Search Results

Search found 2782 results on 112 pages for 'policy'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 71/112 | < Previous Page | 67 68 69 70 71 72 73 74 75 76 77 78  | Next Page >

  • Proxy Server suggestions

    - by Jon Menefee
    Here is the question I have that hopefully is not too general of a question. I have a network with approximately 25 PC's, 3 servers and 25 IP cameras. I have a firewall already on the network and it works fine for what I need, but my client is asking me if there is a way to put a Proxy server on the network to monitor where his employees are going when they surf the Internet. He is not wanting to block them (at least not thru the Proxy server), but he wants to make sure that they arent going to sites that would compromise the networked PCs. I have looked at TMG and it is a little more than what I want. I hesitate adding another firewall to the system because of the security cameras that are presently on the network (IP Cameras). I just want to put a policy in AD that would make certain Users (or Computers) use a Proxy server. Any suggestions on a good proxy server are welcome. Thank you

    Read the article

  • HTTPS vs. VPN for communication between business partners?

    - by Andrew H
    A business partner has asked to set up a site-to-site VPN just so that a few servers can communicate with each other over HTTPS. I'm convinced this isn't necessary, or even desirable. To be fair it must be part of a wider policy, potentially even a legal requirement. However I'd like to convince them to simply offer an IP to us (and us only) and a port of their choosing for HTTPS. Has anyone had a similar experience, or had to come up with a cast-iron argument against a VPN? Allow me to expand a little - we have a web service that initiates a connection to the partner's corresponding service using an encrypted HTTP connection. The connection uses a client certificate to authenticate. The connection is firewalled so only our IPs can contact the service. So why is a VPN necessary?

    Read the article

  • Only ONE Outlook 2010 installation "Cannot connect to Exchange server" when setting up new profile.

    - by Johnny PDEX
    Exchange 2010, one-server installation (small production, I know not best practice) OWA Connectivity has been confirmed, Autodiscover is configured and working properly for EVERY other installation. Other user accounts tested on problem Outlook, none can connect. Windows Firewall is pre-configured by Group Policy, only modifications being related to remote management. Firewall has also been disabled during diagnostic period. Network discovery and file sharing is enabled on workstation as well. Windows 7 Professional, latest updates installed. Driving me nuts. Help, serverfault?

    Read the article

  • How to determine the source for wakeup in hibernate

    - by Erik
    I have a big problem with my home theater PC that runs Windows 7 64Bit. Normally, I send that PC to hibernate every evening, but from time to time, it keeps waking up for no obvious reason, and stays on until I realize, which is sometimes half a day later :( I have already checked for Windows update, which is not set to automatical, since I prefer installing updates manually. When I look in the system event log, there is an entry called "Power Troubleshooter" which tells me that my system was reactivated at a specific time, but it also says: Source = Unknown, which is the most annoying part. So how can I actually figure out, which process reactivates the PC? Is it possible to set a group policy which forbidds applications or services from scheduling tasks that allow waking up from hibernate at all?

    Read the article

  • Install Office software on a standard user account automatically.

    - by Earls
    If I know the Administrator account name and password on a Windows 7 computer, would it be possible to create an Office 2010 install CD that would "silently" install Office 2010 on a standard user account which does not have installation privileges. As in, the group policy "always install with elevated privileges" is in effect for the user. Some way to built the admin account privileges into the office installer? VBS Script? CMD? Understand, the laptops are in the field, the end user doesn't have the admin password and can't have the admin password. Thanks.

    Read the article

  • Packets marked INVALID in FORWARD rule

    - by Raphink
    I have a firewall that has 3 IP aliases on 1 physical interface. Packets get dropped between these 3 interfaces (either ICMP, HTTP, or anything else). We tracked it down to these packets being marked INVALID in the FORWARD rule and dropped due to the this rule: chain FORWARD { policy DROP; # connection tracking mod state state INVALID LOG log-prefix 'INVALID FORWARD DROP: '; mod state state INVALID DROP; mod state state (ESTABLISHED RELATED) ACCEPT; } (That is, we see the INVALID FORWARD DROP logs in dmesg) What could be causing this?

    Read the article

  • How to restore default iPod playlists on Amarok?

    - by obvio171
    I wanted to "reset" the collection on my iPod and ended up accidentally deleting, through Amarok, all the playlists, including the default ones like "Most Played" and "Highest Rated". Since these are dynamic playlists with a special meaning for iPod, I don't think creating new, normal playlists with the same name will bring their special behavior back. How do I restore them with the same dynamic functionality? Is there a way to do that on Amarok? Rhythmbox? GTKPod? Command line? P.S.: not entirely sure what the policy about iPod questions are, but this one in particular seems to me to be very computer-related because, although it's about interfacing with a device, everything has to be done on my computer, using standard PC libraries/programs, etc. If it's still off-topic, please point me to where I could post it.

    Read the article

  • How do I configure the Google Chrome / Chromium address bar to perform a search instead of trying to access a file on the local file system?

    - by Daniel Kauffman
    How do I configure the Google Chrome / Chromium address bar to perform a search instead of trying to access a file on the local file system? I would like to be able to enter a file name in the address bar and to see Google search results for that file name similar to what I would see if I searched for the file name using something like https://www.google.com/#q=/path/to/interesting/file I am able to disable the file scheme using either of the following policy settings: "DisabledSchemes": ["file"], Which has been deprecated in favor of: "URLBlacklist": ["file://"], But in either case Google Chrome / Chromium continues to auto-detect that a file name was entered, automatically prepends the file scheme to the file name, and then reports that the webpage is blocked.

    Read the article

  • How can I restrict the backuppc client user as much as possible? (rsync)

    - by jxn
    I have backuppc making full backups of servers, but I'd like to be sure that my set up is as paranoid as possible. BackupPC is set up to backup via rsync, and it is set up to use a specific user on each client to be backed up. Because the backuppc client user has to have access to every file on the client machine and the ability to ssh into the machine without an interactive password, I'm a little nervous about securing the clients, and I'd like to know I haven't overlooked any options. Here's what I have in place: in the client user's authorized_keys file, i've included from="IPTOSERVER",command="/usr/bin/rsync" before the user's public key, so that the user can only login coming from the BackupPC server. Next, in the sudoers file, I've added this line: backuppc ALL=NOPASSWD: /usr/bin/rsync to allow root-level permissions only for the rsync command for that user. Are there other user, policy, or ssh restrictions that I can add while still allowing the backup pc client user to rsync all files?

    Read the article

  • Centrally manage Windows 7 computers without Active Directory

    - by Sean W.
    I manage three Windows PCs at home using the principle of least privilege. This means that practically every other day when a new version of Java is released, I have to manually install the update using my administrative credentials on each machine. This is starting to become more work than I had expected. I would love to set up an active directory domain at home, but Microsoft has discontinued Windows home server; its replacement, Windows server 2012 essentials is much more expensive (about $500). Are there any free (preferably as in speech) that would allow me to centrally manage the software installed on each machine in a manner similar to that of active directory? I'd also like to find a way to centrally manage security settings, but I doubt there's an equivalent of group policy. Samba 4 would be an ideal solution, but according to its own developers, it is not yet stable enough for production use.

    Read the article

  • HP 4530s: Fan is Always On even When Laptop/CPU is Idle

    - by tolitius
    Just bought an HP 4530s from newegg. Laptop is great, but.. The FAN is always on. I did some googling, found it is a known problem, but no easily googlable solution. Tried to: Update BIOS to the latest Disable "CPU fan always on when plugged in" BIOS setting Installed Windows 7 Home (came with), Live CDed Ubuntu, Windows XP Spent 2 hours with horrible HP support Some other things that I can't already recall = spent too much time on it Laptop is not refundable (learned it the hard way, after the fact, by looking at the NEWEGG clever policy that is hidden in "details") I would really appreciate a workable solution / workaround / hack. The laptop is for my friend who will most likely be running Windows XP/7.

    Read the article

  • Restricting output to only allow localhost using iptables

    - by Dave Forgac
    I would like to restrict outbound traffic to only localhost using iptables. I already have a default DROP policy on OUTPUT and a rule REJECTing all traffic. I need to add a rule above that in the OUTPUT chain. I have seen a couple different examples for this type of rule, the most common being: -A OUTPUT -o lo -j ACCEPT and -A OUTPUT -o lo -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT Is there any reason to use the latter rather than the former? Can packets on lo have an address other than 127.0.0.1?

    Read the article

  • How to allow simple file sharing on Windows Server 2008R2 through VPN

    - by Martin Wiboe
    We are a small, distributed company with a Windows Server 2008R2 installation. I would like to set up a way for our employees to connect securely to this server via VPN and then be able to map a network drive. I have gotten this to work somewhat by installing the Network Policy and Access Services Role on the server and using the default settings. I have also created a network share on the server. The problem is that our connectivity is sporadic (sometimes the service stops listening on the port or simply refuses to authorize correct credentials) and slow. I can always connect through VPN, but mapping is problematic. I would be grateful for the answer on how to accomplish this as well as some guidance on whether I am on the right track. Thanks in advance!

    Read the article

  • How do I turn autocomplete on for a server running Windows Server 2008?

    - by user16011
    My end users are not able to use autocomplete when they use a web application hosted on a particular server. Autocomplete is usually a client-side setting. My users can use autocomplete when they are on other websites so I think it is a server setting in this case. How do I turn autocomplete on for a server running Windows Server 2008? Is this a setting in IIS, a registry setting, a group policy setting, or something else? Thanks in advance.

    Read the article

  • How to manage a large email delivery volume from a Email Marketing App ?

    - by Newtonx
    We provide Email Marketing service through our online Application. We have about 30 customers. And each one has it's own mailling list (5k to 100k emails each). What we really want is to distribute email's delivery between 2 or more servers. I was wondering What kind of aproach/solutions MailChimp , Constant Contact uses to provide a great service ? use many servers ? many IPs ? Our spam policy suspends ANY user/customer that gets 10% bounced . We currently rotate our outgoing Mail Ip once deliveries limit per remote host is reached. Is it the best approach/solution ?

    Read the article

  • How to manage a large email delivery volume from a Email Marketing App ?

    - by Newtonx
    We provide Email Marketing service through our online Application. We have about 30 customers. And each one has it's own mailling list (5k to 100k emails each). What we really want is to distribute email's delivery between 2 or more servers. I was wondering What kind of aproach/solutions MailChimp , Constant Contact uses to provide a great service ? use many servers ? many IPs ? Our spam policy suspends ANY user/customer that gets 10% bounced . We currently rotate our outgoing Mail Ip once deliveries limit per remote host is reached. Is it the best approach/solution ?

    Read the article

  • Overrideen ASPNet.config does not apply for legacyImpersonationPolicy

    - by Grumbler85
    I tried to override the <legacyImpersonationPolicy> Element, so a single application, will enable this policy (which is necessary, since this application breaks if disabled). So my Framework64/aspnet.config states: <configuration> <runtime> <legacyUnhandledExceptionPolicy enabled="false" /> <legacyImpersonationPolicy enabled="false" /> <alwaysFlowImpersonationPolicy enabled="false" /> <SymbolReadingPolicy enabled="1" /> <shadowCopyVerifyByTimestamp enabled="true"/> </runtime> <startup useLegacyV2RuntimeActivationPolicy="true" /> </configuration> And a local aspnet.config file has this change: <legacyImpersonationPolicy enabled="false" /> Procmon tells me the file is read by the w3wp.exe, but the settings will not apply. Can anyone point out a way how to correctly override the setting? *The Server has been restarted meanwhile, but still no changes.

    Read the article

  • WSUS Looping 2 updates on 2003 servers

    - by Ericrobert
    Good afternoon, Hopefully I can articulate this so that people understand my problem. We have WSUS on windows server 2008. We have 8 Windows 2003 servers. There is an update ready to install KB2982792. We install it then it says there is another update to install KB2728973. Then it says there is another update to install, again KB2982792. This goes on and on. Talked to microsoft support and they confirmed that the update was infact installed and applied to the computer (Checking untrusted certifactions confirmed that for these updates) and their suggestion was to just "Hide update". This is fine except on the WSUS server it still shows failed updates which is not okay with our policy. I'm here to ask for help figuring this out and what I can do to trouble shoot it. Thank you in advanced.

    Read the article

  • What are the default/recommendet access rights for %ALLUSERSPROFILE%?

    - by RED SOFT ADAIR-StefanWoe
    We have a Windows application that reads and writes some data for all users. We place it at %ALLUSERSPROFILE%\OurProgram*.* We now encounter a few cases in larger companies, where users do not have write permission to %ALLUSERSPROFILE%. Most of these cases are running Windows 7. The problem does not occur on a normal desktop installation of Windows 7 though. What is the recommended policy for this location? I have not found any "official" information about this. Is there a different location where all users have write permission?

    Read the article

  • outlook iptables configuration [update]

    - by mediaexpert
    I've a Debian mail server, but only the outlook users can't be able to download the emails. I've seen a lot of post about some kind of forwarding port configuration, I've tried some commands, but I don't be able to solve this problem, please help me. [LAST UPDATE] I find a lot of TIME WAIT on ipv6 netstat tcp6 0 0 my.mailserver.it:imap2 200-62-245-188.ip2:17060 TIME_WAIT - below some config files: pop3d I think the problem was here ##NAME: POP3AUTH:1 # # To advertise the SASL capability, per RFC 2449, uncomment the POP3AUTH # variable: # # POP3AUTH="LOGIN" # # If you have configured the CRAM-MD5, CRAM-SHA1 or CRAM-SHA256, set POP3AUTH # to something like this: # # POP3AUTH="LOGIN CRAM-MD5 CRAM-SHA1" POP3AUTH="" ##NAME: POP3AUTH_ORIG:1 # # For use by webadmin POP3AUTH_ORIG="PLAIN LOGIN CRAM-MD5 CRAM-SHA1 CRAM-SHA256" ##NAME: POP3AUTH_TLS:1 # # To also advertise SASL PLAIN if SSL is enabled, uncomment the # POP3AUTH_TLS environment variable: # # POP3AUTH_TLS="LOGIN PLAIN" POP3_TLS_REQUIRED = 0 POP3AUTH_TLS="" ##NAME: POP3AUTH_TLS_ORIG:0 # # For use by webadmin POP3AUTH_TLS_ORIG="LOGIN PLAIN" ##NAME: POP3_PROXY:0 # # Enable proxying. See README.proxy # # For use by webadmin POP3AUTH_TLS_ORIG="LOGIN PLAIN" ##NAME: POP3_PROXY:0 # # Enable proxying. See README.proxy POP3_PROXY=0 ##NAME: PROXY_HOSTNAME:0 # # Override value from gethostname() when checking if a proxy connection is # required. # PROXY_HOSTNAME= ##NAME: PORT:1 ##NAME: PROXY_HOSTNAME:0 # # Override value from gethostname() when checking if a proxy connection is # required. # PROXY_HOSTNAME= ##NAME: PORT:1 # # Port to listen on for connections. The default is port 110. # # Multiple port numbers can be separated by commas. When multiple port # numbers are used it is possibly to select a specific IP address for a # given port as "ip.port". For example, "127.0.0.1.900,192.68.0.1.900" # accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1 # The ADDRESS setting is a default for ports that do not have a specified # IP address. # Port to listen on for connections. The default is port 110. # # Multiple port numbers can be separated by commas. When multiple port # numbers are used it is possibly to select a specific IP address for a # given port as "ip.port". For example, "127.0.0.1.900,192.68.0.1.900" # accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1 # The ADDRESS setting is a default for ports that do not have a specified # IP address. PORT=110 ##NAME: ADDRESS:0 # # IP address to listen on. 0 means all IP addresses. ADDRESS=0 ##NAME: TCPDOPTS:0 # ##NAME: ADDRESS:0 # # IP address to listen on. 0 means all IP addresses. ADDRESS=0 ##NAME: TCPDOPTS:0 # # Other couriertcpd(1) options. The following defaults should be fine. # TCPDOPTS="-nodnslookup -noidentlookup" ##NAME: LOGGEROPTS:0 # # courierlogger(1) options. # LOGGEROPTS="-name=pop3d" ##NAME: DEFDOMAIN:0 # # Optional default domain. If the username does not contain the # first character of DEFDOMAIN, then it is appended to the username. # If DEFDOMAIN and DOMAINSEP are both set, then DEFDOMAIN is appended # only if the username does not contain any character from DOMAINSEP. # You can set different default domains based on the the interface IP # address using the -access and -accesslocal options of couriertcpd(1). DEFDOMAIN="@interzone.it" ##NAME: POP3DSTART:0 # # POP3DSTART is not referenced anywhere in the standard Courier programs # or scripts. Rather, this is a convenient flag to be read by your system # startup script in /etc/rc.d, like this: # # . /etc/courier/pop3d DEFDOMAIN="@mydomain.com" ##NAME: POP3DSTART:0 # # POP3DSTART is not referenced anywhere in the standard Courier programs # or scripts. Rather, this is a convenient flag to be read by your system # startup script in /etc/rc.d, like this: # # . /etc/courier/pop3d # case x$POP3DSTART in # x[yY]*) # /usr/lib/courier/pop3d.rc start # ;; # esac # # The default setting is going to be NO, until Courier is shipped by default # with enough platforms so that people get annoyed with having to flip it to # YES every time. # x[yY]*) # /usr/lib/courier/pop3d.rc start # ;; # esac # # The default setting is going to be NO, until Courier is shipped by default # with enough platforms so that people get annoyed with having to flip it to # YES every time. POP3DSTART=YES ##NAME: MAILDIRPATH:0 # # MAILDIRPATH - directory name of the maildir directory. # MAILDIRPATH=.maildir iptables Chain INPUT (policy DROP 20 packets, 1016 bytes) pkts bytes target prot opt in out source destination 60833 16M ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:143 state NEW,ESTABLISHED 18970 971K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:110 state NEW,ESTABLISHED Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT tcp -- * * 192.168.0.0/24 0.0.0.0/0 tcp dpt:110 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT tcp -- * * 192.168.1.0/24 0.0.0.0/0 tcp dpt:110 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:110 pop3d.cnf RANDFILE = /usr/lib...pop3d.rand [req] default_bits = 1024 encrypt_key = yes distinguidhed_name = req_dn x509_extensions = cert_type prompt = no [req_dn] C=US ST=NY L= New York O=Courier Mail Server OU=Automatically-generated POP3 SSL key CN=localhost [email protected] [cert_type] nsCertType = server

    Read the article

  • Protecting a SVN server

    - by user35072
    For various reasons we are finding it increasingly difficult to work with remote workers. We are a very small developer shop and it's becoming impractical to do manual merges on a daily basis. So we're left with little choice (?) but to consider opening up our SVN servers. I'm looking into the following: Full HTTPS session Running non-80 port Strong password policy Is this enough to prevent someone hacking and stealing data? I will also look into VPN but first would like to understand any alternative solutions.

    Read the article

  • Unable to renew certificate in certmgr.msc in windows 2003

    - by VicF
    I am trying to renew a certificate using CertManager on Windows 2003 Server. (I have also used the certificate plug-in in MMC but its the same thing.) I am logged in with the Administrator account. When I select any of my Personal certificates and go to the All-Tasks menu I only see Open and Export. I do not see the "Renew Certificate with New Key" or "Renew this certificate with the same key" options. How do I get those options to show up? I there some security policy or service that I need to run?

    Read the article

  • How to remove IE toolbar and menu bar

    - by Metallikanz
    We have a asp.net web application which will be used in an intranet environment on IE 6. We want to change the default configuration of the browser so that it's always rendered without the Tool Bars, Menu Bars and Address Bar, just the browser window frame and the status bar should be present. We were looking at the IEAK toolkit for IE6 but it doesn't seem to have the option of turning all this off though you can turn off certain menus and toolbar options. Any ideas of how this can be done, is there a group policy setting or something that we can utilize here to get this done? Thanks for your help.

    Read the article

  • Windows updates behind a physical firewall with only IP based rules and generic outbound connections are turned off

    - by user125245
    I have some boxes that I do not want to allow any in or outbound traffic to the internet Except for windows updates. However the fire wall in place (Cisco ASA) apparently only supports ip based rules. As best I can tell access to Microsoft updates via anything other then the half dozen URL masks the Microsoft lists as needed does not appear possible. I have kicked around building a full WSUS that I would then manually copy the update files to so that no direct Microsoft access is needed but this sounds very top heavy for the very few boxes involved. I have also kicked around manual updates all around but am not certain how to be conveniently and confidently sure that the correct updates are being applied in the correct order. Any ideas from any direction would be appreciated. I want this as simple / cost effective as possible but have very little flexibility on the only absolutely required internet access policy.

    Read the article

  • Windows Task Scheduler won't let me uncheck "Wake the computer" option for a backup task

    - by KdawgUD
    I have a problem with my windows 7 laptop automatically waking after I put it to sleep and then I find it later with the battery drained. I tracked down the culprit using the "powercfg -lastwake" command to be a Backup task in the "Windows Server" section of the task scheduler. I have tried unchecking the "Wake the computer to run this task" checkbox for this task, but after I do this and reboot, the box is always rechecked again. How can I make this setting persist? I have full admin rights to this laptop, but it is on a domain. Edit: I looked into the domain policy settings as suggested by Dave below and did not find any policies related to scheduled task settings. Any other ideas?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 67 68 69 70 71 72 73 74 75 76 77 78  | Next Page >