Search Results

Search found 4947 results on 198 pages for 'insurance policy administration'.

Page 126/198 | < Previous Page | 122 123 124 125 126 127 128 129 130 131 132 133  | Next Page >

  • Best use of new express card on Windows

    - by jckdnk111
    I just bought a 48GB SSD express card for my laptop and I am trying to decide how best to use it. I will be running some sort of virtualization (prob VirtualBox) to test / learn Windows Server administration. I am running Windows 7 Ultimate 64 bit. I have 4GB of RAM and a 7200 RPM SATA hard disk. The express card will read at 115MB/s and write at 65MB/s. So how best to use this new disk? Readyboost, relocate pagefile, store VM disks, mix / match?

    Read the article

  • WSUS Looping 2 updates on 2003 servers

    - by Ericrobert
    Good afternoon, Hopefully I can articulate this so that people understand my problem. We have WSUS on windows server 2008. We have 8 Windows 2003 servers. There is an update ready to install KB2982792. We install it then it says there is another update to install KB2728973. Then it says there is another update to install, again KB2982792. This goes on and on. Talked to microsoft support and they confirmed that the update was infact installed and applied to the computer (Checking untrusted certifactions confirmed that for these updates) and their suggestion was to just "Hide update". This is fine except on the WSUS server it still shows failed updates which is not okay with our policy. I'm here to ask for help figuring this out and what I can do to trouble shoot it. Thank you in advanced.

    Read the article

  • Install multiport module on iptables

    - by tarteauxfraises
    I'am trying to install "fail2ban" on Cubidebian, a Debian port for Cubieboard (A raspberry like board). The following rule failed due to "-m multiport --dports ssh" options (It works, when i run manually the command without multiple options). $ iptables -I INPUT -p tcp -m multiport --dports ssh -j fail2ban-ssh" iptables: No chain/target/match by that name. When i make a cat on "/proc/net/ip_tables_matches", i see that multiport module is not loaded: $ cat /proc/net/ip_tables_matches u32 time string statistic state owner pkttype mac limit helper connmark mark ah icmp socket socket quota2 policy length iprange ttl hashlimit ecn udplite udp tcp What can i do to compile or to enable the multiport module? Thanks in advance for your help

    Read the article

  • I want to host my own multiple Websites on my server. How do i setup my own child nameserver?

    - by basilmir
    I host my own multiple Websites on my server. How do i setup my own child nameserver? There are 4 different websites, with .com and .net and .ro at the end. I moved them to my own server. My Domain Administration (Registrar) let's me define my own child nameserver with my own IP and i've added my nameserver as my domain nameservers list. ns.something.ro as the first and only in the nameservers list ns.something.ro with my own IP address as the child nameserver I've setup everything and it works (kind of). When i use my ns IP adress directly i can of course access everything. Using "normal" external dnses will not work. As expected others on the web can't resolve correctly. What's wrong? Am i missing something?

    Read the article

  • ASA 5540 v8.4(3) vpn to ASA 5505 v8.2(5), tunnel up but I cant ping from 5505 to IP on other side

    - by user223833
    I am having problems pinging from a 5505(remote) to IP 10.160.70.10 in the network behind the 5540(HQ side). 5505 inside IP: 10.56.0.1 Out: 71.43.109.226 5540 Inside: 10.1.0.8 out: 64.129.214.27 I Can ping from 5540 to 5505 inside 10.56.0.1. I also ran ASDM packet tracer in both directions, it is ok from 5540 to 5505, but drops the packet from 5505 to 5540. It gets through the ACL and dies at the NAT. Here is the 5505 config, I am sure it is something simple I am missing. ASA Version 8.2(5) ! hostname ASA-CITYSOUTHDEPOT domain-name rngint.net names ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! interface Vlan1 nameif inside security-level 100 ip address 10.56.0.1 255.255.0.0 ! interface Vlan2 nameif outside security-level 0 ip address 71.43.109.226 255.255.255.252 ! banner motd ***ASA-CITYSOUTHDEPOT*** banner asdm CITY SOUTH DEPOT ASA5505 ftp mode passive clock timezone EST -5 clock summer-time EDT recurring dns server-group DefaultDNS domain-name rngint.net access-list outside_1_cryptomap extended permit ip host 71.43.109.226 host 10.1.0.125 access-list outside_1_cryptomap extended permit ip 10.56.0.0 255.255.0.0 10.0.0.0 255.0.0.0 access-list outside_1_cryptomap extended permit ip 10.56.0.0 255.255.0.0 10.106.70.0 255.255.255.0 access-list outside_1_cryptomap extended permit ip 10.56.0.0 255.255.0.0 10.106.130.0 255.255.255.0 access-list outside_1_cryptomap extended permit ip host 71.43.109.226 host 10.160.70.10 access-list inside_nat0_outbound extended permit ip host 71.43.109.226 host 10.1.0.125 access-list inside_nat0_outbound extended permit ip 10.56.0.0 255.255.0.0 10.0.0.0 255.0.0.0 access-list inside_nat0_outbound extended permit ip 10.56.0.0 255.255.0.0 10.106.130.0 255.255.255.0 access-list inside_nat0_outbound extended permit ip 10.56.0.0 255.255.0.0 10.106.70.0 255.255.255.0 access-list inside_nat0_outbound extended permit ip host 71.43.109.226 10.106.70.0 255.255.255.0 pager lines 24 logging enable logging buffer-size 25000 logging buffered informational logging asdm warnings mtu inside 1500 mtu outside 1500 icmp unreachable rate-limit 1 burst-size 1 icmp permit any inside no asdm history enable arp timeout 14400 global (outside) 1 interface nat (inside) 0 access-list inside_nat0_outbound nat (inside) 1 0.0.0.0 0.0.0.0 route outside 0.0.0.0 0.0.0.0 71.43.109.225 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 timeout floating-conn 0:00:00 dynamic-access-policy-record DfltAccessPolicy aaa-server TACACS+ protocol tacacs+ aaa-server TACACS+ (inside) host 10.106.70.36 key ***** aaa authentication http console LOCAL aaa authentication ssh console LOCAL aaa authorization exec authentication-server http server enable http 192.168.1.0 255.255.255.0 inside http 10.0.0.0 255.0.0.0 inside http 0.0.0.0 0.0.0.0 outside snmp-server host inside 10.106.70.7 community ***** no snmp-server location no snmp-server contact snmp-server community ***** snmp-server enable traps snmp authentication linkup linkdown coldstart crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 crypto map outside_map 1 match address outside_1_cryptomap crypto map outside_map 1 set pfs group1 crypto map outside_map 1 set peer 64.129.214.27 crypto map outside_map 1 set transform-set ESP-3DES-SHA crypto map outside_map interface outside crypto isakmp enable outside crypto isakmp policy 1 authentication pre-share encryption des hash md5 group 2 lifetime 86400 telnet timeout 5 ssh 10.0.0.0 255.0.0.0 inside ssh 0.0.0.0 0.0.0.0 outside ssh timeout 5 console timeout 0 management-access inside dhcpd auto_config outside ! dhcpd address 10.56.0.100-10.56.0.121 inside dhcpd dns 10.1.0.125 interface inside dhcpd auto_config outside interface inside ! dhcprelay server 10.1.0.125 outside dhcprelay enable inside dhcprelay setroute inside dhcprelay timeout 60 threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept tftp-server inside 10.1.1.25 CITYSOUTHDEPOT-ASA-Confg webvpn tunnel-group 64.129.214.27 type ipsec-l2l tunnel-group 64.129.214.27 ipsec-attributes pre-shared-key ***** ! ! prompt hostname context

    Read the article

  • Centrally manage Windows 7 computers without Active Directory

    - by Sean W.
    I manage three Windows PCs at home using the principle of least privilege. This means that practically every other day when a new version of Java is released, I have to manually install the update using my administrative credentials on each machine. This is starting to become more work than I had expected. I would love to set up an active directory domain at home, but Microsoft has discontinued Windows home server; its replacement, Windows server 2012 essentials is much more expensive (about $500). Are there any free (preferably as in speech) that would allow me to centrally manage the software installed on each machine in a manner similar to that of active directory? I'd also like to find a way to centrally manage security settings, but I doubt there's an equivalent of group policy. Samba 4 would be an ideal solution, but according to its own developers, it is not yet stable enough for production use.

    Read the article

  • It's possible to use google smtp for sending email from my server?

    - by Magnetic_dud
    Well, I am becoming crazy to let my email deliver to gmail/hotmail from my new ip. Last year, i had no problems with my past ip, but now my emails go straight to the spam folder of gmail and hotmail. I checked with mxtoolbox.com and i am not blacklisted, not an open proxy, rdns is configured the right way, SPF policy is present on the DNS. My spf is v=spf1 a mx ~all But, still, I am filtered. So, I am wondering: since gmail does not accept my emails, it's possible to use gmail smtp server to deliver all mails from my server? AFAIK, it will change all the "from" address, but maybe there is a way to not let it happen?

    Read the article

  • Restricting output to only allow localhost using iptables

    - by Dave Forgac
    I would like to restrict outbound traffic to only localhost using iptables. I already have a default DROP policy on OUTPUT and a rule REJECTing all traffic. I need to add a rule above that in the OUTPUT chain. I have seen a couple different examples for this type of rule, the most common being: -A OUTPUT -o lo -j ACCEPT and -A OUTPUT -o lo -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT Is there any reason to use the latter rather than the former? Can packets on lo have an address other than 127.0.0.1?

    Read the article

  • Packets marked INVALID in FORWARD rule

    - by Raphink
    I have a firewall that has 3 IP aliases on 1 physical interface. Packets get dropped between these 3 interfaces (either ICMP, HTTP, or anything else). We tracked it down to these packets being marked INVALID in the FORWARD rule and dropped due to the this rule: chain FORWARD { policy DROP; # connection tracking mod state state INVALID LOG log-prefix 'INVALID FORWARD DROP: '; mod state state INVALID DROP; mod state state (ESTABLISHED RELATED) ACCEPT; } (That is, we see the INVALID FORWARD DROP logs in dmesg) What could be causing this?

    Read the article

  • How to open a server port outside of an OpenVPN tunnel with a pf firewall on OSX (BSD)

    - by Timbo
    I have a Mac mini that I use as a media server running XBMC and serves media from my NAS to my stereo and TV (which has been color calibrated with a Spyder3Express, happy). The Mac runs OSX 10.8.2 and the internet connection is tunneled for general privacy over OpenVPN through Tunnelblick. I believe my anonymous VPN provider pushes "redirect_gateway" to OpenVPN/Tunnelblick because when on it effectively tunnels all non-LAN traffic in- and outbound. As an unwanted side effect that also opens the boxes server ports unprotected to the outside world and bypasses my firewall-router (Netgear SRX5308). I have run nmap from outside the LAN on the VPN IP and the server ports on the mini are clearly visible and connectable. The mini has the following ports open: ssh/22, ARD/5900 and 8080+9090 for the XBMC iOS client Constellation. I also have Synology NAS which apart from LAN file serving over AFP and WebDAV only serves up an OpenVPN/1194 and a PPTP/1732 server. When outside of the LAN I connect to this from my laptop over OpenVPN and over PPTP from my iPhone. I only want to connect through AFP/548 from the mini to the NAS. The border firewall (SRX5308) just works excellently, stable and with a very high throughput when streaming from various VOD services. My connection is a 100/10 with a close to theoretical max throughput. The ruleset is as follows Inbound: PPTP/1723 Allow always to 10.0.0.40 (NAS/VPN server) from a restricted IP range >corresponding to possible cell provider range OpenVPN/1194 Allow always to 10.0.0.40 (NAS/VPN server) from any Outbound: Default outbound policy: Allow Always OpenVPN/1194 TCP Allow always from 10.0.0.40 (NAS) to a.b.8.1-a.b.8.254 (VPN provider) OpenVPN/1194 UDP Allow always to 10.0.0.40 (NAS) to a.b.8.1-a.b.8.254 (VPN provider) Block always from NAS to any On the Mini I have disabled the OSX Application Level Firewall because it throws popups which don't remember my choices from one time to another and that's annoying on a media server. Instead I run Little Snitch which controls outgoing connections nicely on an application level. I have configured the excellent OSX builtin firewall pf (from BSD) as follows pf.conf (Apple App firewall tie-ins removed) (# replaced with % to avoid formatting errors) ### macro name for external interface. eth_if = "en0" vpn_if = "tap0" ### wifi_if = "en1" ### %usb_if = "en3" ext_if = $eth_if LAN="{10.0.0.0/24}" ### General housekeeping rules ### ### Drop all blocked packets silently set block-policy drop ### all incoming traffic on external interface is normalized and fragmented ### packets are reassembled. scrub in on $ext_if all fragment reassemble scrub in on $vpn_if all fragment reassemble scrub out all ### exercise antispoofing on the external interface, but add the local ### loopback interface as an exception, to prevent services utilizing the ### local loop from being blocked accidentally. ### set skip on lo0 antispoof for $ext_if inet antispoof for $vpn_if inet ### spoofing protection for all interfaces block in quick from urpf-failed ############################# block all ### Access to the mini server over ssh/22 and remote desktop/5900 from LAN/en0 only pass in on $eth_if proto tcp from $LAN to any port {22, 5900, 8080, 9090} ### Allow all udp and icmp also, necessary for Constellation. Could be tightened. pass on $eth_if proto {udp, icmp} from $LAN to any ### Allow AFP to 10.0.0.40 (NAS) pass out on $eth_if proto tcp from any to 10.0.0.40 port 548 ### Allow OpenVPN tunnel setup over unprotected link (en0) only to VPN provider IPs ### and port ranges pass on $eth_if proto tcp from any to a.b.8.0/24 port 1194:1201 ### OpenVPN Tunnel rules. All traffic allowed out, only in to ports 4100-4110 ### Outgoing pings ok pass in on $vpn_if proto {tcp, udp} from any to any port 4100:4110 pass out on $vpn_if proto {tcp, udp, icmp} from any to any So what are my goals and what does the above setup achieve? (until you tell me otherwise :) 1) Full LAN access to the above ports on the mini/media server (including through my own VPN server) 2) All internet traffic from the mini/media server is anonymized and tunneled over VPN 3) If OpenVPN/Tunnelblick on the mini drops the connection, nothing is leaked both because of pf and the router outgoing ruleset. It can't even do a DNS lookup through the router. So what do I have to hide with all this? Nothing much really, I just got carried away trying to stop port scans through the VPN tunnel :) In any case this setup works perfectly and it is very stable. The Problem at last! I want to run a minecraft server and I installed that on a separate user account on the mini server (user=mc) to keep things partitioned. I don't want this server accessible through the anonymized VPN tunnel because there are lots more port scans and hacking attempts through that than over my regular IP and I don't trust java in general. So I added the following pf rule on the mini: ### Allow Minecraft public through user mc pass in on $eth_if proto {tcp,udp} from any to any port 24983 user mc pass out on $eth_if proto {tcp, udp} from any to any user mc And these additions on the border firewall: Inbound: Allow always TCP/UDP from any to 10.0.0.40 (NAS) Outbound: Allow always TCP port 80 from 10.0.0.40 to any (needed for online account checkups) This works fine but only when the OpenVPN/Tunnelblick tunnel is down. When up no connection is possbile to the minecraft server from outside of LAN. inside LAN is always OK. Everything else functions as intended. I believe the redirect_gateway push is close to the root of the problem, but I want to keep that specific VPN provider because of the fantastic throughput, price and service. The Solution? How can I open up the minecraft server port outside of the tunnel so it's only available over en0 not the VPN tunnel? Should I a static route? But I don't know which IPs will be connecting...stumbles How secure would to estimate this setup to be and do you have other improvements to share? I've searched extensively in the last few days to no avail...If you've read this far I bet you know the answer :)

    Read the article

  • Limit a process's relative (not absolute) processor consumption in Linux

    - by BobBanana
    What is the standard way in Linux to enforce a system policy to limit the relative CPU use of a single process? That is, on a quad-core machine, I never want a process to use more than 2 CPUs at once, even if the process creates more threads. I do not want an absolute time limit, just a relative limit so that one task cannot dominate the machine. This is also different than renice, which allows a process to use all the resources but just politely step aside if others need them too. ulimit is the usual resource limiting tool, but it does not allow such CPU restrictions.. it can limit the number of processes per user, or absolute CPU time, not restrict the maximum number of active threads of a single process. I've found a couple of user-level tools, like CPUlimit, but not a system level tool or setting. Does such a standard resource controller exist in Linux (Red Hat Enterprise, if it matters.) If there is such a limit imposed, how would a user identify it?

    Read the article

  • How can I restrict my mates to stop downloading?

    - by user239295
    We are sharing an internet broadband connection with 6 users at a place we live. We get 20 gb fup ( Fair usage policy) with 2 mbps speed from the ISP after the 20 gb is consumed the speed comes down to 512 kbps very difficult to browse any page. The problem is we cannot track which user/mate is downloading and ending the FUP. it is very difficult to track so is there something that we can allot per user some amount of space like 2 gb of downloading or restrict all from downloading so that we can utilize all the fup till the end of the month. We are using this connection as wifi configured. A adsl router is configured as wifi and we all using all 6 laptops. No PC. Any help would be appreciated. I apologize if i am not clear with my question.

    Read the article

  • Proxy Server suggestions

    - by Jon Menefee
    Here is the question I have that hopefully is not too general of a question. I have a network with approximately 25 PC's, 3 servers and 25 IP cameras. I have a firewall already on the network and it works fine for what I need, but my client is asking me if there is a way to put a Proxy server on the network to monitor where his employees are going when they surf the Internet. He is not wanting to block them (at least not thru the Proxy server), but he wants to make sure that they arent going to sites that would compromise the networked PCs. I have looked at TMG and it is a little more than what I want. I hesitate adding another firewall to the system because of the security cameras that are presently on the network (IP Cameras). I just want to put a policy in AD that would make certain Users (or Computers) use a Proxy server. Any suggestions on a good proxy server are welcome. Thank you

    Read the article

  • Windows updates behind a physical firewall with only IP based rules and generic outbound connections are turned off

    - by user125245
    I have some boxes that I do not want to allow any in or outbound traffic to the internet Except for windows updates. However the fire wall in place (Cisco ASA) apparently only supports ip based rules. As best I can tell access to Microsoft updates via anything other then the half dozen URL masks the Microsoft lists as needed does not appear possible. I have kicked around building a full WSUS that I would then manually copy the update files to so that no direct Microsoft access is needed but this sounds very top heavy for the very few boxes involved. I have also kicked around manual updates all around but am not certain how to be conveniently and confidently sure that the correct updates are being applied in the correct order. Any ideas from any direction would be appreciated. I want this as simple / cost effective as possible but have very little flexibility on the only absolutely required internet access policy.

    Read the article

  • How to remove IE toolbar and menu bar

    - by Metallikanz
    We have a asp.net web application which will be used in an intranet environment on IE 6. We want to change the default configuration of the browser so that it's always rendered without the Tool Bars, Menu Bars and Address Bar, just the browser window frame and the status bar should be present. We were looking at the IEAK toolkit for IE6 but it doesn't seem to have the option of turning all this off though you can turn off certain menus and toolbar options. Any ideas of how this can be done, is there a group policy setting or something that we can utilize here to get this done? Thanks for your help.

    Read the article

  • Is it safe/wise to run Drupal alongside bespoke business web apps in production?

    - by Vaze
    I'm interested to know the general community feeling about the safety of running Drupal alongside bespoke, business critial ASP.NET MVC apps on a production server. Previously my employer's Drupal based 'visitor website' was hosted as a managed service with a 3rd party. While the LoB sites were hosted in-house. That 3rd party is no longer available so I'm considering my options: Bring Drupal in-house Find another 3rd party My concern is that I have little experience with Drupal administration (and no experience securing it) and that the addition of PHP to my IIS server poses a security risk. Is there a best practice that I can follow in this situation?

    Read the article

  • Upgrading Fedora on Amazon to 12 but getting libssl.so.* & libcrypto.so.* are missing

    - by bateman_ap
    I am upgrading to Fedora 12 on a Amazon EC2 using help here: http://www.ioncannon.net/system-administration/894/fedora-12-bootable-root-ebs-on-ec2/ I managed to do a 64 bit instance OK, however facing some problems with a standard one. On the final bit of the install from 11 to 12 I am getting an error: Error: Missing Dependency: libcrypto.so.8 is needed by package httpd-tools-2.2.1.5-1.fc11.1.i586 (installed) Error: Missing Dependency: libssl.so.8 is needed by package httpd-tools-2.2.1.5-1.fc11.1.i586 (installed) This is referenced in the comments from the link above but all it says is: Q: Apache failed, or libssl.so.* & libcrypto.so.* are missing A: These versions are mssing the symlinks they require. Easy fix, go symlink them to the newest versions in /lib However I am afraid I don't know how to do this. If it is any help I tried running the command locate libssl.so and got: /lib/libssl.so.0.9.8b /lib/libssl.so.6

    Read the article

  • Disqus cache of unposted posts

    - by user129107
    Some webpages implement Disqus and also have the rather bad policy of adding auto refresh to the page. This result in for example one writing a long answer in a debate and then a refresh comes along – and everything is gone. Is the comments, written, but not posted, cached somewhere? Is it possible to retrieve? I have experienced this on various pages. In the current case the debate page was reloaded and a rather lengthy post with a lot of references and long thought out sentences vanished. This page closes the debate during night time, and do a auto refresh of the page when one pass midnight – as such I'm not able to retrieve the debate for another 8 hours. Other pages implement for example an auto refresh after 20 minutes. Linux, Google Chrome.

    Read the article

  • Windows Task Scheduler won't let me uncheck "Wake the computer" option for a backup task

    - by KdawgUD
    I have a problem with my windows 7 laptop automatically waking after I put it to sleep and then I find it later with the battery drained. I tracked down the culprit using the "powercfg -lastwake" command to be a Backup task in the "Windows Server" section of the task scheduler. I have tried unchecking the "Wake the computer to run this task" checkbox for this task, but after I do this and reboot, the box is always rechecked again. How can I make this setting persist? I have full admin rights to this laptop, but it is on a domain. Edit: I looked into the domain policy settings as suggested by Dave below and did not find any policies related to scheduled task settings. Any other ideas?

    Read the article

  • Windows Home Server restore causes computer to be removed from the domain?

    - by unknown (google)
    I restored my Dell M4400 that is a company laptop, and now I get an error when I try to log on and am connected to our corporate network, which says that the domain controller could not be found or that the computer is not part of the domain. Everyone else can log on, so it seems my computer is no longer part of the domain, even though it thinks it is per the settings. One thing of note: my computer crashed on 1/14/10, but I restored from a backup that was made on 12/20/09. So I am not sure if that made a difference? Also, I tried running "gpupdate" to update my group policy, but that did not seem to help. Any ideas? Seems like a bit of a flaw in the backup system for computers that are part of a domain. I guess I wanted to hear from someone with more knowledge about how a computer is recognized as part of a domain to know if this should be expected when doing a restore or if I should file a trouble ticket.

    Read the article

  • TPM had to be reintialized: Does a new recovery password have to be uploaded to AD?

    - by MDMoore313
    Some way some how, a user's machine couldn't get read the bitlocker password off of the TPM chip, and I had to enter the recovery key (stored in AD) to get in. No big deal, but once in the machine, I tried to suspend bitlocker per recovery documentation, and got an error message about the TPM not being initialized. I knew the TPM was on and activated in the BIOS, but Windows still made me reinitialize the TPM chip, and in the process it created a new TPM owner password. I found that odd because it prompted me to save this password or print it (there wasn't an option not to), but it made no reference of a recovery password, nor did it back this password up to AD. After the user took her laptop and left I started thinking that if the TPM password change, does the recovery password change also? If so, that new recovery password will need to be uploaded to AD, but MS' documentation doesn't make that clear, and doesn't back up the new recovery key (if one exists) to AD automatically when the group policy says it must, and from a network standpoint AD is accessible.

    Read the article

  • SFTP not working, but SSH is

    - by Dan
    I've had a server running CentOS for a few months now. A few days ago, I stopped being able to connect to it over SFTP. I've tried from multiple computers, OSes, clients, and internet connections. I can SSH in just fine, though. For example, Nautilus gives me this: Error: DBus error org.freedesktop.DBus.Error.NoReply: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken. Please select another viewer and try again. I was under the impression that SFTP was just pure SSH, and if one worked, the other would, and vice-versa. Clearly that's not the case, though. What could I have done wrong?

    Read the article

  • Domain Key Entries

    - by natediggs
    More BIND DNS questions. OK, my changes the the zone files are no propagating out. Now I'm having a problem with the domain key entries I'm trying to create. I'm starting by trying to set the domain key policy. To do so I added the following entry to my zone file (actual domain XXX'd out). Based on everything I've read this is properly formatted and should work. When I try to verify the DNS entry for our domain it doesn't how up. _domainkey.XXXX.com TXT "t=y; o=~;" Is there something I'm missing? Nate

    Read the article

  • 'Unlimited' free trial of Windows Server 2008 by deleting and reinstalling VM? [closed]

    - by MrVimes
    I am using Virtual Machine software (VirtualBox) to learn Windows Server 2008 R2 Network Infrastructure (70-642). Trouble is - I'm learning at an extremely slow pace and so the trial periods of my virtual machines are close to running out. If I delete the VMs then install WS2008R2 from scratch on new VMs is that violating the acceptable use policy of Microsoft? I am aware that I can extend the trial, but it seems I can only do that by 10 days at a time. Also I think having to re-install from scratch is a good way to reinforce the knowledge.

    Read the article

  • User account restriction error and unable to access share

    - by user44394
    I have a windows share with full control granted to individual domain user accounts on the share and security permission. Whenever the user attempts to browse to the share they receive the error: Logon failure user account restriction. Possible reasons are blank passwords not allowed, logon hour restrictions, or a policy restriction has been enforced. If the users are added to the administrators group on this machine they are able to browse the share without issue. What do I need to change to allow them access to the share without being administrators on that machine?

    Read the article

< Previous Page | 122 123 124 125 126 127 128 129 130 131 132 133  | Next Page >