Search Results

Search found 20029 results on 802 pages for 'directory permissions'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 119/802 | < Previous Page | 115 116 117 118 119 120 121 122 123 124 125 126  | Next Page >

  • Automatically make user local administrator on their computer through GPO?

    - by Grant
    In our AD 2003 domain each user gets local admin permissions on their computer. Everyone else can login with their domain account as normal user. Right now this means going to the desktop and manually adding the user as a local administrator. Is there any way to automate this process through logon scripts or GPOs? I have found ways to use a gpo to make everyone who logs in to a computer a local admin, but really only want to give it to the primary user (or in some cases users) of the computer. I've also seen methods that required adding a group for each computer...but really dont want to clutter AD like that. I do have a list mapping each user to each computer name. If it matters the desktops are a mix of xp and win7.

    Read the article

  • Do I really need to reboot for AD changes to be applied?

    - by stimms
    Every time I request a permission change the IT group at my company instructs me to wait 20 minutes and reboot the computer. I cannot believe that in this day and age you still need to reboot the computer to clear whatever cache stores the permissions locally. It feels like something out of the NT 4 days. Do you actually still need to reboot the computer? Is a logout/login sufficient? Is there still a long time(20 minutes) for the changes to propagate through the AD tree?

    Read the article

  • Access denied for user who has full access to some files in their own folder

    - by steve02a
    I have a very similar case as this user: Access denied on some files on Win2008R2 DC share This is on a windows 2008 R2. The user has Win7 pro. The user has their own home folder on the server. Every file, except one, the user can read/write/modify at their own will. No problems - except this one file. She gets "access denied" I can open it (as domain admin). Another user can open it (because she's in the domain admin group). I did run the AccessEnum tool and the read/write permissions are all identical for all files. So, I can't explain why the user can't open this one single file. Out of all her files in sub-folders and such. No problems. This one file is causing a headache. What do you think could be wrong here?

    Read the article

  • Finding out what user Apache is running as?

    - by AP257
    I want to secure a file upload directory on my server as described beautifully here, but I have one problem before I can follow these instructions. I don't know what user Apache is running as. I've found a suggestion that you can look in httpd.conf and there will be a "User" line, but there is no such line in my httpd.conf file, so I guess Apache is running as the default user. I can't find out what that is, though. So, my question is (are): how do I find out what the default user is do I need to change the default user if the answer is yes and I change the default user by editing httpd.conf, is it likely to screw anything up? Thanks!

    Read the article

  • ACL actions tag cause 'roles resource tree' draw incorrectly in admin/system/permissions/roles

    - by latvian
    Hi, We created new action similar to 'hold', 'ship' and others in the 'sales_order/view' admin section that can be triggered by clicking at the button. Afterward, we added our new action to the ACL with the following code in config.xml: <acl> <resources> <admin> <children> <sales> <children> <order> <children> <actions translate="title"> <title>Actions</title> <children> <shipNew translate="title"><title>Ship Ups</title></shipNew> </children> </actions> </children> <sort_order>10</sort_order> </order> </children> </sales> </children> </admin> </resources> </acl> ACL functionality works, however, in the 'Resources Tree'(System/Permissions/Roles/Role Resources) our new action does never show up as selected(checked) even thou it is allowed for particular Role. I can see that from table 'admin_rule' with resource id for our new action that it is allowed, so it needs to be selected, but it is not. When trying to solve this issue i looked into the template(permissions/rolesedit.phtml) and I found that the 'resource tree' is draw with Javascript...thats where i got stock due to my limited knowledge in Javascript. Why the resource tree does not display our new ACL entry correctly, that is the check box is never checked? Thank You for helping margots

    Read the article

  • Query Cache Issues - releasing cache locks?

    - by Corey Coogan
    I have enabled query caching to use the NHibernate.Caches.Prevalence.PrevalenceCacheProvider provider. This is running on IIS 7, WCF service. I have limited rights to what I can do, but I'm getting an exception about releasing cache locks. I've created the following 2 directories in the system32/inetsrv directory and given full control to the account IIS is using. NHibernate.Cache.StandardQueryCache Some other cache dir I can think of right now This doesn't happen in my local environment so I'm thinking this is somehow related to caching. Do I need to give the IIS account full control to the inetsrv dir as well?

    Read the article

  • Non RBAC User Roles and Permissions System: checking the user's City

    - by micha12
    We are currently designing a User Roles and Permissions System in our web application (ASP.NET), and it seems that we have several cases that do no fit within the classical Role-Based Access Control (RBAC). I will post several questions, each devoted to a particular case, this being the first post. We have the following case: not to allow a user view a certain page if the user lives in a particular city. This is a simple case that is coded in the following way: if (User.City == “Moscow”) // Allow the user to view the page. else // Do not allow the user to view this page. Though this case is very simple and straightforward, it has nothing to do with the RBAC. On StackOverflow, someone called this an Attribute-based Access Control. Under the classical RBAC, it seems that this case should be designed like this: introduce a permission “City where the person lives”, this permission will have a property City. Then create a role, add a permission of type “City = Moscow” to it and the assign the role to the user. Looks extremely cumbersome. The question is whether it is acceptable to introduce such non-RBAC approaches to our permissions system – does that break the design or not? This might seem a primitive question, but we found that most applications use pure RBAC, and we started to think that we might be doing something wrong. Thank you.

    Read the article

  • Postmortem debugging with WinDBG.

    - by Drazar
    I have an WCF-service running on an server, and occasionally(1-2 times every month) it throws an COMException with the informative message ”Unknown error (0x8005008)”. When i googled for this particular error I only got threads about problems when creating virtual directories in IIS. And the source code hasn’t anything with making a virtual directory in IIS. DirectoryServiceLib.LdapProvider.Directory - CreatePost - Could not create employee for 195001010000,000000000000: System.Runtime.InteropServices.COMException (0x80005008): Unknown error (0x80005008) at System.DirectoryServices.PropertyValueCollection.PopulateList I've taken a memorydump when I catch the Exception for further analysis in WinDBG. After switching to the right thread I executed the !CLRStack command: 000000001b8ab6d8 000000007708671a [NDirectMethodFrameStandalone: 000000001b8ab6d8] Common.MemoryDump.MiniDumpWriteDump(IntPtr, Int32, IntPtr, MINIDUMP_TYPE, IntPtr, IntPtr, IntPtr) 000000001b8ab680 000007ff002808d8 DomainBoundILStubClass.IL_STUB_PInvoke(IntPtr, Int32, IntPtr, MINIDUMP_TYPE, IntPtr, IntPtr, IntPtr) 000000001b8ab780 000007ff00280812 Common.MemoryDump.CreateMiniDump(System.String) 000000001b8ab7e0 000007ff0027b218 DirectoryServiceLib.LdapProvider.Directory.CreatePost(System.String, DirectoryServiceLib.Model.Post, DirectoryServiceLib.Model.Presumptions, Services.Common.SourceEnum, System.String) 000000001b8ad6d8 000007fef8816869 [HelperMethodFrame: 000000001b8ad6d8] 000000001b8ad820 000007feec2b6c6f System.DirectoryServices.PropertyValueCollection.PopulateList() 000000001b8ad860 000007feec225f0f System.DirectoryServices.PropertyValueCollection..ctor(System.DirectoryServices.DirectoryEntry, System.String) 000000001b8ad8a0 000007feec22d023 System.DirectoryServices.PropertyCollection.get_Item(System.String) 000000001b8ad8f0 000007ff00274d34 Common.DirectoryEntryExtension.GetStringAttribute(System.String) 000000001b8ad940 000007ff0027f507 DirectoryServiceLib.LdapProvider.DirectoryPost.Copy(DirectoryServiceLib.LdapProvider.DirectoryPost) 000000001b8ad980 000007ff0027a7cf DirectoryServiceLib.LdapProvider.Directory.CreatePost(System.String, DirectoryServiceLib.Model.Post, DirectoryServiceLib.Model.Presumptions, Services.Common.SourceEnum, System.String) 000000001b8adbe0 000007ff00279532 DirectoryServiceLib.WCFDirectory.CreatePost(System.String, DirectoryServiceLib.Model.Post, DirectoryServiceLib.Model.Presumptions, Services.Common.SourceEnum, System.String) 000000001b8adc60 000007ff001f47bd DynamicClass.SyncInvokeCreatePost(System.Object, System.Object[], System.Object[]) My conclusion is that it fails when the code is calling System.DirectoryServices.PropertyCollection.get_Item(System.String). So after issuing an !CLRStack -a I get this result: 000000001b8ad8a0 000007feec22d023 System.DirectoryServices.PropertyCollection.get_Item(System.String) PARAMETERS: this = <no data> propertyName = <no data> LOCALS: <CLR reg> = 0x0000000001dcef78 <no data> My very first question is why does it display no data on the propertyname? I am kinda new on Windbg. However I executed an dumpobject on = 0x0000000001dcef78: 0:013> !do 0x0000000001dcef78 Name: System.String MethodTable: 000007fef66d6960 EEClass: 000007fef625eec8 Size: 74(0x4a) bytes File: C:\Windows\Microsoft.Net\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll String: personalprescriptioncode Fields: MT Field Offset Type VT Attr Value Name 000007fef66dc848 40000ed 8 System.Int32 1 instance 24 m_stringLength 000007fef66db388 40000ee c System.Char 1 instance 70 m_firstChar 000007fef66d6960 40000ef 10 System.String 0 shared static Empty >> Domain:Value 0000000000174e10:00000000019d1420 000000001a886f50:00000000019d1420 << So when the source code wants to fetch the personalprescriptioncode from Active Directory(what is used for persistence layer) it fails. Looking back at the stack it is when issuing the Copy method. DirectoryServiceLib.LdapProvider.DirectoryPost.Copy(DirectoryServiceLib.LdapProvider.DirectoryPost) So looking in the sourcecode: DirectoryPost postInLimbo = DirectoryPostFactory.Instance().GetDirectoryPost(LdapConfigReader.Instance().GetConfigValue("LimboDN"), idGenPerson.ID.UserId); if (postInLimbo != null) newPost.Copy(postInLimbo); This code is looking for another post in OU=limbo with the same UserId and if it finds one it copies the attributes to the new post. In this case it does and it fails with personalprescriptioncode. I've looked in Active Directory under OU=Limbo and the post exist there with the attribute personalprescriptioncode=31243. Question 1: Why does it display no data for some of the PARAMETERS and LOCALS? Is it the GC who has cleaned up before the memorydump had been created. Question 2: Is there anymore i can do to get to the solution to this problem?

    Read the article

  • Providing File permissions in Installshield

    - by Pawan Kumar
    I have created an installer in Installshield X. I want to give 'write permissions' to few files when the installation is done in Non-Admin Windows accounts ( by default it will have only 'read' permission). If I select individual file and go to properties (inside Installshield),i have permissions tab where they have provided options like Domain , Readonly, Full Control, Modify etc. I have tested these options but it doesn't effect the msi file.(specific files doesn't have write permission). Is there something wrong I am doing? There is another way of doing this, writing the script Set objShell=CreateObject("WScript.Shell") installDir = Session.Property("INSTALLDIR.5A884667_3CC4_41EC_B0F2_BEEAB457BB8C") supportDir = Session.Property("SUPPORTDIR") length = Len(installDir) lastChar = Right(installDir, 1) if (lastChar = "\") Then installDir = Left(installDir, length - 1) end if 'MsgBox supportDir & "\setacl.exe """ & installDir & """ /dir /set S-1-5-32-545 /full /p:yes /sid /silent" objshell.Run supportDir & "\setacl.exe """ & installDir & """ /dir /set S-1-5-32-545 /full /p:yes /sid /silent",0,true Can someone please explain me what is going on here? those last set s-1-5-32-545. Thanks

    Read the article

  • Access denied at webservice

    - by phenevo
    Hi, I have a winforms, and it connecting wit webservice. Webservice has method which create folder Directory.Create(path); Webservice is at company server, and this folder must me create at another disc in out company. When I invoke this method, i get exception "Acces denied to path..." When webservice was running at my computer everything was ok. I have full acces to this network disc. But how to set full access to my company server?? When I check this method: [WebMethod] public string GetNameOfUser() { return WindowsIdentity.GetCurrent().Name; } I get <string>NT AUTHORITY\NETWORK SERVICE</string>

    Read the article

  • Spree customize/extend user roles and permissions

    - by swapnil
    I am trying to specify some custom roles in Spree for example role 'client' and extend the permissions to access the admin section for this role. This user will be able to access only those Product created by that user. Concept is letting a user with role 'client' manage only products and other certain Models. To start with I added CanCan plugin and defined a RoleAbility Class in role_ability.rb Just following this post : Spree Custom Roles Permissions class RoleAbility include CanCan::Ability def initialize(user) user ||= User.new if user.has_role? 'admin' can :manage, :all elsif user.has_role? 'client_admin' can :read, Product can :admin, Product end end end Added this to an initializer : config/initializers/spree.rb Ability.register_ability(RetailerAbility) Also extended admin_products_controller_decorator.rb :app/controllersadmin_products_controller_decorator.rb Admin::ProductsController.class_eval do def authorize_admin authorize! :admin, Product authorize! params[:action].to_sym, Product end end But I am getting flash message 'Authorisation Failure' Trying to find some luck, I referred following links A github gist for Customizing Spree Roles : https://gist.github.com/1277326 Here's a similar issue what I am facing : http://groups.google.com/group/spree-user/browse_thread/thread/1e819e10410d03c5/23b269e09c7ed47e All efforts in vain... Any pointers of what is going on here highly appreciated ? Thanks in advance.

    Read the article

  • Error on Access database: Permission denied: 'CreateObject'

    - by elixireu
    Hi, I am migrating a website over to a new server, its in ASP and uses several Access databases, the site and CMS can read, display the data, and even edit and update existing data entries, but when I want to add a new entry, I get an error... Microsoft VBScript runtime error '800a0046' Permission denied: 'CreateObject' /padp2010d/ads_tradetracker.asp, line 11 There seems to be no passwords on the databases, I have set up and tested the ODBC Data Sources and they are working fine. The code or line that is causing the problem is... <% Dim Mail, strPath, strHost, Upload Set Upload = CreateObject("Persits.Upload") Upload.IgnoreNoPost = True ' Generate unique names Upload.OverwriteFiles = False ' Limit file size to 500000 bytes Upload.SetMaxSize 500000, True ' capture an upload and save uploaded files (if any) in temp directory Upload.SaveVirtual "\pa\images\advertenties" Upload.Save ' Use session ID as the new file name NewName = Session.SessionID The line 11 is Set Upload = CreateObject("Persits.Upload") If anyone could help that would be great. Could it be a Permission setting? Im a complete novice with ASP and Access! Thanks

    Read the article

  • how to programatically compare permissions of login/user in sql server 2005

    - by titanium
    There's a login/user in SQL Server who is having a problem importing accounts in production server. I don't have an idea what method he is doing this. According to the one importing, this import is working fine in development server. But when he did the same import in production it is giving him errors. Below are the errors he is getting for each accounts. 2009-06-05 18:01:05.8254 ERROR [engine-1038] Task [1038:00001 - Members]: Step 1.0 [<Insert step description>]: Task.RunStep(): StoreRow has failed 2009-06-05 18:01:05.9035 ERROR [engine-1038] Task [1038:00001 - Members]: Step 1.0 [<Insert step description>]: Task.RunStep(): StoreRow exception: Exception caught while storing Data. [Microsoft][ODBC SQL Server Driver][SQL Server]'ACCOUNT1' is not a valid login or you do not have permission. Please note that 'ACCOUNT1' is not the real account name. I just changed it for security reason. Using SQL Server Management Studio (SSMS), I viewed/checked the permissions of the user/login who is performing the import from development server and production for comparison. I found no difference. My question is: Is there a way to programmatically query permissions in server and database level of a particular login/user so I can compare/contrast for any differences?

    Read the article

  • How can I locally debug file permission issues in Visual Studio?

    - by robertc
    I want to debug an ASP.Net website as it attempts to write a file to a directory. When actually deployed this file would possibly not be writeable by the worker process so an error would be thrown, this is not a problem as I just want to catch the error, inform the user and move on. Of course, if I'm debugging on my local machine then I'm an administrator and I have permission to write to the file, so I can't check that I've trapped the correct errors and I can't step through an see where it goes wrong if I haven't. Is there a standard approach to this sort of thing?

    Read the article

  • No result when Rally.data.WsapiDataStore lacks permissions

    - by user1195996
    I'm calling Ext.create('Rally.data.WsapiDataStore', params), and looking for results with the load event. I'm requesting a number of objects across programs that the user may or may not have read permission for. This works fine for queries where the user has permissions. But in the case where the user does not have permission and presumably gets zero results back, the load event does not seem to fire at all. I would expect it to fire with the unsuccessful flag or else to return with empty results. Since I don't know that the request has failed, my program waits and waits. How can I tell if a this request fails to return because of security? BTW, looking at the network stats, I believe all my requests get a "200 OK" status back. Here is the method I use to create the various data stores: _createDataStore: function(params) { this.openRequests++; var createParams = { model: params.type, autoLoad: true, // So I can later determine which query type it is, and which program requestType: params.requestType == undefined ? params.type : params.requestType, program: this.program, listeners: { load: this._onDataLoaded, scope: this }, filters: params.filters, pageSize: params.pageSize, fetch: params.fetch, context: { project: this.project, projectScopeUp: false, projectScopeDown: true }, pageSize: 1 // We only need the count }; console.log('_createDataStore', this.program, createParams.requestType); Ext.create('Rally.data.WsapiDataStore', createParams); }, And here is the _onDataLoaded method: _onDataLoaded: function(store, data, successB) { console.log('_onDataLoaded', this.program, successB); ... I only see this function called for those queries for which the account has permissions.

    Read the article

  • IIS 7 Authentication: Certain users can't authenticate, while almost all others can.

    - by user35335
    I'm using IIS 7 Digest authentication to control access to a certain directory containing files. Users access the files through a department website from inside our network and outside. I've set NTFS permissions on the directory to allow a certain AD group to view the files. When I click a link to one of those files on the website I get prompted for a username and password. With most users everything works fine, but with a few of them it prompts for a password 3 times and then get: 401 - Unauthorized: Access is denied due to invalid credentials. But other users that are in the group can get in without a problem. If I switch it over to Windows Authentication, then the trouble users can log in fine. That directory is also shared, and users that can't log in through the website are able to browse to the share and view files in it, so I know that the permissions are ok. Here's the portion of the IIS log where I tried to download the file (/assets/files/secure/WWGNL.pdf): 2010-02-19 19:47:20 xxx.xxx.xxx.xxx GET /assets/images/bullet.gif - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 200 0 0 218 2010-02-19 19:47:20 xxx.xxx.xxx.xxx GET /assets/images/bgOFF.gif - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 200 0 0 218 2010-02-19 19:47:21 xxx.xxx.xxx.xxx GET /assets/files/secure/WWGNL.pdf - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 401 2 5 0 2010-02-19 19:47:36 xxx.xxx.xxx.xxx GET /assets/files/secure/WWGNL.pdf - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 401 1 2148074252 0 2010-02-19 19:47:43 xxx.xxx.xxx.xxx GET /assets/files/secure/WWGNL.pdf - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 401 1 2148074252 15 2010-02-19 19:47:46 xxx.xxx.xxx.xxx GET /manager/media/script/_session.gif 0.19665693119168282 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 200 0 0 203 2010-02-19 19:47:46 xxx.xxx.xxx.xxx POST /manager/index.php - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 200 0 0 296 2010-02-19 19:47:56 xxx.xxx.xxx.xxx GET /assets/files/secure/WWGNL.pdf - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 401 1 2148074252 15 2010-02-19 19:47:59 xxx.xxx.xxx.xxx GET /favicon.ico - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 404 0 2 0 Here's the Failed Logon attempt in the Security Log: Log Name: Security Source: Microsoft-Windows-Security-Auditing Date: 2/19/2010 11:47:43 AM Event ID: 4625 Task Category: Logon Level: Information Keywords: Audit Failure User: N/A Computer: WEB4.net.domain.org Description: An account failed to log on. Subject: Security ID: NULL SID Account Name: - Account Domain: - Logon ID: 0x0 Logon Type: 3 Account For Which Logon Failed: Security ID: NULL SID Account Name: jim.lastname Account Domain: net.domain.org Failure Information: Failure Reason: Unknown user name or bad password. Status: 0xc000006d Sub Status: 0xc000006a Process Information: Caller Process ID: 0x0 Caller Process Name: - Network Information: Workstation Name: - Source Network Address: 10.5.16.138 Source Port: 50065 Detailed Authentication Information: Logon Process: WDIGEST Authentication Package: WDigest Transited Services: - Package Name (NTLM only): - Key Length: 0 This event is generated when a logon request fails. It is generated on the computer where access was attempted. The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe. The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network). The Process Information fields indicate which account and process on the system requested the logon. The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases. The authentication information fields provide detailed information about this specific logon request. - Transited services indicate which intermediate services have participated in this logon request. - Package name indicates which sub-protocol was used among the NTLM protocols. - Key length indicates the length of the generated session key. This will be 0 if no session key was requested. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-a5ba-3e3b0328c30d}" /> <EventID>4625</EventID> <Version>0</Version> <Level>0</Level> <Task>12544</Task> <Opcode>0</Opcode> <Keywords>0x8010000000000000</Keywords> <TimeCreated SystemTime="2010-02-19T19:47:43.890Z" /> <EventRecordID>2276316</EventRecordID> <Correlation /> <Execution ProcessID="612" ThreadID="692" /> <Channel>Security</Channel> <Computer>WEB4.net.domain.org</Computer> <Security /> </System> <EventData> <Data Name="SubjectUserSid">S-1-0-0</Data> <Data Name="SubjectUserName">-</Data> <Data Name="SubjectDomainName">-</Data> <Data Name="SubjectLogonId">0x0</Data> <Data Name="TargetUserSid">S-1-0-0</Data> <Data Name="TargetUserName">jim.lastname</Data> <Data Name="TargetDomainName">net.domain.org</Data> <Data Name="Status">0xc000006d</Data> <Data Name="FailureReason">%%2313</Data> <Data Name="SubStatus">0xc000006a</Data> <Data Name="LogonType">3</Data> <Data Name="LogonProcessName">WDIGEST</Data> <Data Name="AuthenticationPackageName">WDigest</Data> <Data Name="WorkstationName">-</Data> <Data Name="TransmittedServices">-</Data> <Data Name="LmPackageName">-</Data> <Data Name="KeyLength">0</Data> <Data Name="ProcessId">0x0</Data> <Data Name="ProcessName">-</Data> <Data Name="IpAddress">10.5.16.138</Data> <Data Name="IpPort">50065</Data> </EventData> </Event>

    Read the article

  • Adding Windows 2008 R2 Standard 64 bit DC to Windows 2008 Standard 32 bit Domain

    - by user137652
    All of our domain controllers (2) are Windows 2008 Standard 32 bit. We are trying to add a Standard 2008 R2 64 bit domain controller to the forest but for some reason during DCPROMO, we receive the following error: "to install a domain controller into this active directory forest,you must first prepare the forest using "adprep/forestprep" etc We went ahead an ran adprep /forestprep on our established domain controller and allowed time to replicate. When attempting to execute dcpromo again, we receive the same error. What gives?

    Read the article

  • How to configure non-admin accounts to install updates of non-microsoft applications using Active Di

    - by MadBoy
    How to configure non-admin users to allow them to install updates for Java and Adobe Acrobat Reader (or any other application which may need such privileges) without needing for administrator password on Windows 7. Updates for Microsoft products install without problems. This can be Active Directory (Windows 2003) solution, or computer based (employable through GPO or login script).

    Read the article

  • Adding QR Codes to Exclaimer

    - by Matt
    We are running a piece of software called Exclaimer which sets a standard template for email signatures and grabs some details from Active directory, like Contact numbers and title. I need to add a QR Code to the signature but it will need to be different for 50 + people, so I cannot use the standard template. I could create a template for everyone individually, but I would like to know if there is a more efficient way of doing this?

    Read the article

  • How to connect Home Folder using PowerShell

    - by Maximus
    I tried to create user using New-QADUser cmdlet. I know this cmdlet has -HomeDrive switch. But the problem is that cmdlet is just applying path string to user's account and not creating user's home directory on the fileserver like it happens when you use ADUC console. How can I do it corerctly?

    Read the article

  • Old operational master still thinks it is the "one"

    - by Doug
    Hi there, I have a domain with 3 AD servers for now i'll just call them: AD01 (Win 2008 GC, Operations master) AD02 (Win 2008 GC) AD03 (Win 2003 GC) A couple of months there was some hardware issues with AD01 so the operations master, PDC and Infrastructure Master was moved to AD02. All machines where on while this was happening. AD01 (Win 2008 GC) AD02 (Win 2008 GC, Operations master) AD03 (Win 2003 GC) AD01 was then shutdown for a month. Upon starting this machine up with replaced hardware (NIC and RAID card) i now have a weird problem. AD01 Thinks it is operations master still in AD on the local box AD02 & AD03 Thinks AD02 is operations master in AD on both boxes When running DCDIAG on AD01 i get a number of issues (listed below) When running "dcdiag /test:advertising" on AD01: Doing primary tests Testing server: Default-First-Site-Name\AD01 Starting test: Advertising Warning: DsGetDcName returned information for \\ad02.domain.local, when we were trying to reach AD01. SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE. ......................... AD01 failed test Advertising Running partition tests on : ForestDnsZones Running partition tests on : DomainDnsZones Running partition tests on : Schema Running partition tests on : Configuration Running partition tests on : domain Running enterprise tests on : domain.local When running "dcdiag" on AD01 i get the following errors (excerpt of the Final output): Testing server: Default-First-Site-Name\AD01 Starting test: Advertising Warning: DsGetDcName returned information for \\ad02.domain.local, when we were trying to reach AD01. SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE. ......................... AD01 failed test Advertising Starting test: FrsEvent There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL replication problems may cause Group Policy problems. Starting test: NCSecDesc Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have Replicating Directory Changes In Filtered Set access rights for the naming context: DC=ForestDnsZones,DC=domain,DC=local Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have Replicating Directory Changes In Filtered Set access rights for the naming context: DC=DomainDnsZones,DC=domain,DC=local Starting test: Replications [Replications Check,Replications Check] Inbound replication is disabled. To correct, run "repadmin /options AD01 -DISABLE_INBOUND_REPL" [Replications Check,AD01] Outbound replication is disabled. To correct, run "repadmin /options AD01 -DISABLE_OUTBOUND_REPL" So the problem appeasr to be that when i moved the operations master, AD01 never got the memo, and now that it's started up, all the other AD servers don't think its the boss anymore when it trys to replicate etc. So i really need to manually update AD01 so that it knows who the operations master, instrastructure and PDC is - but i'm not having any luck I've been googling for nearly a day and all solutions lead to "the cake is a lie" Your ninja skills will be greatly appreciated

    Read the article

  • Decoding PAM configuration files ...

    - by Jamie
    Could someone point me to some (recent) documentation that would help me with decoding PAM configuration file lines like this: auth [success=2 default=ignore] pam_unix.so nullok_secure auth [success=1 default=ignore] pam_winbind.so krb5_auth krb5_ccache_type=FILE cached_login try_first_pass I'm trying to get my Ubuntu box (testing 10.04 Server Beta 2) to use Active Directory, and the last step is to get PAM on the unix box to work, but I'm wary about making changes (and locking myself out) without understanding how to merge what I'm reading here with what ubuntu has implemented.

    Read the article

  • On Windows how can I prevent login until a software package has been installed?

    - by Phil Hannent
    I have an MSI which is configured for machine level installation because it is a device driver. I can deploy it via Active Directory and Group Policy just fine. However on a newly booted machine a user can login before the installation has a chance to complete and I get an warning in the event log saying it couldn't complete and will be tried at next reboot. How can I make the login screen wait for the installation to be completed?

    Read the article

  • Windows 7 Group Policy to display message for login tries left before account lock

    - by Vivek
    My requirement is to display the the remaining count left on the login screen when user trying to login using Windows 7 OS before account lock in case user enter invalid password. I am having Active Directory on Windows 2008 R2 server. I set the maximum Lockout count = 5 in GPO policy. Example: If user try login first 1 attempt is failed, next time enter password and login shold show message for remaining attemps left.( my case count 4 left) Please let me know as this is urgent for me.

    Read the article

  • How much time do I have to remove a domain controller that was lost using metadata cleanup?

    - by dasko
    I am wondering how long after a Domain Controller has been permanently lost, from the domain due to it dying from hardware perspective, do I have before I have to clean up references of it using meta data cleanup? Planning on doing it soon but not sure if there is anything I should be concerned about. This dead or lost domain controller had no roles other than being a Domain Controller and having integrated Active Directory DNS. As well it held NO FSMO roles, it was just an older replication Domain Controller.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 115 116 117 118 119 120 121 122 123 124 125 126  | Next Page >