Search Results

Search found 14099 results on 564 pages for 'group policy preferences'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 107/564 | < Previous Page | 103 104 105 106 107 108 109 110 111 112 113 114  | Next Page >

  • How can I get a list of directories with ack?

    - by KPthunder
    I have a directory listing as follows (given by ls -la): total 8 drwxr-xr-x 6 <user> <group> 204 Oct 18 12:13 . drwxr-xr-x 7 <user> <group> 238 Oct 18 11:29 .. drwxr-xr-x 14 <user> <group> 476 Oct 18 12:31 .git -rw-r--r-- 1 <user> <group> 601 Oct 18 12:03 index.html drwxr-xr-x 2 <user> <group> 68 Oct 18 12:13 test drwxr-xr-x 2 <user> <group> 68 Oct 18 12:13 test2 Running ack . -f prints out the files in the directory: index.html How can I get ack to print out the directories in the directory? I want to ignore the .git directory (which I understand is default behavior for ack). On that note, how can I ignore certain directories? I am using ack 1.9.6 on Mac OSX 10.8.2.

    Read the article

  • NTFS permissions weird inheriance (second take!)

    - by Wil
    A complete re write of my previous question, in a different context. Basically, the issue is that when I create a new user within a new group, the new user has various permissions over various folders. I have deleted the group "users" from this user object, and it is simply a member of the group "test". I have created a folder called c:\foo, when I go to effective permissions under the security tab, I can see that the user "lockdown" has various permissions. As far as I can see, there is nothing that should allow lockdown access. The moment I remove users from this list, it behaves as I would expect, which makes me believe that for some strange reason, the users group behaves like the everyone group and is controlled by the system. That being said, I cannot understand this as under the list, it is not there - and further to this, with the same permissions as the first picture, guest does not have access. This has stumped me and any help is appreciated! (Tested in Windows 2003 and 2008) edit - Should also say that if I go to Effective Permission for the group the user is in, there are no boxes checked, so it is somehow just the user that is getting the permissions from somewhere.

    Read the article

  • User http does not have write permissions directory?

    - by dwieeb
    I have a bit of an odd set up, I think. I have groups for each domain my server hosts, and I add the user http to each domain group along with the users that should have access to the groups' domains. In my php script running from a directory 'public_html', I try creating a file: <?php $output = ""; print exec('touch test 2>&1', $output); But I get touch: cannot touch `test': Permission denied and the file is not created. But here, clearly stated, the group has all permissions on the directory: drwxrwxr-x 5 dwieeb example.com 1024 Feb 4 05:19 public_html And here are the permissions on the php file in public_html that is trying to use the exec function: -rw-rw-r-- 1 dwieeb example.com 59 Feb 4 05:19 test.php How is this possible if http is part of the example.com group (as seen from a cat on /etc/group) and the directory has full permissions for the group? ... example.com:x:1000:dwieeb,http I'm stumped. EDIT (since apparently I'm not cool enough to answer my own questions yet): Ah, I found the problem. Yes, I restarted Nginx, but the php-fpm daemon must be restarted as well when http is added to the group for my domain. On Arch Linux: rc.d restart php-fpm

    Read the article

  • Using ACK to list directories

    - by KPthunder
    I have a directory listing as follows (given by ls -la): total 8 drwxr-xr-x 6 <user> <group> 204 Oct 18 12:13 . drwxr-xr-x 7 <user> <group> 238 Oct 18 11:29 .. drwxr-xr-x 14 <user> <group> 476 Oct 18 12:31 .git -rw-r--r-- 1 <user> <group> 601 Oct 18 12:03 index.html drwxr-xr-x 2 <user> <group> 68 Oct 18 12:13 test drwxr-xr-x 2 <user> <group> 68 Oct 18 12:13 test2 Running ack . -f prints out the files in the directory: index.html How can I get ack to print out the directories in the directory? I want to ignore the .git directory (which I understand is default behavior for ack). On that note, how can I ignore certain directories? I am using ack 1.9.6 on Mac OSX 10.8.2.

    Read the article

  • How to provide users with isolated drive letters in Windows 2008 R2 (Terminal Server)

    - by Pierre
    I need to be able to host several RDP sessions on a Terminal Server, where users of group A see a drive X: mapped to a given folder of the server and another group B see the same drive letter X: mapped to another folder. For instance : User 1, Group A X: --> C:\data\A User 2, Group A X: --> C:\data\A User 3, Group B X: --> C:\data\B User 4, Group C X: --> C:\data\C Is this possible. If so, how do I configure the virtual drive mapping so that the user has nothing special to do; i.e. I want the letter X: to be available to Remote Apps launched by the user, or if the user logs in to the remote desktop. Can I somehow use subst to get this to work? I would like to avoid, if possible, mounting drive letters on local shares (i.e. I don't like the idea of having to go through \\localhost\data-A to reach the user's data).

    Read the article

  • Package pinning in Debian lenny

    - by bronto
    I need your advice as I don't know if I hit a bug, or I am misunderstanding something. On a Debian Lenny, I am trying to prevent the installation of two particular packages, when they are requested as dependencies fromother packages. I am using the same syntax I successfully used in Squeeze, but with no success at all. On squeeze, the following works as expected: # cat /etc/apt/preferences.d/local-no-pike.pref Package: pike7.6-core Pin: version * Pin-Priority: -1000 If I try to install pike7.6, which depends on pike7.6-core, apt and aptitude refuse to do so. On Lenny, the only difference is that there is no support for "fragments" in /etc/apt/preferences.d, and all preferences must be in the /etc/apt/preferences file. But it's not working. E.g., if the file contains: Package: grub-common Pin: version * Pin-Priority: -1000 apt doesn't stop me from installing grub, which depends on grub-common. I used strace to see if the file is being read, and it is. I was suggested to use some Debug:: options, but they didn't help to pinpoint the problem either. I have google'd a lot with some combinations of "lenny" "prevent" "package" "installation" "pinning" and the like, but nothing nice came out. And of course I read man apt_preferences. What am I missing here?

    Read the article

  • Common folder in linux

    - by rks171
    I have two users on my Ubuntu machine. I want to share some media files between these users, so I created a directory in /home/ called 'media'. I made the group 'media' and I added my user 'rks171' to the group 'media'. So: sudo groupadd media sudo mkdir -p /home/media sudo chown -R root.media /home/media sudo chmod g+s /home/media As was described in this post. Then, I added my user to the group: sudo usermod -a -G media rks171 Then I also added write permission to this folder for my group: sudo chmod -R g+w media So now, doing 'ls -lh' gives: drwxrwsr-x 2 root media 4.0K Oct 6 09:46 media I tried to copy pictures to this new directory from my user directory: mv /home/rks171/Pictures/* /home/media/ And I get 'permission denied'. I can't understand what's wrong. If I simply type, 'id', it doesn't show that my user, rks171, is part of the 'media' group. But if I type, 'id rks171', then it does show that my user, rks171, is part of the 'media' group. Anybody have any ideas why I can't get an files into this common folder?

    Read the article

  • ASA 5505 VPN setup. VPN works but still unable to reach devices in the inside network.

    - by chickenloop
    I've setup a Remote Access VPN on my Cisco ASA 5505. I'm able to connect to my ASA via my phone or the Cisco client, but I'm unable to reach devices in my inside LAN when connected via VPN. The setup is the following: Inside Network : 10.0.0.0/24 VPN_POOL: 172.16.0.0/24 Outside Network: 192.168.1.0/24 ASA is not the perimeter router, there is another device on the 192.168.1.0/24 network which is connected to my cable provider. Obviously UDP port 500 and 4500 are forwarded to the ASA's outside interface. Everything works perfectly, besides the VPN stuff. Config: interface Vlan1 nameif inside security-level 100 ip address 10.0.0.254 255.255.255.0 interface Vlan2 description Outside Interface nameif outside security-level 0 address 192.168.1.254 255.255.255.0 object network VPNPOOL subnet 172.16.0.0 255.255.255.0 object network INSIDE_LAN subnet 10.0.0.0 255.255.255.0 Then the exempt NAT rule. nat (inside,outside) source static INSIDE_LAN INSIDE_LAN destination static VPNPOOL VPNPOOL I don't think that the problem is with the VPN config, as I can successfully establish the VPN connection, but just in case I post it here: group-policy ZSOCA_ASA internal group-policy ZSOCA_ASA attributes vpn-tunnel-protocol ikev1 split-tunnel-policy tunnelspecified split-tunnel-network-list value Split-Tunnel default-domain value default.domain.invalid tunnel-group ZSOCA_ASA type remote-access tunnel-group ZSOCA_ASA general-attributes address-pool VPNPOOL default-group-policy ZSOCA_ASA tunnel-group ZSOCA_ASA ipsec-attributes ikev1 pre-shared-key ***** Any ideas are welcome. Regards.

    Read the article

  • How to (re)enable the "New" context menu items for an administrator when right-clicking in a folder and selecting New > X?

    - by Metro Smurf
    I just migrated from XP x86 to Win7 x64 (clean install). I had a couple of data drives in my XP x86 system that I physically moved to my Win7 x64 system. When browsing a directory in any of the transferred drives, the only option available in the 'new' context menu is "Folder", i.e., Right-Click inside a folder New Folder (this is similar behavior for Win7 when using the context menu in c:\Program Files): However, whenever creating a new folder within any of the directories, all the context menu new items are available within the new folder: Steps I've taken that have failed to add the new context menu items: Removing all security permissions from a directory and sub-directories. Replacing them with new permissions. As well as removing inheritable permissions from the parent. Taking explicit ownership of a directory and sub-directories. Combing the above two. Sample of Effective Permissions that do not work: Steps I've taken that have succeeded to add the new context menu items: Adding the "Everyone" group to the drive and giving the group explicit "Modify" privileges. Giving the "Everyone" group explicit privileges smells wrong. I'm an administrator on my system; why should I have to add the "Everyone" group as well? Adding my username to the drive and giving full permissions. Again, since I'm an administrator on my system and the administrators group already has full control of the drive/directories/folders, why should I have to explicitly add my user name to the security permissions? Finally, The Question: Is it possible to have the New Item context menu have all available options by default without having to explicitly add the everyone group or a specific user name to the security permissions? I'm suspecting that the option may not be available unless the username is explicitly added to the security permissions. Of note: I've seen the registry hacks for updating the new items context menu; my preference is to avoid such hacks and return the functionality to the expected behavior an administrator should have.

    Read the article

  • How to provide users with isolated drive letters in Windows 2008 R2 (Terminal Server) [migrated]

    - by Pierre
    I need to be able to host several RDP sessions on a Terminal Server, where users of group A see a drive X: mapped to a given folder of the server and another group B see the same drive letter X: mapped to another folder. For instance : User 1, Group A X: --> C:\data\A User 2, Group A X: --> C:\data\A User 3, Group B X: --> C:\data\B User 4, Group C X: --> C:\data\C Is this possible. If so, how do I configure the virtual drive mapping so that the user has nothing special to do; i.e. I want the letter X: to be available to Remote Apps launched by the user, or if the user logs in to the remote desktop. Can I somehow use subst to get this to work? I would like to avoid, if possible, mounting drive letters on local shares (i.e. I don't like the idea of having to go through \\localhost\data-A to reach the user's data).

    Read the article

  • Best practice ACLs to prepare for auditors?

    - by Nic
    An auditor will be visiting our office soon, and they will require read-only access to our data. I have already created a domain user account and placed them into a group called "Auditors". We have a single fileserver (Windows Server 2008) with about ten shared folders. All of the shares are set up to allow full access to authenticated users, and access restrictions are implemented with NTFS ACL's. Most folders allow full access to the "Domain Users" group, but the auditor won't need to make any changes. It takes several hours to update NTFS ACL's since we have about one million files. Here are the options that I am currently considering. Create a "staff" group to assign read/write instead of "Domain Users" at the share level Create a "staff" group to assign read/write instead of "Domain Users" at the NTFS level Deny access to the "Auditors" group at the share level Deny access to the "Auditors" group at the NTFS level Accept the status quo and trust the auditor. I will probably need to configure similar users in the future, as some of our contractors require a domain account but shouldn't be able to modify our client data. Is there a best practice for this?

    Read the article

  • How To Disable Control Panel in Windows 7

    - by Mysticgeek
    If you have a shared computer that your family and friends can access, you might not want them to mess around in the Control Panel, and luckily with a simple tweak you can disable it. Disable Control Panel with Group Policy Note: This process uses Local Group Policy Editor which is not available in Home versions of Windows 7. Skip down below for the registry hack version that works on Home editions as well. First type gpedit.msc into the Search box in the Start menu and hit Enter. When Local Group Policy Editor opens, navigate to User Configuration \ Administrative Templates then select Control Panel in the left Column. In the right column double-click on Prohibit access to the Control Panel. In the next window, select Enable, click OK, then close out of Local Group Policy Editor. After the Control Panel is disabled, you’ll notice it’s no longer listed in the Start Menu. If the user tries to type Control Panel into the Search box in the Start menu, they will get the following message indicating it’s restricted. Disable Control Panel with a Registry Tweak You can also tweak the Registry to disable Control Panel. This will work with all versions of Windows 7, Vista, and XP. Making changes in the Registry is not recommended for beginners and you should create a Restore Point, or backup the Registry before making any changes. Type regedit into the Search box in the Start menu and hit Enter. In Registry Editor navigate to HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer. Then right-click in the right pane and create a new DWORD (32-bit) Value. Name the value NoControlPanel. Then right-click on the new Value and click Modify…   In the Value data field change the value to “1” then click OK. Close out of Registry Editor and restart the machine to complete the process. When you get back from reboot, you’ll notice Control Panel is no longer listed in the Start menu. If a user tries to access it by typing Control Panel into the Search box in the Start menu… They will get the following message indicating it is restricted, just like if you were to disable it via Group Policy. If you want to re-enable the Control Panel, go back into the Registry and change the NoControlPanel value back to “0” then reboot the computer. This comes in handy if you have inexperienced users working on your machine and don’t want them messing with Control Panel settings. Similar Articles Productive Geek Tips Disable User Account Control (UAC) the Easy Way on Win 7 or VistaStill Useful in Vista: Startup Control PanelRestore Missing Items in Windows Vista Control PanelHow To Manage Action Center in Windows 7New Vista Syntax for Opening Control Panel Items from the Command-line TouchFreeze Alternative in AutoHotkey The Icy Undertow Desktop Windows Home Server – Backup to LAN The Clear & Clean Desktop Use This Bookmarklet to Easily Get Albums Use AutoHotkey to Assign a Hotkey to a Specific Window Latest Software Reviews Tinyhacker Random Tips DVDFab 6 Revo Uninstaller Pro Registry Mechanic 9 for Windows PC Tools Internet Security Suite 2010 Home Networks – How do they look like & the problems they cause Check Your IMAP Mail Offline In Thunderbird Follow Finder Finds You Twitter Users To Follow Combine MP3 Files Easily QuicklyCode Provides Cheatsheets & Other Programming Stuff Download Free MP3s from Amazon

    Read the article

  • Partner Blog: Hub City Media Introduces iPad Application for Oracle Identity Analytics

    - by Tanu Sood
    About the Writer:Steve Giovannetti is CTO of Hub City Media, Inc., a company that specializes in implementation and product development on the Oracle Identity Management platform. Recently, Hub City Media announced the introduction of iPad application IdentityCert for Oracle Identity Analytics. This post explore the business use cases and application of IdentityCert.Hub City Media(HCM) has been deploying certification solutions based on Oracle Identity Analytics since it first appeared on the market as Vaau RBACx. With each deployment we've seen the same pattern repeat time and time again:1. Customers suffering under the weight of manual access certification regimens deploy Oracle Identity Analytics (OIA) for automated certification. 2. OIA improves the frequency, speed, accuracy, and participation of certifications across the organization. 3. Then the certifiers, typically managers and supervisors, ask, “Is there any easier way to do these certifications offline?”The current version of OIA has a way to export certification data to a spreadsheet.  For some customers, we've leveraged this feature and combined it with some of our own custom code to provide a solution based on spreadsheet exports and imports.  Customers export the certification to Microsoft Excel, complete it, and then import the spreadsheet to OIA. It worked well for offline certification, but if the user accidentally altered the format of the spreadsheet, the import of the data could fail. We were close to a solution but it wasn’t reliable.Over the past few years, we've seen the proliferation of Apple iOS devices, specifically the iPhone and iPad, in the enterprise.  As our customers were asking for offline certification, we noticed the same population of users traditionally responsible for access certification, were early adopters of the iPad. The environment seemed ideal for us to create an iPad application to support offline certifications using Oracle Identity Analytics. That’s why we created IdentityCert™.IdentityCert allows users to view their analytics dashboard, complete user certifications, and resolve policy violations with OIA, from their iPads.The current IdentityCert analytics dashboard displays the same charts that are available in the Oracle Identity Analytics product. However, we plan to expand the number of available analytics in future releases.The main function of IdentityCert is user certification which can be performed quickly and efficiently using a simple touch interface. Managers tap into a certification, use simple gestures to claim users and certify their access.  Certifications can be securely downloaded to IdentityCert and can be completed with or without a network connection. The user can upload the completed certifications once they are connected to a cellular or wi-fi network.Oracle Identity Analytics can generate policy violation notifications based on detective scans of identity warehouse or via preventative analysis of identity access requests. IdentityCert allows users to view all policy violations, resolve, or delegate them to appropriate users. IdentityCert also analyzes the policy violation expression and produces more human friendly descriptions of the policy violation which improves the ability of users to resolve the violation. IdentityCert can be deployed quickly into a customer's environment. It is deployed with Hub City Media's ID Services to connect Oracle Identity Analytics securely with the iPad application.Oracle Identity Management 11g R2 is an important evolutionary release. Oracle's Identity Management suite has more characteristics of a cohesive platform. This platform provides an integrated set of identity services that can be used to protect, manage, and audit security within the enterprise. At HCM we take the platform concept a step further and see it as an opportunity to create unique solutions for Oracle Identity Management customers. IdentityCert is our commitment to this platform. You can download IdentityCert from the Apple iOS App Store today. It includes a demo dataset that you can use to explore the functions of the product without any server infrastructure. Download it. Give it a try. We would appreciate your interest and welcome any feedback.Resources:Press Release: Hub City Media Introduces iPad Application IdentityCert™ for Oracle Identity AnalyticsApp Store Download: http://bit.ly/IdentityCertOracle Identity Governance Suite

    Read the article

  • Insurers Pushed to Transform Their Business

    - by Calvin Glenn
    Everyone in the P&C industry has heard it “We can’t do it.” “Nobody wants to do it.” “We can’t afford to do it.”  Unfortunately, what they’re referencing are the reasons many insurers are still trying to maintain their business processing on legacy policy administration systems, attempting to bide time until there is no other recourse but to give in, bite the bullet, and take on the monumental task of replacing an entire policy administration system (PAS). Just the thought of that project sends IT, Business Users and Management reeling. However, is that fear real?  It is a bit daunting when one realizes that a complete policy administration system replacement will touch most every function an insurer manages, from quoting and rating, to underwriting, distribution, and even customer service. With that, everyone has heard at least one horror story around a transformation initiative that has far exceeded budget and the promised implementation / go-live timeline.    But, does it have to be that hard?  Surely, in the age where a person can voice-activate their DVR to record a TV program from a cell phone, there has to be someone somewhere who’s figured out how to simplify this process. To be able to help insurers, of all sizes, transform and grow their business while also delivering on their overall objectives of providing speed to market, straight-through-processing for applications, quoting, underwriting, and simplified product development. Maybe we’re looking too hard and the answer is simple and straight-forward. Why replace the entire machine when all it really needs is a new part…a single enterprise rating system? This core, modular piece of the policy administration system is the foundation of product development and rate management that enables insurers to provide the right product at the right price to the right customer through the best channels at any given moment in time. The real benefit of a single enterprise rating system is the ability to deliver enhanced business capabilities, such as improved product management, streamlined underwriting, and speed to market. With these benefits, carriers have accomplished a portion of their overall transformation goal. Furthermore, lessons learned from the rating project can be applied to the bigger, down-the-road PAS project to support the successful completion of the overall transformation endeavor. At the recent Oracle OpenWorld Conference in San Francisco, information was shared with attendees about a recent “go-live” project from an Oracle Insurance Tier 1 insurer who did what is proposed above…replaced just the rating portion of their legacy policy administration system with Oracle Insurance Insbridge Rating and Underwriting.  This change provided the insurer greater flexibility to set rates that better reflect risk while enabling the company to support its market segment strategy. Using the Oracle Insurance Insbridge enterprise rating solution, the insurer was able to reduce processing time for agents and underwriters, gained the ability to support proprietary rating models and improved pricing accuracy.      There is mounting pressure on P&C insurers to produce growth and show net profitability in the midst of modest overall industry growth, large weather-related losses and intensifying competition for market share.  Insurers are also being asked to improve customer service, offer a differentiated value proposition and simplify insurance processes.  While the demands are many there is an easy answer…invest in and update the most mission critical application in your arsenal, the single enterprise rating system. Download the Podcast to listen to “Stand-Alone Rating Engine - Leading Force Behind Core Transformation Projects in the P&C Market,” a podcast originally recorded in October 2013. Related Resources: White Paper: Stand-Alone Rating Engine: Leading Force Behind Core Transformation Projects in the P&C Market Webcast On Demand: Stand-Alone Rating Engine and Core Transformation for P&C Insurers Don’t forget to keep up with us year-round: Facebook: www.facebook.com/oracleinsurance Twitter: www.twitter.com/oracleinsurance YouTube: www.youtube.com/oracleinsurance

    Read the article

  • Silverlight WCF netTcpBinding problem

    - by JontyMC
    Trying to call a WCF with a netTcpBinding via Silverlight, I am getting the error: "TCP error code 10013: An attempt was made to access a socket in a way forbidden by its access permissions.. This could be due to attempting to access a service in a cross-domain way while the service is not configured for cross-domain access. You may need to contact the owner of the service to expose a sockets cross-domain policy over HTTP and host the service in the allowed sockets port range 4502-4534." My WCF service is hosted in IIS7, bound to: http://localhost.myserivce.com on port 80 and net.tcp on port 4502 I can see http://localhost.myserivce.com/myservice.svc if I browse to it (my hosts file is pointing this domain to localhost). I can also see http://localhost.myserivce.com/clientaccesspolicy.xml: <?xml version="1.0" encoding="utf-8"?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers="*"> <domain uri="*" /> </allow-from> <grant-to> <socket-resource port="4502-4534" protocol="tcp" /> </grant-to> </policy> </cross-domain-access> </access-policy> What am I doing wrong?

    Read the article

  • Extending GroupPrincipal and Members property

    - by Paolo Tedesco
    I want to extend the GroupPrincipal class to handle some custom properties: using System.DirectoryServices.AccountManagement; [DirectoryRdnPrefix("CN")] [DirectoryObjectClass("group")] public class MyGroupPrincipal : GroupPrincipal { // ... } How could I override the Members property for MyGroupPrincipal so that if it has a member that is a group an instance of MyGroupPrincipal and not of GroupPrincipal is returned? I would like to write e.g. MyGroupPrincipal group = GetGroup(); foreach (var m in group.Members) { if (m is MyGroupPrincipal) { // always fails: m is a normal GroupPrincipal // do something } }

    Read the article

  • Authenticating Windows 7 against MIT Kerberos 5

    - by tommed
    Hi There, I've been wracking my brains trying to get Windows 7 authenticating against a MIT Kerberos 5 Realm (which is running on an Arch Linux server). I've done the following on the server (aka dc1): Installed and configured a NTP time server Installed and configured DHCP and DNS (setup for the domain tnet.loc) Installed Kerberos from source Setup the database Configured the keytab Setup the ACL file with: *@TNET.LOC * Added a policy for my user and my machine: addpol users addpol admin addpol hosts ank -policy users [email protected] ank -policy admin tom/[email protected] ank -policy hosts host/wdesk3.tnet.loc -pw MYPASSWORDHERE I then did the following to the windows 7 client (aka wdesk3): Made sure the ip address was supplied by my DHCP server and dc1.tnet.loc pings ok Set the internet time server to my linux server (aka dc1.tnet.loc) Used ksetup to configure the realm: ksetup /SetRealm TNET.LOC ksetup /AddKdc dc1.tnet.loc ksetip /SetComputerPassword MYPASSWORDHERE ksetip /MapUser * * After some googl-ing I found that DES encryption was disabled by Windows 7 by default and I turned the policy on to support DES encryption over Kerberos Then I rebooted the windows client However after doing all that I still cannot login from my Windows client. :( Looking at the logs on the server; the request looks fine and everything works great, I think the issue is that the response from the KDC is not recognized by the Windows Client and a generic login error appears: "Login Failure: User name or password is invalid". The log file for the server looks like this (I tail'ed this so I know it's happening when the Windows machine attempts the login): If I supply an invalid realm in the login window I get a completely different error message, so I don't think it's a connection problem from the client to the server? But I can't find any error logs on the Windows machine? (anyone know where these are?) If I try: runas /netonly /user:[email protected] cmd.exe everything works (although I don't get anything appear in the server logs, so I'm wondering if it's not touching the server for this??), but if I run: runas /user:[email protected] cmd.exe I get the same authentication error. Any Kerberos Gurus out there who can give me some ideas as to what to try next? pretty please?

    Read the article

  • Android exception i don't understand after loading webpage in a webview

    - by DixieFlatline
    I have a webview that loads a webpage. I also have a reload button. Sometimes it works but sometimes it crashes when i hit reload and i get this exceptions: 05-14 10:08:33.958: ERROR/WindowManager(918): Activity com.poslji.gor.Uvod has leaked window com.android.internal.policy.impl.PhoneWindow$DecorView@435da698 that was originally added here 05-14 10:08:33.958: ERROR/WindowManager(918): android.view.WindowLeaked: Activity com.poslji.gor.Uvod has leaked window com.android.internal.policy.impl.PhoneWindow$DecorView@435da698 that was originally added here 05-14 10:08:33.958: ERROR/WindowManager(918): at android.view.ViewRoot.(ViewRoot.java:217) 05-14 10:08:33.958: ERROR/WindowManager(918): at android.view.WindowManagerImpl.addView(WindowManagerImpl.java:148) 05-14 10:08:33.958: ERROR/WindowManager(918): at android.view.WindowManagerImpl.addView(WindowManagerImpl.java:91) 05-14 10:08:33.958: ERROR/WindowManager(918): at android.view.Window$LocalWindowManager.addView(Window.java:392) 05-14 10:08:33.958: ERROR/WindowManager(918): at android.app.Dialog.show(Dialog.java:231) 05-14 10:08:33.958: ERROR/WindowManager(918): at android.app.ProgressDialog.show(ProgressDialog.java:107) 05-14 10:08:33.958: ERROR/WindowManager(918): at android.app.ProgressDialog.show(ProgressDialog.java:90) 05-14 10:08:33.958: ERROR/WindowManager(918): at com.poslji.gor.Odgovori$2.onClick(Odgovori.java:120) 05-14 10:08:33.958: ERROR/WindowManager(918): at android.view.View.performClick(View.java:2179) 05-14 10:08:33.958: ERROR/WindowManager(918): at android.view.View.onTouchEvent(View.java:3828) 05-14 10:08:33.958: ERROR/WindowManager(918): at android.widget.TextView.onTouchEvent(TextView.java:6307) 05-14 10:08:33.958: ERROR/WindowManager(918): at android.view.View.dispatchTouchEvent(View.java:3368) 05-14 10:08:33.958: ERROR/WindowManager(918): at android.view.ViewGroup.dispatchTouchEvent(ViewGroup.java:903) 05-14 10:08:33.958: ERROR/WindowManager(918): at android.view.ViewGroup.dispatchTouchEvent(ViewGroup.java:903) 05-14 10:08:33.958: ERROR/WindowManager(918): at android.view.ViewGroup.dispatchTouchEvent(ViewGroup.java:903) 05-14 10:08:33.958: ERROR/WindowManager(918): at com.android.internal.policy.impl.PhoneWindow$DecorView.superDispatchTouchEvent(PhoneWindow.java:1752) 05-14 10:08:33.958: ERROR/WindowManager(918): at com.android.internal.policy.impl.PhoneWindow.superDispatchTouchEvent(PhoneWindow.java:1206) 05-14 10:08:33.958: ERROR/WindowManager(918): at android.app.Activity.dispatchTouchEvent(Activity.java:1997) 05-14 10:08:33.958: ERROR/WindowManager(918): at com.android.internal.policy.impl.PhoneWindow$DecorView.dispatchTouchEvent(PhoneWindow.java:1736) 05-14 10:08:33.958: ERROR/WindowManager(918): at android.view.ViewGroup.dispatchTouchEvent(ViewGroup.java:903) 05-14 10:08:33.958: ERROR/WindowManager(918): at android.view.ViewGroup.dispatchTouchEvent(ViewGroup.java:903) 05-14 10:08:33.958: ERROR/WindowManager(918): at android.view.ViewGroup.dispatchTouchEvent(ViewGroup.java:903) 05-14 10:08:33.958: ERROR/WindowManager(918): at android.view.ViewGroup.dispatchTouchEvent(ViewGroup.java:903) 05-14 10:08:33.958: ERROR/WindowManager(918): at android.view.ViewGroup.dispatchTouchEvent(ViewGroup.java:903) 05-14 10:08:33.958: ERROR/WindowManager(918): at com.android.internal.policy.impl.PhoneWindow$DecorView.superDispatchTouchEvent(PhoneWindow.java:1752) 05-14 10:08:33.958: ERROR/WindowManager(918): at com.android.internal.policy.impl.PhoneWindow.superDispatchTouchEvent(PhoneWindow.java:1206) 05-14 10:08:33.958: ERROR/WindowManager(918): at android.app.Activity.dispatchTouchEvent(Activity.java:1997) 05-14 10:08:33.958: ERROR/WindowManager(918): at com.android.internal.policy.impl.PhoneWindow$DecorView.dispatchTouchEvent(PhoneWindow.java:1736) 05-14 10:08:33.958: ERROR/WindowManager(918): at android.view.ViewRoot.handleMessage(ViewRoot.java:1761) 05-14 10:08:33.958: ERROR/WindowManager(918): at android.os.Handler.dispatchMessage(Handler.java:99) 05-14 10:08:33.958: ERROR/WindowManager(918): at android.os.Looper.loop(Looper.java:123) 05-14 10:08:33.958: ERROR/WindowManager(918): at android.app.ActivityThread.main(ActivityThread.java:3948) 05-14 10:08:33.958: ERROR/WindowManager(918): at java.lang.reflect.Method.invokeNative(Native Method) 05-14 10:08:33.958: ERROR/WindowManager(918): at java.lang.reflect.Method.invoke(Method.java:521) 05-14 10:08:33.958: ERROR/WindowManager(918): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:782) 05-14 10:08:33.958: ERROR/WindowManager(918): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:540) 05-14 10:08:33.958: ERROR/WindowManager(918): at dalvik.system.NativeStart.main(Native Method) 05-14 10:08:36.768: ERROR/AndroidRuntime(918): Uncaught handler: thread main exiting due to uncaught exception 05-14 10:08:36.778: ERROR/AndroidRuntime(918): java.lang.IllegalArgumentException: View not attached to window manager 05-14 10:08:36.778: ERROR/AndroidRuntime(918): at android.view.WindowManagerImpl.findViewLocked(WindowManagerImpl.java:356) 05-14 10:08:36.778: ERROR/AndroidRuntime(918): at android.view.WindowManagerImpl.removeView(WindowManagerImpl.java:201) 05-14 10:08:36.778: ERROR/AndroidRuntime(918): at android.view.Window$LocalWindowManager.removeView(Window.java:400) 05-14 10:08:36.778: ERROR/AndroidRuntime(918): at android.app.Dialog.dismissDialog(Dialog.java:268) 05-14 10:08:36.778: ERROR/AndroidRuntime(918): at android.app.Dialog.access$000(Dialog.java:69) 05-14 10:08:36.778: ERROR/AndroidRuntime(918): at android.app.Dialog$1.run(Dialog.java:103) 05-14 10:08:36.778: ERROR/AndroidRuntime(918): at android.app.Dialog.dismiss(Dialog.java:252) 05-14 10:08:36.778: ERROR/AndroidRuntime(918): at com.poslji.gor.Odgovori$HelloWebViewClient.onPageFinished(Odgovori.java:180) 05-14 10:08:36.778: ERROR/AndroidRuntime(918): at android.webkit.CallbackProxy.handleMessage(CallbackProxy.java:225) 05-14 10:08:36.778: ERROR/AndroidRuntime(918): at android.os.Handler.dispatchMessage(Handler.java:99) 05-14 10:08:36.778: ERROR/AndroidRuntime(918): at android.os.Looper.loop(Looper.java:123) 05-14 10:08:36.778: ERROR/AndroidRuntime(918): at android.app.ActivityThread.main(ActivityThread.java:3948) 05-14 10:08:36.778: ERROR/AndroidRuntime(918): at java.lang.reflect.Method.invokeNative(Native Method) 05-14 10:08:36.778: ERROR/AndroidRuntime(918): at java.lang.reflect.Method.invoke(Method.java:521) 05-14 10:08:36.778: ERROR/AndroidRuntime(918): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:782) 05-14 10:08:36.778: ERROR/AndroidRuntime(918): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:540) 05-14 10:08:36.778: ERROR/AndroidRuntime(918): at dalvik.system.NativeStart.main(Native Method) What is going wrong here?

    Read the article

  • AIX: iscsi volumes disappear after reboot

    - by Dan
    We have an IBM P505 AIX box, with two internal disks and a defined iSCSI volume. The iSCSI volume is defined in it's own volume group, and is connected to an IBM iSCSI DS3300 disk array via the secondary onboard ethernet port (ie, we're not using a dedicated HBA, we're using the second onboard ethernet port for iSCSI exclusively.) When we reboot the AIX box, the iSCSI volume doesn't get mounted (which is fine; I've figured out that it fails to mount because AIX tries mounting it's volumes before starting the networking stack.) The problem is, after the server has booted it fails to redetect the iSCSI target as a physical disk. This means the volume group (iscsivg) can't go online. if I run cfgmgr -v to redetect the iscsi volume it successfully detects the iscsi target volume and creates a physical volume reference, but allocates it a different volume ID to what was defined before. eg - rootvg contains hdisk 0 and 1 iscsivg was originally defined with hdisk2 as the physical iSCSI volume. after reboot and running cfgmgr -v, AIX detects physical volumes hdisk0, hdisk11 and hdisk3. As there's no hdisk2, I can't varyon the iscsivg volume group. I can't seem any existing hdisk2 definition in the ODM. I can't easily add or change the definition of the physcial disk in the iscsivg volume group as it won't "varyon". Exporting the volume group deletes it completely, recreating the volume group by "importing" it from the reallocated disk makes it available again, but surely there's a better way? Can I force a specific hdisk drive designation for an iscsi target? How do you bring online iSCSI volumes after a reboot? I assume this "just works" with a dedicated HBA instead of a generic ethernet adapter? By the way, the iSCSI volume works fine once it's mounted; we only have problems getting it working - and only with AIX. The iSCSI array works fine with our Linux and Windows servers; ie the volumes get detected and remounted after boot time without any problems, using generic ethernet adapters. Here's some of the config from the AIX box: defined disks / devices: # lsdev hdisk0 Available 06-08-01-5,0 16 Bit LVD SCSI Disk Drive hdisk1 Available 06-08-01-8,0 16 Bit LVD SCSI Disk Drive hdisk3 Available Other iSCSI Disk Drive iscsi0 Available iSCSI Protocol Device scsi0 Available 06-08-00 PCI-X Dual Channel Ultra320 SCSI Adapter bus scsi1 Available 06-08-01 PCI-X Dual Channel Ultra320 SCSI Adapter bus ses0 Available 06-08-01-15,0 SCSI Enclosure Services Device sisscsia0 Available 06-08 PCI-X Dual Channel Ultra320 SCSI Adapter iscsi target definition in /etc/iscsi/targets: # IBM DS3300 disk array # port 1 on second controller 10.10.xx.xxx 3260 iqn.1992-01.com.lsi:1535.600a0b80005b0a7fxxxxxxxxxxxx physical volumes (after reimporting the volume group) # lspv hdisk0 0003b08a0d4936b6 rootvg active hdisk1 0003b08aaa5cb366 rootvg active hdisk3 0003b08a032d04bb iscsivg active

    Read the article

  • Why is user asked to choose their workgroup?

    - by Clinton Blackmore
    We running Mac OS X Server 10.5.8 with Mac OS X 10.5.8 clients. Students use network logins to, well, log in. I've been asked to deny internet access to a specific user. I was told that a good way to do it is to create a user workgroup called "No Internet Access" and manage settings there. (Specifically, I told parental controls to allow access to no sites, and blacklisted all the installed web browsers). Now, when the user authenticates to log in, they are greeted with this dialog: Workgroups for <username> Grade 7 Students No Internet Access It is unlikely that the student would willing choose "No Internet Access" to be their base group. Looking in Workgroup Manager at the student's record, it shows their primary group ID is the grade 7 group, and "No Internet Access" is listed as another group they belong to. I looked at the managed preferences for all the computers pertaining to logins. They are set to their defaults. Specifically, the computer groups' preference for Logins - Access has the defaults: [unchecked] Ignore workgroup nesting [checked] Combine available workgroup settings Based on my reading of Tips and Tricks for Mac Administrators, this should be correct, the user should not be asked which group they belong to, and settings from all applicable groups should be applied. How can I achieve that result? Edit: I've decided to add some additional information from the Tips and Tricks for Mac Management White Paper (via Apple in Education, via the author's site). On page 21, it says: With Leopard MCX, workgroup preference settings are combined by default into a single set of values. This means that instead of having to choose between the Math, Science, or Language Arts workgroups when logging in, a user can just authenticate and be taken directly to the desktop. All the settings for each of those workgroups are composited together, providing you with all the Dock items and a composite of all the other settings. On page 40, an example is given in which settings are combined from different 'domains', one computer group, two (user) workgroups, and one individual user's settings. [When johnd logs into a leopard client,] the items staged in the Dock from left to right are: computer group, first workgroup alphabetically, second workgroup, user. Items within the workgroup are staged alphabetically. Nowhere is there an indication that groups are nested; indeed, I can see no sensible (non-flat) heirarchy for groups like Math, Science, and Language Arts. I strongly believe that there is a way to apply settings from two unrelated user workgroups such that a user of OS X 10.5.x or newer does not need to choose their workgroup. This is what I seek to achieve.

    Read the article

  • java.rmi.UnmarshalException: unable to pull client classes by server

    - by andrews
    Hi, I have an RMI client/server set-up on two machines that works fine in a simple situation when the server doesn't require a client-side defned class. However, when I need to use a class defined on the client side I am unable to have the server unmarshall those classes. I suspect this is an issue with my java.rmi.server.codebase property that I pass in as argument to the client app. I followed Sun's RMI Tutorial trail and I think I have followed the steps exactly except that I don't specify a classpath argument when executing client and server because they execute in the directory right above the root package directory (however I tried that too with no effect). The exceptions I get when attempting to execute the different client-side combinations described in detail below are all the same: RmiServer exception: java.rmi.ServerException: RemoteException occurred in server thread; nested exception is: java.rmi.UnmarshalException: error unmarshalling arguments; nested exception is: java.lang.ClassNotFoundException: test.MyTask at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:353) at sun.rmi.transport.Transport$1.run(Transport.java:177) at java.security.AccessController.doPrivileged(Native Method) at sun.rmi.transport.Transport.serviceCall(Transport.java:173) at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:553) at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:808) at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:667) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603) at java.lang.Thread.run(Thread.java:636) at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:255) at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:233) at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:142) at java.rmi.server.RemoteObjectInvocationHandler.invokeRemoteMethod(RemoteObjectInvocationHandler.java:178) at java.rmi.server.RemoteObjectInvocationHandler.invoke(RemoteObjectInvocationHandler.java:132) at $Proxy0.execute(Unknown Source) at test.myClient.main(myClient.java:32) The details are: My client/server rmi is set up over a home network behind a router. The router is assigned to a static ip address I will call myhostname. Appropriate port-mapping is set-up in the router that points to the right machines. role, machine, os, ip-address: server, venice, linux ubuntu 9.10, 10.0.1.2 client, naples, mac os x leopard, 10.0.1.4 I startup the server side as follows inside /home/andrews/workspace/epsilon/bin: 1 starting registry on the default port 1099: venice% rmiregistry & 2 starting web-server on port 2001 pointing to code base for common interfaces: venice% java webserver/ClassFileServer 2001 /home/andrew/workspace/epsilon/bin 3 starting server app (main class in test/myServer) which registers the server object: venice% java -Djava.rmi.server.codebase="http://myhostname:2001/" -Djava.security.policy=server.policy -Djava.rmi.server.hostname=myhostname test/myServer & Now the client side inside /Users/andrews/Development/Java/workspace/epsilon/bin: 1 start a local web server that can server client-side classes to the server (not sure if this is needed, but I added I tried it, and still no success; I have added port-mapping to the router for 2001 to venice, for 2002 to naples) naples$ java webserver/ClassFileServer 2002 /Users/andrews/Development/Java/workspace/epsilon/bin/ Trying to run the client (note: I don't specify the -cp argument because client executes right above the root package directory): 1 try #1 using an http hostname naples$ java -Djava.rmi.server.codebase=http://10.0.1.4:2002/ -Djava.security.policy=client.policy test.myClient myhostname Note 1: the myhostname argument at the end is passed-in to the client so that it resolves to server's rmi hostname. Note 2: I tried using localhost:2002 instead of 10.0.1.4:2002 too. Note 3: I tried using myhostname:2002 since myhostname is assigned to the router and I have proper port-mapping set-up, this address should resolve to naples and not venice 2 try #2: naples$ java -Djava.rmi.server.codebase=file:/Users/andrews/Development/Java/workspace/epsilon/bin/ -Djava.security.policy=client.policy test.myClient myhostname Note 1: the code base url format is correct, I created a small program to convert current file directory path into a url and used that. using file:///Users... has same effect. Other notes: 1 my server and client policy files correctly specify the path, as I've tested this setup with good and bad paths, and getting a security exception for bad path 2 this setup works if I don't use client-side defined objects, the client connects correctly to the server and the server executes. 3 when I place the client-side class on the server in the server's classpath, all executes fine. All help is appreciated.

    Read the article

  • user generated / user specific functions

    - by pedalpete
    I'm looking for the most elegant and secure method to do the following. I have a calendar, and groups of users. Users can add events to specific days on the calendar, and specify how long each event lasts for. I've had a few requests from users to add the ability for them to define that events of a specific length include a break, of a certain amount of time, or require that a specific amount of time be left between events. For example, if event is 2 hours, include a 20min break. for each event, require 30 minutes before start of next event. The same group that has asked for an event of 2 hours to include a 20 min break, could also require that an event 3 hours include a 30 minute break. In the end, what the users are trying to get is an elapsed time excluding breaks calculated for them. Currently I provide them a total elapsed time, but they are looking for a running time. However, each of these requests is different for each group. Where one group may want a 30 minute break during a 2 hour event, and another may want only 10 minutes for each 3 hour event. I was kinda thinking I could write the functions into a php file per group, and then include that file and do the calculations via php and then return a calculated total to the user, but something about that doesn't sit right with me. Another option is to output the groups functions to javascript, and have it run client-side, as I'm already returning the duration of the event, but where the user is part of more than one group with different rules, this seems like it could get rather messy. I currently store the start and end time in the database, but no 'durations', and I don't think I should be storing the calculated totals in the db, because if a group decides to change their calculations, I'd need to change it throughout the db. Is there a better way of doing this? I would just store the variables in mysql, but I don't see how I can then say to mysql to calculate based on those variables. I'm REALLY lost here. Any suggestions? I'm hoping somebody has done something similar and can provide some insight into the best direction. If it helps, my table contains eventid, user, group, startDate, startTime, endDate, endTime, type The json for the event which I return to the user is {"eventid":"'.$eventId.'", "user":"'.$userId.'","group":"'.$groupId.'","type":"'.$type.'","startDate":".$startDate.'","startTime":"'.$startTime.'","endDate":"'.$endDate.'","endTime":"'.$endTime.'","durationLength":"'.$duration.'", "durationHrs":"'.$durationHrs.'"} where for example, duration length is 2.5 and duration hours is 2:30.

    Read the article

  • Sed does not work in expect

    - by Sharjeel Sayed
    I made this bash one-liner which I use to list Weblogic instances running along with their full paths.This works well when I run it from the shell. /usr/ucb/ps auwwx | grep weblogic | tr ' ' '\n' | grep security.policy | grep domain | awk -F'=' '{print $2}' | sed 's/weblogic.policy//' | sed 's/security\///' | sort I tried to incorporate this in an expect script send "echo Weblogic Processes: ; /usr/ucb/ps auwwx | grep weblogic | tr ' ' '\n' | grep security.policy | grep domain | awk -F'=' '{print \$2}' | sed 's/weblogic.policy//' | sed 's/security\///' | sort ; echo ; echo\r" but I got this error sed: -e expression #1, char 13: unknown option to `s' Please help

    Read the article

  • OpenPeak Flash app XMLSocket Security Problem

    - by Kira
    We're trying to create an app for OpenPeak. The Flash app will act as a client to a Java server on another computer on another domain. The Flash app client connects via XMLSocket. The Java Server uses ServerSocket to receive a request and send back a message. In order to trust the server, the Flash client needs a socket master policy file to tell it that the server comes from a trustworthy domain. According to an article on Adobe, when a connection has succeeded, the Flash client automatically requests the cross-domain policy or socket master policy file on port 843. Still, even when we implement it according to the tutorials and recommendations we have read, the Flash client continues to throw the following security error: SecurityErrorEvent type="securityError" bubbles=false cancelable=false eventPhase=2 text="Error #2048" We've tried logging the policy file request during testing to see if there was any call made to port 843. There was not. Interestingly, even without a policy file, the Flash client still manages to send the first data message to the server successfully. It's just when the server tries to send back a reply that the entire thing hangs for about 10 seconds before the security error above is displayed. Any ideas / suggestions?

    Read the article

  • Java delimiter reader

    - by newbieprogrammer
    I have a colon-delimited text file containing grouped, related data. The People group contains people's names followed by their ages, separated by colons. How can I parse the text and group people according to their ages? The structure is as follows: Group.txt Age:10:20:30:40: Group:G1:10:G2:30:G3:20:G4:40: People:Jack:10:Tom:30:Dick:20:Harry:10:Paul:10:Peter:20: People:Mary:20:Lance:10: And I want to display something like this: G1 Jack Harry Paul Lance G2 Dick Peter Marry G3 Tom G4

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 103 104 105 106 107 108 109 110 111 112 113 114  | Next Page >