Search Results

Search found 21212 results on 849 pages for 'apt key'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 696/849 | < Previous Page | 692 693 694 695 696 697 698 699 700 701 702 703  | Next Page >

  • Exchange 2010 Hub cannot deliver to Exchange 2007 Hub - "451 5.7.3 Cannot achieve Exchange Server authentication"

    - by Graeme Donaldson
    We have an existing Exchange 2007 server in Site A (exch07). I've installed an Exchange 2010 server in Site B (exch10). Both servers have the CAS, Mailbox and Hub roles. Messages sent via SMTP on exch10 which are destined for mailboxes on exch07 are queued with the "Last Error" reported in Queue Viewer as '451 4.4.0 Primary target IP address responded with: "451 5.7.3 Cannot achieve Exchange Server authentication." Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts.' I've found that some people have resolved this by creating new Receive Connectors which are scoped specifically to apply to connections from the remote hub/s, but I have had no luck doing this. Specifically I created new receive connectors on both servers with the following settings: Remote IP = IP/s of remote server Authentication = "Transport Layer Security (TLS)" and "Exchange Server authentication" Permission Groups = "Exchange servers" and "Legacy Exchange Servers" This made no difference, I see the same error message. What am I missing? Update: We noticed that the Application log had this error message from MSExchangeTransportService: Microsoft Exchange could not find a certificate that contains the domain name exch07.domain.local in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector exch10 with a FQDN parameter of exch07.domain.local. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key. It turns out that the default self-signed certificate was no longer enabled for the SMTP service for some reason. After enabling the self-signed certificate for SMTP, we no longer get the error in the event logs, but delivery is still failing with the same error message. Update 2: I put a mailbox on exch10 and attempted to deliver a message via SMTP on exch07 and I get the same error.

    Read the article

  • Reasonable automatic HTML to PDF conversion (in UNIX/Linux environment)

    - by Alex Balashov
    Is there a way to generate PDF documents from HTML files automatically in Linux where the PDF offers some kind of reasonable level of resemblance to the input file? A command-line tool - as opposed to an interactive GUI of some kind - is key. I have tried htmldoc and some related cousins, of course. But these tools are hopelessly stone-age; htmldoc doesn't support CSS at all. You won't find a lot of HTML documents these days that don't have at least some CSS styling. I don't really care about stupid effects or minor embellishments, but the issue is that CSS is at the core of most layouts these days; not many folks are using 6 layers of nested tables anymore. So, if the conversion tool has no grasp of CSS whatsoever, it's not just a matter of "the document doesn't look quite right"; it is likely to not meet the minimum standard of usability at all. It has been suggested to me by some folks to try to use the Gecko rendering engine to generate images that can be converted to PDFs, but I have no idea how one would go about doing this, let alone easily. I have no trouble believing that there are good commercial tools that do this, but I'm really looking for an open-source package if possible, as the endeavour itself is an open-source one and doesn't pay. Thanks in advance!

    Read the article

  • Cisco ASA dropping IPsec VPN between istself and CentOS server

    - by sebelk
    Currently we're trying to set up an IPsec VPN between a Cisco ASA Version 8.0(4) and a CentOS Linux server. The tunnel comes up successfully, but for some reason that we can't figure out, the firewall is dropping packets from the VPN. The IPsec settings in the ASA sre as follows: crypto ipsec transform-set up-transform-set esp-3des esp-md5-hmac crypto ipsec transform-set up-transform-set2 esp-3des esp-sha-hmac crypto ipsec transform-set up-transform-set3 esp-aes esp-md5-hmac crypto ipsec transform-set up-transform-set4 esp-aes esp-sha-hmac crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 crypto map linuxserver 10 match address filtro-encrypt-linuxserver crypto map linuxserver 10 set peer linuxserver crypto map linuxserver 10 set transform-set up-transform-set2 up-transform-set3 up-transform-set4 crypto map linuxserver 10 set security-association lifetime seconds 28800 crypto map linuxserver 10 set security-association lifetime kilobytes 4608000 crypto map linuxserver interface outside crypto isakmp enable outside crypto isakmp policy 1 authentication pre-share encryption aes hash sha group 2 lifetime 28800 crypto isakmp policy 2 authentication pre-share encryption aes-256 hash sha group 2 lifetime 86400 crypto isakmp policy 3 authentication pre-share encryption aes-256 hash md5 group 2 lifetime 86400 crypto isakmp policy 4 authentication pre-share encryption aes-192 hash sha group 2 lifetime 86400 crypto isakmp policy 5 authentication pre-share encryption aes-192 hash md5 group 2 group-policy linuxserverip internal group-policy linuxserverip attributes vpn-filter value filtro-linuxserverip tunnel-group linuxserverip type ipsec-l2l tunnel-group linuxserverip general-attributes default-group-policy linuxserverip tunnel-group linuxserverip ipsec-attributes pre-shared-key * Does anyone know where the problem is and how to fix it?

    Read the article

  • Postfix: Using google apps for stmp errors

    - by Zed Said
    I am using postfix and need to send the mail using google apps smtp. I am getting errors after I thought I had set everything up correctly: May 11 09:50:57 zedsaid postfix/error[22214]: 00E009693FB: to=<[email protected]>, relay=none, delay=2466, delays=2462/3.4/0/0.06, dsn=4.7.0, status=deferred (delivery temporarily suspended: SASL authentication failed; cannot authenticate to server smtp.gmail.com[74.125.155.109]: no mechanism available) May 11 09:50:57 zedsaid postfix/error[22213]: 0ACB36D1B94: to=<[email protected]>, relay=none, delay=2486, delays=2482/3.4/0/0.06, dsn=4.7.0, status=deferred (delivery temporarily suspended: SASL authentication failed; cannot authenticate to server smtp.gmail.com[74.125.155.109]: no mechanism available) May 11 09:50:57 zedsaid postfix/error[22232]: 067379693D3: to=<[email protected]>, relay=none, delay=2421, delays=2417/3.4/0/0.06, dsn=4.7.0, status=deferred (delivery temporarily suspended: SASL authentication failed; cannot authenticate to server smtp.gmail.com[74.125.155.109]: no mechanism available) main.cf: # Debian specific: Specifying a file name will cause the first # line of that file to be used as the name. The Debian default # is /etc/mailname. #myorigin = /etc/mailname smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h readme_directory = no # TLS parameters #smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem #smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client. myhostname = zedsaid.com alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = #relayhost = mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mailbox_command = procmail -a "$EXTENSION" mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all delay_warning_time = 4h smtpd_recipient_limit = 16 # how many error before back off. smtpd_soft_error_limit = 3 # how many max errors before blocking it. smtpd_hard_error_limit = 12 ## Gmail Relay relayhost = [smtp.gmail.com]:587 smtp_use_tls = yes smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = noanonymous smtp_sasl_tls_security_options = noanonymous smtp_sasl_mechanism_filter = login smtp_tls_eccert_file = smtp_tls_eckey_file = smtp_use_tls = yes smtp_enforce_tls = no smtp_tls_CAfile = /etc/postfix/cacert.pem smtpd_tls_received_header = yes tls_random_source = dev:/dev/urandom transport_maps = hash:/etc/postfix/transport debug_peer_list = smtp.gmail.com debug_peer_level = 3 What am I doing wrong?

    Read the article

  • SQL 2K5 - Multiple databases vs. Multiple files

    - by Bob Palmer
    Hey all, quick question. Our current legacy system was built using multiple distinct databases (about ten of them). These are all part of the same discreet system, and a large number of SPs and functionalty span multiple databases. There are also key relationships that span (for example, a header table may be in database A with history, etc. in database B). When deploying multiple copies of our app to the same server therefore, we have to use multiple instances (because the database names are coded into so many sprocs). We're evaluating the idea of taking these ten databases (about 30gb total with individual sizes ranging from 100mb to 10gb) and merging them into a single database. Currently, we have our databases spread accross multiple spindles for better IO. The question I have is whether or not there is any performance loss or benefit of having 10 different databases vs. 10 different database files? i.e. rather than having three databases (A, B, and C) Disk D: A.mdf (1gb) Disk E: B.mdf (4gb) Disk F: C.mdf (10gb) Disk G: A_Log.ldf, B_Log.ldf, C_Log.ldf have one database (X) Disk D: X1.mdf (5gb) Disk E: X2.mdf (5gb) Disk F: X3.mdf (5gb) Disk G: X1_log.ldf,X2_log.ldf,X3_log.ldf Thanks! -Bob

    Read the article

  • Debian DNSSEC - howto secure a domain?

    - by Daniel Marschall
    I have a beginner question about DNSSEC. I have much experience with TLS and cryptography-stuff and would like to try out this new technology. I have googled very much about this but I haven't found useful information for me. I think one confusion in information gathering is that "Debian howto DNSSEC setup" can mean "How to USE DNSSEC for resolving" OR "How to secure your domain with DNSSEC". I am searching the second. I am running a Debian Squeeze server with root privileges which has a domain name ending with ".de" (which is already signed by the root zone). The network interface at this server uses the gateway IP (DNS resolver?) of the datacentre the server is running on. My domain is hosted at freedns.afraid.org , where I can add DNS RRs for my domain. They are currently NOT capable of adding DNSSEC RRs, but I am bugging them to support this soon. ;-) My simple question is: How do I setup DNSSEC on Debian? Resp. who have I ask to? As far as I understand, all I have to do is to run dnssec-keygen on my Debian server and then add the key to my DNS-provider as DNSSEC RR. (And change it every 30 days?) I have looked at this http://www.isc.org/files/DNSSEC_in_6_minutes.pdf but it looks like you have to be the owner of a ZONE, so I don't think this applies to me. Who needs to sign my domain? My DNS-provider or my zone (DeNIC) or can I do it myself? Any help is very appreciated!

    Read the article

  • Setup git repository on gentoo server using gitosis & ssh

    - by ikso
    I installed git and gitosis as described here in this guide Here are the steps I took: Server: Gentoo Client: MAC OS X 1) git install emerge dev-util/git 2) gitosis install cd ~/src git clone git://eagain.net/gitosis.git cd gitosis python setup.py install 3) added git user adduser --system --shell /bin/sh --comment 'git version control' --no-user-group --home-dir /home/git git In /etc/shadow now: git:!:14665:::::: 4) On local computer (Mac OS X) (local login is ipx, server login is expert) ssh-keygen -t dsa got 2 files: ~/.ssh/id_dsa.pub ~/.ssh/id_dsa 5) Copied id_dsa.pub onto server ~/.ssh/id_dsa.pub Added content from file ~/.ssh/id_dsa.pub into file ~/.ssh/authorized_keys cp ~/.ssh/id_dsa.pub /tmp/id_dsa.pub sudo -H -u git gitosis-init < /tmp/id_rsa.pub sudo chmod 755 /home/git/repositories/gitosis-admin.git/hooks/post-update 6) Added 2 params to /etc/ssh/sshd_config RSAAuthentication yes PubkeyAuthentication yes Full sshd_config: Protocol 2 RSAAuthentication yes PubkeyAuthentication yes PasswordAuthentication no UsePAM yes PrintMotd no PrintLastLog no Subsystem sftp /usr/lib64/misc/sftp-server 7) Local settings in file ~/.ssh/config: Host myserver.com.ua User expert Port 22 IdentityFile ~/.ssh/id_dsa 8) Tested: ssh [email protected] Done! 9) Next step. There I have problem git clone [email protected]:gitosis-admin.git cd gitosis-admin SSH asked password for user git. Why ssh should allow me to login as user git? The git user doesn't have a password. The ssh key I created is for the user expert. How this should work? Do I have to add some params to sshd_config?

    Read the article

  • Trying to delete directory with "rm -rf", but get message that it's not empty

    - by Ben Hocking
    I've tried deleting a directory using "rm -rf" and I'm getting the message "Directory not empty": Bens-MacBook-Pro:please benjaminhocking$ ls -lart empty_directory/ total 16 drwxr-xr-x 5 benjaminhocking staff 170 Aug 27 14:46 . drwxr-xr-x 3 benjaminhocking staff 102 Aug 27 15:28 .. Bens-MacBook-Pro:please benjaminhocking$ rm -rf empty_directory/ rm: empty_directory/: Directory not empty Bens-MacBook-Pro:please benjaminhocking$ rmdir empty_directory/ rmdir: empty_directory/: Directory not empty If I try the same thing using Finder (dragging the folder to the Trash), I get the message The operation can’t be completed because the item “empty_directory” is in use. I've tried doing xattr -d com.apple.quarantine, purely out of superstition, but it did no good. A probably important piece of context is that this directory was initially in a directory that should've been deleted by a "make clean" command I issued prior to Terminal locking up on me, after which a little over half of the other programs I had running also locked up, including Skype, and eventually the OS itself. I ended up having to reboot the computer by pressing and holding the power key. Edit to add: Another important piece of information I left off was that this was happening in an encrypted folder à la encfs. I was able to track down the corresponding folder in the encrypted side of things and delete it there. I still don't know why I couldn't do it from the decrypted side of things like I normally do. I'll leave this unanswered for now in case anyone has a good answer for that.

    Read the article

  • Getting some French-Canadian keyboard strokes to work on English keyboard

    - by Gradient
    I'm trying to use some of the French-Canadian keyboard stokes I'm used to on an English keyboard. I would like to change the behaviour of some keys. I was able to implement these changes in Vim, but I would like them to be applied system-wide (for Windows and Ubuntu). Here's what I want to implement : If I press [a, the character printed is â. When I press [r, something that's supposed to stay normal, the characters printed are [r. If I hold [ for 3 seconds, [ is printed. I want this delay to be applied to all my modified keys. I want to map < to ' and the characters 'e to è. The complex problem here is that I only want the ' beside the ; key to produce the è character, NOT when I press the < (remapped to ') then e. I'll show you a .vimrc file that implements this, now I want this behavior system-wide: set timeout timeoutlen=3000 ttimeoutlen=100 inoremap [a â inoremap [A Â inoremap [e ê inoremap [E Ê inoremap [i î inoremap [I Î inoremap [o ô inoremap [O Ô inoremap [u û inoremap [U Û inoremap 'a à inoremap 'A À inoremap 'e è inoremap 'E È inoremap 'u ù inoremap 'U Ù inoremap }e ë inoremap }E Ë inoremap }i ï inoremap }I Ï inoremap }u ü inoremap }U Ü inoremap ]c ç inoremap ]C Ç inoremap / é inoremap < '

    Read the article

  • Why do messenger keeps coming up when I adjust screen brightness?

    - by Asaf R
    My Dell Studio XPS 13 has a brightness up & down buttons (Fn + up arrow / down arrow), as do most laptops have. It's running Windows 7 64bit and I've installed Windows Live Messenger (build 14 and something) on it. When I hit Fn + down arrow, to reduce screen brightness, the Messenger window pops up. That's true whether it has been running in background (system tray / minimized) before or not. Note, to make messenger hide itself to the system tray, I've set it to Vista Compatibility mode. I don't think that has anything to do with it though, since if I shut compatibility mode off, the problem persists. There's a thread on the matter here, but with no solution. Thanks, Asaf SOLUTION: Stop Intellitype when using internal keyboard. See detailed howto here. EDIT: Some new findings on the matter - If I exit messenger entirely and restart (or simply stop) the service "Windows Live ID Sign-in Assistant" the problem is solved until I run messenger again. It persists even after entirely closing messenger, until I restart the said service. EDIT2: The above service "Windows Live ID Sign-in Assistant" actual name is wlidsvc. There's no shortcut defined for messenger, nor is there any other hot key in its preferences. EDIT3: I'm not sure if it's relates, but some of the Fn keys are not working - Fn + F1 doesn't put the machine to sleep, Fn + F3 doesn't show battery status. EDIT4: Problem probably relates to conflict with IntelliType Pro. See my answer below. Said conflict also causes Undo command when disabling Wireless (Wireless touch button), and other side effects for various keys.

    Read the article

  • Remote Desktop to Server 2008 fails from one particular Win7 client

    - by Jesse McGrew
    I have a VPS running Windows Web Server 2008 R2. I'm able to connect using Remote Desktop from my home PC (Windows 7), personal laptop (Windows 7), and work laptop (Windows XP). However, I cannot connect from my work PC (Windows 7). I receive the error "The logon attempt failed" in the RDP client, and the server event log shows "An account failed to log on" with this explanation: Subject: Security ID: NULL SID Account Name: - Account Domain: - Logon ID: 0x0 Logon Type: 3 Account For Which Logon Failed: Security ID: NULL SID Account Name: username Account Domain: hostname Failure Information: Failure Reason: Unknown user name or bad password. Status: 0xc000006d Sub Status: 0xc0000064 Process Information: Caller Process ID: 0x0 Caller Process Name: - Network Information: Workstation Name: JESSE-PC Source Network Address: - Source Port: - Detailed Authentication Information: Logon Process: NtLmSsp Authentication Package: NTLM Transited Services: - Package Name (NTLM only): - Key Length: 0 I can connect from the offending work PC if I start up Windows XP Mode and use the RDP client inside that. The server is part of a domain but my account is local, so I'm logging in using a username of the form hostname\username. None of the clients are part of a domain. The server uses a self-signed certificate, and connecting from home I get a warning about that, but connecting from work I just get the logon error.

    Read the article

  • Server setup scripts, patches and migrations

    - by Ben Swinburne
    I have written some scripts which I use to configure various servers in a uniform way. Each time I deploy a server I run the relevant scripts so that I know they're all configured the same. I then have some patch scripts, which are changes to the originals which I can then run to ensure that modifications to the original set up can be run on each server. E.g. disable.sh - Disable SELinux etc to ensure other scripts all run correctly general.sh - Jailkit, AV, Repos, RKHunter, security tweaks, uninstall unused bits etc web.sh - Installs and configures Apache2 001_update_nr_licence_key.sh - Update a licence key for a piece of software which has changed since its install in general.sh I can run the first 3 without a problem, but when it comes to running patches I am a bit stuck. Is there a sensible way of doing these with some software? My current thought is write to a log file the role of the server be it web or db for example and then note the name of the patch which has run. It could then iterate through a folder to find all patches for that role which it has not yet run and execute them. This seems a bit long winded however. Could someone advise me as to the best way I can keep my servers uniform?

    Read the article

  • Textmate add multiline text at end of line

    - by Yuval
    In Textmate, I am able to add text to several lines at once by clicking and holding the Option key and dragging with the mouse. say I have the following lines: foo 1: foo 2: foo 3: I can easily click and hold option and then drag down with the lines to select the text at the end of each line, and then type "bar" once and it will be added to all lines, as such: foo 1: bar foo 2: bar foo 3: bar Fantastic. The problem I run into, is when my lines aren't the same length, as such foo 19: foo 37842342346: foo 503: Now if I want to add text to the end of each line, I have to either do it manually, or choose enough space so that the longest line is not overwritten, as such: foo 19: bar foo 37842342346: bar foo 503: bar This results in a lot of unwanted whitespace in lines that don't need it. Granted, I could easily run a regular expression search to replace all multiple occurrences of a space with a single one, but I was wondering if there's a way to select all ending of lines at once without having to do that. Any idea? Thanks!

    Read the article

  • Is there an SSL equivelent to an ssh agent?

    - by Matthew J Morrison
    Here is my situation: There are a number of developers who all need to have access to be able to install ruby gems and python eggs from a remote source. Currently, we have a server inside our firewall that hosts the gems and eggs. We now want the ability to be able to install things hosted on that server outside of our firewall. Since some of the gems and eggs that we host are proprietary I would like to somewhat lock access to that machine down, as unobtrusively as possible to the developers. My first thought was using something like ssh keys. So, I spent some time looking at SSL mutual authentication. I was able to get everything set up and working correctly, testing with curl, but the unfortunate thing was that I had to pass extra arguments to curl so it knows about the certificate, key and certificate authority. I was wondering if there is anything like the ssh agent that I can set up to provide that information automatically so that I can push the certificates and keys to the developer's machines so the developers don't have to log in or provide keys each time they try to install something. Another thing that I want to avoid is having to modify the 'gem' command and the 'pip' command to provide keys when they make the http connection. Any other suggestions that may solve this problem (not related to ssl mutual auth) are also welcome. EDIT: I've been continuing to research this and I came across stunnel. I think this may be what I'm looking for, any feedback regarding stunnel would also be great!

    Read the article

  • postgresql deleteing old records from log tables

    - by Max
    I have a postgresql database which stores my radius connection information. What I want to do is only store a months worth of logs. How would I craft a sql statement that I can run from cron that would go and delete and rows that where older then a month? Format of the date in the table. that date is taken from acctstoptime collum Date format 2010-01-27 16:02:17-05 Format of the table in question. -- Table: radacct CREATE TABLE radacct ( radacctid bigserial NOT NULL, acctsessionid character varying(32) NOT NULL, acctuniqueid character varying(32) NOT NULL, username character varying(253), groupname character varying(253), realm character varying(64), nasipaddress inet NOT NULL, nasportid character varying(15), nasporttype character varying(32), acctstarttime timestamp with time zone, acctstoptime timestamp with time zone, acctsessiontime bigint, acctauthentic character varying(32), connectinfo_start character varying(50), connectinfo_stop character varying(50), acctinputoctets bigint, acctoutputoctets bigint, calledstationid character varying(50), callingstationid character varying(50), acctterminatecause character varying(32), servicetype character varying(32), xascendsessionsvrkey character varying(10), framedprotocol character varying(32), framedipaddress inet, acctstartdelay integer, acctstopdelay integer, freesidestatus character varying(32), CONSTRAINT radacct_pkey PRIMARY KEY (radacctid) ) WITH (OIDS=FALSE); ALTER TABLE radacct OWNER TO radius; -- Index: freesidestatus CREATE INDEX freesidestatus ON radacct USING btree (freesidestatus); -- Index: radacct_active_user_idx CREATE INDEX radacct_active_user_idx ON radacct USING btree (username, nasipaddress, acctsessionid) WHERE acctstoptime IS NULL; -- Index: radacct_start_user_idx CREATE INDEX radacct_start_user_idx ON radacct USING btree (acctstarttime, username);

    Read the article

  • Windows PE network setup

    - by microchasm
    I'm walking through the following step-by-step guide for deploying Windows 7 via AIK: http://technet.microsoft.com/en-us/library/dd349348%28WS.10%29.aspx On step 4 (Capturing the Installation onto a Network Share), I run into a bit of a snag: attempting to connect to a network drive repeatedly fails. I'm using/deploying Dell Optiplex 380 64 bit machines, and the network cards seem to be really wonky. On the machine that I'm using to run AIK etc, the network driver wasn't found automatically. I had to manually go in and install the driver (which was found on the OEM installation media). I've since copied this to the USB key that I'm using for the Autounattend.xml so its handy. I think that because of this, the PE environment doesn't or can't instantiate the network device. Is there a way to install/configure the network device through the command prompt in PE? If not, I read about adding in the answer file path(s) to drivers, but if I did it this way, would I have to start the process all over again (i.e. create new Autounattend.xml with the PnPcustomizations path included, re-run the installation on the reference machine, install all the applications, re-make the PE iso, reboot into new PE iso)? Any shortcuts, direction, or advice would be appreciated. Thanks!

    Read the article

  • Sending emails with Thunderbird + Postfix + Zarafa does not work

    - by Sven Jung
    I installed zarafa on my vserver and use as MTA postfix. The webaccess works fine, I can revceive and send emails, also receiving mails with thunderbird (IMAP ssl/tls) works. But there is a problem, sending emails with thunderbird. I established an account in thunderbird with imap ssl/tls connection which works finde, and a starttls smtp connection on port 25 for the outgoing mail server. If I try to send an email with thunderbird I get an error: 5.7.1 Relay access denied this is my mail.log Sep 7 16:10:07 postfix/smtpd[6153]: connect from p4FE06C0A.dip.t-dialin.net[79.224.110.10] Sep 7 16:10:08 postfix/smtpd[6153]: NOQUEUE: reject: RCPT from p4FE06C0A.dip.t-dialin.net[79.224.110.10]: 554 5.7.1 <[email protected]>: Relay access denie$ Sep 7 16:10:10 postfix/smtpd[6153]: disconnect from p4FE06C0A.dip.t-dialin.net[79.224.110.10] and this my /etc/postfix/main.conf # TLS parameters smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache virtual_mailbox_domains = firstdomain.de, seconddomain.de virtual_mailbox_maps = hash:/etc/postfix/virtual virtual_alias_maps = hash:/etc/postfix/virtual virtual_transport = lmtp:127.0.0.1:2003 myhostname = mail.firstdomain.de alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = localhost relayhost = mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all inet_protocols = ipv4 I don't know what to do, because actually sending mails to internal and external addresses works with the webaccess. Perhaps somebody can help me?

    Read the article

  • How to use WPA2 client mode in the Linux-based Cisco WAP4410N access point

    - by joechip
    I have a Cisco WAP4410N access point that I want to use as a client to connect to a WPA2 wireless network (for WLAN service monitoring purposes). Supposedly this access point supports a "Wireless Client/Repeater" mode that allows to do this. The Repeater function is optional (I have that box unchecked so that nobody can connect to this access point wirelessly). I have verified through SSH that the access point gets configured as a client and not as a Master. But it never associates to the SSID I ask it to. This is what iwconfig shows: ath04 IEEE 802.11ng ESSID:"myownssid" Mode:Managed Channel:0 Access Point: Not-Associated Bit Rate:0 kb/s Tx-Power:14 dBm Sensitivity=1/3 Retry:off RTS thr:off Fragment thr:off Encryption key:off Power Management:off Link Quality=0/94 Signal level=161/162 Noise level=161/161 Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:0 Invalid misc:0 Missed beacon:0 Although I've never done this from the command line, I suppose I could use wpa_supplicant or wpa_client to associate it, but I don't know how to do that without editing configuration files and the filesystem is readonly. Besides, I would have to run those commands manually after every reboot. I'd like to know how to do this the Cisco way, if possible. If not, any trick to make this work would be useful. Edit: This is with the latest firmware, 2.0.4.2. And I found that not all of the filesystem is readonly, since /var and /tmp are mounted with type ramfs.

    Read the article

  • Client certificate based encryption

    - by Timo Willemsen
    I have a question about security of a file on a webserver. I have a file on my webserver which is used by my webapplication. It's a bitcoin wallet. Essentially it's a file with a private key in it used to decrypt messages. Now, my webapplication uses the file, because it's used to recieve transactions made trough the bitcoin network. I was looking into ways to secure it. Obviously if someone has root access to the server, he can do the same as my application. However, I need to find a way to encrypt it. I was thinking of something like this, but I have no clue if this is actually going to work: Client logs in with some sort of client certificate. Webapplication creates a wallet file. Webapplication encrypts file with client certificate. If the application wants to access the file, it has to use the client certificate. So basically, if someone gets root access to the site, they cannot access the wallet. Is this possible and does anyone know about an implementation of this? Are there any problems with this? And how safe would this be?

    Read the article

  • Desktop virtualization

    - by gurpal2000
    Is there currently a proper Type 1 "desktop" hypervisor? Either free or not? This is just for tinkering around at home on some beefy Phenom machines. Basically i want to be able to run say 2 OSs on the same PC but without loading windows or a heavy flavour of linux and then use a hotkey to switch between them. I should get full performance out of them. So do i need something better than vmware workstation and/or virtualbox. I think these are "Type 2"? I already run VMWare w/s and VBox but is there a more performant solution? I saw a YouTube video from Citrix where a laptop was running XP and Vista. With the touch of a hot key they could switch between them. There was no visible underlying OS (there might be a hypervisor)? I have access to Citrix XenDesktop 3 enterprise edition evaluation. I realise this isn't for desktops but can i achieve my goal (geekiness) ? If i use the free XenServer 5.5.0 how do my client PCs access windows/linux/whatever from the xenserver? Is it via a thin client RDP type application? If so if there one for both windows and linux? Also if i do use XenServer can i use USB in either direction? What is Citrix receiver can i use that for (3) ? If so, is there some hotkey i can configure? whatever client is used to access the server software (whether it be on a different server or local) can i get full opengl/directx acceleration? what about Xen? i tried the Xen LiveCD but no clue as how to configure it. As you can see much confusion. Any help/pointers welcome. Cheers.

    Read the article

  • Network to network VPN Centos 5

    - by Atul Kulkarni
    I am trying to follow "http://www.centos.org/docs/5/html/Deployment_Guide-en-US/ch-vpn.html#s1-ipsec-net2net" I have come up with the following On local router machine: in my ifcfg-ipsec0: ONBOOT=yes IKE_METHOD=PSK DSTGW=10.5.27.1 SRCGW=10.6.159.1 DSTNET=10.5.27.0/25 SRCNET=10.6.159.0/24 DST=205.X.X.X TYPE=IPSEC I have /etc/sysconfig/network-scripts/keys-ipsec0 file in place. On Remote Machine in the cloud if have /etc/sysconfig/network-scripts/ifcfg-ipsec1: TYPE=IPSEC ONBOOT=yes IKE_METHOD=PSK SRCGW=10.5.27.1 DSTGW=10.6.159.1 SRCNET=10.5.27.124/25 DSTNET=10.6.159.0/24 DST=38.x.x.x with its respective /etc/sysconfig/network-scripts/key-ipsec1 file. The DST in both cases are NAT'd external IPs. Is that a problem? I have made changes for port forwarding as well. When I try to bring the interfaces up it gives me output "RTNETLINK answers: Invalid argument". I am confused now and don't know what more to do? Any place I can digup what parameters were wrong? I really appreciate any help I can get. Thanks and Regards, Atul.

    Read the article

  • Mac and L2TP VPN no problems, xp, vista and 7 no go :s

    - by The_cobra666
    Hi all, I've got some weird problem and I'm out off options. The situation: When connecting from my mac to the VPN server (Windows Server 2003 R2) with L2TP PSK, everything works like it should. However, when I connect from a Windows PC, nothing happens. it spits out error 809 and sometimes 789. Now I know that my ports are OK, since the mac can connect without any problems. It's the same for: XP, Vista SP2 and 7. None can connect. If I connect to the VPN server directly (to the internal IP instead of WAN from the router), it connect's without a problem. Connecting using PPTP works... now if only L2TP would work thank you very much Windows! I have checked the counters on my linux router with iptables -L -nv and they do not raise when connecting. Not on ACCEPT and not on DROP. Only when connecting from the mac. I've found the guide from Microsoft to enable: AssumeUDPEncapsulationContextOnSendRule in the registery. I have set it to "2", on the server and client. Still no go. After that registery key it started giving me error 789 instead of 809. The IPSEC services are running on the client and server. Is there anyone that ppleease can help me with this! I've been working on this for 2 days and I'm out of options. Thanks!

    Read the article

  • Cannot establish XMPP server-to-server connection to gmail

    - by v_2e
    My jabber-server fails to connect to gmail.com giving the error: outgoing s2s stream myserver.com.ua-bot.talk.google.com closed: undefined-condition (myserver.com.ua is a Google Apps Domain with Talk service enabled.) I am using the Prosody XMPP server. It works just fine with other jabber-servers I tested so far (e.g. jabber.ru). However, when some of my clients tries to add a gmail contact to his contact-list, the subscription request lasts forever, and the Prosody gives the following sequence of messages in its log: Oct 21 22:57:16 s2sout95897f8 info Beginning new connection attempt to gmail.com ([173.194.70.125]:5269) Oct 21 22:57:16 s2sout95897f8 info sent dialback key on outgoing s2s stream Oct 21 22:57:16 s2sout95897f8 info Session closed by remote with error: undefined-condition (myserver.com.ua is a Google Apps Domain with Talk service enabled.) Oct 21 22:57:16 s2sout95897f8 info outgoing s2s stream myserver.com.ua->gmail.com closed: undefined-condition (myserver.com.ua is a Google Apps Domain with Talk service enabled.) Oct 21 22:57:16 s2sout95897f8 info sending error replies for 2 queued stanzas because of failed outgoing connection to gmail.com Here for the domain name of my server I use myserver.com.ua I found a similar problem described in this thread, but there is no detailed description of the solution there. As for the Google services, I did have a google account where I added the domain name under question to the Webmasters tools page. However, I deleted my account long ago, so now it is unclear, how any of the Google services can relate to my domain name. So my question is: What is the real cause of this problem (my jabber-server configuration or imaginary Google account or something else) and how can I make my Prosody server connect to gmail.com jabber service?

    Read the article

  • Mac OS X Disk Encryption - Automation

    - by jfm429
    I want to setup a Mac Mini server with an external drive that is encrypted. In Finder, I can use the full-disk encryption option. However, for multiple users, this could become tricky. What I want to do is encrypt the external volume, then set things up so that when the machine boots, the disk is unlocked so that all users can access it. Of course permissions need to be maintained, but that goes without saying. What I'm thinking of doing is setting up a root-level launchd script that runs once on boot and unlocks the disk. The encryption keys would probably be stored in root's keychain. So here's my list of concerns: If I store the encryption keys in the system keychain, then the file in /private/var/db/SystemKey could be used to unlock the keychain if an attacker ever gained physical access to the server. this is bad. If I store the encryption keys in my user keychain, I have to manually run the command with my password. This is undesirable. If I run a launchd script with my user credentials, it will run under my user account but won't have access to the keychain, defeating the purpose. If root has a keychain (does it?) then how would it be decrypted? Would it remain locked until the password was entered (like the user keychain) or would it have the same problem as the system keychain, with keys stored on the drive and accessible with physical access? Assuming all of the above works, I've found diskutil coreStorage unlockVolume which seems to be the appropriate command, but the details of where to store the encryption key is the biggest problem. If the system keychain is not secure enough, and user keychains require a password, what's the best option?

    Read the article

  • How to disable "safely remove hardware"

    - by Matt
    I have some windows 7 virtual machines in xen that have devices showing up in "safely remove hardware". I don't want users to ever be able to remove/eject any hardware at all. I'm told vmware has a hotplug option. xen doesn't seem to provide this for pci passthrough devices, therefore I'm looking for a reliable solution to prevent users from ejecting devices. This issue is not necessarily related just to virtual machines but seems to be a common problem with devices that get wrongly reported as removable. I'm ideally looking for a way to prevent all devices from appearing or just prevent the safely remove hardware option from ever coming up. I've tried setting device capabilities for specific devices on boot with a script but this for some reason doesn't always seem to work reliably. Is there a way to prevent this icon from appearing in the notification area completely, either by registry key or group policy? I should point out that setting this in group policy to "Administrators" did not seem to work. [Computer ConfigurationWindows SettingsSecurity SettingsLocal PoliciesSecurity Optionsevices:Allowed to format and eject removable media]

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 692 693 694 695 696 697 698 699 700 701 702 703  | Next Page >