Search Results

Search found 5565 results on 223 pages for 'global'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 109/223 | < Previous Page | 105 106 107 108 109 110 111 112 113 114 115 116  | Next Page >

  • please explain my fio results - is O_SYNC|O_DIRECT misbehaving on linux?

    - by Zoltan
    I'm going mad over figuring out what the problem could be with one of our storage boxes. With a simple fio script I'm testing random writes using bs=1M and direct=1. The SSD is a Samsung 840pro attached to an LSI HBA (3Gbit/s ports). This is the result I'm getting under FreeBSD 9.1: WRITE: io=13169MB, aggrb=224743KB/s, minb=224743KB/s, maxb=224743KB/s, mint=60002msec, maxt=60002msec This is regardless of sync being set to 0 or 1. On linux, this is the result with sync=0: WRITE: io=14828MB, aggrb=253060KB/s, minb=253060KB/s, maxb=253060KB/s, mint=60001msec, maxt=60001msec and with sync=1: WRITE: io=6360.0MB, aggrb=108542KB/s, minb=108542KB/s, maxb=108542KB/s, mint=60001msec, maxt=60001msec My understanding is that since I'm operating on the raw block device, O_SYNC should not make any difference - there's no filesystem, any barrier, anything between the writes and the drive itself. Especially with O_DIRECT|O_SYNC set. Any ideas? For reference, here's the fio script I'm testing with: [global] bs=1M ioengine=sync iodepth=4 size=16g direct=1 runtime=60 filename=/dev/sdh sync=1 [rand-write] rw=randwrite stonewall

    Read the article

  • VMware vSwitches and Dell PowerConnect BPDU guard

    - by dunxd
    I am using two Dell PowerConnect 6248 switches to connect a VMware host vSwitch. A discussion of config of Cisco switches for use with VMware advises to set physical ports connected to vSwitch with bpduguard and portfast. However, Dell switches don't have the bpduguard setting for individual ports. I can switch it off globally for all portfast ports, but I don't think I want to do that. Should I: Disable STP on the vSwitch connected ports? Leave STP on and enable portfast on the ports, and forget about bpduguard? Disable bpduguard on all portfast ports via global config Do something else? See also: VMware vSwitches and spanning tree

    Read the article

  • CNTLM issue with intranet (maybe DNS)

    - by htorque
    On my Linux box I need to use an ISA proxy that requires authentication to reach the internet. I therefore installed CNTLM and configured it to point to the proxy address and listen on port 4321. I then configured my GNOME distribution to use localhost:4321 as global proxy for HTTP and HTTPS. The result: I can connect to the internet. I can ping intranet IPs, I do receive name resolution for intranet sites, yet I cannot ping them or open any intranet site in a browser (configured to use the distributions proxy) unless I use the site's IP address. I tried blocking the intranet IP range in the CNTLM config file without luck.

    Read the article

  • Cisco ASA - Enable communication between same security level

    - by Conor
    I have recently inherited a network with a Cisco ASA (running version 8.2). I am trying to configure it to allow communication between two interfaces configured with the same security level (DMZ-DMZ) "same-security-traffic permit inter-interface" has been set, but hosts are unable to communicate between the interfaces. I am assuming that some NAT settings are causing my issue. Below is my running config: ASA Version 8.2(3) ! hostname asa enable password XXXXXXXX encrypted passwd XXXXXXXX encrypted names ! interface Ethernet0/0 switchport access vlan 400 ! interface Ethernet0/1 switchport access vlan 400 ! interface Ethernet0/2 switchport access vlan 420 ! interface Ethernet0/3 switchport access vlan 420 ! interface Ethernet0/4 switchport access vlan 450 ! interface Ethernet0/5 switchport access vlan 450 ! interface Ethernet0/6 switchport access vlan 500 ! interface Ethernet0/7 switchport access vlan 500 ! interface Vlan400 nameif outside security-level 0 ip address XX.XX.XX.10 255.255.255.248 ! interface Vlan420 nameif public security-level 20 ip address 192.168.20.1 255.255.255.0 ! interface Vlan450 nameif dmz security-level 50 ip address 192.168.10.1 255.255.255.0 ! interface Vlan500 nameif inside security-level 100 ip address 192.168.0.1 255.255.255.0 ! ftp mode passive clock timezone JST 9 same-security-traffic permit inter-interface same-security-traffic permit intra-interface object-group network DM_INLINE_NETWORK_1 network-object host XX.XX.XX.11 network-object host XX.XX.XX.13 object-group service ssh_2220 tcp port-object eq 2220 object-group service ssh_2251 tcp port-object eq 2251 object-group service ssh_2229 tcp port-object eq 2229 object-group service ssh_2210 tcp port-object eq 2210 object-group service DM_INLINE_TCP_1 tcp group-object ssh_2210 group-object ssh_2220 object-group service zabbix tcp port-object range 10050 10051 object-group service DM_INLINE_TCP_2 tcp port-object eq www group-object zabbix object-group protocol TCPUDP protocol-object udp protocol-object tcp object-group service http_8029 tcp port-object eq 8029 object-group network DM_INLINE_NETWORK_2 network-object host 192.168.20.10 network-object host 192.168.20.30 network-object host 192.168.20.60 object-group service imaps_993 tcp description Secure IMAP port-object eq 993 object-group service public_wifi_group description Service allowed on the Public Wifi Group. Allows Web and Email. service-object tcp-udp eq domain service-object tcp-udp eq www service-object tcp eq https service-object tcp-udp eq 993 service-object tcp eq imap4 service-object tcp eq 587 service-object tcp eq pop3 service-object tcp eq smtp access-list outside_access_in remark http traffic from outside access-list outside_access_in extended permit tcp any object-group DM_INLINE_NETWORK_1 eq www access-list outside_access_in remark ssh from outside to web1 access-list outside_access_in extended permit tcp any host XX.XX.XX.11 object-group ssh_2251 access-list outside_access_in remark ssh from outside to penguin access-list outside_access_in extended permit tcp any host XX.XX.XX.10 object-group ssh_2229 access-list outside_access_in remark http from outside to penguin access-list outside_access_in extended permit tcp any host XX.XX.XX.10 object-group http_8029 access-list outside_access_in remark ssh from outside to internal hosts access-list outside_access_in extended permit tcp any host XX.XX.XX.13 object-group DM_INLINE_TCP_1 access-list outside_access_in remark dns service to internal host access-list outside_access_in extended permit object-group TCPUDP any host XX.XX.XX.13 eq domain access-list dmz_access_in extended permit ip 192.168.10.0 255.255.255.0 any access-list dmz_access_in extended permit tcp any host 192.168.10.29 object-group DM_INLINE_TCP_2 access-list public_access_in remark Web access to DMZ websites access-list public_access_in extended permit object-group TCPUDP any object-group DM_INLINE_NETWORK_2 eq www access-list public_access_in remark General web access. (HTTP, DNS & ICMP and Email) access-list public_access_in extended permit object-group public_wifi_group any any pager lines 24 logging enable logging asdm informational mtu outside 1500 mtu public 1500 mtu dmz 1500 mtu inside 1500 no failover icmp unreachable rate-limit 1 burst-size 1 no asdm history enable arp timeout 60 global (outside) 1 interface global (dmz) 2 interface nat (public) 1 0.0.0.0 0.0.0.0 nat (dmz) 1 0.0.0.0 0.0.0.0 nat (inside) 1 0.0.0.0 0.0.0.0 static (inside,outside) tcp interface 2229 192.168.0.29 2229 netmask 255.255.255.255 static (inside,outside) tcp interface 8029 192.168.0.29 www netmask 255.255.255.255 static (dmz,outside) XX.XX.XX.13 192.168.10.10 netmask 255.255.255.255 dns static (dmz,outside) XX.XX.XX.11 192.168.10.30 netmask 255.255.255.255 dns static (dmz,inside) 192.168.0.29 192.168.10.29 netmask 255.255.255.255 static (dmz,public) 192.168.20.30 192.168.10.30 netmask 255.255.255.255 dns static (dmz,public) 192.168.20.10 192.168.10.10 netmask 255.255.255.255 dns static (inside,dmz) 192.168.10.0 192.168.0.0 netmask 255.255.255.0 dns access-group outside_access_in in interface outside access-group public_access_in in interface public access-group dmz_access_in in interface dmz route outside 0.0.0.0 0.0.0.0 XX.XX.XX.9 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 dynamic-access-policy-record DfltAccessPolicy http server enable http 192.168.0.0 255.255.255.0 inside no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 telnet timeout 5 ssh 192.168.0.0 255.255.255.0 inside ssh timeout 20 console timeout 0 dhcpd dns 61.122.112.97 61.122.112.1 dhcpd auto_config outside ! dhcpd address 192.168.20.200-192.168.20.254 public dhcpd enable public ! dhcpd address 192.168.0.200-192.168.0.254 inside dhcpd enable inside ! threat-detection basic-threat threat-detection statistics host threat-detection statistics access-list no threat-detection statistics tcp-intercept ntp server 130.54.208.201 source public webvpn ! class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum client auto message-length maximum 512 policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect ip-options inspect netbios inspect rsh inspect rtsp inspect skinny inspect esmtp inspect sqlnet inspect sunrpc inspect tftp inspect sip inspect xdmcp !

    Read the article

  • Search like google

    - by Rajanikant
    I have a task to make a search module in which i have database users and tablename userProfile and i want to search profile when i entered text in text box for ex. if i entered "I am looking for MBA in delhi" or 'mba information in delhi' it will displayed all user registered expertise as mba and city in delhi . this will be like job portal or any social networking portal my database is -- phpMyAdmin SQL Dump -- version 2.8.1 -- http://www.phpmyadmin.net -- Host: localhost -- Generation Time: May 01, 2010 at 10:58 AM -- Server version: 5.0.21 -- PHP Version: 5.1.4 -- Database: users -- -- Table structure for table userProfile CREATE TABLE userprofile ( id int(11) NOT NULL auto_increment, name varchar(50) collate latin1_general_ci NOT NULL, expertise varchar(50) collate latin1_general_ci NOT NULL, city varchar(50) collate latin1_general_ci NOT NULL, state varchar(50) collate latin1_general_ci NOT NULL, discription varchar(500) collate latin1_general_ci NOT NULL, PRIMARY KEY (id) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci AUTO_INCREMENT=3 ; -- -- Dumping data for table userProfile INSERT INTO userProfile VALUES (1, 'a', 'MBA HR', 'Delhi', 'Delhi', 'Fortune is top management college in Delhi, Best B-schools in India providing business studies and management training. FIIB is Delhi based most ranked ...'); INSERT INTO userProfile VALUES (2, 'b', 'MBA marketing', 'Delhi', 'Delhi', 'Fortune is top management college in Delhi, Best B-schools in India providing business studies and management training. FIIB is Delhi based most ranked ...'); and search.php page <?php include("config.php"); include("class.search.php"); $br=new search(); if($_POST['searchbutton']) { $str=$_POST['textfield']; $brstr=$br->breakkey($str); } ?> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Untitled Document</title> </head> <body> <table width="100%" border="0"> <form name="frmsearch" method="post"> <tr> <td width="367">&nbsp;</td> <td width="300"><label> <input name="textfield" type="text" id="textfield" size="50" /> </label></td> <td width="294"><label> <input type="submit" name="searchbutton" id="button" value="Search" /> </label></td> </tr></form> <tr> <td>&nbsp;</td> <td>&nbsp;</td> <td>&nbsp;</td> </tr> <tr> <td>&nbsp;</td> <td>&nbsp;</td> <td>&nbsp;</td> </tr> </table> </body> </html> and config.php is <?php error_reporting(E_ALL); $host="localhost"; $username="root"; $password=""; $dbname="users"; $con=mysql_connect($host,$username,$password) or die("could not connect database"); $db=mysql_select_db($dbname,$con) or die("could not select database"); ?> and class.search.php is <?php class search { function breakkey($key) { global $db; $words=explode(' ',$key); return $words; } function searchitem($perm) { global $db; foreach($perm as $k=>$v) { $sql="select * from users" } } } ?>

    Read the article

  • What sort of attack URL is this?

    - by Asker
    I set up a website with my own custom PHP code. It appears that people from places like Ukraine are trying to hack it. They're trying a bunch of odd accesses, seemingly to detect what PHP files I've got. They've discovered that I have PHP files called mail.php and sendmail.php, for instance. They've tried a bunch of GET options like: http://mydomain.com/index.php?do=/user/register/ http://mydomain.com/index.php?app=core&module=global§ion=login http://mydomain.com/index.php?act=Login&CODE=00 I suppose these all pertain to something like LiveJournal? Here's what's odd, and the subject of my question. They're trying this URL: http://mydomain.com?3e3ea140 What kind of website is vulnerable to a 32-bit hex number?

    Read the article

  • Creating Multiple Users on Single PHP-FPM Pool

    - by Vince Kronlein
    Have PHP-FPM/FastCGI up and running on my cPanel/WHM server but I'd like have it allow for multiple users off of a single pool. Getting all vhosts to run off a single pool is simple by adding this to the Apache include editor under Global Post Vhost: <IfModule mod_fastcgi.c> FastCGIExternalServer /usr/local/sbin/php-fpm -host 127.0.0.1:9000 AddHandler php-fastcgi .php Action php-fastcgi /usr/local/sbin/php-fpm.fcgi ScriptAlias /usr/local/spin/php-fpm.fcgi /usr/local/sbin/php-fpm <Directory /usr/local/sbin> Options ExecCGI FollowSymLinks SetHandler fastcgi-script Order allow,deny Allow from all </Directory> </IfModule> But I'd like to find a way to implement php running under the user, but sharing the pool. I manage and control all the domains that run under the pool so I'm not concerned about security of files per account, I just need to make sure all scripting can be executed by the user who owns the files, instead of needing to change file permissions for each account, or having to create tons of vhost include files.

    Read the article

  • Rewrite URL before passing to proxy Lighttpd

    - by futureelite7
    Hi, I'm trying to setup a reverse proxy in lighttpd, such that all requests (and only those requests) under /mobile/video is redirected to the / directory of a secondary web server. This is pretty easy in apache, but I can't for the life of me figure out how to do so in lighttpd. $HTTP["url"] =~ "^/wsmobile/video/" { url.rewrite-once = ( ".*" => "/test/" ) proxy.server = ( "" => ( ( "host" => "210.200.144.26", "port" => 9091 ) ) ) } I've tried using the http["url"] directive, but lighttpd simply ignore those requests and continue to pass the full url to the secondary server, which of course chokes and throws 404s. However, if I do a global rewrite then everything gets forwarded to the secondary server, which is also not what I want. How do I go about this task?

    Read the article

  • MOM 2005 SP1 and MBSA 2.1 : Compatible?

    - by Mitch
    We're currently using MOM 2005 SP1 for our system monitoring duties. It was installed and "configured" by someone who is no longer on our team. In the process of correcting a persistent error in the applications log of all of the monitored servers, "Default Global Virtual Directory Not Configured", I'm seeing the MBSA management pack is for MBSA v1.2. The current version of the MBSA appears to be 2.1. Does anyone have any experience in configuring MOM to use MBSA 2.1? Does MOM get along with MBSA 2.1? Any input would be appreciated. Point me in the direction of more reading if there's something out there I should be referring to. Thanks!

    Read the article

  • Detecting Request that uses invalid Encoding using Modsecurity

    - by Ali Ahmad
    I am trying write a virtual patch using modsecurity for my hosted web application using following rule i.e. <Location /index.php> SecDefaultAction phase:2,t:none,log,deny # Validate parameter names SecRule ARGS_NAMES "!^(articleid)$" \ "msg:'Unknown parameter: %{MATCHED_VAR_NAME}'" # Expecting articleid only once SecRule &ARGS:articleid "!@eq 1" \ "msg:'Parameter articleid seen more than once'" # Validate parameter articleid SecRule ARGS:articleid "!^[0-9]{1,10}$" \ "msg:'Invalid parameter articleid'" </Location> The problem is how can i reject requests that use invalid encoding as a global WAF configuration so that this patch cannot be circumvented.

    Read the article

  • 3rd monitor with Dell Precision 490

    - by Animesh Kumar
    I am trying to go for a 3 monitor setup on my workstation, but need some information before I can invest in a new graphics card and 2 monitors. Would be glad to get some help here: I have a Dell Precision 490 workstation with Nvidia Quadro FX 4500 graphics card (PCI-E 16) on it. It has 2 DVI-D ports that can support 2 monitors upto 2560x1600 resolution. For the third monitor, I was looking at Nvidia NVS 295 card, however I am not sure if it is physically possible to hook another card to the motherboard. Here is the spec of Precision 490: http://www.dell.com/downloads/global/products/precn/en/spec_precn_490_en.pdf Can I attach NVS 295 to it? If not, what options do I have?

    Read the article

  • Linux policy routing - packets not coming back

    - by Bugsik
    i am trying to set up policy routing on my home server. My network looks like this: Host routed VPN gateway Internet link through VPN 192.168.0.35/24 ---> 192.168.0.5/24 ---> 192.168.0.1 DSL router 10.200.2.235/22 .... .... 10.200.0.1 VPN server The traffic from 192.168.0.32/27 should be and is routed through VPN. I wanted to define some routing policies to route some traffic from 192.168.0.5 through VPN as well - for start - from user with uid 2000. Policy routing is done using iptables mark target and ip rule fwmark. The problem: When connecting using user 2000 from 192.168.0.5 tcpdump shows outgoing packets, but nothing comes back. Traffic from 192.168.0.35 works fine (here I am not using fwmark but src policy). Here is my VPN gateway setup: # uname -a Linux placebo 3.2.0-34-generic #53-Ubuntu SMP Thu Nov 15 10:49:02 UTC 2012 i686 i686 i386 GNU/Linux # iptables -V iptables v1.4.12 # ip -V ip utility, iproute2-ss111117 IPtables rules (all policies in table filter are ACCEPT) # iptables -t mangle -nvL Chain PREROUTING (policy ACCEPT 770K packets, 314M bytes) pkts bytes target prot opt in out source destination Chain INPUT (policy ACCEPT 767K packets, 312M bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 5520 packets, 1920K bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 782K packets, 901M bytes) pkts bytes target prot opt in out source destination 74 4707 MARK all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 2000 MARK set 0x3 Chain POSTROUTING (policy ACCEPT 788K packets, 903M bytes) pkts bytes target prot opt in out source destination # iptables -t nat -nvL Chain PREROUTING (policy ACCEPT 996 packets, 51172 bytes) pkts bytes target prot opt in out source destination Chain INPUT (policy ACCEPT 7 packets, 432 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 1364 packets, 112K bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 2302 packets, 160K bytes) pkts bytes target prot opt in out source destination 119 7588 MASQUERADE all -- * vpn 0.0.0.0/0 0.0.0.0/0 Routing: # ip addr show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master lan state UNKNOWN qlen 1000 link/ether 00:40:63:f9:c3:8f brd ff:ff:ff:ff:ff:ff valid_lft forever preferred_lft forever 3: lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP link/ether 00:40:63:f9:c3:8f brd ff:ff:ff:ff:ff:ff inet 192.168.0.5/24 brd 192.168.0.255 scope global lan inet6 fe80::240:63ff:fef9:c38f/64 scope link valid_lft forever preferred_lft forever 4: vpn: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 100 link/none inet 10.200.2.235/22 brd 10.200.3.255 scope global vpn # ip rule show 0: from all lookup local 32764: from all fwmark 0x3 lookup VPN 32765: from 192.168.0.32/27 lookup VPN 32766: from all lookup main 32767: from all lookup default # ip route show table VPN default via 10.200.0.1 dev vpn 10.200.0.0/22 dev vpn proto kernel scope link src 10.200.2.235 192.168.0.0/24 dev lan proto kernel scope link src 192.168.0.5 # ip route show default via 192.168.0.1 dev lan metric 100 10.200.0.0/22 dev vpn proto kernel scope link src 10.200.2.235 192.168.0.0/24 dev lan proto kernel scope link src 192.168.0.5 TCP dump showing no traffic coming back when connection is made from 192.168.0.5 user 2000 # tcpdump -i vpn tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on vpn, link-type RAW (Raw IP), capture size 65535 bytes ### Traffic from user 2000 on 192.168.0.5 ### 10:19:05.629985 IP 10.200.2.235.37291 > 10.100-78-194.akamai.com.http: Flags [S], seq 2868799562, win 14600, options [mss 1460,sackOK,TS val 6887764 ecr 0,nop,wscale 4], length 0 10:19:21.678001 IP 10.200.2.235.37291 > 10.100-78-194.akamai.com.http: Flags [S], seq 2868799562, win 14600, options [mss 1460,sackOK,TS val 6891776 ecr 0,nop,wscale 4], length 0 ### Traffic from 192.168.0.35 ### 10:23:12.066174 IP 10.200.2.235.49247 > 10.100-78-194.akamai.com.http: Flags [S], seq 2294159276, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 557451322 ecr 0,sackOK,eol], length 0 10:23:12.265640 IP 10.100-78-194.akamai.com.http > 10.200.2.235.49247: Flags [S.], seq 2521908813, ack 2294159277, win 14480, options [mss 1367,sackOK,TS val 388565772 ecr 557451322,nop,wscale 1], length 0 10:23:12.276573 IP 10.200.2.235.49247 > 10.100-78-194.akamai.com.http: Flags [.], ack 1, win 8214, options [nop,nop,TS val 557451534 ecr 388565772], length 0 10:23:12.293030 IP 10.200.2.235.49247 > 10.100-78-194.akamai.com.http: Flags [P.], seq 1:480, ack 1, win 8214, options [nop,nop,TS val 557451552 ecr 388565772], length 479 10:23:12.574773 IP 10.100-78-194.akamai.com.http > 10.200.2.235.49247: Flags [.], ack 480, win 7776, options [nop,nop,TS val 388566081 ecr 557451552], length 0

    Read the article

  • How to make security group in one forest show up in another forest?

    - by Jake
    I have two Win2k8 forests which I do maintenance on. The two forests have full 2 way external, non transitive trust with each other. I have a folder in forest X, domain countryX.mycompany.com accessible ONLY by the global security group named $group. In forest Y, domain countryY.mycompany.com, countryY\user1, countryY\user2 etc needs to have access to the folder. The natural instinct is to put user1, user2 etc into the $group. However, none of the methods for adding user to group works as it appears that the AD cannot find the groups in the other forest. Question: 1.How to make forests see each other's security groups and be able to add? 2.In practice, what is the recommended way to achieve the user access to the folders/files in another forest?

    Read the article

  • Nginx + Haproxy + Thin + Rails - 503 Service Unavailable -

    - by Luca G. Soave
    I don't know how troubleshoot this. I get "503 Service Unavailable" http error for all "nginx upstreams" proxy passing calls to haproxy fast_thin and slow_thin ( server 127.0.0.1:3100 and server 127.0.0.1:3200 ), which loadbalance on 6 Thin servers ( 127.0.0.1:3000 .. 3005 ). Static files like /blog are currently fine. The falldown is: nginx on port 80 - haproxy on 3100 and 3200 - thin on 3000 .. 3005 and then Rails. Here it is /etc/nginx/nginx.conf : user nginx; worker_processes 2; pid /var/run/nginx.pid; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; sendfile on; tcp_nopush on; keepalive_timeout 65; tcp_nodelay on; include /etc/nginx/conf.d/*.conf; } then /etc/nginx/conf.d/default.conf upstream fast_thin { server 127.0.0.1:3100; } upstream slow_thin { server 127.0.0.1:3200; } server { listen 80; server_name www.gitwatcher.com; rewrite ^/(.*) http://gitwatcher.com/$1 permanent; } server { listen 80; server_name gitwatcher.com; access_log /var/www/gitwatcher/log/access.log; error_log /var/www/gitwatcher/log/error.log; root /var/www/gitwatcher/public; # index index.html; location /about { proxy_pass http://fast_thin; break; } location /trends { proxy_pass http://slow_thin; break; } location /categories { proxy_pass http://slow_thin; break; } location /signout { proxy_pass http://slow_thin; break; } location /auth/github { proxy_pass http://slow_thin; break; } location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; if (-f $request_filename/index.html) { rewrite (.*) $1/index.html break; } if (-f $request_filename.html) { rewrite (.*) $1.html break; } if (!-f $request_filename) { proxy_pass http://slow_thin; break; } } } then haproxy config file /etc/haproxy/haproxy.cfg : global log 127.0.0.1 local0 log 127.0.0.1 local1 notice #log loghost local0 info maxconn 4096 #chroot /usr/share/haproxy user haproxy group haproxy daemon #debug #quiet nbproc 1 # number of processing cores defaults log global retries 3 maxconn 2000 contimeout 5000 mode http clitimeout 60000 # maximum inactivity time on the client side srvtimeout 30000 # maximum inactivity time on the server side timeout connect 4000 # maximum time to wait for a connection attempt to a server to succeed option httplog option dontlognull option redispatch option httpclose # disable keepalive (HAProxy does not yet support the HTTP keep-alive mode) option abortonclose # enable early dropping of aborted requests from pending queue option httpchk # enable HTTP protocol to check on servers health option forwardfor # enable insert of X-Forwarded-For headers balance roundrobin # each server is used in turns, according to assigned weight stats enable # enable web-stats at /haproxy?stats stats auth haproxy:pr0xystats # force HTTP Auth to view stats stats refresh 5s # refresh rate of stats page listen rails_proxy 127.0.0.1:3100 # - equal weights on all servers # - maxconn will queue requests at HAProxy if limit is reached # - minconn dynamically scales the connection concurrency (bound my maxconn) depending on size of HAProxy queue # - check health every 20000 microseconds server web1 127.0.0.1:3000 weight 1 minconn 3 maxconn 6 check inter 20000 server web1 127.0.0.1:3001 weight 1 minconn 3 maxconn 6 check inter 20000 server web1 127.0.0.1:3002 weight 1 minconn 3 maxconn 6 check inter 20000 listen slow_proxy 127.0.0.1:3200 # cluster for slow requests, lower the queues, check less frequently server slow1 127.0.0.1:3003 weight 1 minconn 1 maxconn 3 check inter 40000 server slow2 127.0.0.1:3004 weight 1 minconn 1 maxconn 3 check inter 40000 server slow3 127.0.0.1:3005 weight 1 minconn 1 maxconn 3 check inter 40000 and the Thin config file /etc/thin/gitwatcher.yml : --- chdir: /var/www/gitwatcher environment: production address: 0.0.0.0 port: 3000 timeout: 30 log: log/thin.log pid: tmp/pids/thin.pid max_conns: 1024 max_persistent_conns: 100 require: [] wait: 30 servers: 6 daemonize: true if I look into open listen ports, I got the following : root@fullness:/var/www/gitwatcher# lsof | grep TCP | egrep "nginx|haproxy|thin" nginx 834 root 8u IPv4 921 0t0 TCP *:http (LISTEN) nginx 835 nginx 8u IPv4 921 0t0 TCP *:http (LISTEN) nginx 837 nginx 8u IPv4 921 0t0 TCP *:http (LISTEN) haproxy 1908 haproxy 4u IPv4 11699 0t0 TCP localhost:3100 (LISTEN) haproxy 1908 haproxy 6u IPv4 11701 0t0 TCP localhost:3200 (LISTEN) root@fullness:/var/www/gitwatcher# iptables -L get me the following : Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp dpt:22222 ACCEPT tcp -- anywhere anywhere tcp dpt:http ACCEPT tcp -- anywhere anywhere tcp dpt:https ACCEPT all -- anywhere anywhere DROP all -- anywhere anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere Any help ?

    Read the article

  • Remote site AD design (2003)

    - by Boy Mars
    A remote site has about 25 of our 50-ish employees. They have their own AD domain presently (2003) but I want to look at getting them onto the same global domain for ease of access/administration. The remote site has a VPN link but line speeds are very poor. I am already aware of tools like ADMT and have done a few migrations in the past (NT/2003 domains), but this is the first time I have the luxury of designing how this domain is organised. So I'm looking for tips on good AD design; would a remote site be better served as a sub-domain? would this reduce traffic? I am only currently looking at 2003 since only existing machine will be used.

    Read the article

  • How to make a folder (D:\xyz) accessible to only me in Windows-XP?

    - by claws
    Hello, I'm using Windows XP on my lab computer. There is a global folder (d:\xyz). This is my folder and I want this folder to be accessible to only me. It should be invisible even if it is visible they shouldn't be able to open this folder. For now my account has administrative privilages. After few days, I don't know if the Admin lets me have these privilages or not. I heard that soon our XP machines will be upgraded to either vista or windows 7. Will the method of making folder in accessible change for other Windows OSes? How to accomplish this?

    Read the article

  • Keep context-configuration when redeploying via Cargo

    - by Björn Pollex
    I am using Tomcat 7 to host a web-application that requires a JNDI datasource to be set up. Because this resource is specific to this application, I would like to configure it inside the application-specific context-descriptor in $CATALINA_BASE/conf/[enginename]/[hostname]/. I am also using Cargo from Maven to deploy the web-application to Tomcat. The problem is that when I do a redeploy with Cargo, it first undeploys the application, before deploying it again. When undeploying it, Tomcat deletes the context-descriptor of the application, so it won't work after redeploying. I could of course package the context-descriptor with the application, but I would like to keep any such container-specifics out of the .war. Another alternative is to configure the datasource in the global context-descriptor, but that too seems wrong, because the datasource is supposed to be exclusive to my application. Is my approach fundamentally wrong? What is the best practice here? Is there any way to prevent Tomcat from deleting the descriptor when undeploying?

    Read the article

  • Virtual fiber channel HBA in Solaris

    - by Phil
    We are trying to set up some virtual Fibre Channel HBA's in Solaris. This seems to be possible with NPIV. Creating NPIV's in a Solaris global zone works fine, but passing that NPIV to a zone didn't work at all. We tried to pass the NPIV as following: # zonecfg -z zone1 'info' zonename: studentz1 [...] device: match: /devices/pci@0,0/pci8086,25f9@6/pci8086,350c@0,3/pci1077,140@4/fp@1,0:devctl allow-partition not specified allow-raw-io not specified Wat we want to do is, set up an environment for SAN exercises. We don't have a physical host per student, so we try to virtualise that in some way (Solaris zones or VMware). It should be possible to display the WWN of the virtual HBA and mount the storage presented by the disk subsystem. Any ideas to pass the NPIV to a solaris zone or to virtualise this with vmware?

    Read the article

  • How can I configure MediaWiki to display numbers in titles?

    - by Wikis
    We would like to display numbers in the titles in our MediaWiki wiki. Specifically: in the table of contents numbers are shown like this: 1 Title 1.1 Subtitle 2 Another title However, on the page the titles (that map to the table of contents) appear like this: Title text Subtitle text Another title text That is, no numbers are shown. How can we show numbers in the page contents? There are three possible ways that this could be answered (that I can think of). In our order of preference, they are: Setting per user Setting per page Global setting (for all users)

    Read the article

  • Email not working on testing site in Plesk before DNS switch

    - by Dilip Rajkumar
    I have to test my website before my DNS is swtiched to the new server. My New server is having Plesk. I changed my hosts file to point to the new server and I tested the site. My Site is working fine. However, When I try to register I have 2 emails sent one to the user and one to the admin. Admin email id is same as the server name for example my site name is test.com the admin email is [email protected]. So email is not sent to the admin. I know the email is not sent because the Plesk his searching its own dns instead of Global public DNS. Do any one know how to make my site see public DNS on sending email in Plesk. If I set Goole Public DNS 8.8.8.8 for MS record will it work.. Please guide me. Thanks in advance..

    Read the article

  • Directly editing IIS 7 applicationHost.config configuration file

    - by lunadesign
    I know that IIS 7+ now uses XML config files instead of the metabase. I also know that if I edit a web.config file for a given site, IIS automagically detects the changes and implements any corresponding config changes. However, does this also apply to the server-level applicationHost.config settings file? (Its usually located in C:\windows\system32\inetsrv\config.) Specifically, is it safe to carefully edit this file instead of using IIS Manager or the appcmd command line utility? I couldn't find anything in the documentation that said it was okay or not okay to do this. I'm curious because I have to change the bindings for numerous sites from one IP to another. It would be much faster to simply do a global search and replace for the IP address in the config file instead of manually editing a few dozen sites in the GUI.

    Read the article

  • Spring Custom Filter Problem?

    - by mr.lost
    greetings all,iam using spring security 3 and i want to perform some logic(saving some data in the session) when the user is visiting the site and he's remembered so i extended the GenericFilterBean class and performed the logic in the doFilter method then complete the filter chain by calling the chain.doFilter method,and then inserted that filter after the remember me filter in the security.xml file? but there's a problem is the filter is executed on each page even if the user is remembered or not is there's something wrong with the filter implementation or the position of the filter? and i have a simple question,is the filter chain by default is executed on each page? and when making a custom filter should i add it to the web.xml too? the filter class: package projects.internal; import java.io.IOException; import javax.servlet.FilterChain; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.web.filter.GenericFilterBean; import projects.ProjectManager; public class rememberMeFilter extends GenericFilterBean { private ProjectManager projectManager; @Autowired public rememberMeFilter(ProjectManager projectManager) { this.projectManager = projectManager; } @Override public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { System.out.println("In The Filter"); Authentication auth = (Authentication) SecurityContextHolder .getContext().getAuthentication(); HttpServletResponse response = ((HttpServletResponse) res); HttpServletRequest request = ((HttpServletRequest) req); // if the user is not remembered,do nothing if (auth == null) { chain.doFilter(request, response); } else { // the user is remembered save some data in the session System.out.println("User Is Remembered"); chain.doFilter(request, response); } } } the security.xml file: <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd"> <global-method-security pre-post-annotations="enabled"> </global-method-security> <http use-expressions="true" > <remember-me data-source-ref="dataSource"/> <intercept-url pattern="/" access="permitAll" /> <intercept-url pattern="/images/**" filters="none" /> <intercept-url pattern="/scripts/**" filters="none" /> <intercept-url pattern="/styles/**" filters="none" /> <intercept-url pattern="/p/login" filters="none" /> <intercept-url pattern="/p/register" filters="none" /> <intercept-url pattern="/p/forgot_password" filters="none" /> <intercept-url pattern="/p/**" access="isAuthenticated()" /> <custom-filter after="REMEMBER_ME_FILTER" ref="rememberMeFilter" /> <form-login login-processing-url="/j_spring_security_check" login-page="/p/login" authentication-failure-url="/p/login?login_error=1" default-target-url="/p/dashboard" authentication-success-handler-ref="myAuthenticationHandler" always-use-default-target="false" /> <logout/> </http> <beans:bean id="myAuthenticationHandler" class="projects.internal.myAuthenticationHandler" /> <beans:bean id="rememberMeFilter" class="projects.internal.rememberMeFilter" > </beans:bean> <authentication-manager alias="authenticationManager"> <authentication-provider> <password-encoder hash="md5" /> <jdbc-user-service data-source-ref="dataSource" /> </authentication-provider> </authentication-manager> </beans:beans> any help?

    Read the article

  • Wordpress add_meta_box() weirdness

    - by Scott B
    The code below is working nearly flawlessly, however my value for page title on one of my pages keeps coming up empty after a few page refreshes... It sticks for awhile, then it appears to reset to empty. I'm thinking I must have a conflict in the code below, but I can't quite figure it. I'm allowing the user to set a custom page title for posts as well as pages via a custom "post/page title input field). Can anyone see an obvious issue here that might be resetting the page title to blank? // =================== // = POST OPTION BOX = // =================== add_action('admin_menu', 'my_post_options_box'); function my_post_options_box() { if ( function_exists('add_meta_box') ) { //add_meta_box( $id, $title, $callback, $page, $context, $priority ); add_meta_box('post_header', 'Custom Post Header Code (optional)', 'custom_post_images', 'post', 'normal', 'low'); add_meta_box('post_title', 'Custom Post Title', 'custom_post_title', 'post', 'normal', 'high'); add_meta_box('post_title_page', 'Custom Post Title', 'custom_post_title', 'page', 'normal', 'high'); add_meta_box('postexcerpt', __('Excerpt'), 'post_excerpt_meta_box', 'page', 'normal', 'core'); add_meta_box('categorydiv', __('Page Options'), 'post_categories_meta_box', 'page', 'side', 'core'); } } //Adds the custom images box function custom_post_images() { global $post; ?> <div class="inside"> <textarea style="height:70px; width:100%;margin-left:-5px;" name="customHeader" id="customHeader"><?php echo get_post_meta($post->ID, 'customHeader', true); ?></textarea> <p>Enter your custom html code here for the post page header/image area. Whatever you enter here will override the default post header or image listing <b>for this post only</b>. You can enter image references like so &lt;img src='wp-content/uploads/product1.jpg' /&gt;. To show default images, just leave this field empty</p> </div> <?php } //Adds the custom post title box function custom_post_title() { global $post; ?> <div class="inside"> <p><input style="height:25px;width:100%;margin-left:-10px;" type="text" name="customTitle" id="customTitle" value="<?php echo get_post_meta($post->ID, 'customTitle', true); ?>"></p> <p>Enter your custom post/page title here and it will be used for the html &lt;title&gt; for this post page and the Google link text used for this page.</p> </div> <?php } add_action('save_post', 'custom_add_save'); function custom_add_save($postID){ // called after a post or page is saved if($parent_id = wp_is_post_revision($postID)) { $postID = $parent_id; } if ($_POST['customHeader']) { update_custom_meta($postID, $_POST['customHeader'], 'customHeader'); } else { update_custom_meta($postID, '', 'customHeader'); } if ($_POST['customTitle']) { update_custom_meta($postID, $_POST['customTitle'], 'customTitle'); } else { update_custom_meta($postID, '', 'customTitle'); } } function update_custom_meta($postID, $newvalue, $field_name) { // To create new meta if(!get_post_meta($postID, $field_name)){ add_post_meta($postID, $field_name, $newvalue); }else{ // or to update existing meta update_post_meta($postID, $field_name, $newvalue); } } ?>

    Read the article

  • Does IP helper forward subnet broadcasts?

    - by Eamon
    Hi, I have a device on a VLAN that uses UDP subnet broadcasts to advertise its presence to similar devices. This works fine on a single VLAN, but now I need to allow it to communicate with similar devices on a second VLAN. I thought of using the IP helper command in the router, but I am wondering if that only forwards global broadcasts (255.255.255.255)? My device sends out a subnet broadcast (e.g. 192.168.6.255) Will IP helper change the destination address to the target subnet (e.g. 192.168.7.255)? Eamon

    Read the article

  • Emacs saying: <M-kp-7> is undefined when dictating quotes with Dragon naturally speaking 12

    - by Keks Dose
    I dictating my text via Dragon Naturally Speaking 12 into Emacs. Whenever I say (translation from German): 'open quotes', I expect something like " or » to appear on the screen, but I simply get a message <M-kp-2> is undefined . Same goes for 'close quotes', I get <M-kp-7> is undefined. Does anybody know how to define those virtual keyboard strokes? (global-set-key [M-kp-2] "»") does not work.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 105 106 107 108 109 110 111 112 113 114 115 116  | Next Page >