Search Results

Search found 9696 results on 388 pages for 'proxy authentication'.

Page 122/388 | < Previous Page | 118 119 120 121 122 123 124 125 126 127 128 129  | Next Page >

• How to automate kinit process to obtain TGT for Kerberos?

  - by tore-

  I'm currently writing a puppet module to automate the process of joining RHEL servers to an AD domain, with support for Kerberos. Currently I have problems with automatically obtain and cache Kerberos ticket-granting ticket via 'kinit'. If this were to be done manually, I would do this: kinit [email protected] This prompts for the AD user password, hence there is a problem with automate this. How can i automate this? I've found some posts mentioning using kadmin to create a database with the ad users password in it, but I've had no luck. Thanks for input

  Read the article

• OpenLDAP Password Expiration with pwdReset=TRUE?

  - by jsight

  I have configured the ppolicy overlay for OpenLDAP to enable password policies. These things work: Password lockouts on too many failed attempts Password Change required once pwdReset=TRUE added to user entry Password Expirations If the account is locked out due to intrusion attempts (too many bad passwords) or time (expiration time hit), the account must be reset by an administrator. However, when the administrator sets pwdReset=TRUE in the profile, this seems to also override the expiration policy. So, the password that the administrator sent out (which should be a temporary password) ends up being valid permanently. Is there a way in OpenLDAP to have a password that must be changed, but also MUST expire?

  Read the article

• How to configure mod_proxy_balancer to gracefully fail under high load

  - by bramp

  We have a system which has one Apache instance in front of multiple tomcats. These tomcats then connect to various databases. We balance the load to the tomcat with mod_proxy_balancer. Currently we are receiving 100 requests a second, the load on the Apache server is quite low, but due to database heavy operations on the tomcats, the load there is roughly 25% (of what I estimate they can handle). In a few weeks there is an event happening and we estimate that our requests will jump significant, maybe by a factor of 10. I'm doing everything I can do reduce the load on our tomcats, but I know we are going to run out of capacity, so I would like to fail gracefully. By this I mean, instead of trying to deal with too many connections which all timeout, I would like Apache to somehow monitor average response time, and as soon as the response time to Tomcat is getting above some threshold, I would like a error page displayed. This means that users who are lucky still get a page rendered quickly, and those who are unlucky get a error page quickly. Instead of everyone waiting far too long for their page, and eventually everyone timing out, and the database being swamped with queries which are never used. Hopefully this makes sense, so I was looking for suggestions on how I could achieve this. thanks

  Read the article

• How to use multiple dns?

  - by Enrichman

  When I connect at work the net is going to assign me a dns that is working fine. After that when I connect to VPN I'm going to receive a different dns. With this one I can reach the server of the vpn owner but I'm not able to go to the internet. BUT if I switch the dns with the old ones I'm able to surf again (still connected to the vpn, but I cannot surf their server). Recap: DNS1) MyPC - CompanyProxy - Internet DNS2) MyPc - CompanyProxy - VPN - NoInternet (can Ping vpn servers) DNS1) MyPC - CompanyProxy - VPN - Internet (cannot ping vpn servers) Weirdest thing: I'm able to do a nslookup from anywhere, but ping is going to fail. Is possible to use both DNS? Or setup a dns just on the browser? I'm quite lost..

  Read the article

• Web interface to allow users to change their Active Directory password

  - by csexton

  I have a few web applications that use Active Directory to authenticate. What I would like to be able to do is provide a simple web page that would allow users to update their AD password. This wasn't a problem when the majority of the users had windows machines that connected to this AD server (and could ctrl-alt-del to change the password), but we are moving away from that and the AD server is mostly for web apps. Is there a simple solution for this, or am I looking at the big LDAP managers?

  Read the article

• What is the "right" way to host CUPS behind Apache 2

  - by Greymeister

  I have tried some combinations of ProxyPass, ProxyPassReverse and ProxyHTMLURLMap but I'm still not having much luck. I just would like to be able to hit the printers in CUPS by going to www.printerhost.com/printers/printername rather than having to add a port 631 or have CUPS listen on port 80. As requested, here is the configuration file: LoadModule proxy_html_module modules/mod_proxy_html.so LoadModule xml2enc_module modules/mod_xml2enc.so NameVirtualHost *:80 <VirtualHost *:80> ServerName blah.yours.com JkMount /* balancer JkMount /jkmanager jk-status JkUnMount /cups* balancer ProxyRequests Off ProxyPass /cups/ http://localhost:631/ ProxyHTMLURLMap http://localhost:631 /cups <Location /cups/> ProxyPassReverse / ProxyHTMLEnable On ProxyHTMLURLMap / /cups/ </Location> </VirtualHost>

  Read the article

• Can you recommend a robust OpenAPI 2.0 provider?

  - by larsks

  Help me find a robust OpenID 2.0 provider! We're looking at various SSO solutions for our organization, and I would like to suggest OpenID as a viable option, since (a) there is good consumer support in a number of web applications, and (b) it's simpler to implement than Shibboleth, which is the alternative technology. However, this requires that we find a robust OpenID provider, ideally one meeting the 2.0 specification. The only solutions I've come across so far are: Atlassian Crowd This looks great, although the $4000 price tag may make it a tough sell. Community-ID This looks like an interesting idea, but I'm not sure the project quality is at a suitable level (yet). In particular, it's not clear if LDAP support actually works (which will be a requirement in our environment). Have you implemented OpenID in your environment? What are you using? Have you selected an alternative SSO technology?

  Read the article

• Leaving my wifi open for the world

  - by Thomaschaaf

  For my home I want to be a nice neighbor actually I have let my wifi open for the past maybe 6 or 7 years. I know that WEP, etc can be cracked within a couple of minutes but my neighbors son who works in IT told his mom and she told me that I am doing bad things and you know the story.. Do you think it's okay to leave your wifi open to the public? I live in a suburb with a tiny street and about 8 houses in reach of my wifi. I have a 16k DSL line so if some one joins me for a couple hours I would probably not notice. I would love your thoughts on whether I should encrypt my wifi or not.

  Read the article

• Grant access only to certain ad domain group on IIS6, for web pages running asp.net and php

  - by Gregor S.

  We are running IIS6 on Windows Server 2003 machine. We have a php based page (MediaWiki) and an asp.net MVC page. How can we configure IIS and Windows to allow access to this web pages only for selected AD domain groups, preferably without touching the applications.

  Read the article

• How does Kerberos work with SSH?

  - by Phil

  Suppose I have four computers, Laptop, Server1, Server2, Kerberos server: I log in using PuTTY or SSH from L to S1, giving my username / password From S1 I then SSH to S2. No password is needed as Kerberos authenticates me Describe all the important SSH and KRB5 protocol exchanges: "L sends username to S1", "K sends ... to S1" etc. (This question is intended to be community-edited; please improve it for the non-expert reader.)

  Read the article

• Can't connect to domain computers until reboot

  - by thealliedhacker

  I have a domain with about 300 Windows 7 and XP machines, with the domain controllers running Server 2003. Sometimes, I lose the ability to communicate/authenticate with some of the machines until I reboot my computer. This also happens from other computers and regardless of user account and operating system. In other words, say I'm on ComputerA, and I can't connect to ComputerX. I can go to ComputerB and connect to ComputerX, but ComputerB may not be able to connect to ComputerY. If you reboot ComputerA, then it will be able to connect to ComputerX again. Here are some messages from various utilities: sc: [SC] OpenSCManager FAILED 1722: The RPC server is unavailable. mmc (compmgmt.msc): Computer (computer name) cannot be managed. The network path was not found. explorer (\\computer): Windows cannot access \\(computer name). ping: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss) / Average = 1ms

  Read the article

• ProxyPass for specific vhost with mod_rewrite

  - by Steve Robbins

  I have a web server that it set up to dynamically server different document roots for different domains <VirtualHost *:80> <IfModule mod_rewrite.c> # Stage sites :: www.[document root].server.company.com => /home/www/[document root] RewriteCond %{HTTP_HOST} ^www\.[^.]+\.server\.company\.com$ RewriteRule ^(.+) %{HTTP_HOST}$1 [C] RewriteRule ^www\.([^.]+)\.server\.company\.com(.*) /home/www/$1/$2 [L] </IfModule> </VirtualHost> This makes it so that www.foo.server.company.com will serve the document root of server.company.com:/home/www/foo/ For one of these sites, I need to add a ProxyPass, but I only want it to be applied to that one site. I tried something like <VirtualHost *:80> <Directory /home/www/foo> UseCanonicalName Off ProxyPreserveHost On ProxyRequests Off ProxyPass /services http://www-test.foo.com/services ProxyPassReverse /services http://www-test.foo.com/services </Directory> </VirtualHost> But then I get these errors ProxyPreserveHost not allowed here ProxyPass|ProxyPassMatch can not have a path when defined in a location. How can I set up a ProxyPass for a single virtual host?

  Read the article

• I run Webmin and I want it to be accessed with two URLs, both using proxypass in apache

  - by user36644

  This is what I am trying to do: NameVirtualHost * <VirtualHost *> ServerName testsite.org ServerAdmin [email protected] DocumentRoot /var/www/ </VirtualHost> <VirtualHost *> ServerName panel.testsite.org ProxyPass / http://panel.testsite.org:10000/ ProxyPassReverse / http://panel.testsite.org:10000/ </VirtualHost> <VirtualHost 12.34.56.78> ServerName newsite.com ServerAdmin [email protected] DocumentRoot /var/newsite/ </VirtualHost> <VirtualHost 12.34.56.78> ServerName panel.newsite.com ProxyPass / http://panel.newsite.com:10000/ ProxyPassReverse / http://panel.newsite.com:10000/ </VirtualHost> The problem is that it won't accept the 2nd vhost with the IP 12.34.56.78 because it says one already exists. panel.newsite.com and newsite.com have the same IP...so I am not sure how I can make it so that only the URL "panel.newsite.com" will get proxypassed to port 10000 but no other URL on newsite.com

  Read the article

• How to configure mod_proxy_balancer to gracefully fail under high load

  - by bramp

  We have a system which has one Apache instance in front of multiple tomcats. These tomcats then connect to various databases. We balance the load to the tomcat with mod_proxy_balancer. Currently we are receiving 100 requests a second, the load on the Apache server is quite low, but due to database heavy operations on the tomcats, the load there is roughly 25% (of what I estimate they can handle). In a few weeks there is an event happening and we estimate that our requests will jump significant, maybe by a factor of 10. I'm doing everything I can do reduce the load on our tomcats, but I know we are going to run out of capacity, so I would like to fail gracefully. By this I mean, instead of trying to deal with too many connections which all timeout, I would like Apache to somehow monitor average response time, and as soon as the response time to Tomcat is getting above some threshold, I would like a error page displayed. This means that users who are lucky still get a page rendered quickly, and those who are unlucky get a error page quickly. Instead of everyone waiting far too long for their page, and eventually everyone timing out, and the database being swamped with queries which are never used. Hopefully this makes sense, so I was looking for suggestions on how I could achieve this. thanks

  Read the article

• Is iptable capable of this or should I go with mod_proxy?

  - by Jesper

  I'm trying to configure my network to receive an incoming connection on one device and then redirect it to another device on a specific port. Right now I'm on about port 80 and a device running apache. The problem I'm facing is that when the forwarding is done it also sets the source ip to the first device instead of the source ip the user that connects to the service has. Let me illustrate it: [Internet User] = 7.7.7.7 connects to [Device 1] = 1.1.1.1:80 [Device 1] forwards it to [Device 2] = 1.1.1.2:80 [Device 2] outputs response that [Internet User] sees So on [Device 2] I will naturally see [Device 1]s IP in the logs, but I wanna see if there is a way to connect the internet user through [Device 1] to [Device 2] while seeing the real source IP in the logs on [Device 2]. Is that possible? My rule-set looks like this at the moment: (on Device 1) iptables -P FORWARD ACCEPT iptables -t nat -I PREROUTING -j DNAT -p tcp --dport 80 --to-destination 1.1.1.2:80 iptables -t nat -I POSTROUTING -j SNAT -p tcp -d 1.1.1.2 --to-source 1.1.1.1 On [Device 2] it accepts all incoming on port 80 from [Device 1] as well as accepts all related and established connections. So, would there be any way to get the real source onto [Device 2]? Let me know if you need more information!

  Read the article

• Record browsing history

  - by nc3b

  How can I record everything I browse so that, ideally, it might later enable me to re-surf the same pages without internet access ? For instance, if I go to http://www.example.com/example.html I would like to be able to view the same page later exactly as initially (but without reconnecting to www.example.com). Thank you in advance.

  Read the article

• How to implement dynamic web blacklists in ISA Server 2006?

  - by Massimo

  I'm looking for a way to implement web site blacklisting in ISA server 2006. I know how to manually define a destination set and block access to it, and I also know how to import XML lists. What I'm looking for is some publicly available and actively updated blacklist (i.e. "porn sites", or "gamble sites") from some trustworthy source, and for a way to automatically get updated versions when they are released and use them in ISA. Can this be done, and how?

  Read the article

• ADFS v.2.0 transitive trust in a federation scenario

  - by masi

  Currently i'm working with ADFS to establish a federated trust between two separated domains. My question is simple: does ADFS v. 2.0 support transitive trust across federated identity providers? I know that ADFS v 1.0 does not, as stated in this document on page 9. But when looking on the claims rules that come with ADFS 2.0 it seems to be possible, as a Microsoft partner confirmed. However: the documentation on this topic is a mess! Simply no ADFS v. 2.0 related statements on this topic that i was able to find (IF you got any documentation on this PLEASE help me out guys!). To be more clear, lets assume this scenario: Federation provider (A) trust federation provider (B) which trusts identity provider (C). So, does (A) trust identities comming from (C) across (B)? Also, if it is possible there are some things that i'm specially interested in: Is it possible to restrict the transitive trust in ADFS in any way? If so, how? How does the transitive trust affect the Issuer and OriginalIssuer properties of the claims? If transitive trust is used together with claims transformations and provider (B) would transform incomming claims from (C) in a way that they are transformed into (new) claims of same type an value, how would this affect the Issuer and OriginalIssuer properties?

  Read the article

• Squid: problem with FTP service (Windows Server)

  - by Diego

  I followed the instructions on this question and everythig works fine. I have an DHCP server that assigns "IP client" without gateway. Internet with IE or Firefox Browser works but FTP service doesn't work. In squid.conf I have put a line: acl Safe_ports port 80 21 443 389 5307 8080 3144 8282 88 8443 20443 11438 1443 8050 30021 10443 4747 4774 1384 Have I to put gateway in DHCP Server? Have you any suggestion for me? Thanks for your help!

  Read the article

• Issues with VPN functionality

  - by Xorandor

  I've been working on setting up VPN connectivity to our office location. We bought a Cisco WRV210 which have a builtin VPN server. Cisco has some software QuickVPN, which is not as quick and easy as I had thought. I've had mixed experiences on different machines with connecting. Instead I configured an IPSec VPN tunnel following a guide from TheGreenBow here http://www.thegreenbow.com/doc/tgbvpn_cg_linksys_wrv200_en.pdf I followed their instructions and tried out an evaluation of their software, and VPN connection should be working ok. I'm able to do RDP to a machine on the network (using IP address, not machine name) and ping the router etc. What I'm trying to solve are two things: It's not like I'm "really" on the network. Or at least I'm restricted to some degree when going through the VPN. I can't access a machine on the network using machine name, only IP. I can't ping a machine, but the router just fine. Could this be that something is not set up properly? If so, I can ofcourse supply additional information. Second, when I log onto the VPN, I would really like my outgoing connection to go through the internet connection of the remote location. Basically if I connect to the VPN I want my outgoing IP to be that of the remote location's (needed for some IP resctrictions on some of our servers). At a previous work location it worked like this when we connected to our office VPN over PPTP and the builtin windows VPN client. I'm not a huge expert on the topic, so any hints will be appreciated.

  Read the article

• Trouble accessing network drives in Windows 7

  - by Warlax

  Hi, Recently purchased a LaCiE network drive. Connected it to my router, configured it, added a user for myself. Installed the "Network Assistant" that came with it - no problem. Went to My Computer Network, found the network drive - was prompted for a login/password to see the contents, types \user and password (leading slash to get rid of DOMAIN) and accesses contents. There is one open share that I can access/mount without problem and there's another share with my user name as set-up via the network drive's web-based config. Double-clicked on that, prompted again. user/password doesn't work! It says I have no permissions but the user/pass combination is PERFECT. Some Windows Vista posts talk about a Local Security Policy menu - but that's nowhere to be found. Any ideas? (Windows 7 Professional BTW).

  Read the article

• How do I use an SSH public key from a remote machine?

  - by kubi

  Setup The public keys are set up on a Macbook. I can do a passwordless push to github and a server (iMac) on the local network. The Problem I know the keys are partially setup correctly, because I everything works if I'm sitting at the Macbook. What doesn't work is when I SSH into the Macbook remotely and attempt to push to github or to the iMac server. I'm prompted to input my SSH key passphrase. What am I missing to enable pushing to github from the Macbook while logged in remotely from the iMac?

  Read the article

• SSH Tunnel for Remote Desktop via Intermediary Server

  - by Mihai Todor

  I've seen many examples of SSH tunnels on the nets, but I'm still having no luck with this. Here's the setup: Windows 7 PC in a private network, sitting behind a firewall, with PowerShellInsider SSH server set up and working fine. Public access Linux server, which has access to the PC. Windows 7 laptop, at home, from which I wish to do remote desktop on the PC. Now, here's what I've tried so far: SSH tunnel from my laptop to the Linux server: ssh -f my_user@LINUX_SERVER -L 6666:LINUX_SERVER_IP:6666 -N SSH to the Linux server where I've set up a tunnel to the PC: ssh -f 'PRIVATE_DOMAIN\my_user'@PC_NAME -L 6666:PC_IP:3389 -N Unfortunately, I must be doing something wrong, because it doesn't seem to work. Any ideas why or, at least, any suggestions on how can I try to debug this setup? At the moment, I have access to all 3 machines (non-root on Linux), so I can test whatever I want...

  Read the article

• Able to connect to the net, but only through FF with proxies disabled.

  - by Mr Z

  I guess I got a virus or something and it's screwing up my connections. I'm able to browse fine in Firefox with proxies disabled, but other than that I have no connection. Currently, I need to install a program, but it requires an internet connection, and it keeps running into connection errors - same problem the other day when trying to register a product I purchased. I usually can figure this stuff out, but this one has me baffled. Any help troubleshooting this would be much appreciated.

  Read the article

• SHH Tunnel for Remote Desktop via Intermediary Server

  - by Mihai Todor

  I've seen many examples of SSH tunnels on the nets, but I'm still having no luck with this. Here's the setup: Windows 7 PC in a private network, sitting behind a firewall, with PowerShellInsider SSH server set up and working fine. Public access Linux server, which has access to the PC. Windows 7 laptop, at home, from which I wish to do remote desktop on the PC. Now, here's what I've tried so far: SSH tunnel from my laptop to the Linux server: ssh -f my_user@LINUX_SERVER -L 6666:LINUX_SERVER_IP:6666 -N SSH to the Linux server where I've set up a tunnel to the PC: ssh -f 'PRIVATE_DOMAIN\my_user'@PC_NAME -L 6666:PC_IP:3389 -N Unfortunately, I must be doing something wrong, because it doesn't seem to work. Any ideas why or, at least, any suggestions on how can I try to debug this setup? At the moment, I have access to all 3 machines (non-root on Linux), so I can test whatever I want...

  Read the article

< Previous Page | 118 119 120 121 122 123 124 125 126 127 128 129  | Next Page >