Search Results

Search found 11051 results on 443 pages for 'group concat'.

Page 359/443 | < Previous Page | 355 356 357 358 359 360 361 362 363 364 365 366  | Next Page >

• Terminal Server in Windows Server 2003

  - by Hemal

  I have a confusion regarding what I am doing here. At present I have a Windows Server 2003 server with SP2. I have assigned RAS/VPN server role to it (through Manage my server wizard) and in my router, I setup the IP address of my RAS/VPN server as PPTP server. Staff leave their workstations ON all the time and access them from home through RDP. They first connect thorugh VPN & in the RDC they simply type their respective IP or computer name to access the office network from home. Everything works fine so far except: Staff have to leave compuers always ON in the office Speed is very slow depend how many staff members access the VPN network I was told to install and configure Terminal service to improve this situation. I already added TS Role in the server but I don't know how to clients can access the TS server from home or remote location. I really appreciate any good links or guidence from the experts in this group regarding this. Thank you in advance for any replies!

  Read the article

• Sane patch schedule for Windows 2003 cluster

  - by sixlettervariables

  We've got a cluster of 75 Win2k3 nodes at work in a coarse grained compute cluster. The cluster is behind a mountain of firewalls and resides in its own VLAN. Jobs of all sizes and types run on the cluster and all of the executables running are custom-made. (ed: additional notes on our executables) The jobs range from 30 seconds to 7 days in duration, and may contain one executable or 2000 sub-jobs (of short duration). Obviously we are trying to avoid the situation where our IT schedules a reboot during a 7 day production job. We have scheduling software which accomodates all of the normal tasks for a coarse grained cluster and we can control which machines are active for submission, etc. If WSUS was in some way scriptable (or the client could state it's availability for shutdown) we could coordinate the two systems and help out. Currently, the patch schedule is the Sunday after Super Tuesday regardless of what is running on the cluster. We have to ask for an exemption every time we want to delay patching a machine for a long running production job. Basically, while our group is responsible for the machines we have little control over IT's patch schedule. Is patching monthly with MS's schedule sane for a production Windows cluster? Are there software hooks in WSUS where we could say, "please don't reboot just yet"?

  Read the article

• Cannot Install Phusion Passenger 3.0.13 with Nginx 1.2.1

  - by LightBe Corp

  I installed gem Passenger which installed 3.0.13. Then I executed passenger-install-nginx-module which is what the Nginx instructions on http://www.modrails.com said to do. It installs the latest stable version which is 1.2.1 according to the Nginx official wiki page. I said to install Nginx to /usr/local/nginx (which is the default if you go to the nginx wiki website). I get the following errors: Undefined symbols for architecture x86_64: "_pcre_free_study", referenced from: _ngx_pcre_free_studies in ngx_regex.o ld: symbol(s) not found for architecture x86_64 collect2: ld returned 1 exit status make[1]: *** [objs/nginx] Error 1 make: *** [build] Error 2 -------------------------------------------- It looks like something went wrong Please read our Users guide for troubleshooting tips: /Users/server1/.rvm/gems/[email protected]/gems/passenger-3.0.13/doc/Users guide Nginx.html If that doesn't help, please use our support facilities at: http://www.modrails.com/ We'll do our best to help you. I have done searches for several hours trying to find a resolution. I tried the Google Group for Phusion Passenger but did not find anything. I do not know if there is a mismatch in version numbers or not. The documentation says nothing about this error.

  Read the article

• Archive Manager, SQL 2005 and MaxTokenSize high CPU

  - by Tim Alexander

  So, I posted this question a few days ago: Impact of increasing the MaxTokenSize for Kerberos Tickets Since then the thought was to test our settings on two member servers, one with IIS and one without. I setup two GPOs to configure the MaxTokenSize reg setting to 48000 and MaxFieldLength/MaxRequestBytes to 64200 (based on MS KB2020943, these are set at 4/3 * T + 200). The member server seemed to work ok (a devalued tape backup server). The IIS server however has had some strange repercussions. The IIS Sserver host Quest Software Archive Manager (AM) 4.5 that communicates with SQL Server 2005 Enterprise on Server 2003 R2. After the changes all looked good until the SQL Server hit 100% CPU. I have removed the GPOS, removed the reg values and even replaced them with defaults (12000 for token size and can't remember the other one but was in a blog post about the issue in my other post). No change. Bouncing the IIS Server stops the high CPU and a colleague has looked at the SQL server and it is definitely the AM connection taking up the time/work on the SQL server. I haven't changed the reg values on the SQL server or the DCs but am reluctant to do so without understanding why this has happened. I am guessing its to do with the overriding auth and group issue we have but I am not seeing Kerberos errors in either event log. Has anyone seen something similar or does anyone have some tips? Was definitely blindsided by the Kerberos issue and am swimming against the tide to keep things functioning.

  Read the article

• How to encourage Windows administrators to pick up scripting?

  - by icelava

  When I worked as an administrator in my first job, I was frustrated that our administration processes with Windows servers were a series of point-and-clicks; we could never match the level of efficiency with the Unix servers which had a group of shell scripts to automate a lot of the work. I soon read about WSH and ADSI and wasted no time learning just how much automation I was able to achieve with scripting. There was a huge problem though - almost none of my Windows colleagues were really interested in learning scripting. They seemed happy with the manually mouse-clicking chores and were never excited at the prospect of using scripts to do the work on their behalf. I struggled to convince them to pick up scripting skills despite the evident increases in efficiency. I left that job in pursuit of a full-time software development career thereafter. Almost a decade on working in various environments and different customers, I still encounter Windows administrators mainly possessing this general "mood" where they would avoid scripting as much as possible. Despite the increasing level of accessibility Windows server technologies are opening up for scripting and automation. I am almost certain the majority of administrators are administrators precisely because they absolutely hate performing any kind of programming duties. What are some means to encourage and motivate administrators that scripting can really help them in the long run?

  Read the article

• Webcam becomes "Unknown Device" after Windows Messenger 2011 is installed

  - by Boris

  I have Sony VAIO VGN-NS290J laptop. I installed Windows 7 Ultimate 64-bit. I was able to find drivers for all hardware without any problems. Recently, I installed Microsoft Windows Live Essentials 2011, i.e. Windows Live Messenger 2011. Ever since that application is running on my computer, my webcam is not recognized by the OS any more. It is listed as the "Unknown Device" and placed in the Universal Serial Bus controllers group in the Device Manager. There don't seem to be any drivers for this webcam. It's a standard Sony Motion Eye web camera and Sony does not offer any drivers for it. There is one application to download that utilizes the camera, but there are no drivers (and the system is showing the same behavior regardless of the presence of the application). It happens from time to time that the webcam becomes recognized by the OS again, after a couple of restarts; but not always. Then it becomes unknown again. I am absolutely positive that this issue is caused by the Windows Live Messenger 2011, because same symptoms caused the same effects before. I wish to be able to continue to use this software, but also to use my webcam. I was wondering if anyone had a similar issue and if there is a way to fix it. Thanks for all the help, I appreciate it. Update: I have discovered a pattern - if the camera goes astray, restarting the machine does not bring it back; but switching the computer off and turning it back on does. Every time! This is getting super complicated :)

  Read the article

• Error compiling PHP 5.5.9 on CentOS 6.5 during make command

  - by Chris Mancini

  Here is the error message: cc: internal compiler error: Killed (program cc1) Please submit a full bug report, with preprocessed source if appropriate. See <file:///usr/share/doc/gcc-4.6/README.Bugs> for instructions. make: *** [ext/fileinfo/libmagic/apprentice.lo] Error 1 The very last thing make was processing is apprentice.lo which appears to be part of the image manipulation libraries (maybe?). I am using Ansible to provision my instance. It is a Digital Ocean single core 512MB VM. I have been using vagrant / ansible with the same config locally for dev and it has compiled fine, this is the first cloud VM I am attempting to provision. The only difference is the base image for my DO server is coming from DO and for my local dev, I built my own Vagrant box via VirtualBox from a stock CentOS basic server install. I pull it down from my DropBox. The problem has been experienced by others and reported as a php bug report My php ansible role up to the error: --- - name: Download php source get_url: url={{ php_source_url }} dest=/tmp register: get_url_result - name: untar the source package command: tar -xvf php-{{ php_version }}.tar.gz chdir=/tmp when: get_url_result.changed or php_reinstall - name: configure php 5.5 command: > ./configure --prefix={{ php_prefix }} --with-config-file-path={{ php_config_file_path }} --enable-fpm --enable-ftp --enable-mbstring --enable-pdo --enable-soap --enable-sockets=shared --enable-zip --with-curl --with-fpm-group={{ nginx_group }} --with-fpm-user={{ nginx_user }} --with-freetype-dir=/usr/lib64/ --with-gd --with-jpeg-dir=/usr/lib64/ --with-libdir=lib64 --with-mcrypt --with-openssl --with-pdo-mysql --with-pear --with-readline --with-tidy --with-xsl --with-zlib --without-pdo-sqlite --without-sqlite3 chdir=/tmp/php-{{ php_version }} when: get_url_result.changed or php_reinstall - name: make clean when reinstalling command: make clean chdir=/tmp/php-{{ php_version }} when: php_reinstall - name: make php command: make chdir=/tmp/php-{{ php_version }} when: get_url_result.changed or php_reinstall Thanks in advance for any help. :)

  Read the article

• Windows 2008 R2 RDS - Double Login

  - by colo_joe

  Issue: Double logins when connecting to RemoteApps or Remote Desktop Environment: Gateway = 1 server 2008 R2 - Roles = Gateway, Session Broker, Connection Mgr, Session Host Configuration server Session hosts = 2 servers 2008 R2 - Roles = App Manager and Session host configuration Testing: I can get to the url http://RDS.domain.com/rdweb - I get prompted for authentication (1) Pass authentication, get list of remote apps. Click on remoteapps or remote desktop, get prompted for authentication again (2). Pass authentication, I get access to app or RDP. Done so far. On session host Signed rdp files with cert. Added the following to the custom RDP settings: Authenticaton level:i:0 = If server authentication fails, connect to the computer without warning (Connect and don’t warn me). prompt for credentials on client:i:1 = RDC will prompt for credentials when connecting to a server that does not support server authentication. enablecredsspsupport:i:1 = RDP will use CredSSP, if the operating system supports CredSSP. Edited the javascript file as found in http://support.microsoft.com/kb/977507 Added Connection ID, and added Web Access server to TS Web Access Computers group on the Session host servers, and Signed apps as found in hxxp://blogs.msdn.com/b/rds/archive/2009/08/11/introducing-web-single-sign-on-for-remoteapp-and-desktop-connections.aspx Note: This double login happens internally and externally.

  Read the article

• Exchange 2010 CAS Removal == Broken???

  - by Doug

  Hi there, I recently upgraded to exchange 2010 and have a setup with 2 of my servers running CAS roles - EXCH01, EXCH02 EXCH02 just happens to also have a mailbox role where a lot of the users sit EXCH01 is my front facing CAS server, and is facing the net with SSL etc and incoming mail moving through it as a hub transport layer server as well. As i was trying to lean things out in my VM environment i removed the CAS role from EXCH02 and all hell broke loose. All the mail users that have a mailbox on EXCH02 had their homeMTA set to a deleted items folder in AD and so did their msExchHomeServer properties. After a complete battle i manually fixed these issues to the oldvalues, and in the mean time reinstalled CAS on EXCH02 (management was going nuts with out OUTLOOK working so i just put things back the way they were in a hurry.) I must add as a strange thing on the side, that before i reset these to point at EXCH02 i tried EXCH01 and it failed. I still want to remove the CAS role from EXCH02 as it should really not have it (error on install/planning on my part) and would have thought that this would not cause the issues it did, i assumed that the fact that there was another CAS server in the admin group all would be good. Was i wrong in my assumption? and what can i do to complete this successfully the second time round? Do i need to rehome all the mailboxes to the CAS server? is this a bug in the role uninstall?

  Read the article

• Should I expect ICMP transit traffic to show up when using debug ip packet with a mask on a Cisco IOS router?

  - by David Bullock

  So I am trying to trace an ICMP conversation between 192.168.100.230/32 an EZVPN interface (Virtual-Access 3) and 192.168.100.20 on BVI4. # sh ip access-lists 199 10 permit icmp 192.168.100.0 0.0.0.255 host 192.168.100.20 20 permit icmp host 192.168.100.20 192.168.100.0 0.0.0.255 # sh debug Generic IP: IP packet debugging is on for access list 199 # sh ip route | incl 192.168.100 192.168.100.0/24 is variably subnetted, 2 subnets, 2 masks C 192.168.100.0/24 is directly connected, BVI4 S 192.168.100.230/32 [1/0] via x.x.x.x, Virtual-Access3 # sh log | inc Buff Buffer logging: level debugging, 2145 messages logged, xml disabled, Log Buffer (16384 bytes): OK, so from my EZVPN client with IP address 192.168.100.230, I ping 192.168.100.20. I know the packet reaches the router across the VPN tunnel, because: policy exists on zp vpn-to-in Zone-pair: vpn-to-in Service-policy inspect : acl-based-policy Class-map: desired-traffic (match-all) Match: access-group name my-acl Inspect Number of Half-open Sessions = 1 Half-open Sessions Session 84DB9D60 (192.168.100.230:8)=>(192.168.100.20:0) icmp SIS_OPENING Created 00:00:05, Last heard 00:00:00 ECHO request Bytes sent (initiator:responder) [64:0] Class-map: class-default (match-any) Match: any Drop 176 packets, 12961 bytes But I get no debug log, and the debugging ACL hasn't matched: # sh log | inc IP: # # sh ip access-lists 198 Extended IP access list 198 10 permit icmp 192.168.100.0 0.0.0.255 host 192.168.100.20 20 permit icmp host 192.168.100.20 192.168.100.0 0.0.0.255 Am I going crazy, or should I not expect to see this debug log? Thanks!

  Read the article

• Mechanism behind user forwarding in ScriptAliasMatch

  - by jolivier

  I am following this tutorial to setup gitolite and at some point the following ScriptAliasMatch is used: ScriptAliasMatch \ "(?x)^/(.*/(HEAD | \ info/refs | \ objects/(info/[^/]+ | \ [0-9a-f]{2}/[0-9a-f]{38} | \ pack/pack-[0-9a-f]{40}\.(pack|idx)) | \ git-(upload|receive)-pack))$" \ /var/www/bin/gitolite-suexec-wrapper.sh/$1 And the target script starts with USER=$1 So I am guessing this is used to forward the user name from apache to the suexec script (which indeed requires it). But I cannot see how this is done. The ScriptAliasMatch documentation makes me think that the /$1 will be replaced by the first matching group of the regexp before it. For me it captures from (?x)^/(.* to ))$ so there is nothing about a user here. My underlying problem is that USER is empty in my script so I get no authorizations in gitolite. I give my username to apache via a basic authentication: <Location /> # Crowd auth AuthType Basic AuthName "Git repositories" ... Require valid-user </Location> defined just under the previous ScriptAliasMatch. So I am really wondering how this is supposed to work and what part of the mechanism I missed so that I don't retrieve the user in my script.

  Read the article

• Apache permission Problems

  - by swg1cor14

  Ok all my files and folders are set as owner of vsftpd:nogroup. FTP program can upload and create and do everything. But when I use the PHP command mkdir, I get a Permission Denied even though the folder its creating it in is set to chmod 777. IF i set the base folder to user www-data and group www-data, PHP mkdir will work. However, I can't use FTP to delete or upload to that folder. /uploads is base folder. I use PHP mkdir to create a directory in there: if (!is_dir($_SERVER['DOCUMENT_ROOT'] . "/uploads/" . $_REQUEST['clientID'] . '/video/')) { @mkdir($_SERVER['DOCUMENT_ROOT'] . "/uploads/" . $_REQUEST['clientID'] . '/video/', 0777); } If /uploads is vsftpd:nogroup then PHP mkdir will give a Permission Denied error. If /uploads is www-data:www-data then PHP mkdir WILL work, but I cant continue to FTP anything in that folder that was just created. If /uploads is vsftpd:www-data then PHP mkdir will give a Permission Denied error. How can I create a directory with PHP and still be able to access it via FTP?

  Read the article

• Server 2003 R2 - II6- granting access to website via IP with subnet range

  - by John

  We are trying to allow for a client to connect to our website. By default we are Denying all access except for those with the specified IPs we have configured to run, everything before has just been a single IP address. However now we must implement a range of IPs and rather than input thousands of records we want to use the group of computer options in the Grant Access page. However we have it configured to work off of the IP 72.21.192.0 with a subnet mask of 255.255.224.0 They are unable to connect. Looking over our IIS logs they are receiving a 302 error which is the same behavior anyone should get whom is unauthorized to view the page in question. The IP address coming in is 72.21.217.2, so it should be well within the rage of acceptable IP addresses. I'm at a loss as everything I look up tells me to do what we are doing. So any insight would be appreciated. Especially because I'm a software guy not hardware. Thanks!

  Read the article

• Running Visual Studio 2010 in a University Campus

  - by Woondows

  We have just installed Windows 7 Enterprise x64 in one of our computer labs being used by students for programming. However, when we installed Visual Studio 2010 Ultimate on the machines, we found that to even launch the application (devenv.exe), required the student to enter the administrator password (the usual UAC prompt). Of course, we could just turn off UAC, but that would defeat the purpose of having it in Windows 7. On the other hand, we cannot really give the students local administrator privilege, as we are concerned that they will do some malicious stuff on the computers. Previously when we used Windows XP Professional running Visual Studio 2005, we had no problems. Kindly advise if there's any workaround for this. EDIT: Thanks for the answer guys. Mayank, your links may work for Visual Studio .Net, but it doesn't seem to work for Visual Studio 2010. Ryan, Tieson, I'm intrigued that you guys managed to get it working easily. FYI I don't manage the Group Policies, but I can get them changed if necessary. Any particular GP that I should be looking at? Suggestions to how to troubleshoot further why UAC is being invoked? At least now I know for sure that this is not supposed to be the default behaviour for Visual Studio 2010 so I'm going to keep digging for a solution. Will try running Procmon and see if i can find something..

  Read the article

• Access denied to external USB disk; update access rights fails in Windows 8

  - by gerard

  I use to work with 2 laptops (Windows vista and Windows 7), my work files being on an external usb disk. My oldest laptop broke down, so I bought a new one. I had no option other than take Windows 8. I suspect something changed with access rights, as my external disk suffered some "access denied" problem on Windows. I was prompted (by Windows 8) somehow to fix the access rights, which I tried to do, getting to the properties - security. This process was very slow and ended up saying disk is not ready Additionally, my external usb disk somehow was not recognized anymore. Back to Windows 7, I was warned that my disk needed to be verified, which I did. In this process, some files were lost (most of them I could recover from the folder found00x, but I have some backup anyway). Also, I don't know why, but under Windows 7, all the folder showed with a lock. Then back again to Windows 8. Same problem : access denied to my disk + no way to change access rights as it gets stuck disk is not ready". Now I am pretty sure there is some kind of bug or inconsistency in Windows 8 / Windows 7. I did 2. and 3. a few times. At some point, I also got an access denied in Windows 7. I could restore access rights to the disk to "System" (properties - security - EDIT for full control to group "system". ). But then I still get the same access right pb on Windows 8, and getting stuck in the process to restore full control to "system" -- and "admin" groups. I upgraded Windows8 with the Windows8 updates available. Does not help.

  Read the article

• Under FreeBSD, can a VLAN interface have a smaller MTU than the primary interface?

  - by larsks

  I have a system with two physical interfaces, combined into a LACP aggregation group. That LACP channel has two VLANs, one untagged (the "native vlan") and one using VLAN tagging. This gives us: lagg0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=19b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4> ether 00:25:90:1d:fe:8e inet 10.243.24.23 netmask 0xffffff00 broadcast 10.243.24.255 media: Ethernet autoselect status: active laggproto lacp laggport: em1 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING> laggport: em0 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING> vlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=3<RXCSUM,TXCSUM> ether 00:25:90:1d:fe:8e inet 10.243.16.23 netmask 0xffffff80 broadcast 10.243.16.127 media: Ethernet autoselect status: active vlan: 610 parent interface: lagg0 Is it possible to set a 9K MTU on lagg0 while preserving the 1500 byte MTU on vlan0? Normally I would simply try this out, but this is actually on a vendor-supported platform and I am loathe to make changes "behind the back" of their administration interface. This system is roughly FreeBSD 7.3.

  Read the article

• What are problems and pitfalls with a public facing Active Directory

  - by Ralph Shillington

  The situation that i'm faced with is this: We plan on using a number of server applications hosted on Amazon EC2 machines, mainly Microsoft Team Foundation Server. These services rely heavily on Active Directory. Since our servers are in the Amazon cloud it should go without saying (but I will) that all our users are remote. It seems that we can't setup VPN on our EC2 instance -- so the users will have to join the domain, directly over the internet then they'll be able to authenticate and once authenticated, use that token for accessing resources such as TFS. on the DC instance, I can shut down all ports, except those needed for joining/authenicating to the domain. I can also filter the IP on that machine to just those address that we are expecting our users to be at (it's a small group) On the web based application servers, I imagine all we need to open is port 80 (or 8080 in the case of TFS) One of the problems that I'm faced with is what domain name to use for this Active directory. Should I go with "ourDomainName.com" or "OurDomainName.local" If I choose the latter, does that not mean that I'll have to get all our users to change their DNS address to point to our server, so it can resolve the domain name (I guess I could also distribute a host file) Perhaps there is another alternative that I'm completely missing.

  Read the article

• Anonymous file sharing without login window, from Windows 7 server to XP clients

  - by Niten

  I'm trying to provide machines on a small LAN with read-only, anonymous access to files shared from a Windows 7 workstation (let's call it WIN7SVR). In particular, I don't want clients to have to deal with a login window when they navigate to, e.g., \\WIN7SVR in Windows Explorer, but we do not have a domain and synchronizing accounts between the server and clients would be intractable. There are both Windows 7 and Windows XP clients that need access to these shares. I got this working for Windows 7 clients by just enabling the Guest account on WIN7SVR and setting appropriate share permissions. Other Windows 7 machines automatically try logging in as Guest, it seems, so their users don't have to deal with the login window. The problem is with the XP clients--they can access the server if the user enters "Guest" in the login window, but I don't want users to have to do that. So from what I gather, in my limited understanding of Windows file sharing, this boils down to granting null sessions access to file shares on WIN7SVR. But I've had no success so far on that front. I've tried all the following in the local group policy editor on the Windows 7 server: Set Network access: Let Everyone permissions apply to anonymous users to Enabled Set Network access: Restrict anonymous access to Named Pipes and Shares to Disabled Added the names of corresponding shares to Network access: Shares that can be accessed anonymously Added "ANONYMOUS LOGON" to Access this computer from the network under User Rights Assignment Any advice would be highly appreciated... I'm mostly a Unix guy, so I feel somewhat out of my league with Windows file sharing. I do understand that any sort of anonymous access to file shares isn't generally ideal from a security standpoint, but it's the most practical solution for us in this case, and access to our network is well enough controlled that share-level security isn't a concern.

  Read the article

• ProCurve ACL to prevent a subnet from leaving the switch

  - by kce

  I have a single HP ProCurve 2610 in a remote location that is connected in with the rest of the network via SHDSL. There are two Layer-3 networks on this segment. ACLs are setup to deny one subnet (192.0.2.0/24) from ever being able to leave the switch by virtue of being applied to port attached to the upstream connection. The other subnet should be permitted to freely leave the switch. Both subnets are on the same VLAN. Unfortunately SFlow very clearly show broadcast traffic from 192.0.2.0/24 on the upstream connection. ProCurve ACLs are not my strong suit but I feel like I'm missing something very simple here. ip access-list extended "Filter for Camera Network" deny ip 192.0.2.0 0.0.0.255 0.0.0.0 255.255.255.255 log permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 exit interface 24 name "DSL - UPLINK" access-group "Filter for Camera Network" in exit Unless I am mistaken traffic from 192.0.2.0/24 should be dropped as it crosses the uplink port (int 24) whereas all other traffic will be permited by the following default allow rule. What exactly am I missing here? EDIT: Firstly, why do you have two subnets contained in the same VLAN? Because that's how it was configured by a previous administrator and while it makes conceptual sense that a single subnet is "mapped" to a single VLAN there's no technical constraint that I am aware of that makes this have to be the case. Instead of filtering inbound traffic on your uplink, you should be filtering outbound traffic. The HP2600 series can only filter inbound traffic on interfaces. Should I change my filter to deny any to 192.0.2.0/24?

  Read the article

• How to force mdadm to stop RAID5 array?

  - by lucek

  I have /dev/md127 RAID5 array that consisted of four drives. I managed to hot remove them from the array and currently /dev/md127 does not have any drives: cat /proc/mdstat Personalities : [linear] [multipath] [raid0] [raid1] [raid6] [raid5] [raid4] [raid10] md0 : active raid1 sdd1[0] sda1[1] 304052032 blocks super 1.2 [2/2] [UU] md1 : active raid0 sda5[1] sdd5[0] 16770048 blocks super 1.2 512k chunks md127 : active raid5 super 1.2 level 5, 512k chunk, algorithm 2 [4/0] [____] unused devices: <none> and mdadm --detail /dev/md127 /dev/md127: Version : 1.2 Creation Time : Thu Sep 6 10:39:57 2012 Raid Level : raid5 Array Size : 8790402048 (8383.18 GiB 9001.37 GB) Used Dev Size : 2930134016 (2794.39 GiB 3000.46 GB) Raid Devices : 4 Total Devices : 0 Persistence : Superblock is persistent Update Time : Fri Sep 7 17:19:47 2012 State : clean, FAILED Active Devices : 0 Working Devices : 0 Failed Devices : 0 Spare Devices : 0 Layout : left-symmetric Chunk Size : 512K Number Major Minor RaidDevice State 0 0 0 0 removed 1 0 0 1 removed 2 0 0 2 removed 3 0 0 3 removed I've tried to do mdadm --stop /dev/md127 but: mdadm --stop /dev/md127 mdadm: Cannot get exclusive access to /dev/md127:Perhaps a running process, mounted filesystem or active volume group? I made sure that it's unmounted, umount -l /dev/md127 and confirmed that it indeed is unmounted: umount /dev/md127 umount: /dev/md127: not mounted I've tried to zero superblock of each drive and I get (for each drive): mdadm --zero-superblock /dev/sde1 mdadm: Unrecognised md component device - /dev/sde1 Here's output of lsof|grep md127: lsof|grep md127 md127_rai 276 root cwd DIR 9,0 4096 2 / md127_rai 276 root rtd DIR 9,0 4096 2 / md127_rai 276 root txt unknown /proc/276/exe What else can I do? LVM is not even installed so it can't be a factor.

  Read the article

• Outlook signature distribution tools ?

  - by HannesFostie

  Hi We are soon changing our corporate identity, and as such we will need to change our outlook signatures. However, being some 125 people, my colleague sysadmin and I don't want to go around changing these manually, and are thus looking for a good way to do this fully automated. Most of our desktops are XP, with the exceptional few running Win7. Most run Outlook 2007, some run 2003. Our environment is AD-centered, and most of the information will come from AD (telephone number, title, ...). The biggest problem I can see so far is that because we are bilingual (Dutch and French), there will be 2 versions of the signature, depending on what the person has as main language. People currently do not have anything in AD to distinguish this, but we could create a group for it, or perhaps add some sort of attribute. A cheap if not free tool would be great. eMailSignature could probably do most, if not all, of this for us but it's a rather expensive tool costing some 1250 euro. We just want to distribute the signatures, actual "management" is less important as job titles don't change all that much. Any tips are welcome!

  Read the article

• XP/Intel wirelss only showing 'hpsetup' ad-hoc network that isn't there

  - by ewall

  Trying to help my friend with her work XP laptop, which recently stopped seeing any wireless SSIDs except the SSID 'hpsetup' (presumably from a wireless-enabled HP printer). Relevant information: The laptop is a Lenovo T500 (Centrino 2 chipset) with XP SP3. The network adapter is Intel WiFi Link 5300 AGN (built-in). The latest version (13.5) of the Intel drivers only are installed, not the Intel config software, so XP is using the Wireless Zero-Config manager. The wireless router is a NetGear WGR614 v7 with 802.11b/g. The SSID is broadcasting, and all the other laptops in the house can see and connect to it. On the laptop, I have tried repairing the network connection, disabling power management, turning off 802.11a & n radio, and more... but it didn't help. Some of the wireless settings are managed by Group Policy from her office (I get the "At least one of your changes was not applied successfully to your wireless configuration" message). It is enforced to connect to "Access point (infrastructure) networks only". The real kicker is that my laptop does not an SSID named 'hpsetup' here, but it can see several broadcasted SSIDs including the one we want, while my friend's laptop doesn't see any SSID except 'hpsetup'. Any suggestions?

  Read the article

• SFTP, ChrootDirectory and multiple users

  - by mdo

  I need a setup where I can put the contents of several user folders to a DMZ server from where external clients can download it, protocol SFTP, Linux, OpenSSH. To ease administration we want to use one single user for the upload. What does work is to define ChrootDirectory /home/sftp/ in sshd_config, set the according ownership and modes and define a home dir in passwd so that the working directory of the user fits. This is my structure: /home/sftp/uploader/user1/file1.txt /user2/file2.txt The uploader user can write file1.txt and file2.txt to the corresponding folders and by having the user folders (user1, user2) set to the users' primary group + setting SETGUID on the folders the users are able to even delete the files (which is necessary). Only problem: because /home/sftp/ is the chroot base dir the users can change updir and see other users' folders, though not being able to change into because of access rights. Requirement: We want to prevent users to change to /home/sftp/uploader/ and see other users' folders. My requirements are to use SFTP, have one upload user and every user must have write access to his home dir. Obviously it's not an option to use something like ChrootDirectory %h because every path component of the chroot path needs to have limited access rights, so as far as I understand this does not work.

  Read the article

• Getting custom web.config sections and their contents in Powershell

  - by Rob

  I have a web application installed in c:\inetpub\wwwroot_Site1\AppName which has a custom section group and section as follows: <configSections> <sectionGroup name="Libraries"> <section name="Custom.Section.Name" type="System.Configuration.NameValueSectionHandler,system, Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089, Custom=null"/> <section name="Custom.Section.Name2" type="System.Configuration.NameValueSectionHandler,system, Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089, Custom=null"/> </sectionGroup> </configSections> I've written the following snippet of Powershell: Import-Module WebAdministration Get-WebConfiguration //Libraries IIS:\Sites\Site1\AppName Which correctly returns: Name         Sections                           Groups ====          ========                        =========== Libraries    Custom.Section.Name                   Custom.Section.Name2 What I can't fathom is how to, either via Get-WebConfiguration or Get-WebConfigurationProperty obtain access to the <add key="x" value="y" /> elements that are direct children of CustomSectionName in the actual "body" of the configuration file.

  Read the article

• How to encourage Windows administrators to pick up scripting

  - by icelava

  When i worked as an administrator in my first job, I was frustrated our administration processes with Windows servers were a series of point-and-clicks; we could never match the level of efficiency with the Unix servers which had a group of shell scripts to automate a lot of the work. I soon read about WSH and ADSI and wasted no time learning just how much automation I was able to achieve with scripting. There was a huge problem though - almost none of my Windows colleagues were really interested in learning scripting. They seemed happy with the manually mouse-clicking chores and were never excited at the prospect of using scripts to do the work on their behalf. I struggled to convince them to pick up scripting skills despite the evident increases in efficiency. I left that job in pursuit of a full-time software development career thereafter. Almost a decade on working in various environments and different customers, I still encounter Windows administrators mainly possessing this general "mood" where they would avoid scripting as much as possible. Despite the increasing level of accessibility Windows server technologies are opening up for scripting and automation. I am almost certain the majority of administrators are administrators precisely because they absolutely hate performing any kind of programming duties. What are some means to encourage and motivate administrators that scripting can really help them in the long run?

  Read the article

< Previous Page | 355 356 357 358 359 360 361 362 363 364 365 366  | Next Page >