Search Results

Search found 10800 results on 432 pages for 'e3 group'.

Page 139/432 | < Previous Page | 135 136 137 138 139 140 141 142 143 144 145 146 | Next Page >

Creating a new Active Directory account with an InfoPath form

- by ryan

I am setting up a business partner portal in our Sharepoint server. There will be an AD group with permissions limited to viewing and possibly contributing to the specific business partner site and employees of our business partners will have accounts created for them as needed. Now we would like to let our business development group(BDG) have control over the partner accounts. Ideally they should be able to add and delete accounts and change permissions on them. The BDG are not domain admins so we don't want to give them access to the domain controller. We want to create an Infopath form that will allow them to do all this. Is it possible to create and manage AD accounts from within an Infopath form on the sharepoint server? I searched this site and MSDN and can not find anything specifically related to my question.

Read the article
ASA firewalls: how does stateful filtering affect my access lists?

- by Nate

Ok, so assume that I have an ingress access list that looks like this: access-list outside_in extended ip permit any X.Y.Z.1 eq 25 access-group outside_in in interface outside And I want to do egress filtering. I want to allow inside machines to respond on port 80, and I want to allow ports over 1024. Given that the firewall is statefull, do I need to have the rule access-list inside_in extended ip permit X.Y.Z.1 any eq 25 in my inside_in ACL, or can I get away with just access-list inside_in extended ip permit any any gt 1024 access-group inside_in in interface inside In other words, if I apply an egress access list, do I have to explicitly allow machines to respond to requests allowed by the ingress access list, or does the statefullness of the firewall handle that for me? Thanks!

Read the article
Groups and Symlinks, is this safe?

- by sjohns

Hi, Im trying to serve similar content over two websites, but don't want to have 2 of each file, especially when they are growing. The basics, im running CentOS, with cPanel. Is it safe to do the following, I have folder downloads1 in /home/user1/www/downloads1/ i have user2, can i make a group - groupadd sharedfiles add both users to the group: useradd -g sharedfiles user1 useradd -g sharedfiles user2 then chown -r -v user1:sharedfiles downloads1/ User 2 i want to have /home/user2/www/downloads1 but i want it to be a symlink like ln "downloads1" "/home/user1/www/downloads1/" lrwxrwxrwx 1 user2 sharedfiles 11 May 9 14:20 downloads1 -> /home/user1/www/downloads1/ Is this a safe practice? Or is there a better way to do this if I want them both to be able to share the files for distribution over apache. Is there any drawbacks to this? Thanks in advance for any light shed on this. I'm not 100% sure weather this should have gone here or on serverfault.

Read the article
Groups and Symlinks, is this safe?

- by sjohns

Hi, Im trying to serve similar content over two websites, but don't want to have 2 of each file, especially when they are growing. The basics, im running CentOS, with cPanel. Is it safe to do the following, I have folder downloads1 in /home/user1/www/downloads1/ i have user2, can i make a group - groupadd sharedfiles add both users to the group: useradd -g sharedfiles user1 useradd -g sharedfiles user2 then chown -r -v user1:sharedfiles downloads1/ User 2 i want to have /home/user2/www/downloads1 but i want it to be a symlink like ln "downloads1" "/home/user1/www/downloads1/" lrwxrwxrwx 1 user2 sharedfiles 11 May 9 14:20 downloads1 -> /home/user1/www/downloads1/ Is this a safe practice? Or is there a better way to do this if I want them both to be able to share the files for distribution over apache. Is there any drawbacks to this? Thanks in advance for any light shed on this. I'm not 100% sure weather this should have gone here or on serverfault.

Read the article
Windows authenticated users have lost access to master (default) database

- by Rob Nicholson

Something very strange has occurred on our production SQL database. Users connecting via Windows authentication appear to have lost all access to the master database. By default, all logins have the default database set to master. So when you connect using SQL Server management studio, they get the error: "Cannot open user default database. Login failed error 4064". What's also worrying is that we have a group called "COMPANY - SQL Administrator" which has sysadmin rights and users in this group also get the same error. Worse, they don't appear to be system administrators anymore... If they change their default database to something else, they can connect and then work on the database, it's just the master database that is problematic. I'm not even sure by what mechanism windows authenticated users get access to the master database. Is it something hard coded in or some property that's got changed? Any ideas? Cheers, Rob.

Read the article
Stuck on Login PhpMyAdmin

- by TMP

Hi. I've isntalled phpmyadmin via apt-get. I've set the apache env-vars to the correct user:group. I've set ownership of /etc/apache2 and /etc/phpmyadmin to this user:group. I've restarted both apache2 and mysql several times. My Problem: When I access [ServerIP]/phpmyadmin I get the login screen, I enter the information, and i'm right back at the login screen, with not even an error "permission denied" or "password wrong" or whatever. The only things thats different is the URL: Instead of the Original http://[ServerIP]/phpmyadmin/index.php I am now at http://[ServerIP]/phpmyadmin/index.php?token=[Long Hex string here] However, still the login dialog. My Question: How Do I fix this?

Read the article
Linux file permissions seem right but I can't write to a directory

- by CaseyB

I believe that I have the permissions set correctly but I can't write to a directory. Here's my problem: cborders@Kraken:/var/www$ ls -la total 12 drwxrwxr-x 2 webz webz 4096 2011-12-30 14:58 ./ drwxr-xr-x 13 root root 4096 2011-12-30 14:58 ../ -rw-rw-r-- 1 webz webz 177 2011-12-30 14:58 index.html cborders@Kraken:/var/www$ id cborders uid=1000(cborders) gid=1000(cborders) groups=1000(cborders),4(adm),20(dialout),24(cdrom),46(plugdev),109(sambashare),113(lpadmin),114(admin),1002(webz) cborders@Kraken:/var/www$ mkdir test mkdir: cannot create directory `test': Permission denied The owner of the directory is a user called webz and the permissions allow the user and group rwx access to it. I am in the webz group but I still can't make any changes. What am I doing wrong here?

Read the article
How would one run a task sequence within a task sequence in SCCM 2012 SP1

- by BigHomie

A Shining Example: Inside all of my task sequences I have a group that installs driver packages conditionally based on computer model: And of course, this list does nothing but grow. The fact that it grows isn't a big deal, what is a big deal is that every time it changes I have to manually copy and paste those changes across every task sequence I have, which of course leaves huge room for human error. The same goes for other groups of tasks that are common across task sequences. Looking for a solution where I could centrally manage these tasks, be it link other task sequences to a group within another task sequence, or create a separate task sequence and link to that. I came across a solution by John Marcum (SCCM MVP) that mentioned this ability, but this was a while ago and I can't find the link to it anymore to see if it's even still being updated/maintained, but I'm looking for more of a free solution, or even using Powershell or the ConfigMgr SDK is fine with me, I'm no stranger to either. Update Getting close: http://msdn.microsoft.com/en-us/library/jj217869.aspx

Read the article
Add Bookmark to IE automatically for new users on a computer

- by Kyle Brandt

When I set up a PC, I would like to be able to have it so when anyone logs into that PC from the domain a couple of IT bookmarks will be in IE. I read I can do this with a Domain-Level group policy, but unfortunately, with my current domain group policies have not gone well, so I have fear (Rather not get into this in this question). Can I do this at the PC level when I deploy a new computer? So any domain users who log into the PC will have these bookmarks added when their profile is created (no roaming profiles). These are XP machines, and the domain is run by 2003 controllers.

Read the article
Any way to recover ext4 filesystems from a deleted LVM logical volume?

- by Vegar Nilsen

The other day I had a proper brain fart moment while expanding a disk on a Linux guest under Vmware. I stretched the Vmware disk file to the desired size and then I did what I usually do on Linux guests without LVM: I deleted the LVM partition and recreated it, starting in the same spot as the old one, but extended to the new size of the disk. (Which will be followed by fsck and resize2fs.) And then I realized that LVM doesn't behave the same way as ext2/3/4 on raw partitions... After restoring the Linux guest from the most recent backup (taken only five hours earlier, luckily) I'm now curious on how I could have recovered from the following scenario. It's after all virtually guaranteed that I'll be a dumb ass in the future as well. Virtual Linux guest with one disk, partitioned into one /boot (primary) partition (/dev/sda1) of 256MB, and the rest in a logical, extended partition (/dev/sda5). /dev/sda5 is then setup as a physical volume with pvcreate, and one volume group (vgroup00) created on top of it with the usual vgcreate command. vgroup00 is then split into two logical volumes root and swap, which are used for / and swap, logically. / is an ext4 file system. Since I had backups of the broken guest I was able to recreate the volume group with vgcfgrestore from the backup LVM setup found under /etc/lvm/backup, with the same UUID for the physical volume and all that. After running this I had two logical volumes with the same size as earlier, with 4GB free space where I had stretched the disk. However, when I tried to run "fsck /dev/mapper/vgroup00-root" it complained about a broken superblock. I tried to locate backup superblocks by running "mke2fs -n /dev/mapper/vgroup00-root" but none of those worked either. Then I tried to run TestDisk but when I asked it to find superblocks it only gave an error about not being able to open the file system due to a broken file system. So, with the default allocation policy for LVM2 in Ubuntu Server 10.04 64-bit, is it possible that the logical volumes are allocated from the end of the volume group? That would definitely explain why the restored logical volumes didn't contain the expected data. Could I have recovered by recreating /dev/sda5 with exactly the same size and disk position as earlier? Are there any other tools I could have used to find and recover the file system? (And clearly, the question is not whether or not I should have done this in a different way from the start, I know that. This is a question about what to do when shit has already hit the fan.)

Read the article
How to configure auto-logon in Active Directory

- by Jonas Stensved

I need to improve our account management (using Active Directory) for a customer support site with 50+ computers. The default "AD"-way is to give each user their own account. This adds up with a lot of administration with adding/disabling/enabling user accounts. To avoid this supervisors have started to use shared "general" accounts like domain\callcenter2 etc and I don't like the idea of everyone knowing and sharing accounts and passwords. Our ideal solution would be to create a group with computers which requires no login by the user. I.e. the users just have to start the computer. Should I configure auto-logon with a single user account like domain\agentAccount? Is there anything else to consider if I use the same account for all users? How do I configure the actual auto-logon with a GPO on the group? Is there a "Microsoft way" without 3rd party plugins? Or is there a better solution?

Read the article
Secure Apache PHP vhost configuration

- by jsimmons

I'm looking to secure some websites running under apache using suexec. At the moment php is executed with the user/group of the file being executed. This seems to me, not secure enough. It stops vhosts interfering with each other, but does not stop malicious code writing anywhere in the vhost being used. I was thinking that a possibility would be to run scripts as nobody/vhost group, that way the vhost user could still have full access to the vhost directories, but executing php would only be able to write to files with g+w, and to execute files with g+x. This I think should stop arbitrary writing in the web dir from compromised php. Just wondering if this is crazy, ridiculous, stupid? Of course this would be done on top of existing security measures.

Read the article
Mercurial says hgrc is untrusted in Emacs, but works fine from the command line

- by Ken

I've got some Mercurial checkouts in a directory that was mounted by root. Mercurial is usually suspicious of files that aren't mine, but I'm the only user here, so I put: [trusted] users = root groups = root in my ~/.hgrc, and now I can use hg from the command line with no warnings or errors about anything being untrusted. So far, great. But when I try to run, say, vc-annotate in Emacs, I get an Annotate buffer that says: abort: unknown revision 'Not trusting file /home/me/.../working-copy/.hg/hgrc from untrusted user root, group root Not trusting file /home/me/.../working-copy/.hg/hgrc from untrusted user root, group root 7648'! The message area says: Running hg annotate -d -n --follow -r... my-file.c...FAILED (status 255) I don't have anything in my .emacs related to vc or hg. Other commands, like vc-diff, work fine. What am I missing here?

Read the article
Authentication Order with SSH

- by Oz123

i am still have troubles mastering sshd - when I login with -v I see that ssh is authenticating the following way debug1: Authentications that can continue: publickey,gssapi-with-mic,password,hostbased I would like to change the order ... any idea how ? My bigger problem is that user with locked accounts, can still login via public-keys. I have found that I could add the user to a group "ssh-locked" add deny that group from sshing, but I am still wondering if there is a way to tell ssh'd : Please check password before keys ... Thanks, Oz

Read the article
Different buddy lists for different accounts in iChat

- by Idlecool

I have currently 4 accounts added to iChat, Standard GTalk GTalk For Google Apps Facebook Olark Facebook and Olark have their own Buddy List Group viz. Facebook and WebUser groups and thus those buddies come in a separate list, while the buddies from GTalk and GTalk from Google Apps do not have any group associated with them and they come under Buddies list. It's a bit of a pain because I want to have buddies from GTalk for Google Apps in a separate buddy list than the default one. Is it possible to do it in iChat?

Read the article
Can send to individual users but not when they are in a global distribution list.

- by Jake

I am able to send email to individual users but when not when they are in a distribution group. When I do I get this report. The message could not be delivered because the recipient's destination email system is unknown or invalid. Please check the address and try again, or contact your system administrator to verify connectivity to the email system of the recipient. #5.3.1 However, like I said before I can select their name from the GAL and send mail that way. Their email address is exactly the same in both the GAL and distribution group. The only difference is these users have external email addresses. Windows Server 2003 Exchange Server 2003 Outlook 2007 and 2010.

Read the article
OS X server 10.6 - how to restore default groups?

- by Zoran Simic

I've set up my OS X server as an open directory master first, then (experimenting), I've changed it to standalone server, then set it back as an open directory master again. Now, all the default groups I saw before are gone (Domain Administrators, Domain users etc). Do you know how to restore these groups? Note that the groups are gone only from the Workgroup Manager UI. They do seem to be still there otherwise. id -G gives the usual list of groups. If I create an account and makes its primary group 'staff', Workgroup Manager shows all the inherited groups properly (but not on the main list). If I create an account and associate it to a new group I just created, then the account has no inherited groups...

Read the article
unable to properly execute binaries from PHP

- by Lowgain

I was building an app on a SUSE box, and had a binary called create_group for instance, which had a suid bit and allowed my PHP app to call exec('create group grpname'); and create a new group (there are others for users, etc). The binary was a small c script that calls setuid(0) and then runs the user creation stuff. This worked perfectly on the SUSE box I recently moved my project to Ubuntu and everything works fine except these binaries. I can run them from the shell and they work okay, but when I get the PHP app to run them it just does nothing. Is there anything Ubuntu would be doing differently that I'm missing?

Read the article
restrict windows remote desktop

- by radioactive21

Is there any way to prevent users from launching and using remote desktop and to restrict it to only local admins or domain admins? The reason being is that we do not want users to remote desktop home, but at the same time we want it to be available to certain users like administrators or power users. Ideally there is a group policy that can be set to groups or users who have access to the remote desktop application from their machine. Clarifications: I need the machine to be able to still have remote desktop work, just only with a specific user or group. The point is that we allow certain users to use remote desktop and others to not have access to it. There are machines where there are multiple users, so we cant just block a whole machine or by IP. This needs to be done per a user account or login.

Read the article
One vs. many domain user accounts in a server farm

- by mjustin

We are in a migration process of a group of related computers (Intranet servers, SQL, application servers of one application) to a new domain. In the past we used one domain user account for every computer (web1, web2, appserver1, appserver2, sql1, sqlbackup ...) to access central Windows resources like network shares. Every computer also has a local user account with the same name. I am not sure if this is necessary, or if it would be easier to configure and maintain to use one domain user account. Are there key advantages / disadvantages of having one single user account vs. dedicated accounts per computer for this group of background servers? If I am not wrong, one advantage besides easier administration of the user account could be that moving installed applications and services around between the computers does not require a check of the access rights anymore. (Except where IP addresses or ports are used)

Read the article
Share in inbox in Google Apps Standard

- by Saif Bechan

I have recently signed up for the Standard account of Google apps. In my company I have certain email addresses that are handled by multiple users. For example the support emails are handled by multiple users. Now I have just multiple users log into the same account, but this is not a good practice. It can get quite messy when some emails are handled by different users but on the same email address. Now I looked into the groups option. I have made a group for [email protected], and added all the users to the group. Now everybody gets a copy of the support message sent. But its got a bigger mess because the users don't know who handles which message. Is there some workaround to this so I can make good use of this all in this way.

Read the article
MSSQL: Choice of service accounts

- by Troels Arvin

When installing MS SQL Server 2008, one needs to associate a service account with the installation (possibly even several accounts, one for the SQL Server Agent, one for Analysis Services, ..., but let's leave that for the case of simplicity). The service account may be local account, or a Windows domain account. If a domain account is used: Can MSSQL start, if connectivity to the domain controllers is temporarily down? If the answer is yes: Should each DBMS instance on each server have a separate account, or does it make sense to use a particular "MSSQL" domain account on all MSSQL-installations in the organization? If separate accounts are used for each instance on each server: Does it make sense to create a special MSSQL security group in the domain and place all the MSSQL service accounts in that group, perhaps to ease replication, etc? Is there a common, generally accepted naming convention for MSSQL service account(s)?

Read the article
Linux: Can I link multiple destinations via softlinks?

- by kds1398

Attempting to end up with something similar to this: $ ls -l lrwxrwxrwx 1 user group 4 Jun 28 2010 foo -> /home/bar lrwxrwxrwx 1 user group 4 Jun 29 2010 foo -> /etc/bar The intention is to be able to move a file to foo & have it go to both destination directories for now. The goal is to eventually unlink /home/bar link after confirming there are no issues with moving the files to /etc/bar. I am restricted in that I am unable to change or add to the process that moves the files.

Read the article
A proper way to create non-interactive accounts?

- by AndreyT

In order to use password-protected file sharing in a basic home network I want to create a number of non-interactive user accounts on a Windows 8 Pro machine in addition to the existing set of interactive accounts. The users that corresponds to those extra accounts will not use this machine interactively, so I don't want their accounts to be available for logon and I don't want their names to appear on welcome screen. In older versions of Windows Pro (up to Windows 7) I did this by first creating the accounts as members of "Users" group, and then including them into "Deny logon locally" list in Local Security Policy settings. This always had the desired effect. However, my question is whether this is the right/best way to do it. The reason I'm asking is that even though this method works in Windows 8 Pro as well, it has one little quirk: interactive users from "User" group are still able to see these extra user names when they go to the Metro screen and hit their own user name in the top-right corner (i.e. open "Sign out/Lock" menu). The command list that drops out contains "Sign out" and "Lock" commands as well as the names of other users (for "switch user" functionality). For some reason that list includes the extra users from "Deny logon locally" list. It is interesting to note that this happens when the current user belongs to "Users" group, but it does not happen when the current user is from "Administrators". For example, let's say I have three accounts on the machine: "Administrator" (from "Administrators", can logon locally), "A" (from "Users", can logon locally), "B" (from "Users", denied logon locally). When "Administrator" is logged in, he can only see user "A" listed in his Metro "Sign out/Lock" menu, i.e. all works as it should. But when user "A" is logged in, he can see both "Administrator" and user "B" in his "Sign out/Lock" menu. Expectedly, in the above example trying to switch from user "A" to user "B" by hitting "B" in the menu does not work: Windows jumps to welcome screen that lists only "Administrator" and "A". Anyway, on the surface this appears to be an interface-level bug in Windows 8. However, I'm wondering if going through "Deny logon locally" setting is the right way to do it in Windows 8. Is there any other way to create a hidden non-interactive user account?

Read the article
Problem running application on windows server 2008 instance using amazon ec2 service and WAMP

- by Siddharth

I have a basic (small type) windows server 2008 instance running on amazon ec2. I've installed WAMP server on to it, and have also loaded my application. I did this using Remote desktop Connection from my windows machine. I'm able to run my application locally on the instance, however when I try to access it using the public DNS given to it by amazon, from my browser, I'm unable to do so. My instance has a security group that is configured to allow HTTP, HTTPS, RDP, SSH and SMTP requests on different ports. In fact I have the exact same security group as the one used in this blog, http://howto.opml.org/dave/ec2/ I did almost everything same as the blog, except for using a different Amazon Machine Image. This is my first time using amazon ec2, and i can't figure out what I'm doing wrong here

Read the article

< Previous Page | 135 136 137 138 139 140 141 142 143 144 145 146 | Next Page >