Search Results

Search found 4884 results on 196 pages for 'ad hoc distribution'.

Page 15/196 | < Previous Page | 11 12 13 14 15 16 17 18 19 20 21 22  | Next Page >

  • Migrating 2008 AD to Windows SBS 2011 and Forefront TMG 2010

    - by Tong Wang
    Our company has two physical servers: a Dell R710 with 4 NIC and a Dell R410 with 2 NIC. Right now, we have Windows server 2008 R2 installed on R710 with AD setup to host our domain. I am thinking to install both SBS 2011 and TMG 2010 on the other R410 running on Hyper-V. As I am fairly new to Windows Server technology, I'd like to check with you fellow Windows admins and see what is the proper way to install SBS 2011 and TMG 2010 and how to migrate the 2008 AD. Your advice and help will be highly appreciated.

    Read the article

  • Best practice for authenticating DMZ against AD in LAN

    - by Sergei
    We have few customer facing servers in DMZ that also have user accounts , all accounts are in shadow password file. I am trying to consolidate user logons and thinking about letting LAN users to authenticate against Active Directory.Services needing authentication are Apache, Proftpd and ssh. After consulting security team I have setup authentication DMZ that has LDAPS proxy that in turn contacts another LDAPS proxy (proxy2) in LAN and this one passes authentication info via LDAP (as LDAP bind) to AD controller.Second LDAP proxy only needed because AD server refuses speak TLS with our secure LDAP implemetation. This works for Apache using appropriate module.At a later stage I may try to move customer accounts from servers to LDAP proxy so they are not scattered around servers. For SSH I joined proxy2 to Windows domain so users can logon using their windows credentials.Then I created ssh keys and copied them to DMZ servers using ssh-copy, to enable passwordless logon once users are authenticated. Is this a good way to implement this kind of SSO?Did I miss any security issues here or maybe there is a better way ofachieving my goal?

    Read the article

  • VisualSVN Server won't work with AD, will with local accounts

    - by frustrato
    Decided recently to switch VisualSVN from local users to AD users, so we could easily add other employees. I added myself, gave Read/Write privileges across the whole repo, and then tried to log in. Whether I'm using tortoisesvn or the web client, I get a 403 Forbidden error: You don't have permission to access /svn/main/ on this server. I Googled a bit, but only found mention of phantom groups in the authz file. I don't have any of those. Any ideas? It works just fine with local accounts. EDIT: Don't know why I didn't try this earlier, but adding the domain before the username makes it work, ie MAIN/Bob. This normally only works when there are conflicting usernames...one local, one in AD, but for whatever reason it works here too. Kinda silly, but I can live with it.

    Read the article

  • Windows NT workstation on AD domain

    - by Tom
    We run a Windows NT workstation connected to special manufacturing equipment, that everyone is deathly afraid to touch. It has custom software and special cards inside of the machine, making a rebuild impossible. The problem is, we are migrating to an AD domain from an NT domain, and this workstation stills needs access to storage on the network (AD computers). How should I go about doing this, after we get rid of our NT Domain controller? Upgrading to 2000 is not an option (so says management). I know, I know, if it dies we are in trouble. But that's managements choice, we just need to get rid of this NT domain.

    Read the article

  • Remote site AD design (2003)

    - by Boy Mars
    A remote site has about 25 of our 50-ish employees. They have their own AD domain presently (2003) but I want to look at getting them onto the same global domain for ease of access/administration. The remote site has a VPN link but line speeds are very poor. I am already aware of tools like ADMT and have done a few migrations in the past (NT/2003 domains), but this is the first time I have the luxury of designing how this domain is organised. So I'm looking for tips on good AD design; would a remote site be better served as a sub-domain? would this reduce traffic? I am only currently looking at 2003 since only existing machine will be used.

    Read the article

  • LDAP Authentication for multiple AD Domains

    - by TrevJen
    I have 3 full trust domains (2 child and one root). I need to use LDAP to allow authntication for domain users. The trick is that I need the application to use an AD server for the child domain BUT proxy the LDAP query and authentication for the root domain. I see that it maty be possible with AD LDS and some trusts and synching, but it looks pretty hairy and overly complicated. The short of it is: 3 domains (Parent, ChildA, ChildB) My 3rd party app will need to use ChildA domain servers to authenticate either: a. a user in the parent domain or b. a user in the ChildB domain I already have full trusts between all domains, and regular NTLM authentication works fine (unless you are trying to authenticate with LDAP)

    Read the article

  • How a password is transmited to AD Server

    - by erdogany
    My question is how ADSI performs SetPassword operation. According to what I have read ADSI is a COM interface and it has more capabilities than AD provides through LDAP. While you are suppose to update unicodePwd attribute of a personaccount entity through LDAP, ADSI provides you SetPassword call. I know that ADSI & AD provides Kerberos during authentication. So how the password is transmitted to server when SetPassword is called? Is it raw binary unencrypted data? Or does Kerberos comes into play at this call?

    Read the article

  • How to change aging AD password while connected over VPN from Mac

    - by Franek Kuciapa
    I am connecting to the office from mac via VPN, Cisco AnyConnect Secure Mobility Client. I do not know what to do when my AD password on the firm side will age and approach expiration to ensure that my Mac and VPN continue to work afterwards. Is the proper thing to do in this case to connect via VPN and then change the password on Mac via System Preferences, Users & Groups? Will this update the AD on the server side? Will it sync the PointSec as well that is running on the Mac? Or is a better procedure to RDP to a Windows box while connected over VPN and change the password there hoping the Mac will somehow sync up ?? Running Mountain Lion on the Mac.

    Read the article

  • Sharepoint Server 2007 generates event log entry every 5 minutes - "The SSP Timer Job Distribution L

    - by Teevus
    I get the following error logged into the Event Log every 5 minutes: The SSP Timer Job Distribution List Import Job was not run. Reason: Logon failure: the user has not been granted the requested logon type at this computer In addition, OWSTimer.exe periodically gets into a state where its consuming almost all the CPU and only killing the process or restarting the Sharepoint services fixes it (although I'm not sure if this is a related or seperate issue). I have tried the following (based on various suggestions floating around the web), all to no avail: iisreset (no affect) Added the Sharepoint and Sharepoint Search service accounts to Log on as a batch job and Log on as a service policies in the Group Policies for the domain. I went into the Local Computer Policy on the Sharepoint server and verified that those policies had actually been applied Verified that the Sharepoint and Sharepoint Search service accounts are both in the WSS_WPG group Verified in dcomcnfg that the WSS_WPG group (and indeed the Sharepoint and Sharepoint search service accounts) has local activation rights for SPSearch. Any more suggestions would be valued. Thanks

    Read the article

  • Can't make updates with LDAP from Linux box to Windows AD

    - by amburnside
    I have a webapp (built using Zend Framework - PHP) that runs on a Linux environment which needs to authenticate against Active Directory on a Windows server. So far my webapp can authenticate with LDAPS, but cannot perform any kind of write operation (add/update/delete). It can only read. I have configured my server as follows: I have exported the CA Certificate from my Windows AD server to /etc/opendldap/certs I have created a pem file based on this certificate using openssl I have update /etc/openldap/ldap.conf so that it knows where to look for the pem certificate: TLS_CACERT /etc/openldap/certs/xyz.internal.pem When I run my script, I get the following error: 0x35 (Server is unwilling to perform; 0000209A: SvcErr: DSID-031A1021, problem 5003 (WILL_NOT_PERFORM), data 0 ): Have I missed something with my configuration, which is causing the server to reject making updates to AD?

    Read the article

  • Windows Server 2003 AD User Properties Environment doesn't override end user Remote Desktop Client s

    - by caleban
    Windows Server 2003 Domain Controller and Windows XP workstations: Active Directory Users and Computers/Users/User/Properties/Environment/Client devices Connect client drives at logon Connect client printers at logon Shouldn't the above Terminal Services settings in Active Directory override the end user Remote Desktop client settings? In our environment the end user Remote Desktop Client settings take precedence. If printing is disabled on the client but enabled in the user's AD profile then printing is not available. Is this working by design or can I change something to allow the user environment settings in AD to override the end user settings RDC settings?

    Read the article

  • Samba Server needs to have AD authentication

    - by vivek
    My Linux server is connected to AD via Bind DN and password (without domain joining). It is using sssd for authentication. I am able to ssh and login without any issue. I have a proper setup of uid and guid, etc. .. There is no issue with logging to the linux server. I want the samba service to use AD accounts, but I can't find documentation for how to configure it in this case. Can anyone explain how to configure samba to use active directory for authentication on a system using sssd?

    Read the article

  • CentOS 6 - YUM Local Repo - Ensure consistent package distribution

    - by Mike Purcell
    I've read a few guides outlining how to setup a local YUM repo, but none of them explicitly stated an answer to my question; If I set up a local YUM repo, does that mean that any CentOS servers which pull from said repo will never be "ahead" of the local YUM repo? I want to ensure a consistent package distribution across all my servers. Right now, when I do a yum update, even on a daily basis, the servers can be out of alignment. For example if I run YUM update on my dev server in the morning, then run YUM update on one of my production servers in the afternoon, the production server may have picked up a new version of a package that the dev server did not pick up, due to the time window between the update commands. Rather, I'd prefer that I run yum update from my dev server which has access to remote upstream yum repos, then let it sit for 2 weeks, after which I run yum update on my production servers against the local repo on my dev server.

    Read the article

  • Exchange 2010 Cmdlets for Sent Items in a Distribution group

    - by Jimmy Jones
    Here is the scenario that I am in and am stuck on how to get this the correct way. What I'm looking for is a syntax that will provide me with statistics on what users have emailed "Sent" for the day. I would like to know get information on what all users of a specific distribution group has emailed for the day. I have tried the following to no avail. Get-Mailbox | Get-MailboxFolderStatistics -FolderScope SentItems | Where {$_.ItemsInFolder -gt 0} | -Start "06/14/2012 9:00AM" -End "06/14/2012 5:00PM" | Sort-Object -Property ItemsInFolder -Descending | select-object Identity,ItemsInFolder | export-csv c:\test.txt Get-MessageTrackingLog -Start "06/14/2012 9:00AM" -End "06/14/2012 5:00PM" -Sender "" | measure-object - This one will only work on specified users, but I need to check the whole group. If anyone could help me out. Thank you!!!

    Read the article

  • Send mail from a distribution group's email address

    - by Campo
    A user has send permission on a distro group on a WINDOWS SERVER 2003 domain. I am the admin. When either of us sends email using the distribution group's email adress we get a non delivery report Your message did not reach some or all of the intended recipients. Subject: TEST Sent: 4/19/2010 4:46 PM The following recipient(s) cannot be reached: [email protected] on 4/19/2010 4:46 PM You do not have permission to send to this recipient. For assistance, contact your system administrator. MSEXCH:MSExchangeIS:/DC=local/DC=DOMAIN:SERVERNAME Thanks, JC

    Read the article

  • Best Small Linux Distribution for rDesktop

    - by d2jxp
    What would be the best linux distribution to use just for the purpose of rDesktop? We're trying to decide if we should get rid of old computers or just use them as thin-clients to connect to virtual Windows 7 machines on our network. I would like something with as little bloat as possible and can be run from a USB flash drive. I have tried SliTaz, ThinStation, and Pixil from Century Software. SliTaz has been my favorite so far but I still want to know if there's something better that's also easily customizable.

    Read the article

  • VisualSVN Server won't work with AD, will with local accounts

    - by frustrato
    Decided recently to switch VisualSVN from local users to AD users, so we could easily add other employees. I added myself, gave Read/Write privileges across the whole repo, and then tried to log in. Whether I'm using tortoisesvn or the web client, I get a 403 Forbidden error: You don't have permission to access /svn/main/ on this server. I Googled a bit, but only found mention of phantom groups in the authz file. I don't have any of those. Any ideas? It works just fine with local accounts. EDIT: Don't know why I didn't try this earlier, but adding the domain before the username makes it work, ie MAIN/Bob. This normally only works when there are conflicting usernames...one local, one in AD, but for whatever reason it works here too. Kinda silly, but I can live with it.

    Read the article

  • Encrypt shared files on AD Domain.

    - by Walter
    Can I encrypt shared files on windows server and allow only authenticated domain users have access to these files? The scenario as follows: I have a software development company, and I would like to protect my source code from being copied by my programmers. One problem is that some programmers use their own laptops to developing the company's software. In this scenario it's impossible to prevent developers from copying the source code for their laptops. In this case I thought about the following solution, but i don't know if it's possible to implement. The idea is to encrypt the source code and they are accessible (decrypted) only when developers are logged into the AD domain, ie if they are not logged into the AD domain, the source code would be encrypted be useless. Can be implemented this ? What technology should be used?

    Read the article

  • Encrypt shared files on AD Domain.

    - by Walter
    Can I encrypt shared files on windows server and allow only authenticated domain users have access to these files? The scenario as follows: I have a software development company, and I would like to protect my source code from being copied by my programmers. One problem is that some programmers use their own laptops to developing the company's software. In this scenario it's impossible to prevent developers from copying the source code for their laptops. In this case I thought about the following solution, but i don't know if it's possible to implement. The idea is to encrypt the source code and they are accessible (decrypted) only when developers are logged into the AD domain, ie if they are not logged into the AD domain, the source code would be encrypted be useless. How can be implemented this using EFS?

    Read the article

  • AD Authentication fails in local machine but works from Production server

    - by jesu
    Hi i am using a AD authentication and facing 2 problems. Authentication works fine when i move the application to a production server but FAILS in my LOCAL machine. Both local machine and server are in same domain and used same domain account logging in. When the machine logs in the users with domain account , AD authentication from the application says that the account is not valid. Please suggest me , if you can find out the problem and ways to recover. thanks in advance! Regards jesu

    Read the article

  • SharePoint 2010 with AD

    - by Tim Decuypere
    We are students and we have to make a project by using SharePoint. We have already learned the basic steps of SharePoint 2010 but now we have some problems with using the Active Directory. We've deleted SharePoint from the server and afterwards we've installed the AD-role and finished dcpromo. When we’ve reinstalled SharePoint 2010, we have some problems in the configuration of SharePoint. It automatically ask for a Databaseserver but we don't have one in the company of our project. My question is if there is any possibility to use SharePoint with AD and without a Databaseserver. If it is possible it would be nice to tell me how.

    Read the article

  • NIS AD password synch for new accounts

    - by user135004
    I have a Win2k3R2 DC with NIS. All is working well but its no longer synching the passwords for new accounts. When creating a new AD user, NIS does its thing and sends its Unix account to the synched linux server. It's doing everything its supposed to do but not the users password to the server (getent passwd returns the ABCD!efgh12345$67890 password for the new account). Thinking that password synchronization is not working, I changed the password of an existing working account and it synchs the new password. If I delete a new or old AD user, it deletes it on the linked linux server as well. All this tells me that NIS is doing its thing (at least with existing accounts) No updates have been installed on the DC. I am not even sure where to start here.

    Read the article

  • Automate new AD user's home folder creation and permission setup

    - by vn.
    I know if we setup a base folder or a profile path in the Profile tab of an AD user, we can copy it and the folder creation and permission setup will be automated. My problem is that not all my users have a roaming profile and the home folder linking is done thru GPO. When I copy from these users, the home folder isn't created automatically and I have to create it manually and change permission and ownership on that folder, located on the fileserver. What should I do? A script may be nice but it'd have to be run everytime a new user is created and I don't think we can link a script to an AD user creation? I'd like to avoid any manual steps and keep my GPO that way. Using a W2008r2 DC on w7 client boxes. Thanks.

    Read the article

< Previous Page | 11 12 13 14 15 16 17 18 19 20 21 22  | Next Page >