsftpd to use logins from our domain. I want the ftp users to be able to login using their active directory username/password and have be able to have full access to /media/storage/ftp/username. I setup pptp using winbind and it is working fine, so I belive the issue is with vsftpd and pam. The ftp server runs and gives 530 for the login. I turned on debug for the pam module, but I see nothing in the syslog. Vsftp only logs a wrong login in its log. /etc/pam.d/vsftpd auth required pam_winbind.so debug /etc/vsftpd.conf listen=YES listen_ipv6=NO connect_from_port_20=YES anonymous_enable=NO local_enable=YES write_enable=YES xferlog_enable=YES idle_session_timeout=600 data_connection_timeout=120 nopriv_user=ftp ftpd_banner=Welcome to Scantiva! Authorized access only! local_umask=022 local_root=/media/storage/ftp/$USER user_sub_token=$USER chroot_local_user=YES secure_chroot_dir=/var/run/vsftpd/empty pam_service_name=vsftpd guest_enable=YES guest_username=ftp ssl_enable=YES allow_anon_ssl=NO force_local_data_ssl=NO force_local_logins_ssl=NO ssl_tlsv1=YES ssl_sslv2=YES ssl_sslv3=YES rsa_cert_file=/etc/ssl/private/vsftpd.pem

  Read the article

• Subdomain only accessible from one computer

  - by Edan Maor

  I recently added a wildcard A record to my domain (*.root.com), mapping it to a certain elastic ip on AWS. I've configured apache to redirect all references to something.root.com to root.com, except for one specific "dev" subdomain, which is hosting its own site (a Django app, specifically). The Problem: This setup works perfectly for me on my computer. But on other computers around the office, it doesn't seem to work. Specifically, trying to visit dev.root.com gives an "unable to find server" error. Pinging dev.root.com gives a "cannot resolve hostname" error. The weird thing: pinging any other subdomain of root.com does work, from all machines. I would think this was all due to DNS propagation, except all the computers are behind the same office router, so how could that be the case? Any ideas?

  Read the article

• Server memory issues, and expected level of service from hosting company

  - by Greg

  I'm involved in maintaining an Ubuntu VPS which runs our django websites (nginx/apache/mod_wsgi) and we've been having some memory spikes which have either caused the database to die, or induced kernel panic when the memory management system can't find any killable processes. I'm working on fixing the memory spikes, but I'm wondering whether there's anything I can do to better deal with the problem if it occurs again. Are there any tools I could use to detect the memory spikes and then, say, kill the offending process and email the server admin to fix it up? Killing off one website so that the server can remain operational is certainly preferable to the whole thing falling over. Also, we were charged $600 for after-hours service because we had to get the hosting company to restart the server - is this standard practice among hosting companies? Another provider I work with provides a panel with which I can stop and start the server myself, and given that a restart was all that was needed, $600 seems mightily excessive. (That's NZD, it's around $445 USD)

  Read the article

• Optimal way to make MySQL backups for fairly large databases (MyISAM / InnoDB)

  - by WinkyWolly

  Currently we have one beefy MySQL database that runs a couple of high traffic Django based websites as well as some e-commerce websites of decent size. As a result we have a fair amount of large databases using both InnoDB and MyISAM tables. Unfortunately we've recently hit a wall due to the amount of traffic so I've setup another master server to help alleviate reads / backups. Now at the moment I simply use mysqldump with a few arguments and it's proven to be fine.. until now. Obviously mysqldump is a slow quick method however I believe we've outgrown its use. I now need a good alternative and have been looking into utilizing Maatkits mk-parallel-dump utility or an LVM snapshot solution. Succinct short version: I have a fairly large MySQL databases I need to backup Current method using mysqldump is inefficient and slow (causing issues) Looking into something such as mk-parallel-dump or LVM snapshots Any recommendations or ideas would be appreciated - since I have to re-do how we're doing things I rather have it done properly / most efficient :).

  Read the article

< Previous Page | 168 169 170 171 172 173 174 175 176 177 178 179  | Next Page >