Search Results

Search found 874 results on 35 pages for 'policies'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 15/35 | < Previous Page | 11 12 13 14 15 16 17 18 19 20 21 22  | Next Page >

  • Win Server 2008 force kerberos setting

    - by ftiaronsem
    I am currently facing the problem that a linux machine running Ubuntu 10.04 LTS with samba and winbindd installed is unable to join a Domain, that is managed by a Windows 2008 DC. The linux config, is probably alright, since I have successfully used it at multiple sites, running 2008 as well as 2003 DCs. The error I get ("libads/kerberos.c: Join to domain is not valid. Client credentials have been revoked"), indicates that there is a kerberos problem. Normally the linux box is supposed to authenticate via NTLM and is configured that way. The only reason I can image why it tries kerberos is that the DC is forcing it. Do you know whether there is any setting in the security policies of a window 2008 server, that would completely block NTLM, forcing kerberos? If so, where can I find this setting?

    Read the article

  • BES and BES Express co-existance

    - by ITGuy24
    Question: Can I deploy BES and BES Express with Exchange 2010? Any tips for doing this if possible? Background: We have a lot of users with personal BlackBerry's and we would like to allow them to start using their devices for receviing corporate email. We don't need full BES features for these users, just the ability to enforce passwords and remotely wipe. Plus users have never wanted to upgrade their data plans to the more expensive BES plans. So BES Express is a great fit. We already have an existing BES, for corporate owned BB's. We want to keep this as is allows us to enforce several policies, not available on BES Express.

    Read the article

  • gpupdate failing when using Samba 4 AD DC

    - by darthfoolish
    I have a Samba 4 AD domain running with 2 DCs on Centos 6.5, with a named DNS backend. I have multiple Windows 7 machines joined to this domain, which is fine. However, I can't get GPOs to apply. When running gpupdate, I get the following output The processing of Group Policy failed. Windows attempted to read the file \\sysvol\\Policies{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini Obviously, you don't normally see what it's trying to connect to when it's successful, but I would have thought the first place shows up, I should be seeing So, what governs what data gets put in between those angle brackets? If it is just supposed to be the domain, then what else could be going wrong? Thanks in advance for any help.

    Read the article

  • Bridging VirtualBox over OpenVPN TAC adapter on Windows

    - by Sean Edwards
    I'm trying to configure a virtual machine (VirtualBox guest running Backtrack 4) with a bridged adapter over a VPN connection. The VPN is is hosted by the cybersecurity club at my university, and connects to a sandboxed LAN designed for penetration testing against various servers that the club has built. My host (Windows 7 Ultimate) connects to the VPN fine and is assigned an IP through DHCP, but for some reason the VM can't do the same thing, and I'm not sure why. It's like OpenVPN is filtering out packets from the MAC address it doesn't recognize. I want the virtual machine to bridge over the VPN connection, because our IT office has very strict policies about what you can and can't do on the network. I want to be able to run active attacks (ARP spoofing, nmap, Nessus scans) in the sandbox environment without risking the traffic accidentally going over the university network and getting my internet access revoked. Bridging over the VPN connection and running all attacks from inside the VM would solve that problem. Any idea why the host can use this interface, but the VM can't?

    Read the article

  • Temporarily disable an AD server

    - by 3molo
    Topology and setup We have main office A, and branch office (abroad) B. Our ISP somehow messed up the MPLS, and office A<B will not be connected until a few days. At location B, we have an AD (and the other two ADs at location A). Location A also have an exchange server. The problems A few users at A have problem to login to their computers running Windows XP, the logon process kind of hangs where "Applying computer policies". Additionally, I can't start the Exchange management shell, it fails on get-recipient because the AD abroad (location B) is unreachable. Solution? I could delete the AD at B, but Im pretty sure it will be a hazzle to re-join it, and since the office is abroad it's not an option to just go there and re-install it - re join, I now wonder how I in location As primary and secondary ADs can temporarily disable AD at location B.

    Read the article

  • Windows 7 - can't uninstall application as admin

    - by James Atkinson
    I'm trying to uninstall Microsoft Virtual PC 2007 from my Windows 7 machine. Logged in as administrator, when I attempt to uninstall I get a messagebox stating "The system administrator has set policies to prevent this installation." Excuse me? No I haven't. Immediately following, another messagebox displays: "You do not have sufficient access to uninstall Microsoft Virtual PC 2007. Please contact your system administrator." I didn't do anything unusual when installing or setting up the software. Just normal home use computer. Any ideas on how to remove this software?

    Read the article

  • How to disable Tcp/Ip settings in windows 7 via GPO?

    - by Akash Kava
    I have enabled following policies, "Prohibit TCP/IP advanced connection" "Prohibit access to properties of components of a LAN connection" "Enable Windows 2000 Network Connections setings for Administrators" after doing all these, all machines running windows xp, 2000 and vista have network settings properties button disabled as expected. However all machines running windows 7 have no effect, I believe there are few more steps, all Windows 7 machines are on domain and we want to control this via Domain Controler's GPO. Please let me know, what I need to do to have Windows 7 disable the properties of network connection, I am not network expert, I read few articles about what new has been added in GPO of windows 7 but I am blank. Everything works fine on Windows XP, Vista, 2003 Server. Only Windows 7 is a problem.

    Read the article

  • Server Core remote management from Windows 7 machine

    - by Robert Koritnik
    I've installed Remote Server Administration Tools for Windows 7 because I would like to administer my Windows Server 2008 R2 Server Core machine. The problem that I'm getting when I try to run Server Manager is: Connecting to remote server failed with the following error message: Access is denied. For more information, see the about_Remote_Troubleshooting Help topic. This is what I've done so far: I'm running WinRM service on both machines (Server and Window 7) I've added my server to trusted hosts on my Windows 7 machine: winrm set winrm/config/client @{TrustedHosts="WINSRV2"} I've added registry entry on Windows 7 machine: reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f I've enabled Remote Management inbound rule on server firewall using CoreConfigurator 2.0 both machines are in the same subnet and when I search for network machines on Windows 7 I see my server. Question What else should I do to make it work? I would like to run several different remote management tools against my server machine.

    Read the article

  • How to get Windows 7 logon wallpaper to tile to other monitors?

    - by Oskar Duveborn
    In 2000/XP/Vista it was easy to set a wallpaper for the logon screen, either manually through tools like Logonstudio or simple registry changes by hand on prepared installation images or through custom group policies. In Windows 7 all this works as usual, but the secondary (or any additional) monitor is just black. The mouse pointer is visible on it but no matter what settings I can't get the wallpaper to tile (or stretch or fill or whatever) over onto it. This makes it hard to OEM/company brand the installation for multi-monitor users. More annoying is the fact that it looks officially supported to brand the logon wallpaper in Windows 7 - as it's made extremely easy... apart from this little catch.

    Read the article

  • Client/server application RPC connection gets disconnected very frequently

    - by Chris Thompson
    I have a client/server application that uses RPC for the client to communicate with the server. Fairly regularly, I get an event in the Application log that the RPC connection was disconnected: Client callback failed ((0x80010108) ) I have the Windows Firewall disabled on both machines. I've even run the client on a second computer with a clean Windows XP install without any group policies. This has been going on for a long time and no one has been able to figure out why it's happening. The same client/server app works fine at other client locations. Any thoughts?

    Read the article

  • Chaotic behavior of a dead pixel on my iMac 24"

    - by Vincent Robert
    Since I bought my iMac last year, I have a white pixel on the left of my screen. I'm ok with that, one pixel is not much and I know about dead pixels policies. My problem is about understanding this "dead" pixel. But this pixel has a strange behavior. At first, it seems to be always white, but it is actually working ok under certain conditions: the mouse pointer a contextual menu Dock icons a QuickLooks video played in fullscreen other spaces than "1" The "QuickLooks fullscreen video" and "other spaces" are the one that disturb me the most. In these modes, my pixel is working fine, so it must be a software problem since my pixel is working correctly in those modes. Any ideas?

    Read the article

  • Is there a free-embedded SSH solution ?

    - by ereOn
    Hi, I'm working for an important company which has some severe network policies. I'd like to connect from my work, to my home linux server (mainly because it allows me to monitor my home-automated installation, but that's off-topic) but of course, any ssh connection (tcp port 22) to an external site is blocked. While I understand why this is done (to avoid ssh tunnels I guess), I really need to have some access to my box. (Well, "need" might be exagerated, but that would be nice ;) Do you know any web-based solution that I could install on my home linux server that would give me some pseudo-terminal (served using https) embedded in a web page ? I'm not necessarily looking for something graphical: a simple web-embedded ssh console would do the trick. Or do you guys see any other solution that wouldn't compromise network security ? Thank you very much for your solutions/advices.

    Read the article

  • Filemaker 10 Advanced sending email via script & SMTP

    - by Sean
    We are using a windows server box to run the databases but we have found via the headers that the emails are send from the local workstation. We have moved to a new email system and have set up a local linux server to securely send email out of our network to devices that do not support new protocols and encryption. But once we set up the script in filemaker 10 advanced (the local machine os x) we set it to the ip of our local box with no authentication but it does not send out an email. It creates a connection we see in the logs on the linux box but nothing more, additionally you can start a telnet connection with no issues. We have also made sure that there are no additional issue that we can see in our firewall policies. Any ideas where we should start? Does Filemaker 10 advanced log errors anywhere because I could not find any log files.

    Read the article

  • IE6 blocking all intranet cookies.. please help

    - by BillMan
    So today, IE6 just suddenly started blocking cookies in my local intranet. It accepts cookies from the internet zone just fine. I tried overriding all the cookies policies with no help (adding my site, etc). When looking why the cookies are blocked, I get messages saying that "IE couldn't find privacy policy for http://mysite...". This is killing me.. been reading a couple knowledge base articles about deleting registry keys, and nothing has worked. Any help would be appreciated. Probably related, I was using the IE developer toolbar yesterday to test the behavior of browsers with cookies disabled. Now the option to disable cookies just has a "-" next to it. I removed the toolbar to see if that helped.. nothing..

    Read the article

  • Granting rights to the sa account using osql

    - by Jan Jongboom
    I'm installing sql instances through script, and after creating a certain instance, I cannot get the sa account to be enabled through osql. What I've tried osql -S .\INSTANCENAME -E use master ALTER LOGIN sa ENABLE GO Using SSMS to enable the account (by logging in using Windows Auth., 'New query', and exactly the same query as in 1.) Suggestions in this issue No. 2. is actually working; and the account is enabled instantly. No 1 is not working, not even with the suggestions provided in 3., I have restarted the SQL services after executing the commands in osql. Additional info Windows 2003 Server, Microsoft SQL Server 2005 Enterprise, No password policies apply to the account.

    Read the article

  • Linux policy routing - packets not coming back

    - by Bugsik
    i am trying to set up policy routing on my home server. My network looks like this: Host routed VPN gateway Internet link through VPN 192.168.0.35/24 ---> 192.168.0.5/24 ---> 192.168.0.1 DSL router 10.200.2.235/22 .... .... 10.200.0.1 VPN server The traffic from 192.168.0.32/27 should be and is routed through VPN. I wanted to define some routing policies to route some traffic from 192.168.0.5 through VPN as well - for start - from user with uid 2000. Policy routing is done using iptables mark target and ip rule fwmark. The problem: When connecting using user 2000 from 192.168.0.5 tcpdump shows outgoing packets, but nothing comes back. Traffic from 192.168.0.35 works fine (here I am not using fwmark but src policy). Here is my VPN gateway setup: # uname -a Linux placebo 3.2.0-34-generic #53-Ubuntu SMP Thu Nov 15 10:49:02 UTC 2012 i686 i686 i386 GNU/Linux # iptables -V iptables v1.4.12 # ip -V ip utility, iproute2-ss111117 IPtables rules (all policies in table filter are ACCEPT) # iptables -t mangle -nvL Chain PREROUTING (policy ACCEPT 770K packets, 314M bytes) pkts bytes target prot opt in out source destination Chain INPUT (policy ACCEPT 767K packets, 312M bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 5520 packets, 1920K bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 782K packets, 901M bytes) pkts bytes target prot opt in out source destination 74 4707 MARK all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 2000 MARK set 0x3 Chain POSTROUTING (policy ACCEPT 788K packets, 903M bytes) pkts bytes target prot opt in out source destination # iptables -t nat -nvL Chain PREROUTING (policy ACCEPT 996 packets, 51172 bytes) pkts bytes target prot opt in out source destination Chain INPUT (policy ACCEPT 7 packets, 432 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 1364 packets, 112K bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 2302 packets, 160K bytes) pkts bytes target prot opt in out source destination 119 7588 MASQUERADE all -- * vpn 0.0.0.0/0 0.0.0.0/0 Routing: # ip addr show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master lan state UNKNOWN qlen 1000 link/ether 00:40:63:f9:c3:8f brd ff:ff:ff:ff:ff:ff valid_lft forever preferred_lft forever 3: lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP link/ether 00:40:63:f9:c3:8f brd ff:ff:ff:ff:ff:ff inet 192.168.0.5/24 brd 192.168.0.255 scope global lan inet6 fe80::240:63ff:fef9:c38f/64 scope link valid_lft forever preferred_lft forever 4: vpn: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 100 link/none inet 10.200.2.235/22 brd 10.200.3.255 scope global vpn # ip rule show 0: from all lookup local 32764: from all fwmark 0x3 lookup VPN 32765: from 192.168.0.32/27 lookup VPN 32766: from all lookup main 32767: from all lookup default # ip route show table VPN default via 10.200.0.1 dev vpn 10.200.0.0/22 dev vpn proto kernel scope link src 10.200.2.235 192.168.0.0/24 dev lan proto kernel scope link src 192.168.0.5 # ip route show default via 192.168.0.1 dev lan metric 100 10.200.0.0/22 dev vpn proto kernel scope link src 10.200.2.235 192.168.0.0/24 dev lan proto kernel scope link src 192.168.0.5 TCP dump showing no traffic coming back when connection is made from 192.168.0.5 user 2000 # tcpdump -i vpn tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on vpn, link-type RAW (Raw IP), capture size 65535 bytes ### Traffic from user 2000 on 192.168.0.5 ### 10:19:05.629985 IP 10.200.2.235.37291 > 10.100-78-194.akamai.com.http: Flags [S], seq 2868799562, win 14600, options [mss 1460,sackOK,TS val 6887764 ecr 0,nop,wscale 4], length 0 10:19:21.678001 IP 10.200.2.235.37291 > 10.100-78-194.akamai.com.http: Flags [S], seq 2868799562, win 14600, options [mss 1460,sackOK,TS val 6891776 ecr 0,nop,wscale 4], length 0 ### Traffic from 192.168.0.35 ### 10:23:12.066174 IP 10.200.2.235.49247 > 10.100-78-194.akamai.com.http: Flags [S], seq 2294159276, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 557451322 ecr 0,sackOK,eol], length 0 10:23:12.265640 IP 10.100-78-194.akamai.com.http > 10.200.2.235.49247: Flags [S.], seq 2521908813, ack 2294159277, win 14480, options [mss 1367,sackOK,TS val 388565772 ecr 557451322,nop,wscale 1], length 0 10:23:12.276573 IP 10.200.2.235.49247 > 10.100-78-194.akamai.com.http: Flags [.], ack 1, win 8214, options [nop,nop,TS val 557451534 ecr 388565772], length 0 10:23:12.293030 IP 10.200.2.235.49247 > 10.100-78-194.akamai.com.http: Flags [P.], seq 1:480, ack 1, win 8214, options [nop,nop,TS val 557451552 ecr 388565772], length 479 10:23:12.574773 IP 10.100-78-194.akamai.com.http > 10.200.2.235.49247: Flags [.], ack 480, win 7776, options [nop,nop,TS val 388566081 ecr 557451552], length 0

    Read the article

  • Using schtasks in interactive mode

    - by CFP
    Hello! I'd like to create a scheduled task from the command line, in interactive mode. The at hh:mm /interactive program command fails, stating that security policies do not allow interactive execution. I'd therefore like to use the schtasks command. But when I type something like schtasks /Create /TN MyTask /SC DAILY /ST "13:10" /TR "notepad.exe" /V1 /F I get a message asking for my password, although I haven't set a password for my session. And when I leave the field blank, the command line answers that the task won't be able to run. How can I fix this problem? And how can I make the task interactive? Using /RU SYSTEM prevents the task from being run in interactive mode. Thanks! CFP.

    Read the article

  • "Account locked out" security event at midnight

    - by Kev
    The last three midnights I've gotten an Event ID 539 in the log...about my own account: Event Type: Failure Audit Event Source: Security Event Category: Logon/Logoff Event ID: 539 Date: 2010-04-26 Time: 12:00:20 AM User: NT AUTHORITY\SYSTEM Computer: SERVERNAME Description: Logon Failure: Reason: Account locked out User Name: MyUser Domain: MYDOMAIN Logon Type: 3 Logon Process: NtLmSsp Authentication Package: NTLM Workstation Name: SERVERNAME Caller User Name: - Caller Domain: - Caller Logon ID: - Caller Process ID: - Transited Services: - Source Network Address: - Source Port: - It's always within a half minute of midnight. There are no login attempts before it. Right after it (in the same second) there's a success audit entry: Logon attempt using explicit credentials: Logged on user: User Name: SERVERNAME$ Domain: MYDOMAIN Logon ID: (0x0,0x3E7) Logon GUID: - User whose credentials were used: Target User Name: MyUser Target Domain: MYDOMAIN Target Logon GUID: - Target Server Name: servername.mydomain.lan Target Server Info: servername.mydomain.lan Caller Process ID: 2724 Source Network Address: - Source Port: - The process ID was the same on all three of them, so I looked it up, and right now at least it maps to TCP/IP Services (Microsoft). I don't believe I changed any policies or anything on Friday. How should I interpret this?

    Read the article

  • Password problem while creating domain

    - by Murdock
    Hi, I'm freshman so far in server management stuff but this seems to be clearly against logic. After updating my Windows Server 2008 Standard 32bit, installing DNS server and AD DS I wanted to create domain via using CMD and dcpromo.exe setup. But no matter if I disable demand for comlex password in Password policies or create a password which fully comply with requirements for strong and complex password, still I can't get any further and it says that my password doesn't meet requirements. I'm also asked there to activate password demand by NET USER -passwordreq:yes and when I do so, this password doesn't work any more and I have to remove it from other admin account to be at least able to login with proper Administrator account.

    Read the article

  • Change Win7 desktop background via Win2k3 Group Policy

    - by microchasm
    I'm experiencing some strange behavior: I have set the following policies: User Configuration\Administrative templates\Desktop\Active Desktop Enable active desktop [enabled] Active Desktop Wallpaper [set to local path -- quadruple checked; path is correct] Allow only bitmap wallpaper [disabled] gpupdate /force, log out, log back in, and the background is just black. If I go into themes, and select Windows 7, the appointed background then shows (it also flashes when logging out). gpresult I've tried: http://social.technet.microsoft.com/Forums/en/winserverGP/thread/a1ebfe81-421e-4630-8c1f-8068222ee533 http://support.microsoft.com/default.aspx?scid=kb;EN-US;977944 http://social.technet.microsoft.com/Forums/en/w7itproui/thread/5b9e513a-d504-451d-a121-b4f94893d96d and a few other things, but nothing seems to be working :/ Thanks for any help/tips/advice.

    Read the article

  • Best security practice for small networks - wifi, lan,

    - by Grimlockz
    We regularly setup small networks for clients in different locations to allow them to work on different products now the question what should be the best security practice. Currently we have a wifi enabled with WPA2 and most laptops connect to this but some will connect to a cabled switch connecting to the router. We are thinking on what we should do to increase the security on our small networks - We do have have security on the laptops so you can share directly to the other persons drive by a simple Windows user account. Some suggestions are: We get a LAN switch with ACL control and mac filtering for the hard wired connections? We get acl working on the wifi via a good Cisco router? ipSec policies on all machines? IP filtering and fixed IPs? I suppose people are worried that anyone can plug into the switches and get the access to the network . Summary: Maintain a level of decent security that can be replicated easily to every setup that we do for clients

    Read the article

  • Why does a group policy not applied to the domain administrator account?

    - by Saariko
    I have a working policy on my entire domain. I just found out, when logging with the domain administrator, that this policy is not applied (EDIT: Running : gpresult shows that the GPO's are applied - but, this GPO is for Drive Mappings, and the actual drive mappings are NOT shown) The administrator account - does not have any login script on his profile tab. My GPO's are mainly small/atomic settings: single GPO to handle each settings: UAC, Firewall, printers. GPO status for the object is enabled That's an overview of the Drive Maps: Reading on MS support site, I checked the delegation tab, and it is marked as applied to domain and enterprise admins. Every user gets these policies correctly. The OU that is set is the root of the domain. (for testing purpose - I did that to eliminate hierarchy issues - did not help) Block Inheritance is disabled. (never used it anyway) GPO link GPO Security Filterings

    Read the article

  • What happens when Oracle's Enterprise Single-Sign-On database goes down? [migrated]

    - by Unai
    We're working on setting up Oracle's Enterprise Single-Sign-On with High Availability. At the moment every component provides HA except our database backend (i.e. we have just one instance). While conducting some kick-the-plug tests we learnt that the ESSO system works even with the database turned OFF. This was a nice surprise but now we need to understand what are the implications of a database failure; sure the sessions might be handled on the application servers and the policies might have been cached but... for how long? how big is this cache? what is the role of the database? I would appreciate if anyone shares her/his experience and/or points out to documentation that covers this. Thank you so much.

    Read the article

  • Windows 7 offline files - work temporarily offline even if network connection works

    - by Robert
    Sometimes I am connected via VPN to a network containing the server where files are stored which are cached by Windows offline files feature. Sometimes the connection works good and working this way is not a problem - on other times working is quite a pain because of high latency when working with the files in the Windows explorer. Is there an interactive way how a user (with admin permissions) can temporary suspend online usage of offline files? I already activated the "Transparent caching" group policy feature (Computer Configuration Policies Administrative Templates Networks Offline Files) with a network latency of 200msec but from my experience even if I get ping times to the file server of less than 40msec online usage is quite tenacious. Setting low latency times at this point causes the offline files often to toggle which makes problems with some applications working with several files and requires them to be consistent (like SVN client).

    Read the article

  • Group Policy processing and autologon on Windows 7

    - by Jason Berg
    I'm trying to accomplish a few things via Group Policy on Windows 7. Software Installation, map drives, map printer, etc. I've got these computers set to autologon. The problem I'm running into is that the computers logon before DHCP has done its thing. Therefore, they don't apply any group policies properly. How do I fix this? I've already set a policy to "Always wait for the network at computer startup and logon". I've read up a bit and this doesn't actually mean that it waits for DHCP. So it's a little pointless. Anything that would delay logon would work. Or if I can somehow make the computer wait for DHCP.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 11 12 13 14 15 16 17 18 19 20 21 22  | Next Page >