Search Results

Search found 96005 results on 3841 pages for 'user group'.

Page 11/3841 | < Previous Page | 7 8 9 10 11 12 13 14 15 16 17 18  | Next Page >

  • vsftpd per group configuration

    - by roqs
    I want to configure a vsftpd in a per group fashion instead of per user configuration. It's possible? Suppose i have two groups: groupA and groupB, so my goal is: users in groupA have permission (wrx) to all files in directory dir1 users in groupB have permission (wrx) to all files in directory dir2 users of the system have permission (wrx) to all files in directory dir3 For example: ftp@test:/home/ftp# ls -l drwxrwxr-x 16 root groupA 4096 Jun 3 10:45 dir1 drwxrwxr-x 2 root groupB 4096 Jun 3 10:56 dir2 drwxrwxr-x 8 root users 4096 Jun 3 11:01 dir3 How to do that with vsftpd?

    Read the article

  • Entering the user's name in a URL for Chrome through Group Policy

    - by Automate Everything
    I am managing a Windows Server 2008 R2 server, with several Windows 7 machines, and we have recently deployed Google Chrome using Group Policy. We also have a locally hosted intranet for storing procedures, forms, and so on, as well as reports that pull directly from our databases. I am trying to put the user's name in the startup URL for Chrome, so that when they open Chrome at the beginning of the day, it can pull a list of items from the database that contains their username. The report works, and I have it using a drop down right now, but I would like to be able to put their username in the URL as a GET variable instead. Does anybody know how I would go about doing that for Chrome? I tried putting ${user_name} in the URL, and I tried putting %username% in the URL, but that didn't translate to anything. Is there some way to escape it so that it gets translated by the system into a username? Any help would be greatly appreciated.

    Read the article

  • Some doubts about the use of usermod and groupmod command

    - by AndreaNobili
    I am not yet a true "Linux guy" and I have the following doubts about how exactly do the following shell procedure (a list of commands steps) founded in a tutorial that I am following (I want deeply understand what I am doing before do it): sudo passwd root then login again as root usermod -l miner pi usermod -m -d /home/miner miner groupmod -n miner pi exit So at the beginning it enable the root account and I have to login again in the system as root...this is perfectly clear for me. And now I have the followings doubts: 1) The usermod command: usermod -l miner pi usermod -m -d /home/miner miner Reading the official documentation of the usermod command I understand that this command modify the informations related to an existing account Reading the documentation it seems to me that the -l parmether modify the name of the user pi in miner and then the -m -d paramether move the contents of the old home directory to the new one (named miner) and use this new directory as home directory My doubt is: what exactly do the executions of these operation? I think that: Rename the existing pi user in miner Then move the content of the old home directory (the pi home directory? or what?) into a new directory (/home/miner) that now is the home directory for the miner user. Is it right? The the second doubt is related to this command groupmod -n miner pi It seems to me that change the group name from pi in miner But what exactly is a group in Linux and why is it used? Tnx

    Read the article

  • Limit user profile on specific OU using Group Policy

    - by Sergei
    We have a host that will be used for creating VM clones from time to time for testing purposes.It is used actively for testing and users tend to keep a lot of files in their profiles.We would like to limit users profile size to avoid cloning unnecessary files to new VMs. Is there way to impose limit on user profile on OU level without introducing roaming profiles?

    Read the article

  • PowerShell Script to Enumerate SharePoint 2010 or 2013 Permissions and Active Directory Group Membership

    - by Brian T. Jackett
    Originally posted on: http://geekswithblogs.net/bjackett/archive/2013/07/01/powershell-script-to-enumerate-sharepoint-2010-or-2013-permissions-and.aspx   In this post I will present a script to enumerate SharePoint 2010 or 2013 permissions across the entire farm down to the site (SPWeb) level.  As a bonus this script also recursively expands the membership of any Active Directory (AD) group including nested groups which you wouldn’t be able to find through the SharePoint UI.   History     Back in 2009 (over 4 years ago now) I published one my most read blog posts about enumerating SharePoint 2007 permissions.  I finally got around to updating that script to remove deprecated APIs, supporting the SharePoint 2010 commandlets, and fixing a few bugs.  There are 2 things that script did that I had to remove due to major architectural or procedural changes in the script. Indenting the XML output Ability to search for a specific user    I plan to add back the ability to search for a specific user but wanted to get this version published first.  As for indenting the XML that could be added but would take some effort.  If there is user demand for it (let me know in the comments or email me using the contact button at top of blog) I’ll move it up in priorities.    As a side note you may also notice that I’m not using the Active Directory commandlets.  This was a conscious decision since not all environments have them available.  Instead I’m relying on the older [ADSI] type accelerator and APIs.  It does add a significant amount of code to the script but it is necessary for compatibility.  Hopefully in a few years if I need to update again I can remove that legacy code.   Solution    Below is the script to enumerate SharePoint 2010 and 2013 permissions down to site level.  You can also download it from my SkyDrive account or my posting on the TechNet Script Center Repository. SkyDrive TechNet Script Center Repository http://gallery.technet.microsoft.com/scriptcenter/Enumerate-SharePoint-2010-35976bdb   001 002 003 004 005 006 007 008 009 010 011 012 013 014 015 016 017 018 019 020 021 022 023 024 025 026 027 028 029 030 031 032 033 034 035 036 037 038 039 040 041 042 043 044 045 046 047 048 049 050 051 052 053 054 055 056 057 058 059 060 061 062 063 064 065 066 067 068 069 070 071 072 073 074 075 076 077 078 079 080 081 082 083 084 085 086 087 088 089 090 091 092 093 094 095 096 097 098 099 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 ########################################################### #DisplaySPWebApp8.ps1 # #Author: Brian T. Jackett #Last Modified Date: 2013-07-01 # #Traverse the entire web app site by site to display # hierarchy and users with permissions to site. ########################################################### function Expand-ADGroupMembership {     Param     (         [Parameter(Mandatory=$true,                    Position=0)]         [string]         $ADGroupName,         [Parameter(Position=1)]         [string]         $RoleBinding     )     Process     {         $roleBindingText = ""         if(-not [string]::IsNullOrEmpty($RoleBinding))         {             $roleBindingText = " RoleBindings=`"$roleBindings`""         }         Write-Output "<ADGroup Name=`"$($ADGroupName)`"$roleBindingText>"         $domain = $ADGroupName.substring(0, $ADGroupName.IndexOf("\") + 1)         $groupName = $ADGroupName.Remove(0, $ADGroupName.IndexOf("\") + 1)                                     #BEGIN - CODE ADAPTED FROM SCRIPT CENTER SAMPLE CODE REPOSITORY         #http://www.microsoft.com/technet/scriptcenter/scripts/powershell/search/users/srch106.mspx         #GET AD GROUP FROM DIRECTORY SERVICES SEARCH         $strFilter = "(&(objectCategory=Group)(name="+($groupName)+"))"         $objDomain = New-Object System.DirectoryServices.DirectoryEntry         $objSearcher = New-Object System.DirectoryServices.DirectorySearcher         $objSearcher.SearchRoot = $objDomain         $objSearcher.Filter = $strFilter         # specify properties to be returned         $colProplist = ("name","member","objectclass")         foreach ($i in $colPropList)         {             $catcher = $objSearcher.PropertiesToLoad.Add($i)         }         $colResults = $objSearcher.FindAll()         #END - CODE ADAPTED FROM SCRIPT CENTER SAMPLE CODE REPOSITORY         foreach ($objResult in $colResults)         {             if($objResult.Properties["Member"] -ne $null)             {                 foreach ($member in $objResult.Properties["Member"])                 {                     $indMember = [adsi] "LDAP://$member"                     $fullMemberName = $domain + ($indMember.Name)                                         #if($indMember["objectclass"]                         # if child AD group continue down chain                         if(($indMember | Select-Object -ExpandProperty objectclass) -contains "group")                         {                             Expand-ADGroupMembership -ADGroupName $fullMemberName                         }                         elseif(($indMember | Select-Object -ExpandProperty objectclass) -contains "user")                         {                             Write-Output "<ADUser>$fullMemberName</ADUser>"                         }                 }             }         }                 Write-Output "</ADGroup>"     } } #end Expand-ADGroupMembership # main portion of script if((Get-PSSnapin -Name microsoft.sharepoint.powershell) -eq $null) {     Add-PSSnapin Microsoft.SharePoint.PowerShell } $farm = Get-SPFarm Write-Output "<Farm Guid=`"$($farm.Id)`">" $webApps = Get-SPWebApplication foreach($webApp in $webApps) {     Write-Output "<WebApplication URL=`"$($webApp.URL)`" Name=`"$($webApp.Name)`">"     foreach($site in $webApp.Sites)     {         Write-Output "<SiteCollection URL=`"$($site.URL)`">"                 foreach($web in $site.AllWebs)         {             Write-Output "<Site URL=`"$($web.URL)`">"             # if site inherits permissions from parent then stop processing             if($web.HasUniqueRoleAssignments -eq $false)             {                 Write-Output "<!-- Inherits role assignments from parent -->"             }             # else site has unique permissions             else             {                 foreach($assignment in $web.RoleAssignments)                 {                     if(-not [string]::IsNullOrEmpty($assignment.Member.Xml))                     {                         $roleBindings = ($assignment.RoleDefinitionBindings | Select-Object -ExpandProperty name) -join ","                         # check if assignment is SharePoint Group                         if($assignment.Member.XML.StartsWith('<Group') -eq "True")                         {                             Write-Output "<SPGroup Name=`"$($assignment.Member.Name)`" RoleBindings=`"$roleBindings`">"                             foreach($SPGroupMember in $assignment.Member.Users)                             {                                 # if SharePoint group member is an AD Group                                 if($SPGroupMember.IsDomainGroup)                                 {                                     Expand-ADGroupMembership -ADGroupName $SPGroupMember.Name                                 }                                 # else SharePoint group member is an AD User                                 else                                 {                                     # remove claim portion of user login                                     #Write-Output "<ADUser>$($SPGroupMember.UserLogin.Remove(0,$SPGroupMember.UserLogin.IndexOf("|") + 1))</ADUser>"                                     Write-Output "<ADUser>$($SPGroupMember.UserLogin)</ADUser>"                                 }                             }                             Write-Output "</SPGroup>"                         }                         # else an indivdually listed AD group or user                         else                         {                             if($assignment.Member.IsDomainGroup)                             {                                 Expand-ADGroupMembership -ADGroupName $assignment.Member.Name -RoleBinding $roleBindings                             }                             else                             {                                 # remove claim portion of user login                                 #Write-Output "<ADUser>$($assignment.Member.UserLogin.Remove(0,$assignment.Member.UserLogin.IndexOf("|") + 1))</ADUser>"                                                                 Write-Output "<ADUser RoleBindings=`"$roleBindings`">$($assignment.Member.UserLogin)</ADUser>"                             }                         }                     }                 }             }             Write-Output "</Site>"             $web.Dispose()         }         Write-Output "</SiteCollection>"         $site.Dispose()     }     Write-Output "</WebApplication>" } Write-Output "</Farm>"      The output from the script can be sent to an XML which you can then explore using the [XML] type accelerator.  This lets you explore the XML structure however you see fit.  See the screenshot below for an example.      If you do view the XML output through a text editor (Notepad++ for me) notice the format.  Below we see a SharePoint site that has a SharePoint group Demo Members with Edit permissions assigned.  Demo Members has an AD group corp\developers as a member.  corp\developers has a child AD group called corp\DevelopersSub with 1 AD user in that sub group.  As you can see the script recursively expands the AD hierarchy.   Conclusion    It took me 4 years to finally update this script but I‘m happy to get this published.  I was able to fix a number of errors and smooth out some rough edges.  I plan to develop this into a more full fledged tool over the next year with more features and flexibility (copy permissions, search for individual user or group, optional enumerate lists / items, etc.).  If you have any feedback, feature requests, or issues running it please let me know.  Enjoy the script!         -Frog Out

    Read the article

  • Fast User Switching still disabled after disabling Cisco AnyConnect VPN's "Start Before Login" feature

    - by mindless.panda
    I am running Windows 7 64 bit Ultimate and using Cisco AnyConnect VPN 2.5.3041. As expected, Fast User Switching got disabled as soon as I installed the VPN software. This FAQ from Cisco references how to enable Fast User Switching when their VPN product is installed: A. Microsoft automatically disables Fast User Switching in Windows XP when a GINA.dll is specified in the registry. The Cisco VPN Client installs the CSgina.dll to implement the "Start Before Login" feature. If you need Fast User Switching, then disable the "Start Before Login" feature. Registered users can get more information in Cisco Bug ID CSCdu24073 (registered customers only) in Bug Toolkit. My problem is that I have disabled this on the client, but fast user switching is still greyed out. This article mentions a registry edit, however they key they mention, GinaDLL, does not exist at the WinLogon registry point. Update: This article from Cisco covering AnyConnect specifically gives a one liner: AnyConnect is not compatible with fast user switching. The only problem is I now I had found a workaround before the last reformat/reinstall, but I can't remember what exactly I did previously.

    Read the article

  • Translation and Localization Resources for UX Designers

    - by ultan o'broin
    Here is a handy list of translation and localization-related resources for user experience professionals. Following these will help you design an easily translatable user experience. Most of the references here are for web pages or software. Fundamentally, remember your designs will be consumed globally, and never divorce the design process from the development or deployment effort that goes into bringing your designs to life in code. Ask yourself today: Do you know how the text you are using in your designs are delivered to the customer, even in English? Key areas that UX designers always seen to fall foul of, in my space anyway, are: Terminology that is impossible to translate (jargon, multiple modifiers, gerunds) or is used inconsistently Poorly written, verbose text (really, just write well in English, no special considerations) String construction (concatenation of parts assembled dynamically) Composite widget positioning (my favourite) Hard-coded fonts, small font sizes, or character formatting or casing that doesn't work globally Format that is not separate from content Restricted real estate not allowing for text expansion in translation Forcing formatting with breaks, and hard-coding alphabetical sorting Graphics that do not work in Bi-Di languages (because they indicate directionality and can't flip) or contain embedded text. The problems of culturally offensive icons are well known by now in the enterprise applications space, though there are some dangers, such as the use of flags to indicate language, for example. Resources Internationalization Techniques: Authoring HTML & CSS Global By Design Insert Title Here : Variables in Interface Language Prose: Internationalisation Doc and help considerations I can deal with later.

    Read the article

  • Group Policy - Published software not upgrading

    - by VokinLoksar
    I'm testing this with mercurial MSIs, but it's the same for other packages. I've created a new group policy and added an old version of mercurial to User software installation as a Published package. On a Windows 7 client I install the package through Programs and Features. The installation works fine. Now, I would like to publish an updated version of mercurial. I create a new Published package. Under 'Upgrades' I configure it to replace (upgrade also doesn't work) the old version and mark this upgrade as 'Required'. The old package is not removed. The Windows 7 client is then restarted. When I log back in, I see a status message saying something like 'Removing managed software Mercurial ...'. There is no message about installation of the upgrade. If I look in Programs and Features, I can see the new version of mercurial listed. However, the actual mercurial directory under Program Files is missing. It's as though the installation recorded information about the MSI, but didn't actually install anything after removing the old version. As I mentioned, this isn't specific to mercurial. I've tried using other apps and have yet to find one that can be upgraded via a Published package. Using Assigned packages in Computer Configuration works without problems, but I would like this software to be optional rather than required. Ideas?

    Read the article

  • Backend devs put down by user stories

    - by Szili
    I planned to slice in backend development into to the user stories vertically. But a backend guy on our team started to complain that this makes their work invisible. My answer was that at the sprint planning and review meetings we discuss backend tasks in front of stakeholders so it makes it visible, and maintaining a high quality during the project will result a slower startin pace than other teams, but we will have a stable velocity during the project. And velocity is highly visible to stakeholders. He still insist having stories like: "As a developer I need to have a domain layer so I can encapsulate business logic." How can I solve the issue before it pollutes the team? The root of the issue is that our management systematically consider backend work as invisible and call backed devs miners, or other pejorative terms.

    Read the article

  • Login - check database if user exists... (c#)

    - by SAMIR BHOGAYTA
    I have managed to do the following... string connectionString = "datasource=localhost;username=xxx;password=xxx;database=xxx"; MySqlConnection mySqlConnection = new MySqlConnection(connectionString); string selectString = "SELECT username, password " + "FROM forum_members " + "WHERE username = '" + frmUsername.Text + "' AND password = '" + frmPassword.Text + "'"; MySqlCommand mySqlCommand = new MySqlCommand(selectString, mySqlConnection); mySqlConnection.Open(); String strResult = String.Empty; strResult = (String)mySqlCommand.ExecuteScalar(); mySqlConnection.Close(); if (strResult.Length == 0) { Label1.Text = "INCORRECT USER/PASS!" //could redirect to register page } else { Label1.Text = "YOU ARE LOGGED IN!"; //set loggin in sessions variables }

    Read the article

  • Cannot login to newly created user account

    - by penner
    Trying to switch accounts to my newly created account I get a black screen and then it takes me back to the main login screen after entering the correct password. Upon logging into my previously existing account I get: "System Program Problem Detected" Details: Executable path /usr/bin/Xorg Package: xserver-xorg-core 2:1.11.4-0ubuntu10.1 Details: Crash ... (tons more, but no way to copy paste or save) When I try to su su -l penner I get: No directory, logging in with HOME=/ I manually created the home directory and this error goes away but still no luck with the login. Seems something has gone wrong with the user creation? How can I correct this?

    Read the article

  • How do I reset my Ubuntu user password?

    - by Myself
    I lost my Ubuntu user account password... I saw some other questions on this topic that had answers telling me to restart the computer, press the left shift key after BIOS, go to root, type "passwd [username]" and all this other stuff, but none of that worked. After I typed a new password and retyped it, it gave me an error message saying something like "Authentication Manipulation Error." There was another question complaining about this, but there weren't any useful answers that worked. Does anybody know of a way for me to retrieve or reset my password? Am I doing something wrong with that method I mentioned?

    Read the article

  • How to grant read/write to specific user in any existent or future subdirectory of a given directory? [migrated]

    - by Samuel Rossille
    I'm a complete newbie in system administration and I'm doing this as a hobby. I host my own git repository on a VPS. Let's say my user is john. I'm using the ssh protocol to access my git repository, so my url is something like ssh://[email protected]/path/to/git/myrepo/. Root is the owner of everything that's under /path/to/git I'm attempting to give read/write access to john to everything which is under /path/to/git/myrepo I've tried both chmod and setfacl to control access, but both fail the same way: they apply rights recursively (with the right options) to all the current existing subdirectories of /path/to/git/myrepo, but as soon as a new directory is created, my user can not write in the new directory. I know that there are hooks in git that would allow me to reapply the rights after each commit, but I'm starting to think that i'm going the wrong way because this seems too complicated for a very basic purpose. Q: How should I setup my right to give rw access to john to anything under /path/to/git/myrepo and make it resilient to tree structure change ? Q2: If I should take a step back change the general approach, please tell me.

    Read the article

  • Local Group Policy Editor reverting setting to default

    - by Timur Aydin
    On my Windows 7 Ultimate 32bit system, I have changed the following setting: Local Computer Policy - Computer Configuration - Windows Settings - Security Settings - Local Policies - User Right Assignment - Deny access to this computer from the network This setting was by default "Guest" and I deleted this so that Guest can access a defined network share over the LAN. But later, I have changed my mind and wanted to return this setting to its default. So I edited that setting and specified Guest. But the setting became MYWINPC\Guest. So my question is, what is the difference between the previous setting "Guest" and MYWINPC\Guest? And how do I return this setting to its default value, "Guest"?

    Read the article

  • Block Domain User login

    - by Param
    I have created a Domain User id ( for example - Auser ). I have integrated my LDAP login with Firewall. I use this user to login in to firewall only. So, I want to block all the login for this User except on Firewall. Is there any way to accomplish this? As per my knowledge, we can specify :- By right click on Domain User -- Properties -- Account tab -- Logonto ( but here we have to specify Computer Name, we don't have any computer name for Firewall -- So i can't use this option ) Through Group Policy Window Setting -- Security Setting -- Local Policies -- User Rights Assignment -- Allow logon Locally (But it has to apply on Computer OU -- So i can't use this option also ) Any Other Option you know ??

    Read the article

  • using count and group by at the same select statement

    - by Stavros
    Hello, I have an sql select query that has a group by. I want to count all the records after the group by statement. Is there a way for this directly from sql? For example, having a table with users I want to select the different towns and the total number of users select town, count(*) from user group by town I want to have a column with all the towns and another with the number of users in all rows.

    Read the article

  • MPI difference between Communicator and Group

    - by iamrohitbanga
    I have read the definitions of these terms and my interpretation is that there is a one to one relation between a group and a communicator. A group is a set of processes which wish to communicate with each other and a communicator is an implementation for a group. Is this correct? Why have two different terms if this is so?

    Read the article

  • Oracle: how to "group by" over a range?

    - by Mark Harrison
    If I have a table like this: pkey age ---- --- 1 8 2 5 3 12 4 12 5 22 I can "group by" to get a count of each age. select age,count(*) n from tbl group by age; age n --- - 5 1 8 1 12 2 22 1 What query can I use to group by age ranges? age n ----- - 1-10 2 11-20 2 20+ 1

    Read the article

  • Dynamic parameters for XSLT 2.0 group-by

    - by Ophileon
    I got this input <?xml version="1.0" encoding="UTF-8"?> <result> <datapoint poiid="2492" period="2004" value="1240"/> <datapoint poiid="2492" period="2005" value="1290"/> <datapoint poiid="2492" period="2006" value="1280"/> <datapoint poiid="2492" period="2007" value="1320"/> <datapoint poiid="2492" period="2008" value="1330"/> <datapoint poiid="2492" period="2009" value="1340"/> <datapoint poiid="2492" period="2010" value="1340"/> <datapoint poiid="2492" period="2011" value="1335"/> <datapoint poiid="2493" period="2004" value="1120"/> <datapoint poiid="2493" period="2005" value="1120"/> <datapoint poiid="2493" period="2006" value="1100"/> <datapoint poiid="2493" period="2007" value="1100"/> <datapoint poiid="2493" period="2008" value="1100"/> <datapoint poiid="2493" period="2009" value="1110"/> <datapoint poiid="2493" period="2010" value="1105"/> <datapoint poiid="2493" period="2011" value="1105"/> </result> and I use this xslt 2.0 <?xml version="1.0" encoding="UTF-8"?> <xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:xs="http://www.w3.org/2001/XMLSchema" exclude-result-prefixes="xs" version="2.0"> <xsl:output method="xml" indent="yes"/> <xsl:template match="result"> <xsl:for-each-group select="datapoint" group-by="@poiid"> <node type="poiid" id="{@poiid}"> <xsl:for-each select="current-group()"> <node type="period" id="{@period}" value="{@value}"/> </xsl:for-each> </node> </xsl:for-each-group> </xsl:template> </xsl:stylesheet> to convert it into <?xml version="1.0" encoding="UTF-8"?> <node type="poiid" id="2492"> <node type="period" id="2004" value="1240"/> <node type="period" id="2005" value="1290"/> <node type="period" id="2006" value="1280"/> <node type="period" id="2007" value="1320"/> <node type="period" id="2008" value="1330"/> <node type="period" id="2009" value="1340"/> <node type="period" id="2010" value="1340"/> <node type="period" id="2011" value="1335"/> </node> <node type="poiid" id="2493"> <node type="period" id="2004" value="1120"/> <node type="period" id="2005" value="1120"/> <node type="period" id="2006" value="1100"/> <node type="period" id="2007" value="1100"/> <node type="period" id="2008" value="1100"/> <node type="period" id="2009" value="1110"/> <node type="period" id="2010" value="1105"/> <node type="period" id="2011" value="1105"/> </node> Works smoothly. Where I got stuck is when I tried to make it more dynamic. The real life input has 6 attributes for each datapoint instead of 3, and the usecase requires the possibility to set the grouping parameters dynamically. I tried using parameters <xsl:param name="k1" select="'poiid'"/> <xsl:param name="k2" select="'period'"/> but passing them to the rest of the xslt is something that I can't get right. The code below doesn't work, but clarifies hopefully, what I'm looking for. <xsl:template match="result"> <xsl:for-each-group select="datapoint" group-by="@{$k1}"> <node type="{$k1}" id="@{$k1}"> <xsl:for-each select="current-group()"> <node type="{$k2}" id="@{$k2}" value="{@value}"/> </xsl:for-each> </node> </xsl:for-each-group> </xsl:template> Any help appreciated..

    Read the article

  • Cisco ASA: Allowing and Denying VPN Access based on membership to an AD group

    - by milkandtang
    I have a Cisco ASA 5505 connecting to an Active Directory server for VPN authentication. Usually we'd restrict this to a particular OU, but in this case users which need access are spread across multiple OUs. So, I'd like to use a group to specify which users have remote access. I've created the group and added the users, but I'm having trouble figuring out how to deny users which aren't in that group. Right now, if someone connects they get assigned the correct group policy "companynamera" if they are in that group, so the LDAP mapping is working. However, users who are not in that group still authenticate fine, and their group policy becomes the LDAP path of their first group, i.e. CN=Domain Users,CN=Users,DC=example,DC=com, and then are still allowed access. How do I add a filter so that I can map everything that isn't "companynamera" to no access? Config I'm using (with some stuff such as ACLs and mappings removed, since they are just noise here): gateway# show run : Saved : ASA Version 8.2(1) ! hostname gateway domain-name corp.company-name.com enable password gDZcqZ.aUC9ML0jK encrypted passwd gDZcqZ.aUC9ML0jK encrypted names name 192.168.0.2 dc5 description FTP Server name 192.168.0.5 dc2 description Everything server name 192.168.0.6 dc4 description File Server name 192.168.0.7 ts1 description Light Use Terminal Server name 192.168.0.8 ts2 description Heavy Use Terminal Server name 4.4.4.82 primary-frontier name 5.5.5.26 primary-eschelon name 172.21.18.5 dmz1 description Kerio Mail Server and FTP Server name 4.4.4.84 ts-frontier name 4.4.4.85 vpn-frontier name 5.5.5.28 ts-eschelon name 5.5.5.29 vpn-eschelon name 5.5.5.27 email-eschelon name 4.4.4.83 guest-frontier name 4.4.4.86 email-frontier dns-guard ! interface Vlan1 nameif inside security-level 100 ip address 192.168.0.254 255.255.255.0 ! interface Vlan2 description Frontier FiOS nameif outside security-level 0 ip address primary-frontier 255.255.255.0 ! interface Vlan3 description Eschelon T1 nameif backup security-level 0 ip address primary-eschelon 255.255.255.248 ! interface Vlan4 nameif dmz security-level 50 ip address 172.21.18.254 255.255.255.0 ! interface Vlan5 nameif guest security-level 25 ip address 172.21.19.254 255.255.255.0 ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 switchport access vlan 3 ! interface Ethernet0/2 switchport access vlan 4 ! interface Ethernet0/3 switchport access vlan 5 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! ftp mode passive clock timezone PST -8 clock summer-time PDT recurring dns domain-lookup inside dns server-group DefaultDNS name-server dc2 domain-name corp.company-name.com same-security-traffic permit intra-interface access-list companyname_splitTunnelAcl standard permit 192.168.0.0 255.255.255.0 access-list companyname_splitTunnelAcl standard permit 172.21.18.0 255.255.255.0 access-list inside_nat0_outbound extended permit ip any 172.21.20.0 255.255.255.0 access-list inside_nat0_outbound extended permit ip any 172.21.18.0 255.255.255.0 access-list bypassingnat_dmz extended permit ip 172.21.18.0 255.255.255.0 192.168.0.0 255.255.255.0 pager lines 24 logging enable logging buffer-size 12288 logging buffered warnings logging asdm notifications mtu inside 1500 mtu outside 1500 mtu backup 1500 mtu dmz 1500 mtu guest 1500 ip local pool VPNpool 172.21.20.50-172.21.20.59 mask 255.255.255.0 no failover icmp unreachable rate-limit 1 burst-size 1 no asdm history enable arp timeout 14400 global (outside) 1 interface global (outside) 2 email-frontier global (outside) 3 guest-frontier global (backup) 1 interface global (dmz) 1 interface nat (inside) 0 access-list inside_nat0_outbound nat (inside) 2 dc5 255.255.255.255 nat (inside) 1 192.168.0.0 255.255.255.0 nat (dmz) 0 access-list bypassingnat_dmz nat (dmz) 2 dmz1 255.255.255.255 nat (dmz) 1 172.21.18.0 255.255.255.0 access-group outside_access_in in interface outside access-group dmz_access_in in interface dmz route outside 0.0.0.0 0.0.0.0 4.4.4.1 1 track 1 route backup 0.0.0.0 0.0.0.0 5.5.5.25 254 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 ldap attribute-map RemoteAccessMap map-name memberOf IETF-Radius-Class map-value memberOf CN=RemoteAccess,CN=Users,DC=corp,DC=company-name,DC=com companynamera dynamic-access-policy-record DfltAccessPolicy aaa-server ActiveDirectory protocol ldap aaa-server ActiveDirectory (inside) host dc2 ldap-base-dn dc=corp,dc=company-name,dc=com ldap-scope subtree ldap-login-password * ldap-login-dn cn=administrator,ou=Admins,dc=corp,dc=company-name,dc=com server-type microsoft aaa-server ADRemoteAccess protocol ldap aaa-server ADRemoteAccess (inside) host dc2 ldap-base-dn dc=corp,dc=company-name,dc=com ldap-scope subtree ldap-login-password * ldap-login-dn cn=administrator,ou=Admins,dc=corp,dc=company-name,dc=com server-type microsoft ldap-attribute-map RemoteAccessMap aaa authentication enable console LOCAL aaa authentication ssh console LOCAL http server enable http 192.168.0.0 255.255.255.0 inside no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart sla monitor 123 type echo protocol ipIcmpEcho 4.4.4.1 interface outside num-packets 3 frequency 10 sla monitor schedule 123 life forever start-time now crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 crypto dynamic-map outside_dyn_map 20 set pfs crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map crypto map outside_map interface outside crypto isakmp enable outside crypto isakmp policy 10 authentication pre-share encryption 3des hash sha group 2 lifetime 86400 ! track 1 rtr 123 reachability telnet timeout 5 ssh 192.168.0.0 255.255.255.0 inside ssh timeout 5 ssh version 2 console timeout 0 management-access inside dhcpd auto_config outside ! threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept webvpn group-policy companynamera internal group-policy companynamera attributes wins-server value 192.168.0.5 dns-server value 192.168.0.5 vpn-tunnel-protocol IPSec password-storage enable split-tunnel-policy tunnelspecified split-tunnel-network-list value companyname_splitTunnelAcl default-domain value corp.company-name.com split-dns value corp.company-name.com group-policy companyname internal group-policy companyname attributes wins-server value 192.168.0.5 dns-server value 192.168.0.5 vpn-tunnel-protocol IPSec password-storage enable split-tunnel-policy tunnelspecified split-tunnel-network-list value companyname_splitTunnelAcl default-domain value corp.company-name.com split-dns value corp.company-name.com username admin password IhpSqtN210ZsNaH. encrypted privilege 15 tunnel-group companyname type remote-access tunnel-group companyname general-attributes address-pool VPNpool authentication-server-group ActiveDirectory LOCAL default-group-policy companyname tunnel-group companyname ipsec-attributes pre-shared-key * tunnel-group companynamera type remote-access tunnel-group companynamera general-attributes address-pool VPNpool authentication-server-group ADRemoteAccess LOCAL default-group-policy companynamera tunnel-group companynamera ipsec-attributes pre-shared-key * ! class-map type inspect ftp match-all ftp-inspection-map class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect ftp ftp-inspection-map parameters class ftp-inspection-map policy-map type inspect dns migrated_dns_map_1 parameters message-length maximum 512 policy-map global_policy class inspection_default inspect dns migrated_dns_map_1 inspect ftp inspect h323 h225 inspect h323 ras inspect http inspect ils inspect netbios inspect rsh inspect rtsp inspect skinny inspect sqlnet inspect sunrpc inspect tftp inspect sip inspect xdmcp inspect icmp inspect icmp error inspect esmtp inspect pptp ! service-policy global_policy global prompt hostname context Cryptochecksum:487525494a81c8176046fec475d17efe : end gateway# Thanks so much!

    Read the article

  • mySQL need to merge fields and get unique rows

    - by jiudev
    i have a database with +1 million rows and the stuktur looks like: CREATE TABLE IF NOT EXISTS `Performance` ( `id` int(11) NOT NULL AUTO_INCREMENT, `CIDs` varchar(100) DEFAULT NULL, `COLOR` varchar(100) DEFAULT NULL, `Name` varchar(255) DEFAULT NULL, `XT` bigint(16) DEFAULT NULL, `MP` varchar(100) DEFAULT NULL, PRIMARY KEY (`id`), KEY `CIDs` (`CIDs`), KEY `COLOR` (`COLOR`), KEY `Name` (`Name`), KEY `XT` (`XT`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=0 ; insert into `Performance` (`id`, `CIDs`, `COLOR`, `Name`, `XT`, `MP`) VALUES (1, '1253374160', 'test test test test test', 'Load1', '89421331221', ''), (2, '1271672029', NULL, 'Load1', '19421331221', NULL), (3, '1188959688', NULL, 'Load2', '39421331221', NULL), (4, '1271672029', NULL, 'Load3', '49421341221', 'Description'), (5, '1271888888', NULL, 'Load4', '59421331221', 'Description'); The Output should look like: +----+------------+--------------------------+-------------+-------------+-------+-----------+---------+ | id | CIDs | COLOR | XT | MP | Name | PIDs | unqName | +----+------------+--------------------------+-------------+-------------+-------+-----------+---------+ | 1 | 1253374160 | test test test test test | 89421331221 | | Load1 | 1,2 | Load1 | | 3 | 1188959688 | NULL | 39421331221 | NULL | Load2 | 3 | Load2 | | 4 | 1271672029 | NULL | 49421341221 | Description | Load3 | 4,5 | Load3 | +----+------------+--------------------------+-------------+-------------+-------+-----------+---------+ any ideas, how i could do this as fast as possible? I have tried with some group by, but it takes some Minutes :/ Thanks Advance //edit: for the solution with the group by, i needed 4 subquerys :/ //edit2: as requested: select id, CIDs, COLOR, XT, MP, Name, concat(PIDs,",",GROUP_CONCAT(DISTINCT id)) as PIDs, IFNULL(Name,id) as unqName from ( select id, CIDs, COLOR, XT, MP, Name, concat(PIDs,",",GROUP_CONCAT(DISTINCT id)) as PIDs, IFNULL(MP,id) as unqMP from ( select id, CIDs, COLOR, XT, MP, Name, concat(PIDs,",",GROUP_CONCAT(DISTINCT id)) as PIDs, IFNULL(XT,id) as unqXT from ( select id, CIDs, COLOR, XT, MP, Name, GROUP_CONCAT(DISTINCT id) as PIDs, IFNULL(COLOR,id) as unqCOLOR from Performance group by unqCOLOR ) m group by unqXT ) x group by unqMP ) y group by unqName

    Read the article

  • Oracle User Productivity Kit Translation

    - by ultan o'broin
    Oracle's customers just love the User Productivity Kit (UPK). I hear only great things about it from our international customers at the Oracle Usability Advisory Board meetings too. The UPK is the perfect solution for enterprise applications training needs (I previously reviewed a fine book about UPK btw). One question I am often asked is how source content created using the UPK can be translated into another language. I spoke with Peter Maravelias, Principal Product Strategy Manager for UPK about this recently. UPK is already optimized for easy source-target translation already. There is even a solution for re-recording demos. Here's what you can do to get your source content into another language: Use UPK's ability to automatically translate events and actions. UPK comes with XML templates that allow you to accomplish this in 21 languages with a simple publishing action switch. These templates even deal with the tricky business of using gender-based translations. Spanish localization template sample Japanese localization template sample Use the Import and Export localization features to export additional custom content in a format like XLIFF, easily handled by translation tools. You could also export and import in Word format. Re-record the sound (audio) files that go with the recordings, one per screen. UPK's granular approach to the sound files means that timing isn't an option. Retiming demos isn't required. A tip here with sound files and XLFF-exported custom content is to facilitate translation context by avoiding explicit references to actions going on in the screen recordings. A text based storyboard with screenshots accompanying the sound files should also be provided to the translators. Provide a glossary of terms too. Use the re-record option in UPK to record any demo from a translated application. This will allow all the translated UI labels to be automatically captured. You may be required to resize any action events here due to text expansion issues. Of course, you will need translated data in the translated application too, so plan for this in advance. However, source-target language skills aren't required for the re-recording. The UPK Player itself, of course, is also available from Oracle along with content and doc in 21 languages. The Developer and Setup is also translated in a smaller number of languages. Check the Oracle UPK website for latest details. UPK is a super solution for global enterprise applications training deployments allowing source content to be translated into multiple languages easily. See this post on the UPK blog for more insight too!

    Read the article

< Previous Page | 7 8 9 10 11 12 13 14 15 16 17 18  | Next Page >