Search Results

Search found 9658 results on 387 pages for 'authentication provider'.

Page 12/387 | < Previous Page | 8 9 10 11 12 13 14 15 16 17 18 19 | Next Page >

How to Run Pam Face Authentication

- by Supriyo Banerjee

I am using Ubuntu 11.10. I went to the following URL to download the software 'Pam Face Authentication': http://ppa.launchpad.net/antonio.chiurazzi/ppa/ubuntu/pool/main/p/pam-face-authentication/ and downloaded the version for natty narhwall. I installed the software using the following commands: sudo apt-get install build-essential cmake qt4-qmake libx11-dev libcv-dev libcvaux-dev libhighgui2.1 libhighgui-dev libqt4-dev libpam0g-dev checkinstall cd /tmp && wget http://pam-face-authentication.googlecode.com /files/pam-face-authentication-0.3.tar.gz sudo add-apt-repository ppa:antonio.chiurazzi sudo apt-get update sudo apt-get install pam-face-authentication cat << EOF | sudo tee /usr/share/pam-configs/face_authentication /dev/null Name: face_authentication profile Default: yes Priority: 900 Auth-Type: Primary Auth: [success=end default=ignore] pam_face_authentication.so enableX EOF sudo pam-auth-update --package face_authentication The software installed and I can run the qt-facetrainer. But the problem is when I restarted my system, I saw that the default login screen is appearing where I should put my password to login. The webcam is not starting at all. And I cannot login with my face. Which means I think that pam face authentication programme is not starting at all. Please let me know how I can login with my face using pam face authentication programme.

Read the article
Problems with cross forest authentication in SQL Reporting

- by chunkyb2002

We're currently running an SQL 2008 R2 Cluster with Reporting Services running, all for use with System Center Operations Manager 2007 R2 (RU3). Our users are on a different domains to the SCOM and SQL servers (we have two domains as we are in the process of a domain migration) We have no problems at all with users accessing reports via the SCOM Console or the Web interface if they are on the new domain which runs at 2008 R2 functional level. However users on the old domain (which runs at a 2003 functional level) cannot access reports on SCOM or via the web interface (http://sqlserver/reports) The error we get is: An error occurred when invoking the authorization extension. (rsAuthorizationExtensionError) For more information about this error navigate to the report server on the local server machine, or enable remote errors Taking the errors advise we logged on to the SQL server as a user on the old domain (which works fine!) and then try to authenticate with the reporting via the web interface which produces this most useful of errors: An error occurred when invoking the authorization extension. (rsAuthorizationExtensionError) The creator of this fault did not specify a Reason. Things we've tried: Recreating the trust between domains Ensuring the SQL Reporting service account was a member of Windows Authorization Access Group on the 2003 domain Added users on the 2003 domain explicitly to the Reporting Users group on the SQL Server Has anyone come across this issue before perhaps in a different scenario? If so how was it resolved? Thanks in advance for any help.

Read the article
Intranet Site Authentication Issues on SBS 2008

- by mwillmott

Hello, Simply, the Sharepoint intranet site that is automatically installed with SBS 2008 is bound to port 5555 in IIS so to get to it you can browse to server-name:5555 and then authenticate using domain credentials. I have added another binding on port 80 using a host header so intranet.localdomain.local (and added the required record in the DNS). This works fine from any computer on the domain, you can go to the nicer address and authenticate no problem. However, when you browse to the port 80 binding on the local server it reaches it but fails to authenticate. I cannot figure out why and it is really annoying. Not essential to fix but it would be nice. Any ideas? Michael

Read the article
OSX AFP authentication

- by Jason S

I've enabled file sharing (AFP) on my iMac so that I can access it via our MacBook. I've also created a directory ~/shared/family that I have shared to specific user accounts. When I use the Finder on my MacBook, I see my iMac computer listed, and I can see my ~/Public directory on the iMac, but I can't see ~/shared/family. How do I authenticate from my MacBook to my iMac? That seems like it's the missing step.

Read the article
Debugging UI Problems in IE8 (Was IE8 on Windows 7 Authentication Mess)

- by alharaka

UPDATE: I think the real question I need to ask here is: how does a technician debug UI problems with Internet Explorer, and not HTML rendering issues that have pretty good tools? I am aware of the SysInternals tools and others mentioned below, but maybe I am not harnessing their power properly. Someone else in the TechNet forum I mentioned had a similar issue. Again, I have lots of data, I am not sure how to properly interpret it. ORIGINAL POST: So I tried the venerable Technet Forums to solve this isse. In short, the Windows Security dialog has no place to put credentials, rendering pretty much useless. This happens to apply for a whole bunch of our intranet websites, and only a select number of users with a few laptops have this problem. It ends up looking like this. Things I have tried so far: Disabling local Group Policy (not domain connected) Disabling local Security Policy Resetting IE settings A few system restores Re-registering a bunch of IE DLL's and all other steps here Reinstalling IE8 (dism /online /disable-feature /featurename:"internet-explorer-optional-x86, reboot, dism /online /enable-feature /featurename:"internet-explorer-optional-x86, and reboot) And SFC scan, which found nothing Still, nothing. Not only am I fed up, but I have begun to really work with APIExplorer and Procmon as mentioned in the Technet original because I want to know WHAT is happening, not just fix it. Any thoughts?

Read the article
Samba authentication problem when attempting to connect from Windows client

- by Camsoft

I've got a Linux server running Ubuntu and Samba. I've created two shares in Samba that point to directories that are owned by the user "cameron". When I attempt to connect to these shares on Windows 7 is connects and allows me to see the files but they are read-only. This is the desired action for guest users but not for authenticated users. My user on the Windows client is "Cameron" and has the same password as the Linux user "cameron". I don't think my Windows user has authenticated against the Linux user. I even created a users.map file to map the user cameron (linux) to Cameron (windows) but still it does not work. Here is my samba config file (UPDATED): [global] server string = %h server (Samba, Ubuntu) map to guest = Bad User passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . username map = /etc/samba/users.map syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 os level = 65 preferred master = Yes dns proxy = No wins support = Yes usershare allow guests = Yes panic action = /usr/share/samba/panic-action %d valid users = cameron write list = cameron [www] path = /usr/local/apache2/htdocs write list = @www-data force group = www-data guest ok = Yes [cameron] path = /home/cameron write list = @www-data force group = www-data guest ok = Yes

Read the article
Debugging UI Problems in IE8 (Was IE8 on Windows 7 Authentication Mess)

- by alharaka

UPDATE: I think the real question I need to ask here is: how does a technician debug UI problems with Internet Explorer, and not HTML rendering issues that have pretty good tools? I am aware of the SysInternals tools and others mentioned below, but maybe I am not harnessing their power properly. Someone else in the TechNet forum I mentioned had a similar issue. Again, I have lots of data, I am not sure how to properly interpret it. ORIGINAL POST: So I tried the venerable Technet Forums to solve this isse. In short, the Windows Security dialog has no place to put credentials, rendering pretty much useless. This happens to apply for a whole bunch of our intranet websites, and only a select number of users with a few laptops have this problem. It ends up looking like this. Things I have tried so far: Disabling local Group Policy (not domain connected) Disabling local Security Policy Resetting IE settings A few system restores Re-registering a bunch of IE DLL's and all other steps here Reinstalling IE8 (dism /online /disable-feature /featurename:"internet-explorer-optional-x86, reboot, dism /online /enable-feature /featurename:"internet-explorer-optional-x86, and reboot) And SFC scan, which found nothing Still, nothing. Not only am I fed up, but I have begun to really work with APIExplorer and Procmon as mentioned in the Technet original because I want to know WHAT is happening, not just fix it. Any thoughts?

Read the article
Nginx with PAM authentication through pam_script

- by Envek

Have anyone set up such a configuration? It's not work for me. So, I've installed nginx-extras on Ubuntu 12.04 (it's built with PAM module), and write to site config: location ^~ /restricted_place/ { auth_pam "Please specify login and password from main_site"; auth_pam_service_name "nginx"; } Afterwards, in /etc/pam.d/nginx: auth required pam_script.so dir=/path/to/my/auth_scripts And wrote simplest /path/to/my/auth_scripts/pam_script_auth (also I've tried to write complicated scripts) #!/bin/sh exit 0 # should allow anyone Doesn't work. The script is launched (I've wrote full functional script, that successfully executes, check credentials, writes to its own log and returns correct exit code, and executes noticeably long). But no access granted. Only rejected. In /var/log/nginx/error.log appears next record: 2012/09/13 10:44:42 [alert] 1666#0: waitpid() failed (10: No child processes) If I'm specify in /etc/pam.d/nginx: auth required pam_unix.so and grant for www-data user right to read /etc/shadow, unix authorization works fine. But script auth doesn't work. Can't understand, where is trouble. In nginx module, or in pam_script module.

Read the article
SMTP authentication error using PHPMailer

- by Javier

I am using PHPMailer to send a basic form to an email address but I get the following error: SMTP Error: Could not authenticate. Message could not be sent. Mailer Error: SMTP Error: Could not authenticate. SMTP server error: VXNlcm5hbWU6 The weird thing is that if I try to send it again, IT WORKS! Every time I submit the form after that first error it works. But if I leave it for a few minutes and then try again I get the same error again. The username and password have to be right as sometimes it works fine. I even created the following (very basic) script just to test it and I got the same result <?php require("phpmailer/class.phpmailer.php"); $mail = new PHPMailer(); $mail->IsSMTP(); $mail->Host = "smtp.host.com"; $mail->SMTPAuth = true; $mail->Username = "[email protected]"; $mail->Password = "password"; $mail->From = "[email protected]"; $mail->FromName = "From Name"; $mail->AddAddress("[email protected]"); $mail->AddReplyTo("[email protected]"); $mail->IsHTML(true); $mail->Subject = "Here is the subject"; $mail->Body = "This is the HTML message body <b>in bold!</b>"; $mail->AltBody = "This is the body in plain text for non-HTML mail clients"; if(!$mail->Send()) { echo "Message could not be sent. <p>"; echo "Mailer Error: " . $mail->ErrorInfo; exit; } echo "Message has been sent"; ?> I don't think this is relevant, but I just changed my hosting to a Linux shared server. Any idea why this is happening? Thanks! ***UPDATED 02/06/2012 I've been doing some tests. The results: I tested the script in an IIS server and it worked fine. The error seems to happen only in the Linux server. Also, if I use the gmail mail server it works fine in both, IIS and Linux. Could it be a problem with the configuration of my Linux server??

Read the article
Domain authentication over OPEN wireless pre-logon (Windows 7 Pro) - No logon servers avail

- by Shadow00Caster

I have a plethora of laptops that are joined to an AD domain. I have an enterprise wireless system setup, the users of these laptops will be using an OPEN unsecured SSID which will ultimately have a captive portal that uses Radius-AD auth and firewall rules to allow access pre-captive portal auth to the proper ip's/ports of DC's etc for auth etc. I already have other laptops/users connecting to another SSID with 802.11x and SSO, all works perfectly pre-logon etc. My problem is with this open network, for some reason I cannot get the machines to auth to AD. The laptops connect to the wireless network, I confirm this on the controller and can ping the laptop at startup. I sharked the wires on the 2 DC's that these machines auth to, I can see a DNS SOA update from a laptop im testing with and can ping that test laptop from both DC's. When I try to logon, "There are currently no logon servers available to service the logon request." The shark shows no incoming connections to either DC even though the laptop is connected and pingable. Any help is greatly appreciated.

Read the article
VPN authentication and MAC addresses

- by zakk

I have to set up a VPN (various clients connecting to a web service on a server, which is also the VPN server) and I want to make sure that no user will share his/her credentials with third parties. I know that this problem is not solvable completely, but I'd want to set up some additional security checks... Some idea I have: 1) An additional check on MAC address, but... are MAC addresses preserved thru VPN? 2) Some kind of extra identification of the client (User Agent, open ports, I want to make sure that is the very same client I authorized). 3) I would like to avoid commercial solutions like a security token... I realize it would be the perfect solution, but it will be to expensive, I suppose... Do you feel that these options are viable? Do you have any other ideas? Thanks in advance for your replies!

Read the article
Custom authentication method for GDM

- by FMC

I am trying to find a way of authenticating users on public computers through GDM, but I have a few things to be taken in account. The users do not have a login/password, they only thing they are given is a string. This string is unique and will allow us to identify them. You can see this string as a login without a password. The users must be present in a remote database The users must have the rights to login on the computer they are on at that time. A remote database would check if a booking on the computer had been set for that time by that user. Or if no booking had been made, allow to login. A default user id/home/gid has to be set to the user once logged in I have found ways to deal with most of those requirements, but not altogether. PAM looks nice to set up a custom way of checking if the user booked its computer. NSS MySQL looks nice to set up the environment. Would you know how to set up the environment by myself using a custom PAM module (using pam_python would be preferred)? Or any other method that could help me? Thanks in advance!

Read the article
Web authentication using LDAP and Apache?

- by Stephen R

I am working on a project of setting up a web administered inventory database for my work (or if they don't want it then i'll enjoy learning about it) and hit the problem of allowing only authorized users to access the website (In its testing/development phase, I allow all people to navigate to the website to add entries to the database and query it). I am trying to make it so only particular users in the domain (Active Directory) are allowed to access the website after they are queried about their credentials. I read that Apache (I am using a LAMP server) has a means of asking visitors to the website to provide LDAP credentials in order to gain access to the site, but I wasn't sure if that was exactly what I was looking for. If anyone has experience in the LDAP configurations for Apache that I mentioned or any other means of securely authenticating with websites I would greatly appreciate advice or a direction to go Thank you!

Read the article
Exchange\AD Authentication Using Alternate Email Domain

- by Aaron Wurthmann

I did this once. I can't recall how to do it anymore AND/OR it works differently in Windows 2008 than it did in Windows 2003. I recall it being an Exchange hosting feature. I would like users to login with their email addresses instead of only with their domain name. EXAMPLE: User: John Doe User logon name: [email protected] User logon name (pre-Windows 2000): DOMAIN\jdoe E-mail: [email protected] I would like for jdoe to be able to login as [email protected]

Read the article
General-purpose unix-based network authentication tool?

- by Patrick Collison

I want something that'll integrate auth across SSH, web (ideally including SSL, with the option of authenticating with either client-side cert or password, like they do at MIT), and whatever applications want to use it. Kerberos seems to best fit what I want, but tool support seems surprisingly poor. What do people use these days?

Read the article
LameUser trying - apache2 webserver authentication - IP range to access without pass prompt others with it

- by Mikee

I have (maybe silly) question regarding the apache2 webserver and security - I am trying to archieve this: Users connecting from 192.168.1.24 not to be prompted for password and allowed Others asked for username and password if correct then connect. I am trying to do this for the whole directory /var/www No matter whether I put the code into .htaccess file or in httpd.conf it doesn't work for me. Order deny,allow Deny from all AuthName "PassRequest" AuthType Basic AuthUserFile /var/.htpasswd Require valid-user Allow from 192.168.1.24 Satisfy Any If I try to connect to the page I am allowed from both the allowed IP or any other, If I remove the satisfy any line then I am prompted for password, if I remove the password too and try to connect from different IP I am NOT REFUSED ... is there some module that needs to be activated or why is the IP directive skipped ? It needs to be put in every folder or /var/www/.htaccess is enough ? can I just put it in httpd.conf instead or not ?? I spend last 4 hours trying to google up why it is acting like that, Any help will be highly appreciated :-))

Read the article
SharePoint domain authentication

- by JL

I have a local domain controller setup, which is MYDOMAIN.com, and on a seperate local server I have a MOSS site running. the DNS is all working fine but when I try to connect to the MOSS site using domain credentials I can't use syntax: MYDOMAIN/MyAccount it is expecting [email protected] What can I do to fix this issue, so I have normal domain login capabilities like every other sharepoint site out there?

Read the article
Windows 7, network shares, and authentication via local group instead of local user

- by Donovan

I have been doing some troubleshooting of my home network lately and have come to an odd conclusion that I was hoping to get some clarification on. I'm used to managing share permissions in a domain environment via groups instead of individual user accounts. I have a box at home running windows 7 ultimate and I decided to share some directories on that machine. I set it up to disallow guest access and require specifically granted permissions. (password moe?). Anyway, after a whole bunch of time i figured out that even though the shares I created were allowed via a local group i could not access them until i gave specific allowance to the intended user. I just didn't think i would have to do that. So here is the breakdown. Network is windows workgroup, not homegroup or nt domain PC_1 - win 7 ultimate - sharing in classic mode - user BOB - groups Admins PC_2 - win 7 starter - client - user BOB - groups admins PC_3 - win xp pro - client - user BOB - groups admins the share on PC_1 granted permission to only the local group administrators. local user BOB on PC_1 was a member of administrators. Both PC_2 and PC_3 could not browse the intended share on PC_1 because they were denied access. Also, no challenge was presented. They were simply denied. After adding BOB specifically to the intended share everything works just fine. Remember, its not an nt domain just a workgroup. But still, shouldn't i be able to manage share permissions via groups instead of individual user accounts? D.

Read the article
Linux authentication via ADS -- allowing only specific groups in PAM

- by Kenaniah

I'm taking the samba / winbind / PAM route to authenticate users on our linux servers from our Active Directory domain. Everything works, but I want to limit what AD groups are allowed to authenticate. Winbind / PAM currently allows any enabled user account in the active directory, and pam_winbind.so doesn't seem to heed the require_membership_of=MYDOMAIN\\mygroup parameter. Doesn't matter if I set it in the /etc/pam.d/system-auth or /etc/security/pam_winbind.conf files. How can I force winbind to honor the require_membership_of setting? Using CentOS 5.5 with up-to-date packages. Update: turns out that PAM always allows root to pass through auth, by virtue of the fact that it's root. So as long as the account exists, root will pass auth. Any other account is subjected to the auth constraints. Update 2: require_membership_of seems to be working, except for when the requesting user has the root uid. In that case, the login succeeds regardless of the require_membership_of setting. This is not an issue for any other account. How can I configure PAM to force the require_membership_of check even when the current user is root? Current PAM config is below: auth sufficient pam_winbind.so auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 500 quiet auth required pam_deny.so account sufficient pam_winbind.so account sufficient pam_localuser.so account required pam_unix.so broken_shadow password ..... (excluded for brevity) session required pam_winbind.so session required pam_mkhomedir.so skel=/etc/skel umask=0077 session required pam_limits.so session required pam_unix.so require_memebership_of is currently set in the /etc/security/pam_winbind.conf file, and is working (except for the root case outlined above).

Read the article
Firefox in Ubuntu : how to automate basic authentication password confirm dialog

- by golemwashere

Hi, I have an Ubuntu workstation with Firefox always open on a (autorefreshing) web page protected by basic auth. At startup, I have autologin and automatic Firefox start on the page and I have saved the basic auth credentials. I'd like to confirm in some automated way the username/password dialog box which pops up on the first opening of the page, or I'd like to know if there's any hack to avoid this dialog box. I tried setting the homepage to http://username%3Apassword@myserver/mypage put that doesn't stop confirmation dialog boxes.

Read the article
Setting up SSL with 389 Directory Server for LDAP authentication

- by GioMac

I've got 389 Directory Server running on RHEL 5 with groups, users, posix etc. RHEL clients are authenticating users with LDAP - no problems, everything works perfect, but passwords are sent in plaintext and are visible with network sniffer. So, decided to run with SSL: Created CA - got both private and public CA certificates Using CA certs: generated both of private and public certificates and combined (1st file) for 389DS according to 389DS certificate request, imported with CA public cert to 389DS from graphical console (2nd file). Enabled SSL in 389DS On the client, using authconfig-gtk enabled SSL for LDAP, specified only CA public certificate Doesn't work. Howto? What is the best way to integrate safely?

Read the article
ISS7 authentication doesn't work on servername

- by nLL

Not sure if I put correct title but here is my problem: Local (home network) IIS 7, default web site bind to any IP on port 81, Anonymous Auth disabled, Windows Auth enabled If I go to 192.168.1.101:81/ I get asked for username and password. If I go to server:81/ nothing is being asked regardless whether connecting from local or another machine on the network. Why is that? Am I doing something wrong?

Read the article
locally logged on a domain joined Win 7 = no authentication prompt so no printing

- by lyngsie

We have problems with Win 7 PC's when the user only log on locally on (a domain joined) PC, but still use the Windows printserver. Installed printers suddently stop working and seem to appear offline. In Windows XP the (logged on locally) user would be prompted to autheticate to the domain when printing, but in Windows 7 this feature seem to be faulty or not implemented. I assume the problem is a timeout on the Kerberos ticket. Of course the user has to authenticate to install the printer from the printserver, and that works fine, but in time the authenticaton stops, and no prompt appear. Any suggestions how we can "force" a prompt to authenticate like it happened in XP?

Read the article
Login authentication vanished from MongoDB install

- by Robert Oschler

A few months ago I enabled password protection on my MongoDB install. Today I ran the Mongo client and forgot to use my login details. Instead of rejecting nearly everything I try to do from the shell, like it should, I had complete access to all the databases and collections. Fortunately this instance is only running a few test apps, so I quickly shutdown the MongoD instance until I figure this out. Has anybody ever seen this kind of behavior before and knows what is going on? The MongoD instance is running on a Linux VM hosted by Azure. The only thing I can think of is that perhaps Azure restored an old copy of the VM, but I received no E-mails to that effect and everything else on the server seems to be proper, including new daemon processes that I added after I enabled password protection on MongoD.

Read the article
How to implement a secure authentication over HTTP?

- by Zagorax

I know that we have HTTPS, but I would like to know if there's an algorithm/approach/strategy that grants a reasonable security level without using SSL. I have read many solution on the internet. Most of them are based on adding some time metadata to the hashes, but it needs that both server and client has the time set equal. Moreover, it seems to me that none of this solution could prevent a man in the middle attack.

Read the article

< Previous Page | 8 9 10 11 12 13 14 15 16 17 18 19 | Next Page >