Search Results

Search found 4763 results on 191 pages for 'policy administration'.

Page 112/191 | < Previous Page | 108 109 110 111 112 113 114 115 116 117 118 119 | Next Page >

Windows 2008 Incoming Connection: Where/How is Server IPv4 address defined

- by revelate

We're evaluating a VM hosted externally which runs Windows Server 2008 R2 Web Server Edition and wish to access it via a VPN connection for maintenance and administration. RRAS isn't included in Web Server Edition, but it does have a form of VPN server called "Incoming Connections". This appears to work well and even supports multiple simultaneous connections. As we'll be using this VPN regularly we'd like to know if this is a viable solution or if we'd be better off upgrading to Standard Edition and full-fledged RRAS. In particular we're accessing the VM via the Private IP given by the Incoming Connection (currently 169.254.135.207) so we'd like know: if the server private IP might change every so often? if so is there any way to define it manually? or should we be using the server name rather than the private IP address? if so how can we be sure that it will resolve correctly? Name resolution over the "Incoming Connection" has worked on and off during our tests. Thanks for your help

Read the article
Can't access Administrator account on Windows XP after adding local user account

- by bwerks

I have an installation of windows XP, and it's not part of a domain. Previously, it just had only the administrator account, and upon creating a different user account, all access was lost to the administrator account. When the machine starts up, only the new local account is offered for login, which seemed strange. I've checked that the administrator account was not disabled, nor are any rights missing from the local security policy. Furthermore, the administrator account is accessible via remote desktop, where an opportunity is given to type the desired account. REALLY strange. Upon deletion of the new local user account, the administrator account appeared again. Can anyone tell me what's going on?

Read the article
Alternatives for heapdumps creation with higher performance than jmap?

- by Christian

Hi, I have to create heapdumps, which works nice with jmap. My problem is, that jmap takes very long to create the heapdump file. Especially when the heap is getting bigger ( 1GB) it is taking too long. One situation as example: When the server gets into trouble with the heapspace, I want to restart it automatically and create a heapdump before the restart. This works, but takes too long to write the heapdump. This way the server is down for too long. The heapdump creation takes longer than one hour. I know about -XX:+HeapDumpOnOutOfMemoryError, but most of the time I can find the memory problem before the exception is thrown by the jvm. Is there an alternative to jmap which writes the heapdumps faster? A special solution for the example above would also be appreciated. This question is a mix between programming and system-administration, but I think I'm at the right place here.

Read the article
create print server port via command line error Win 8

- by Benjamin Jones

I need to create a Print Server Port via commandline in Windows 8 Per Google search I should be using prnport.vbs script to do so: cscript c:\Windows\System32\Printing_Admin_Scripts\en-US\prnport.vbs -a -s \\192.168.113.253 -r Xerox_192.168.113.253 However I get this error: ** Unable to connect to WMI service Error 0x800706BA The RPC Server is unavailable. ** I looked at local services and both RPC and WMI services are started . Also I made sure add remote admin rule to Windows Firewall via command line without success!: netsh advfirewall firewall set rule group="windows management instrumentation (wmi)" new enable=yes netsh advfirewall firewall set rule group="remote administration" new enable=yes NOTE: If I use the GUI to create the print server port then add the printer via command line: rundll32 printui.dll,PrintUIEntry /if /b "Xerox WorkCenter 7535" /F C:\Windows\Inf\WC7545-7556_PCL6_x64_Driver\x2DNORX.inf /r "Xerox_192.168.113.253" /m "Xerox WorkCentre 7535 PCL6" THE PRINTER IS SUCCESSFULLY ADDED. So its NOT the printer it self! So how can I successfully add a print server port via command line? Thanks

Read the article
8021x wireless clients auto connect prior to user login

- by JohnyV

I am using a 2008 r2 dc that also performs Radius (NPS), I also have a 2008 r2 certificate authority which is giving out certificates. The computers are getting the certificate and when a user logs into the device (that has previously logged in) gets put on the correct VLAN (according to there user access). However I cant get the computers to join the wireless network prior to logging in, so that they can log in with their domain accounts and authenticate through the wireless. The basic setup is Computer gets group policy which tells it to get a certificate the computer then has a seperate vlan to join just as a computer account however the wireless computer wont connect through that vlan. (this vlan allows login information only then once the users credentials are verified it puts them onto another VLAN). So I am trying to work out why the notebook wont auto connect to the wireless network as a computer. Thanks

Read the article
Windows 7 offline files - work temporarily offline even if network connection works

- by Robert

Sometimes I am connected via VPN to a network containing the server where files are stored which are cached by Windows offline files feature. Sometimes the connection works good and working this way is not a problem - on other times working is quite a pain because of high latency when working with the files in the Windows explorer. Is there an interactive way how a user (with admin permissions) can temporary suspend online usage of offline files? I already activated the "Transparent caching" group policy feature (Computer Configuration Policies Administrative Templates Networks Offline Files) with a network latency of 200msec but from my experience even if I get ping times to the file server of less than 40msec online usage is quite tenacious. Setting low latency times at this point causes the offline files often to toggle which makes problems with some applications working with several files and requires them to be consistent (like SVN client).

Read the article
SonicWall and Windows CA

- by Nathan C

I'm attempting to import a certificate created by a CA I've set up in Windows using AD CS. I've done the following: 1) Created my own CA (MyCompany) 2) Enabled web services (mostly for ease of configuration) 3) Generated a certificate request on the Sonicwall itself 4) Used web services to sign the certificate 5) Imported the sign certificate into the Sonicwall ...this caused the certificate to show "No" for the Verified field. 6) Imported the CA's certificate. This is where I get stuck. I attempted to import the CRL list, but get the following error: CRL Error - Verification failed using CA certificate. No further errors appear in the logs. Without the CRL list the certificate won't verify and it doesn't appear under the "Administration" page so I can select it for use via HTTPS. Any ideas?

Read the article
Full disk encryption on linux (ubuntu) w/o re-installing - possible?

- by sa125

Hi - I work at a company that takes security very seriously (like most). Our IT guy came in today to prepare us mentally to re-install our systems after he'll apply the new encryption policy (which will basically scrape our HD clean). For our team this means about a week of re-configuring, installing, and tweaking our desktops until we are back to work capacity - anyone who has to re-install a development machine probably knows what I'm talking about. So, I guess my question is if there's any way to perform full disk encryption on a linux (ubuntu = 9.04) system without having to re-install EVERYTHING [sigh]. IT guy said there isn't any - please prove him wrong. thanks :)

Read the article
firehol (firewall) with bridge: how to filter

- by Leon

I have two interfaces: eth0 (public address) and lxcbr0 with 10.0.3.1. I have a LXC guest running with ip 10.0.3.10 This is my firehol config: version 5 trusted_ips=`/usr/local/bin/strip_comments /etc/firehol/trusted_ips` trusted_servers=`/usr/local/bin/strip_comments /etc/firehol/trusted_servers` blacklist full `/usr/local/bin/strip_comments /etc/firehol/blacklist` interface lxcbr0 virtual policy return server "dhcp dns" accept router virtual2internet inface lxcbr0 outface eth0 masquerade route all accept interface any world protection strong #Outgoing these protocols are allowed to everywhere client "smtp pop3 dns ntp mysql icmp" accept #These (incoming) services are available to everyone server "http https smtp ftp imap imaps pop3 pop3s passiveftp" accept #Outgoing, these protocols are only allowed to known servers client "http https webcache ftp ssh pyzor razor" accept dst "${trusted_servers}" On my host I can connect only to "trusted servers" on port 80. In my guest I can connect to port 80 on every host. I assumed that firehol would block that. Is there something I can add/change so that my guest(s) inherit the rules of the eth0 interface?

Read the article
Capslock turns on intermittenly on Windows Login Screen

- by NoCarrier

At first I thought it was a coworker playing a joke on me.. I have a habit of locking my workstation whenever I leave my desk. however i have noticed over the last several years that sometimes the capslock key would be on when I return. I don't notice this until i try typing in my password (which would fail because its in ALL CAPS) and then glance at the now illuminated caps lock key. This has happened on and off across half a dozen workstations on 2000, XP, Vista, and Windows 7. Possible causes I'm losing my mind "feature" in windows? some sort of institutional domain policy at my workplace someone has been messing with me for many many years ?

Read the article
WS-AT Issue between WPS 6.2 and WAS 7.0

- by AK

Hi, I have a BPEL running on WPS 6.2 trying to call a web service on developed on RAD 7.5, deployed on RAD test environment. I have setup WS Transaction policy on both client and server. I get an error on WAS 7.0 saying Must Understand check failed for headers: {http:// schemas.xmlsoap.org/ws/2004/10/wscoor}CoordinationContext I tried to generate the same webservice on ibm wid 6.2 and deployed on EAR on WAS 7, it works perfect. Any thoughts ? Is there a SOAP runtime mismatch ? Help appreciated . -AK

Read the article
Multiple URLs on one domain in IIS 6 [closed]

- by TGnat

Possible Duplicate: How to Host Multiple Domains / Web Sites on one IIS6 Server I'm a developer and only know the basics of IIS administration. I want to give each of my clients a personalized URL to access my web site. I have mySite.com and I would like to allow client A to acess the site via A.mySite.com and client B to use B.mySite.com. These would all point the the mySite.com domain with the same ip address. Can this be done in IIS? Do I have to register new domains for each client? Are there other ways to accomplish the same thing?

Read the article
Migration of egroupware from one Ubuntu server to another

- by Chris Schmidt

I am new to server administration and have been attempting to migrate from one Ubuntu server to another for 4 days now. I am having a problem with migration of egroupware settings. Specifically, I need to find where knowledgebase saves the files on the local machine. I have the database set correctly and its using the previous settings. However, articles in knowledgebase are not showing images associated with them. I have tried everything to find the file on the old server that stores data files uploaded to the knowlegebase but I cannot. If there is another way to import these files, or if someone knows where they are saved, I would really appreciate the help. -Chris

Read the article
OpenLDAP Password Expiration with pwdReset=TRUE?

- by jsight

I have configured the ppolicy overlay for OpenLDAP to enable password policies. These things work: Password lockouts on too many failed attempts Password Change required once pwdReset=TRUE added to user entry Password Expirations If the account is locked out due to intrusion attempts (too many bad passwords) or time (expiration time hit), the account must be reset by an administrator. However, when the administrator sets pwdReset=TRUE in the profile, this seems to also override the expiration policy. So, the password that the administrator sent out (which should be a temporary password) ends up being valid permanently. Is there a way in OpenLDAP to have a password that must be changed, but also MUST expire?

Read the article
Sharepoint Server 2007 generates event log entry every 5 minutes - "The SSP Timer Job Distribution L

- by Teevus

I get the following error logged into the Event Log every 5 minutes: The SSP Timer Job Distribution List Import Job was not run. Reason: Logon failure: the user has not been granted the requested logon type at this computer In addition, OWSTimer.exe periodically gets into a state where its consuming almost all the CPU and only killing the process or restarting the Sharepoint services fixes it (although I'm not sure if this is a related or seperate issue). I have tried the following (based on various suggestions floating around the web), all to no avail: iisreset (no affect) Added the Sharepoint and Sharepoint Search service accounts to Log on as a batch job and Log on as a service policies in the Group Policies for the domain. I went into the Local Computer Policy on the Sharepoint server and verified that those policies had actually been applied Verified that the Sharepoint and Sharepoint Search service accounts are both in the WSS_WPG group Verified in dcomcnfg that the WSS_WPG group (and indeed the Sharepoint and Sharepoint search service accounts) has local activation rights for SPSearch. Any more suggestions would be valued. Thanks

Read the article
Must I have Exchange to use Blackberry Enterprise Server Express?

- by John Spaz

In the past I've setup BES (not express) for a company that just wanted their users on the corporate network, they didn't care for email or any other enterprise feature, they just wanted to push a policy that the phones internet should be routed through the corporate network. I want to setup BES Express now for a customer that also just wants the phones on his network but wherever I look, it says that BES Express requires Exchange. Is there a way to install BES Express without Exchange and without a AD Domain? Basically what the customer wants to accomplish is to be able to filter and log the internet access on the phones.

Read the article
Cannot WMI Query root\MSCluster namespace as Local Admin

- by Matt Zuberko

I'm trying to use WMI Explorer to query the root\MSCluster namespace on various hosts to obtain cluster resource group and resource object data. I can access the namespace with no issue on Win2K3 cluster nodes but am getting an access denied error attempting to connect to Win2K8 and Win2K8R2 nodes. I can access the root\cimv2 namespace with no issue, just the MSCluster namespace even though I am a local Admin. Is there a feature setting, local security policy or server role I have to be a member of to access the namespace? Thank you!

Read the article
Passing all traffic through Cloudflare

- by Nick

I am new to Linux System Administration and I am experimenting with iptables trying to learn how to really lock down a system with them. And one thing a friend of mine recommended was that there was a way to pass all incoming traffic through Cloudflare so even if attackers resolved the server ip they still couldn't (D)dos it directly. This is exactly what they said: "Simply config your servers iptables to only allow incoming connections from CloudFlares IP ranges then set it to allow only your IP/IP range to connect on port 21 (SSH)" Could someone help me on what command I'd need to run for Ubuntu to get this effect?

Read the article
X11Forwarding on MacOSX (Leopard/Snow Leopard)

- by Shyam

Hi, I have some remote boxes, which are a bunch of Mac Mini's. I access them now through SSH, and it fits my needs to do the maintenance. In the past, I used X11Forwarding with Linux boxes, when I was still using Debian myself, and I was able to run a specific application as if it was natively present (Firefox). I haven't succeeded to do this yet, but I assume because of the BSD underneath the fancy Apple GUI should be able to do such a task similar. I am aware of the remote administration, but I rather keep access limited to SSH on these boxes for inbound connections. Background information about the why's, tips, advice and comments are all helpful! Thanks!

Read the article
ITIL Incident Classification - Fault vs SR vs Technical Incident

- by ExceptionLimeCat

I am new to ITIL and Incident classifcations and I am trying learn more about them and understand how they could integrate in our organization. I have found it difficult to find a clear definition of Fault vs. Service Request vs. Technical incidents. I am basing my definitions on this article: http://www.itsmsolutions.com/newsletters/DITYvol6iss27.htm As I understand it: Service Request - Service provided by IT as part of regular administration of a system. Fault - An unexpected error in a system. Technical Incident - An interruption or potential interruption in IT service due to an expected incident caused by some IT policy.

Read the article
How to stop Windows 7 from applying patches on shutdown

- by Stabledog

I have my Windows 7 Pro set up to "download patches, but let me choose when to install them". However, on several occasions, when I have shut down the O/S, Windows Update has proceeded with a lengthy patch application even though I issued no permission to do so. This is a bit scary to me... in particular, it seems I cannot trust the Windows Update settings. Is this official policy somewhere at Microsoft, or am I witnessing a bug? What can be done about it?

Read the article
What is the harm in giving developers read access to application server application event logs?

- by Jim Anderson

I am a developer working on an ASP.NET application. The application writes logging messages to the Windows event log - a custom application log just for this application. However, I do not have any access to testing or staging web/application servers. I thought an admin could just give me read access to this event log to help in debugging problems (currently a service that is working in dev is not working in test environment and I have no idea why) but that is against my client's (I'm a consultant) policy. I feel silly to keep asking an admin to look at the event log for me. What is the harm in giving developers read access to application server application event logs? Is there a different method of application logging that sysadmins prefer programmers use? Surely, admins don't want to be fetching logging messages for developers all the time.

Read the article
CentOS connect to the internet

- by Delirium tremens

I installed CentOS, but it didn't automatically connect to the internet. Is that the normal behavior? I have Ethernet Broadband Router DI-604 and WebStar DPX2203 series Cablemodem with EMTA . What should I do to connect to the internet? Update: A cousin told me my ethernet adapter or network board will depend on my motherboard. My computer upgrade document says the motherboard is gigabyte video onboard. I heard gigabyte's network adapters are Gigabit or Realtek. In CentOS, System - Administration - Network - New - Ethernet, first, only "Other Network Board" was listed, so I selected it and clicked Next, then there wasn't Gigabit, but there was Realtek, so I selected Realtek. I heard with Net Virtua selecting dhcp the things first answered asked me to tell first answerer are automatically configured. So I tried Realtek with dhcp, but it still didn't work.

Read the article
What is a good hosted email service?

- by rhooligan

I am looking for a hosted email service for a handful of email accounts. It needs to be very reliable and provide a nice web mail interface. I would like an admin where I can manage accounts. I've used Communigate before, it's functional but ugly. Exchange web mail is feature rich enough, but isn't as performant as the later two contestants. I am currently paying $50/yearly for hosted Gmail through Google. The features of the web email client are fine for personal use, but not flexible enough for professional use. The administration tools also suck. In short, I want a hosted service with a better experience than gmail or Communigate but is still speedy.

Read the article
Blocking the Apple OS X App Store

- by Jon Rhoades

Being the evil corporate IT overlords we need to block the new OS X App Store. As you may be aware the 10.6.6 update installs the App Store App which allows users to download and install apps without admin privileges. Some Suggestions: Don't update to 10.6.6+ Use parental controls Presumably some OD policy (if you have an OD server which we don't) Block the App store by DNS or Proxy Not updating to 10.6.6+ isn't really a long term solution as it contains security fixes and new Macs will come with it anyway. Blocking the App store at a network level doesn't solve laptop users. Ideally a simple system preference or editing of a plist that can be pushed out by ARD would be the best solution. Please note the question isn't should we block the App store, it's how we can block the App store.

Read the article

< Previous Page | 108 109 110 111 112 113 114 115 116 117 118 119 | Next Page >