Search Results

Search found 12645 results on 506 pages for 'group policy'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 234/506 | < Previous Page | 230 231 232 233 234 235 236 237 238 239 240 241  | Next Page >

  • Join Production Server 2008 to 2003 domain

    - by Campo
    I administer a production server for a .com. It is live right now. Server 2008 x64 IIS 7 SQL 2008 PHP MYSQL I have another server which is a DC Server 2003 x86 and a warm standby for the website, sql, DFS, exchange queue. In order to get DFS going to transfer user photos and other content I need it in the domain. My question is, What preparations do I need to do to the production server to allow a smooth transition onto the domain? Things such as permissions for the website. I do not want to be running around resetting all the permissions. The Group Policy on the DC is completely default. Should I add the DNS manually or allow it to add itself? Anything else I left out.

    Read the article

  • Missing NIC and USB devices

    - by MJ
    Coming into work today, I've found we have a fwe different computers (different companies/networks/OS versions - all windows based) that are all having the same issue. 1) Network NIC is not able to be viewed from network connections. If you refresh, its saying the service is not started. Services state the service is started and running. 2) USB devices are not recognized when plugged in, scan for hardware changes, etc. We have managed AV, that is kept up to date, and a managed patch policy that has all these machines at the most recent patch. I'm just wondering if anyone else has experienced these same symptoms, and what they have done to resolve them.

    Read the article

  • Setting WMI permissions remotely

    - by christianlinnell
    I've developed a tool that does a simple retrieval of registered services and installed applications from remote Windows Server 2003 servers via WMI. My problem is, the tool needs to be run on an ad hoc basis by a user who is not an administrator of those servers. I've created a domain user (which the tool will use to run the query) that I'd like to grant remote WMI permission on each server, but given there are about 200 servers, I can't do it manually. Is there a way to grant access to that domain user via WMI, or by distributing a registry change via SMS or Group Policy?

    Read the article

  • Access IIS Admin without local administrator rights

    - by Carl
    We are running Microsoft Server 2003 with IIS. We would like to give our developers access to manage IIS (through IIS Admin) but do not want them to be administrators of the entire machine. Putting them in "Power Users" group does not seem to work. What permissions should we grant to our developers to allow them to manage IIS (e.g. add websites, modify app pools, etc.) without giving them full admin rights to the server?

    Read the article

  • Physical Access Control using Active Directory ?

    - by Kedare
    Hello, I would like to know if there is a way to use Active Directory for Physical Access Control ? Example: All users will have a RFID card or a fingerprint entry registered on the domain (linked to the user name), and I would like to secure the buildings (doorlock, airlock) using this and controlled by Active Directory (ex: authorizing a group to use some doors, disabling the user will make the RFID/Fingerprint ineffective, access logging) Is this possible ? Thank you

    Read the article

  • video card performance monitoring?

    - by Dru
    Is there a 'top' like command for monitoring the GPU and memory usage of a video card? I am most interested in Linux commands, but and OS would be interesting. I strongly suspect that for a group of my systems the video cards are being under-utilized (but I have no idea by how much) and would like to re-allocate funds to other bottle-necks. We are using higher end cards, so the price difference between cards is significant. Thank you.

    Read the article

  • Linux Unable to Write to Directory Despite Permissions

    - by Nick Q.
    I'm trying to give myself permissions to /var/www/ however for some reason I am unable to do so. Currently what I'm facing is this: nick@server1:/var$ ls -l drwxrwxr-x 5 root wwwusers 232 Mar 15 19:31 www nick@server1:/var$ groups nick wwwusers nick@server1:/var$ mkdir www/trying mkdir: cannot create directory `www/trying': Permission denied I am running Ubuntu 10.04 LTS on a VPS and am used to running unix on my own machine so I may be doing something absolutely stupid, but I would like to be able to have the group wwwusers be able to write to www.

    Read the article

  • creating a new user Ubuntu

    - by Matt
    I am trying to new user that can sftp on a server....i did this ubuntu@ip-10-112-46-15:~$ sudo useradd jesse -p testPass ubuntu@ip-10-112-46-15:~$ sudo passwd jesse Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully but when i try to login via sftp I cant get in....am i missing something like adding a group or something the answer was PasswordAuthentication yes

    Read the article

  • Windows service fails to start with custom user until started once with local user

    - by Gauls
    All of a sudden my Windows service application after installation does not start. (Some services stop automatically if they have no work to do.) The service uses a custom user. If I change the logon setting to use the local system account, the service starts fine. Then when I go back and change the login setting to use this custom account (local user - custom user under user group), the service will start. Why doesn't it work in the first place?

    Read the article

  • Question regarding the SELinux type enforcement file

    - by Luke Bibby
    In my SElinux te file, I define two new types called voice_t and data_t which certain directories will be classified in the fc file (/data/ will be of type data_t and /voice/ will be of type voice_t). I would like the one SELinux policy to be used for all servers in my network, but, some servers will log VoIP data and other servers will be used to log IP data. I only want the voice_t type to be defined on some servers and data_t to be defined on the others - is this possible? I have tried using an if statement with a boolean expression, and then defining the type when the condition is true but this does not seem to work (it tells me there is a syntax error at 'type data_t'' or 'type voice_t;'). Example: if (data_logger) { type data_t; } else { type voice_t; } Any help would be greatly appreciated. Cheers, Luke

    Read the article

  • Set up FTP user with ProFTPD on Ubuntu

    - by kidrobot
    I want to set up a user "ftp" so they can upload and download files in my /home/httpd/mysite/public_html directory. All files in public_html are owned by user ftp and in group www-data so the ftp user looks like so: uid=108(ftp) gid=33(www-data) groups=33(www-data),65534(nogroup) When I try to connect via an FTP client I get 530 Login incorrect. ftp: Login failed. What do I need to uncomment/add to the proftpd.conf file to make this work?

    Read the article

  • Linux networking "jail" for a single process

    - by halp
    I need to tune up a networking app for network specific things like: make it use a DNS server different than the default one from /etc/resolv.conf make sure it does not try to connect to certain hosts/ports using tcp/udp connections I know I can get away with just modifying /etc/resolv.conf and writing some iptables rules, but going for a default DENY firewall policy for outgoing IP packets can trigger malfunctions in other services running on the server. I know I can set up a virtual machine with a whole OS and run my app there, but it seems a bit overkill. Is it possible to have a networking "jail" for a single app (think single Linux process) that could accept iptables-like rules for network traffic (think in terms of IP packets and above) allowed to and from this particular app? Maybe this is achievable through some dynamically loaded library that can deal with the networking layer, the same manner tsocks does, but more fine-grained?

    Read the article

  • What are the best practices for service accounts?

    - by LockeCJ
    We're running several services in our company using a shared domain account. Unfortunately, the credentials for this account are widely distributed and being used frequently for both service and non-service purposes. This has led to a situation where it is possible that the services will be temporarily down due to this shared account being locked. Obviously, this situation needs to change. The plan is to change the services to run under a new account, but I don't think this goes far enough, as that account is subject to the same locking policy. My questions is this: Should we be setting up the service accounts differently than other domain accounts, and if we do, how do we manage those accounts. Please keep in mind that we are running a 2003 domain, and upgrading the domain controller is not a viable solution in the near term.

    Read the article

  • Google Apps Email Question

    - by robihot
    Google Apps Has anyone created (and used) a GROUP email which will email ALL domain users. (e.i. "All users within domainName.com") I have some domain users that are telling me that they are NOT receiving their emails. Please and Thanks !

    Read the article

  • Why upgrade from SQL 2005 to SQL 2008 R2?

    - by GordyII
    have been tasked to write a document outlining the best reasons to use SQL 2008 R2 instead of SQL 2005 for my brand new BI project. We have a policy of only using two versions at a time and there are still SQL 2000 boxes around here somewhere.... I know the microsoft line on as per this link. http://www.microsoft.com/sqlserver/2008/en/us/why-upgrade.aspx What I want to know is your opinions of which are the best features and why. So if you can help me try to convince management to use a product which is actually up to date, I would appreciate it.

    Read the article

  • Fortigate - Accessing a Virtual Server address from several interfaces

    - by Jeremy G
    I am setting up a new application in its own DMZ on our Fortigate 300C firewalls. I have defined a load-balancing configuration for part of the application, and this works fine for traffic coming in from our internal network. However, I would also like this application to be reachable from other DMZs, for inter-application traffic, and from the SSL VPN interface. I can't seem to define the required policy, and it seems this is due to Virtual Servers being bound to the client interface on the Fortigate rather than the server interface (and so my virtual IP is not accessible from any of these other interfaces) Does anyone have an idea how I might go about this ? I guess I could create other virtual IPs for each interface, but this gets complicated to handle as clients need to change the address they use depending on how they are connecting. Thanks, Jeremy G

    Read the article

  • Cannot login to SQL Server 2008 R2 with Windows authentication

    - by Ian Boyd
    When i try to connect to SQL Server (2008 R2) using Windows authentication: i cannot: Checking the Windows Application event log, i find the error: Login failed for user 'AVATOPIA\ian'. Reason: Token-based server access validation failed with an infrastructure error. Check for previous errors. [CLIENT: ] Log Name: Application Source: MSSQLSERVER Event ID: 18456 Level: Information User: AVATOPIA\ian OpCode: Task Category: Logon i can login to the computer itself using Windows authentication. i can log into SQL Server using the local Windows Administrator account. We can connect to 8 other SQL Servers on the domain using Windows Authentication. Just this one, whitch is the only one that is 2008 R2 is failing. So i assume it's a bug with *2008 R2. Note: i cannot logon locally, or remotely, using Windows authentication. i can login locally and remotely using SQL Server Authentication. Update Note: It's not limited to SQL Server Management Studio, standalone applications that connect using Windows authentication: fail: Note: It's not a client problem, as we can connect fine to other (non-SQL Server 2008 R2 machines): i'm sure there's a technote or knowledge base article describing why SQL Server 2008 R2 is broken by default, but i can't find it. Update 2 Matt figure out the change that Microsoft made so that SQL Server 2008 R2 is broken by default: Administrators are no longer administrators All that remains is to figure out how to make Administrators administrators. One of these days i'm going to start a list of changes around Microsoft's "broken by default" initiative. Steps to reproduce the problem How do i add a group to the sysadmin fixed server role? Here's the steps i try, that don't work: Click Add: Click Object Types: Ensure that you have no ability to add groups: and click OK. Under Enter the object names to select, enter Administrators: Click Check Names, and ensure that you are not allowed to add groups: and click Cancel. Click Browse..., and ensure that you have no ability to add groups: You should now still not have added any group to the sysadmin role. Additional information SQL Server Management Studio is being run as an administrator: SQL Server is set to use Windows Authentication: tried while logged into SQL with both sa and the only other sysadmin domain account (screenshot can be supplied for those who don't believe)

    Read the article

  • ASP.NET Security Exception when Switch IIS7 to Use UNC Path for Content

    - by Jeremy H.
    I have a Windows Server 2008 R2 box running IIS7.5 with Medium Trust configured for ASP.NET. When I have the website running from local content (e.g.: c:\inetpub\wwwroot) everything works fine. When I change IIS to use a UNC path for the content (e.g.: \\computer\wwwroot) I get the following error: Security Exception Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file. Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Data.SqlClient.SqlClientPermission, System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. I'm trying to figure out why ASP.NET/IIS would allow for the SQL call when using local content but not when using a UNC path. Any ideas what I need to do to use a UNC path from IIS7 properly?

    Read the article

  • BIND authoritative name server: SERVFAIL?

    - by Luca Tettamanti
    I have a BIND 9.6 instance that acts as a caching NS for the whole building and is also authoritative for an internal zone ("example" below): zone "example" { type master; file "example"; update-policy { grant dhcp-update subdomain example. A TXT; }; }; Due to a rogue switch we lost connectivity with the rest of the world, and the NS started answering SERVFAIL; what surprised me was that the server was also unable to respond to queries for the example domain. What is the reason of this behavior? Shouldn't the NS be able to answer since it has authoritative data? edit: The rest of the configuration is the standard one shipped with Debian: hints for the root servers and the zones for localhost and broadcast.

    Read the article

  • Printer Management in AD Domain

    - by Untalented
    Hello, I normally push out all my printers via group policy preferences. However, the new copy machines I have are using some stranger drivers and I can not install x64/x86 drivers on the same machine for my clients to pull drivers from. So now I have two machines setup with the printer so they can pull drivers. Ontop of this there is specific driver configuration settings such as requiring the user to enter an access code to print set. Once the printer is installed via GPP, it puts everything to the default such as color mode, and other custom settings we like. I considered just using a Windows Print Server for this, but I do not know a way to push/delete these from clients like I can with GPP. Does anyone know how I can have a GPP copy the custom configuration I have set in the driver or have any recommendations?

    Read the article

  • VMWare vmfs vs NFS datastore with vmdk?

    - by CarpeNoctem
    I want to add a new harddisk to an existing VM and want the best performance possible. The new hard disk will exist on an NFS datastore. Currently I did the following: Created new vmdk on NFS datastore Created new lvm partition using fdisk Create new physical volume, volume group, and logical volume (2TB) Created ext3 partition on logical volume Is there a better way to do this? Should I be doing some vmware-ish file system instead?

    Read the article

  • UNIX - mount: only root can do that

    - by Travesty3
    I need to allow a non-root user to mount/unmount a device. I am a total noob when it comes to UNIX, so please dumb it down for me. I've been looking all over teh interwebz to find an answer and it seems everyone is giving the same one, which is to modify /etc/fstab to include that device with the 'user' option (or 'users', tried both). Cool, well I did that and it still says "mount: only root can do that". Here are the contents of my fstab: # /etc/fstab: static file system information. # # Use 'vol_id --uuid' to print the universally unique identifier for a # device; this may be used with UUID= as a more robust way to name devices # that works even if disks are added and removed. See fstab(5). # # proc /proc proc defaults 0 0 # / was on /dev/mapper/minicc-root during installation UUID=1a69f02a-a049-4411-8c57-ff4ebd8bb933 / ext3 relatime,errors=remount-ro 0 1 # /boot was on /dev/sda5 during installation UUID=038498fe-1267-44c4-8788-e1354d71faf5 /boot ext2 relatime 0 2 # swap was on /dev/mapper/minicc-swap_1 during installation UUID=0bb583aa-84a8-43ef-98c4-c6cb25d20715 none swap sw 0 0 /dev/scd0 /media/cdrom0 udf,iso9660 user,noauto,exec,utf8 0 0 /dev/scd0 /media/floppy0 auto rw,user,noauto,exec,utf8 0 0 /dev/sdb1 /mnt/sdcard auto auto,user,rw,exec 0 0 My thumb drive partition shows up as /dev/sdb1. I'm pretty sure my fstab is set up OK, but everyone on the other posts seems to fail to mention how they actually call the 'mount' command once this entry is in the fstab file. I think this is where my problem may be. The command I use to mount the drive is: $ mount /dev/sdb1 /mnt/sdcard. /bin/mount is owned by root and is in the root group and has 4755 permissions. /bin/umount is owned by root and is in the root group and has 4755 permissions. /mnt/sdcard is owned by me and is in one of my groups and has 0755 permissions. My mount command works fine if I use sudo, but I need to be able to do this without sudo (need to be able to do it from a PHP script using shell_exec). Any suggestions? Sorry for making you read so much...just trying to get as much info in the initial post as possible to preemptively answer questions about configuration stuff. If I missed anything tho, ask away. Thanks! -Travis

    Read the article

  • How can I expire non-active sessions on my Netscreen SSG140?

    - by David Mackintosh
    I have a Juniper Netscreen SSG-140. While experimenting with a VoIP service, I defined a custom policy that was to be used to permit the possible ports in use to be sent back to the VoIP server from systems connecting across the internet. Because I'd had problems in the past with VoIP systems getting broken when their UDP sessions were expired out faster than their keep-alives were generated, I set the timeout on this custom service to be 'never'. After much experimentation, I happened to notice that my session count on the firewall has grown from a couple thousand to over 36000. After discussion with the VoIP "expert", I set the timeout to be 30 minutes; however, all the sessions set up during the experimentation process are still there, more than 3 days later. Is there a way I can force these old sessions to get expired and removed from the session table, or am I looking at resetting my firewall? (Both firewalls, actually -- they are in a cluster.)

    Read the article

  • Can't get Passwordless (SSH provided) SFTP working

    - by Shoaibi
    I have chrooted sftp setup as below. # Package generated configuration file # See the sshd_config(5) manpage for details # What ports, IPs and protocols we listen for Port 22 # Use these options to restrict which interfaces/protocols sshd will bind to #ListenAddress :: #ListenAddress 0.0.0.0 Protocol 2 # HostKeys for protocol version 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key #Privilege Separation is turned on for security UsePrivilegeSeparation yes # Lifetime and size of ephemeral version 1 server key KeyRegenerationInterval 3600 ServerKeyBits 768 # Logging SyslogFacility AUTH LogLevel INFO # Authentication: LoginGraceTime 120 PermitRootLogin without-password StrictModes yes AllowGroups admins clients RSAAuthentication yes PubkeyAuthentication yes #AuthorizedKeysFile %h/.ssh/authorized_keys # Don't read the user's ~/.rhosts and ~/.shosts files IgnoreRhosts yes # For this to work you will also need host keys in /etc/ssh_known_hosts RhostsRSAAuthentication no # similar for protocol version 2 HostbasedAuthentication no # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication #IgnoreUserKnownHosts yes # To enable empty passwords, change to yes (NOT RECOMMENDED) PermitEmptyPasswords no # Change to yes to enable challenge-response passwords (beware issues with # some PAM modules and threads) ChallengeResponseAuthentication no # Change to no to disable tunnelled clear text passwords #PasswordAuthentication yes # Kerberos options #KerberosAuthentication no #KerberosGetAFSToken no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes # GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCredentials yes X11Forwarding yes X11DisplayOffset 10 PrintMotd no PrintLastLog yes TCPKeepAlive yes #UseLogin no #MaxStartups 10:30:60 #Banner /etc/issue.net # Allow client to pass locale environment variables AcceptEnv LANG LC_* #Subsystem sftp /usr/lib/openssh/sftp-server # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication and # PasswordAuthentication. Depending on your PAM configuration, # PAM authentication via ChallengeResponseAuthentication may bypass # the setting of "PermitRootLogin without-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication # and ChallengeResponseAuthentication to 'no'. UsePAM yes Subsystem sftp internal-sftp Match group clients ChrootDirectory /var/chroot-home X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp a dummy user root:~# tail -n1 /etc/passwd david:x:1000:1001::/david:/bin/sh Now in this case david can sftp using say filezilla client and he is chrooted to /var/chroot-home/david/. But what if i was to setup a passwordless auth? I have tried pasting his key in /var/chroot-home/david/.ssh/authorized_keys but no use, tried ssh'ing as david to the box and it just stops at "debug1: Sending env LC_CTYPE = C" after i supply it password and there is nothing shown in auth.log, may be because it can't find the homedir. If i do "su - david" as root i see "No directory, logging in with HOME=/" which makes sense. Symlink doesn't help either. I have also tried with: Match group clients ChrootDirectory /var/chroot-home/%u X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp a dummy user root:~# tail -n1 /etc/passwd david:x:1000:1001::/var/chroot-home/david:/bin/sh This way if i don't change /var/chroot-home/david to root:root sshd complains about bad ownership or permission modes, and if i do, david can no longer upload/delete anything directly in his home while using sftp from filezilla.

    Read the article

  • ASP.NET Security Exception when Switch IIS7 to Use UNC Path for Content

    - by Jeremy H.
    I have a Windows Server 2008 R2 box running IIS7.5 with Medium Trust configured for ASP.NET. When I have the website running from local content (e.g.: c:\inetpub\wwwroot) everything works fine. When I change IIS to use a UNC path for the content (e.g.: \\computer\wwwroot) I get the following error: Security Exception Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file. Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Data.SqlClient.SqlClientPermission, System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. I'm trying to figure out why ASP.NET/IIS would allow for the SQL call when using local content but not when using a UNC path. Any ideas what I need to do to use a UNC path from IIS7 properly?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 230 231 232 233 234 235 236 237 238 239 240 241  | Next Page >