Search Results

Search found 54190 results on 2168 pages for 'http authentication'.

Page 124/2168 | < Previous Page | 120 121 122 123 124 125 126 127 128 129 130 131 | Next Page >

LDAP authentication issue with Kerio Connect

- by djk

Hi, We have Kerio Connect (mail server) running on a Windows Server 2003 server on a domain. In the webmail client, users are able to change their domain password. This functionality used to work fine until a user tried to change their password a few days ago, when every password they'd try would result in the webmail client claiming their password was "invalid". I spoke to Kerio about this and they claim that this error is returned by the domain controller, which supports my initial investigations. The error that the DC is logging when an attempt is made to change the password is this: "80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 52e, vece" The "data 52e" part indicates that this is an "invalid credentials" error. I don't see how this can be as I've tried (in the Kerio Connect configuration) various accounts that have privileges to modify accounts, including my own as I am a domain admin. I have ran 'dcdiag' (all tests) on the DC and it came back passing every single one of them. I've searched high and low for an answer to this and came up empty. Does anyone have any idea why this may have suddenly started happening? Thanks! Edit: I should mention that the passwords we are changing to do comply with the complexity policy.

Read the article
HTTP downloads slow - FTP of same file very fast - Windows 2003

- by Paul Hinett

I am having some issues with download speeds on my site via http, i am averaging around 70kbps downloading a file that is around 70mb. But if i connect to my server via FTP and download the same file on the same computer / connection i am averaging about 300+kbps. I know my server has alot of connections at any one time, probably around 400 connections. My server has a 1gbps connection to the internet so there is plenty of bandwidth available, as proven with the FTP. I have no throttling of any kind enabled in IIS. If interested there is a test file here you can download to check the speed: http://filesd.house-mixes.com/test.zip I am based in the UK and the server is in Washington, USA if that makes any difference. Paul

Read the article
HTTP/1.1 503 Service Unavailable Exchange 2003 OWA

- by toups

Receiving HTTP/1.1 503 Service Unavailable when trying to access exchange web access. Server 2003 & Exchange 2003 Have tried: Deleting virtual directories and rebuilding them in IIS Restarting Dismounting & mounting the public folder store & mailbox store It's not AppPoolQueueLength Restarting all services (all proper ones are running) Making it use ssl or not (regular http) -- same thing for both Installing IIS & exchange 2003 on a new 2003 box as a new FE server, OWA on that gets same error. Not sure why it's getting a 503... was working without an issue and randomly is stuck at this no matter what; ll users can still successfully connect and use via outlook, only the web access is having issues. Any suggestions would be appreciated.

Read the article
Get OWA and ActiveSync working on server using HTTP redirect in IIS 7

- by eric

We have two servers on our LAN. One is a Windows 2003 Server domain controller running Exchange 2003. The other is a stand-alone Windows 2008 server running IIS 7. Our company website runs on the IIS 7 (2008) server, so the firewall forwards port 80 to this. How can I get OWA and ActiveSync to work with this setup? And without using SSL. I have tried setting up a website on the IIS 7 box (mail.ourdomain.com) and using HTTP redirect to point to http://mailserver/exchange, but this doesn't work. Do we have to purchase an SSL certificate for this to work?

Read the article
How to change HTTP_REFERER using perl?

- by zuqqhi2

I tried to change log format and change HTTP_REFERER using perl to change browser's referrer like below. [pattern1] Log Format : %{HTTP_REFERER}o perl : $ENV{'HTTP_REFERER'} = "http://www.google.com"; [pattern2] Log Format : %{X-RT-REF}o perl : addHeader('X-RT-REF' => "http://www.google.com"); [pattern3] Log Format : %{HTTP_REFERER}e perl : $ENV{'HTTP_REFERER'} = "http://www.google.com"; but they didn't work. How can I do it? If you have any idea please teach me. Note that I just want to do this as a countermeasure for illegal access in my intra tool.

Read the article
nginx proxypath https redirects to http

- by Thermionix

I'm trying to setup Nginx to forward requests to several backend services using proxy_pass however several pages load with 404s The links on the pages have https:// in front, but result in a http request - which ends in a 404 - I only want these services to be available through https. I've tried with varied trailing forward slashes appended to the proxypath and location in proxy.conf, I've also tried commenting out www.conf (just incase its location blocks could have caused any conflicts) to no effect. So if a link is too https://example.com/sickbeard/errorlogs in a browser when loaded https://example.com/sickbeard/errorlogs gives a 404 in a browser https://example.com/sickbeard/errorlogs/ loads nginx error log; 2011/11/23 14:21:58 [error] 28882#0: *6 "/var/www/sickbeard/errorlogs/recent.html" is not found (2: No such file or directory), client: 192.168.1.99, server: example.com, request: "GET /sickbeard/errorlogs/ HTTP/1.1", host: "example.com" Config files; proxy.conf location /sickbeard { proxy_pass http://localhost:8081/sickbeard; include proxy.inc; } .... more entries .... sites-enabled/main server { listen 80; include www.conf; } server { listen 443; include proxy.conf; include www.conf; ssl on; } www.conf root /var/www; server_name example.com; location / { autoindex off; allow all; rewrite ^/$ /mainsite last; location ~* \.(jpg|jpeg|gif|css|png|js|ico)$ { expires max; } location ~ \.php$ { fastcgi_index index.php; include fastcgi_params; if (-f $request_filename) { fastcgi_pass 127.0.0.1:9000; } } } proxy.inc proxy_connect_timeout 59s; proxy_send_timeout 600; proxy_read_timeout 600; proxy_buffer_size 64k; proxy_buffers 16 32k; proxy_pass_header Set-Cookie; proxy_redirect off; proxy_hide_header Vary; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; proxy_set_header Accept-Encoding ''; proxy_ignore_headers Cache-Control Expires; proxy_set_header Referer $http_referer; proxy_set_header Host $host; proxy_set_header Cookie $http_cookie; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

Read the article
Allow HTTPS cookies but not HTTP?

- by Ken

I want to allow cookies for a domain but only over HTTPS -- not cookies from the same domain that come from HTTP. For example, I don't want any http://www.google.com cookies, but I do want to allow https://www.google.com cookies (because Calendars are there). Is there a way to do this? Does the goal even make sense? In Chrome, it only allows domain names, not URLs, to be added to the cookie exception list. In Firefox, it allows a protocol, but it only records the domain name, and if you click "Allow" or "Deny", it changes the same entry in the list.

Read the article
Remove Live ID authentication from user account

- by slugster

I've just run in to a really annoying issue with Windows 8.1 - it seems I cannot remove the need to use Live ID credentials from an account without completely deleting that account. I know the process to do it - use the Disconnect link from the Accounts-Your account screen. The trouble comes when you get to the Switch to a local account screen, it will not let you enter the current account for the user name, instead you must enter a new one thus creating a new user account. Can I revert back to using just a local login without having to recreate the account? It seems quite retarded that I have to recreate the account, as deep down the only change required is which credential provider is used to authenticate the login. (Note that this Live ID linkage was created by using the Windows Store, not as a result of an upgrade from 8 to 8.1).

Read the article
squid configuration change to accept http request on LAN

- by Ratan Kumar

installed squid + dansguardian to block adult content on my linux (ubuntu 12.10) . everything worked fine. it has blocked as expected . now the problem is i am also running an apache server for my LAN . ( kind of website ) but when accessing it via 192.168.0.1 , it says squid has blocked the connection , this is the exact error The following error was encountered while trying to retrieve the URL: http: //192.168.0.16/ Connection to 192.168.0.16 failed. The system returned: (113) No route to host The remote host or network may be down. Please try the request again. Your cache administrator is webmaster. before configuring the squid it was working fine . what changes in the squid.conf i have to make . i tried acl Safe_ports 80 allow_all Safe_ports ( i want to know how i can configure it again to listen HTTP request from LAN )

Read the article
Private key authentication with pam_ldap

- by Gareth

I'd like to set up pam_ldap on some of our servers so that we can centrally manage who has access to which server, and easily revoke access if e.g. someone leaves the company. I've done some research and got this working. Hooray! However I'd also like to be able to use public-private key logins - i.e. allow users to store their public keys in the LDAP directory and have these work for logins too. I can't find any documentation about being able to do this, but I also can't find any reasons that it shouldn't be possible. Is there a way to do it, or is there some fundamental reason that it won't work?

Read the article
A simple way to redirect http://mysite.com to http://mysite.com/mylink with Apache?

- by Bart Silverstrim

Just starting to try to get the hang of how all the directives and options work under Apache. I'd like to do a redirect with my one site (only running one site on the server) so that when a request comes in to http://mysite.com the server automatically redirects them to a sub-url of http://mysite.com/mylink. I have tried putting redirects into the file located in /etc/apache2/sites-enabled to rewrite this, but then the top level domain URL complains it isn't redirecting properly. I think what I want is a browser redirect, and thought using RewriteEngine On RewriteRule ^/$ /mylink [L,R] would work, but putting it into an .htaccess file didn't work (it redirected but immediately gave a 500 internal server error.) Putting it into the file in /etc/apache2/sites-enabled gives a configuration error when trying to restart Apache. I know it's something simple...but what am I missing?

Read the article
Machine account authentication on Radius server

- by O.Shevchenko

My workstation is under Linux. I have an Active Directory domain controller + Radius server on Windows 2008. I can verify user account 'radius-01' using 'radtest' tool: $ radtest -t pap radius-01 password123 195.234.133.32 1812 password123 Sending Access-Request of id 98 to 195.234.73.2 port 1812 User-Name = "radius-01" User-Password = "password123" NAS-IP-Address = 127.0.1.1 NAS-Port = 1812 rad_recv: Access-Accept packet from host 195.234.133.32 port 1812, id=98, length=84 Framed-MTU = 1344 Framed-Protocol = PPP Service-Type = Framed-User Class = 0x537004f00000013700010200ac1c0... I have joined my Linux PC to Active Directory domain ARB-HRK using Samba: [root@shev-arb]# net ads testjoin Join is OK I can dump machine password: [root@shev-arb]# tdbdump /var/lib/samba/private/secrets.tdb { key(34) = "SECRETS/MACHINE_PASSWORD/ARB-HRK" data(15) = "yGgXJsquRnpT0g\00" } How can i authenticate my machine account on Radius server? Do anybody know any tools for this, like: radtest shev-arb$ yGgXJsquRnpT0g 195.234.133.32 1812 password123 (this command fails)

Read the article
PAM / LDAP authentication with Ubuntu 10.04

- by t6d

I can't wrap my brain around the new pam.d configuration syntax used in Ubuntu 10.04. How do I setup PAM so that it allows users stored in my LDAP database to login. I already configured nscd, so id <user> or getent passwd are already listing my LDAP users, but PAM doesn't work, whether the normal shell login nor su.

Read the article
Sticky sessions on load balancers with HTTP and HTTPS

- by javano

How does sticky sessions relate to HTTP and HTTPS; If I place a load balancer in front of some web app servers that run a front end that supports HTTPS, will the sessions remain "sticky" on a typical load balancer that lists "stick sessions" as one of it's supported features? I understand that question is partly open ended; To clarify, would I require a load balancer that supports sticky HTTPS session specifical or is "sticky sessions" a principal that functions agnostic of the HTTP payload, be it encrypted or not? Thank you.

Read the article
How to use public-key ssh authentication

- by Poma

I have 2 ubuntu 12.04 (beta) servers (node1 and node2) and want to establish passwordless root access between them. Other users should not have access to other boxes. Also note that ssh default port is changed to 220. Here's what I did: sudo -i cd /root/.ssh ssh-keygen -t rsa # with default name and empty password cat id_rsa.pub > authorized_keys then copied id_rsa & id_rsa.pub to node2 and added id_rsa.pub to authorized_keys. Both hosts have the same /root/.ssh/config file: Host node1 Hostname 1.2.3.4 Port 220 IdentityFile /root/.ssh/id_rsa Host node2 Hostname 5.6.7.8 Port 220 IdentityFile /root/.ssh/id_rsa Now the problem is that when I type ssh node2 it asks me for password. What may be the problem?

Read the article
301 redirect, canonical question

- by Dave

I've designed my own 'latest news' page for my site - and I'm trying to keep the URL's clean. (eg) It should look like this : http://www.domain.com/21/this-is-a-clean-url/ When someone links to the article, they sometimes mess it up and do : http://www.domain.com/21/this-is-a-clean-url/#random-hash-tag So what I have been doing is looking for "http://www.domain.com/21" and 301 (moved permantly) redirecting to the proper url + adding a canonical meta tag for it. Is this going overboard? Should I instead be using a (302 Found) header - and just let the canonical tag tell search engines what the proper URL for the article is? What is the best way of handling this?

Read the article
mount.nfs: access denied by server while mounting (Kerberos authentication)

- by Nick

There's plenty of references to this error on Goggle, and even a question here with the same title, but it seems that "access denied by server while mounting" is a catch-all error. I've tried suggestions that others have used to fix this problem, but they did not work in my case. I'm trying to set-up a Kerberos-based NFS file server with shared homes for a Linux network. I'm using Ubuntu 11.04 Servers and clients. When trying to mount a share using: mount 192.168.1.115:/export/home/ /media/tmp I get: mount.nfs: access denied by server while mounting 192.168.1.115:/export/home/ This is the same if I mount it from a client machine or from the server itself. On the server, in /var/log/syslog I get: Aug 25 06:22:37 nfs mountd[1580]: authenticated mount request from 192.168.1.115:835 for /export/home (/export/home) Aug 25 06:22:37 nfs mountd[1580]: authenticated unmount request from 192.168.1.115:766 for /export/home (/export/home) Which is odd, since it says it's authenticated the request, not denying it. /etc/exports: /export *(rw,fsid=0,crossmnt,insecure,async,no_subtree_check,sec=krb5p:krb5i:krb5) /export/home *(rw,insecure,async,no_subtree_check,sec=krb5p:krb5i:krb5) On client: me@dt1:/$ rpcinfo -p 192.168.1.115 program vers proto port 100000 2 tcp 111 portmapper 100024 1 udp 37320 status 100024 1 tcp 48460 status 100003 2 tcp 2049 nfs 100003 3 tcp 2049 nfs 100003 4 tcp 2049 nfs 100227 2 tcp 2049 100227 3 tcp 2049 100003 2 udp 2049 nfs 100003 3 udp 2049 nfs 100003 4 udp 2049 nfs 100227 2 udp 2049 100227 3 udp 2049 100021 1 udp 58625 nlockmgr 100021 3 udp 58625 nlockmgr 100021 4 udp 58625 nlockmgr 100021 1 tcp 49616 nlockmgr 100021 3 tcp 49616 nlockmgr 100021 4 tcp 49616 nlockmgr 100005 1 udp 45627 mountd 100005 1 tcp 60265 mountd 100005 2 udp 45627 mountd 100005 2 tcp 60265 mountd 100005 3 udp 45627 mountd 100005 3 tcp 60265 mountd Any suggestions I could try?

Read the article
How to change password schema for Dovecot user authentication for an already existing mail server

- by deb_lrnr

Hello, I have an email server setup on Debian Lenny with Postfix, Dovecot, SASL and MySQL. Currently, the password scheme in my dovecot-sql.conf file is set to: CRYPT default_pass_scheme = CRYPT I would like to globally change the scheme to something stronger like SSHA, or MD5-CRYPT and re-hash all passwords with SSHA. What is the best way to do this? The Dovecot wiki mentions how passwords that don't follow the default scheme defined in dovecot-sql.conf can be prefixed with "{ssha}password", but I couldn't see anything regarding changing an already-existing scheme to a new one for all passwords that are already in the database. Thanks for your help!

Read the article
Authentication Order with SSH

- by Oz123

i am still have troubles mastering sshd - when I login with -v I see that ssh is authenticating the following way debug1: Authentications that can continue: publickey,gssapi-with-mic,password,hostbased I would like to change the order ... any idea how ? My bigger problem is that user with locked accounts, can still login via public-keys. I have found that I could add the user to a group "ssh-locked" add deny that group from sshing, but I am still wondering if there is a way to tell ssh'd : Please check password before keys ... Thanks, Oz

Read the article
Samba as a PDC and offline authentication

- by Aimé Barteaux

Say I have a Windows laptop which has been connected to a domain. The domain has a Samba server as a PDC. Now say that I move the laptop outside of the network (the network is completely inaccessible). Will I be able to logon into accounts I have accessed before on the laptop (through GINA)? Update: Looking at the smb.comf documentation I noticed the setting winbind offline logon: This parameter is designed to control whether Winbind should allow to login with the pam_winbind module using Cached Credentials. If enabled, winbindd will store user credentials from successful logins encrypted in a local cache.. To me it looks like this solves the issue but can anyone else confirm it and/or point out if any additional values need to be set?

Read the article
nginx: rewrite URL but have original URL stored in access.log as 200

- by mhambra

I'm setting up a link tracking system, which (temporarily) involves adding /link/id/ in front of URL (like http://server/data/id/publication/id/). rewrite data/id/(.*) http://server/$1; The request is logged as: ip - - [17/Nov/2011:10:07:19 +0300] "GET /data/id/publication/id.html HTTP/1.1" 302 154 "-" "UA"` For some reason (keeping the compatibility with AWStats) it is wanted to have 200 logged instead of 302. (nginx allows to get 301 code out of box with permanent option, but thats inappropriate too) What are my options here? Will the combination of location { } and rewrite do the job?

Read the article
How to display SSH banner at login, but only for password authentication

- by banjer

I have a warning message that is displayed to a user after they enter their username to log in to our Linux servers. I only want to display this message for password authentications, and not when keys are used. It should only show to a user who is logging into a host, and not when they are sshing from one host to another (our hosts all have keys set up so we can ssh from one to another without entering passwords). Currently, I have a line for Banner in the /etc/ssh/sshd_config file which points to a text file containing the warning message. Banner doesn't appear to have any further config options, so I'm wondering if there is a way to do this with pam or some other mechanism? Thanks.

Read the article
Reserve one http slot for /server-status?

- by Stefan Lasiewski

I have an Apache server which is hanging for some reason. When I normally want to check on the load of an Apache server, I tend to use mod_status via the URL at http://webserver1.example.org/server-status or from the commandline like service httpd fullstatus. However today, the Server is refusing all new connections. Some mysterious problem is causing connections to stall, which means that number of connections fills up all available connections (e.g. The number of connects exceeds the MaxClients setting), and therefore neither http://webserver1.example.org/server-status nor service httpd fullstatus can return anything. Is it possible to configure Apache to reserve one or two slots for the mod_status pages?

Read the article
Host http:// and https:// for same domain on separate IIS servers

- by The Talking Walnut

Is it possible to host http://example.com and https://example.com on two separate IIS servers?

Read the article
SVN client authentication error

- by grasshopper

Hello all, I have the following error when ever I try to connect to a SVN server on my network: 'Could not authenticate to server: rejected Basic challenge' Can anyone help?

Read the article

< Previous Page | 120 121 122 123 124 125 126 127 128 129 130 131 | Next Page >