Search Results

Search found 818 results on 33 pages for 'trusted'.

Page 15/33 | < Previous Page | 11 12 13 14 15 16 17 18 19 20 21 22  | Next Page >

  • Intel Xeon vt-d query

    - by deploymonkey
    Does Xeon westmere ep (xeon 56xx series) have vt-d (=iommy / direct io) or does intel TXT (Intel® Trusted Execution Technology) include vt-d? I'm at a loss. I've been researching current processors for an important project for some time now. I need to know, if the xeon 5600s (Westmere EP) include vt-d (iommu/directed io/pci passing) because the system will run virtualized guests. This enables direct hardware access eg. pci passthrough, in xen for example. It seems that the 5600s TXT should incorporate vt-d and that xeon 5600s should include vt-d as they are ramped up 5500s, but there is no conclusive answer anywhere. Intel's processor comparison only states that 5500s have vt-d and no TXT and 5600s have no vt-d but TXT. I'd be really grateful if anybody could clear this up and possibly even provide a citation. Thanks a lot.

    Read the article

  • Server Core remote management from Windows 7 machine

    - by Robert Koritnik
    I've installed Remote Server Administration Tools for Windows 7 because I would like to administer my Windows Server 2008 R2 Server Core machine. The problem that I'm getting when I try to run Server Manager is: Connecting to remote server failed with the following error message: Access is denied. For more information, see the about_Remote_Troubleshooting Help topic. This is what I've done so far: I'm running WinRM service on both machines (Server and Window 7) I've added my server to trusted hosts on my Windows 7 machine: winrm set winrm/config/client @{TrustedHosts="WINSRV2"} I've added registry entry on Windows 7 machine: reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f I've enabled Remote Management inbound rule on server firewall using CoreConfigurator 2.0 both machines are in the same subnet and when I search for network machines on Windows 7 I see my server. Question What else should I do to make it work? I would like to run several different remote management tools against my server machine.

    Read the article

  • sqlcmd backup script failing

    - by Bryan
    I'm trying to use a simple batch script to backup a local instance of SQL Express 2012, as follows: @echo off SET BACKUP_DIR=E:\BackupData SET SERVER=.\\sqlexpress set dom=%date:~0,2% set month=%date:~3,2% set year=%date:~6,4% set file=%year%-%month%-%dom% sqlcmd -S %SERVER% -d master -Q "exec sp_msforeachdb 'BACKUP DATABASE [?] TO DISK=''%BACKUP_DIR%\?.Full.%file%.bak''' The script is failing to run with the following error: Sqlcmd: Error: Microsoft SQL Server Native Client 10.0 : Client unable to establish connection due to prelogin failure. This is on Server 2008 R2, my SQL database (on localhost) instance is named SQLEXPRESS. There is an instance of SQL Express 2008 on the system (hence client 10.0). The database is configured to use a trusted connection, and the .net desktop software deployed on our network PCs is able to access the database without any problem. Am I missing something obvious here, I've done a fair amount of searching for this error message, and haven't found anything that has been particularly useful so far.

    Read the article

  • SQL 2008 Reporting Services Report Manager blank on Win 7

    - by Daniel Root
    I have installed SQL Server 2008 Reporting Services on my development laptop running windows 7. When I browse to the report manager, only the header is shown. The content pane is blank, and there is no 'Site Settings' option, New Folder options, etc. I found plenty of similar stories about SQL 2005, and then the fix was to manage permissions in the virtual directory in IIS. However, in 2008, there is no virtual directory - RS manages this outside of IIS. Per other serverfault articles, I've tried the following: adding my account to the reporting services group changing the service to run as local system made sure localhost was trusted site in IE ran IE as admin installed SQL Server 2008 SP1 There are no errors in the event viewer. Perhaps related, if I browse to the webservice, I also get the error: The permissions granted to user 'Computer\User' are insufficient for performing this operation. (rsAccessDenied)

    Read the article

  • MOSS 2007 links issue

    - by r0ca
    I have a user that for some reason lost her "My Site" & "My Links" link on her local computer. When she logs into a Citrix server she can see them. I have had her dump temp Internet files and put the site in her trusted sites but nothing is working. I think thins started after some Windows updates but not sure. Any ideas on this one? BTW, it's not turned off kin Central Admin and none of her group memberships have changed.

    Read the article

  • MOSS 2007 links issue

    - by r0ca
    I have a user that for some reason lost her "My Site" & "My Links" link on her local computer. When she logs into a Citrix server she can see them. I have had her dump temp Internet files and put the site in her trusted sites but nothing is working. I think thins started after some Windows updates but not sure. Any ideas on this one? BTW, it's not turned off kin Central Admin and none of her group memberships have changed.

    Read the article

  • How do you search for backdoors from the previous IT person?

    - by Jason Berg
    We all know it happens. A bitter old IT guy leaves a backdoor into the system and network in order to have fun with the new guys and show the company how bad things are without him. I've never personally experienced this. The most I've experienced is somebody who broke and stole stuff right before leaving. I'm sure this happens, though. So, when taking over a network that can't quite be trusted, what steps should be taken to ensure everything is safe and secure?

    Read the article

  • generate correctly a self signed certificate Zimbra

    - by rkmax
    I have a Single mail server with Zimbra 8.0.0 for generate certificate I'm following Generate the cert. ORG=MyOrganization CN=mail.mydomain.com COUNTRY=myCountry CITY=myCity /opt/zimbra/bin/zmcertmgr createcrt -new -days 365 -subject "/C=$COUNTRY/ST=N/A/L=$CITY/O=$ORG/OU=ZCS/CN=$CN" /opt/zimbra/bin/zmcertmgr deploycrt self -allserver su - zimbra "zmcontrol restart" Veririficate with /opt/zimbra/bin/zmcertmgr viewdeployedcrt. i can see the new cert In Chrome go to https://mail.mydomain.com and export the .cer test in a Windows client certutil.exe -addstore root \path\to\exported.cert root "Root Certification Authorities trusted" You can add a root certificate to the root store CertUtil:-addstore command error: 0x8007000d (WIN32: 13) CertUtil: Invalid data. even from chrome i've tried to add the cert without successful results. can anyone help me with this problem?

    Read the article

  • How to change the wallpaper in Windows 7 Starter Edition

    - by V. Schreiber
    Is there a way to change the desktop wallpaper in Windows 7 Starter Edition? I wanted to do that on my new netbook, just to find out that there is no "Customize" option in the control panel. Microsoft obviously wants to keep the netbook users rather rigidly from customizing their machines. It isn't even possible to edit the picture itself in the C:\Windows\Web\Wallpaper\Windows\ directory, due to lack of rights. From what I can tell only the user "Trusted Installer" would have enough rights to do so... Update: With your help I found two programs that are able to bypass Microsoft's limitations: Starter Wallpaper Changer (Thanks to Sopan and javier. I'm using this program now) Wallpaper Changer for Windows 7 (Thanks to Sathya)

    Read the article

  • Virtual PC and hardware-assisted virtualization (VT-x) problem

    - by Vesa Huovi
    I've installed Microsoft's Virtual PC on Windows 7, but when I try to start a virtual machine I get the following error message: '<Virtual machine name' could not be started because hardware-assisted virtualization is disabled. Please enable hardware virtualization in the BIOS settings and try again. If hardware virtualization settings is already enabled, you may have to disable Trusted Execution Technology (TXT) setting in BIOS or update the system BIOS. However, if I download and run the Hardware-Assisted Virtualization Detection Tool, it gives the following positive message: This computer is configured with hardware-assisted virtualization. This computer meets the processor requirements to run Windows Virtual PC. If this computer runs a supported edition of Windows® 7, you can install Windows Virtual PC. I've also used the MSR Walker in the third-party utility CrystalCPUID to examine MSR 0x3a on both processors on my system, and it's 0x5 (0x4 = VT enabled, 0x1 = VT lock), as expected. Does anyone have any ideas of what else to check? Thanks.

    Read the article

  • Spamassassin: How to delete all spam messages on the server?

    - by Beck
    Can't find out, how to configure spamassassin to delete all spam messages. Currenly it's only mark messages as spam, but pass them throught IMAP to client. How to block them from passing through to IMAP clients? http://spamassassin.apache.org/full/3.3.x/doc/Mail_SpamAssassin_Conf.html And it's blocking some of our notification messages... -1.4 ALL_TRUSTED Passed through trusted hosts only via SMTP 0.0 HTML_MESSAGE BODY: HTML included in message 2.4 HTML_IMAGE_ONLY_08 BODY: HTML: images with 400-800 bytes of words 2.9 TVD_SPACE_RATIO BODY: TVD_SPACE_RATIO 1.7 MIME_HTML_ONLY BODY: Message only has text/html MIME parts 1.1 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag 1.1 HTML_SHORT_LINK_IMG_1 HTML is very short with a linked image -1.4 AWL AWL: From: address is in the auto white-list This is what clients getting on their mails in place of our notification messages. Any idea how to pass those messages through and how to delete incoming spam? Thanks ;) I have this setup: postfix spamassassin clamav-daemon amavis

    Read the article

  • Feedback on Using ZFS and FreeBSD

    - by ToiletOverflow
    I need to create a server that will be used solely for backing up files. The server will have 2TB of storage to begin with but I may want to add additional storage later on. As such, I am currently considering using FreeBSD + ZFS as the OS and file system. Is ZFS a reliable, trusted file system? Should I use it in this scenario? I have read that ZFS should be used with OpenSolaris over FreeBSD as OpenSolaris is usually ahead of the curve with ZFS as far as version updates and stability. However, I am not interested in using OpenSolaris for this project. An alternative option that I am considering is to stick with ext3 and create multiple volumes if need be, because I know that I will not need a single, continuous volume larger than 2TB. Thanks in advance for your feedback.

    Read the article

  • Windows XP app not able to talk to web server

    - by weotch
    My company makes an app built with Adobe Air which talks to our webserver for user authentication. Some users are not able to login. Running Charles Proxy tells us that the "host cannot be found." Loading up the webserver in IE, initially we weren't able to visit the site, we had to add it to trusted sites. My guess is that some security setting is denying our app as well. Does anyone have any suggestions as far as where to make security looser for our app?

    Read the article

  • Best way to transfer files across unstable LAN?

    - by JamesTheAwesomeDude
    This is very similar to Question 326211, but in this case, the LAN is an unstable Wi-Fi connection. I need to transfer about 11 GiB of files between two computers, both running Linux (although one may be rebooted into Windows.) Their connection is both slow and unstable (due to Linux's awful Wi-Fi support,) but removable media (such as a flash drive or external hard drive) is not an option at this time. Right now, I'm slowly transferring the files, one by one, across SFTP, but I have to reconnect each computer approximately every 90 seconds, and the computers are not very close to each other, so this is not feasible. This is not a duplicate of Question 30186; that one specifically concerns Windows 7, and all the proposed solutions involve closed-source, Windows-only programs (which are all spyware IMHO, and are all off the table even if I trusted them - one of the computers is Linux-only.)

    Read the article

  • Export SSL Cert from IIS and import into GlassFish keystore

    - by Tim H
    What I need: I have an existing SSL certificate installed on IIS 6. On the same machine, I have GlassFish installed and would like to share the same certificate since they both share the same hostname, and they use different ports: IIS uses 443 and GlassFish uses 8181. Why I need it: Reuse existing SSL certs from IIS to GlassFish. I imagine that this is possible. I am able to install an SSL cert into GlassFish's keystore, and then import the same exact cert into IIS. I just want to go the other way - imagine having an SSL cert on IIS being used for months, and now I want to enable SSL on GlassFish. What I have done: Created a keystore with an alias: server.hostname.com Imported intermediate CA certs associated with the existing SSL Cert Imported the existing SSL cert with the same alias: server.hostname.com, but the keytool won’t allow this, as it is not associated: keytool error: java.lang.Exception: Public keys in reply and keystore don't match Why? Using a different alias causes the cert to not be trusted in the CA chain.

    Read the article

  • firehol (firewall) with bridge: how to filter

    - by Leon
    I have two interfaces: eth0 (public address) and lxcbr0 with 10.0.3.1. I have a LXC guest running with ip 10.0.3.10 This is my firehol config: version 5 trusted_ips=`/usr/local/bin/strip_comments /etc/firehol/trusted_ips` trusted_servers=`/usr/local/bin/strip_comments /etc/firehol/trusted_servers` blacklist full `/usr/local/bin/strip_comments /etc/firehol/blacklist` interface lxcbr0 virtual policy return server "dhcp dns" accept router virtual2internet inface lxcbr0 outface eth0 masquerade route all accept interface any world protection strong #Outgoing these protocols are allowed to everywhere client "smtp pop3 dns ntp mysql icmp" accept #These (incoming) services are available to everyone server "http https smtp ftp imap imaps pop3 pop3s passiveftp" accept #Outgoing, these protocols are only allowed to known servers client "http https webcache ftp ssh pyzor razor" accept dst "${trusted_servers}" On my host I can connect only to "trusted servers" on port 80. In my guest I can connect to port 80 on every host. I assumed that firehol would block that. Is there something I can add/change so that my guest(s) inherit the rules of the eth0 interface?

    Read the article

  • How can I find a laptop if it has a different name all over the world?

    - by Mike
    CONUNDRUM: A laptop review in the UK talks about how brilliant the "ASUS ABCDE 55" is, but in America, France, etc there is no such laptop name. In fact it's called "ASUS 12345 AB" - AAARRGH! QUESTION: Is there a way of finding out all the diverse names for the same laptop all over the world? Example: if Samsung create a R2D2500, then what is that spec laptop called in all the other countries (if they release it of course). Or if it's not released, what is their similar spec laptop called in the other countries? I understand that specs may be different, but if I read a review on my trusted UK website, but live in say Australia, I want to be able to find the name of the same laptop in Australia and then check out local places to buy it. So if anyone knows if there is a technique, specific website, or even how to use a company website to find out these annoying name changes I'd really appreciate it.

    Read the article

  • How to allow IAM users to setup their own virtual MFA devices

    - by Ali
    I want to let my IAM users to setup their own MFA devices, through the console, is there a single policy that I can use to achieve this? So far I can achieve this through a number of IAM policies, letting them list all mfa devices and list users (so that they can find themselves in the IAM console and ... I am basically looking for a more straight forward way of controlling this. I should add that my IAM users are trusted users, so I don't have to (although it will be quite nice) lock them down to the minimum possible, so if they can see a list of all users that is ok.

    Read the article

  • What's the closest equivalent of Little Snitch (Mac program) on Windows?

    - by Charles Scowcroft
    I'm using Windows 7 and would like to have a feature like Little Snitch on the Mac that alerts you whenever a program on your computer makes an outgoing connection. Description of Little Snitch from its website: Little Snitch informs you whenever a program attempts to establish an outgoing Internet connection. You can then choose to allow or deny this connection, or define a rule how to handle similar, future connection attempts. This reliably prevents private data from being sent out without your knowledge. Little Snitch runs inconspicuously in the background and it can also detect network related activity of viruses, trojans and other malware. Little Snitch provides flexible configuration options, allowing you to grant specific permissions to your trusted applications or to prevent others from establishing particular Internet connections at all. So you will only be warned in those cases that really need your attention. Is there a program like Little Snitch for Windows?

    Read the article

  • Restore SQL Server 2008 db without affecting users

    - by Chris Moschini
    When I restore a db in Sql Server 2008 R2 from data on another server, it makes a mess of the users. I have a Windows User and MsSql Login named Web_SqlA on both machines. Before the Restore, Web_SqlA is properly mapped to the right Windows user in the database. After the Restore, Web_SqlA is still listed as a user for the db, but it's no longer tied to the Windows user, causing Trusted Connections to it to fail. How can I Restore the db without breaking this user each time? I see that this: Sql Server Database Restore And this: Sql Server Database Restore Address fixing these orphaned users after the fact; I'm looking to prevent overwriting the users during the Restore in the first place - everything else should be restored, but leave my users be. How can I go about that?

    Read the article

  • Unable to find valid certification path to requested target while CAS authentication

    - by Dmitriy Sukharev
    I'm trying to configure CAS authentication. It requires both CAS and client application to use HTTPS protocol. Unfortunately we should use self-signed certificate (with CN that doesn't have anything in common with our server). Also the server is behind firewall and we have only two ports (ssh and https) visible. As far as there're several application that should be visible externally, we use Apache for ajp reverse proxying requests to these applications. Secure connections are managed by Apache, and all Tomcat are not configured to work with SSL. But I obtained exception while authentication, therefore desided to set keystore in CATALINA_OPTS: export CATALINA_OPTS="-Djavax.net.ssl.keyStore=/path/to/tomcat/ssl/cert.pfx -Djavax.net.ssl.keyStoreType=PKCS12 -Djavax.net.ssl.keyStorePassword=password -Djavax.net.ssl.keyAlias=alias -Djavax.net.debug=ssl" cert.pfx was obtained from certificate and key that are used by Apache HTTP Server: $ openssl pkcs12 -export -out /path/to/tomcat/ssl/cert.pfx -inkey /path/to/apache2/ssl/server-key.pem -in /path/to/apache2/ssl/server-cert.pem When I try to authenticate a user I obtain the following exception: Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174) ~[na:1.6.0_32] at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238) ~[na:1.6.0_32] at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318) ~[na:1.6.0_32] Meanwhile I can see in catalina.out that Tomcat see certificate in cert.pfx and it's the same as the one that is used while authentication: 09:11:38.886 [http-bio-8080-exec-2] DEBUG o.j.c.c.v.Cas20ProxyTicketValidator - Constructing validation url: https://external-ip/cas/proxyValidate?pgtUrl=https%3A%2F%2Fexternal-ip%2Fclient%2Fj_spring_cas_security_proxyreceptor&ticket=ST-17-PN26WtdsZqNmpUBS59RC-cas&service=https%3A%2F%2Fexternal-ip%2Fclient%2Fj_spring_cas_security_check 09:11:38.886 [http-bio-8080-exec-2] DEBUG o.j.c.c.v.Cas20ProxyTicketValidator - Retrieving response from server. keyStore is : /path/to/tomcat/ssl/cert.pfx keyStore type is : PKCS12 keyStore provider is : init keystore init keymanager of type SunX509 *** found key for : 1 chain [0] = [ [ Version: V1 Subject: CN=wrong.domain.name, O=Our organization, L=Location, ST=State, C=Country Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5 Key: Sun RSA public key, 1024 bits modulus: 13??a lot of digits here??19 public exponent: ????7 Validity: [From: Tue Apr 24 16:32:18 CEST 2012, To: Wed Apr 24 16:32:18 CEST 2013] Issuer: CN=wrong.domain.name, O=Our organization, L=Location, ST=State, C=Country SerialNumber: [ d??????? ????????] ] Algorithm: [SHA1withRSA] Signature: 0000: 65 Signature is here 0070: 96 . ] *** trustStore is: /jdk-home-folder/jre/lib/security/cacerts Here is a lot of trusted CAs. Here is nothing related to our certicate or our (not trusted) CA. ... 09:11:39.731 [http-bio-8080-exec-4] DEBUG o.j.c.c.v.Cas20ProxyTicketValidator - Retrieving response from server. Allow unsafe renegotiation: false Allow legacy hello messages: true Is initial handshake: true Is secure renegotiation: false %% No cached client session *** ClientHello, TLSv1 RandomCookie: GMT: 1347433643 bytes = { 63, 239, 180, 32, 103, 140, 83, 7, 109, 149, 177, 80, 223, 79, 243, 244, 60, 191, 124, 139, 108, 5, 122, 238, 146, 1, 54, 218 } Session ID: {} Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] Compression Methods: { 0 } *** http-bio-8080-exec-4, WRITE: TLSv1 Handshake, length = 75 http-bio-8080-exec-4, WRITE: SSLv2 client hello message, length = 101 http-bio-8080-exec-4, READ: TLSv1 Handshake, length = 81 *** ServerHello, TLSv1 RandomCookie: GMT: 1347433643 bytes = { 145, 237, 232, 63, 240, 104, 234, 201, 148, 235, 12, 222, 60, 75, 174, 0, 103, 38, 196, 181, 27, 226, 243, 61, 34, 7, 107, 72 } Session ID: {79, 202, 117, 79, 130, 216, 168, 38, 68, 29, 182, 82, 16, 25, 251, 66, 93, 108, 49, 133, 92, 108, 198, 23, 120, 120, 135, 151, 15, 13, 199, 87} Cipher Suite: SSL_RSA_WITH_RC4_128_SHA Compression Method: 0 Extension renegotiation_info, renegotiated_connection: <empty> *** %% Created: [Session-2, SSL_RSA_WITH_RC4_128_SHA] ** SSL_RSA_WITH_RC4_128_SHA http-bio-8080-exec-4, READ: TLSv1 Handshake, length = 609 *** Certificate chain chain [0] = [ [ Version: V1 Subject: CN=wrong.domain.name, O=Our organization, L=Location, ST=State, C=Country Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5 Key: Sun RSA public key, 1024 bits modulus: 13??a lot of digits here??19 public exponent: ????7 Validity: [From: Tue Apr 24 16:32:18 CEST 2012, To: Wed Apr 24 16:32:18 CEST 2013] Issuer: CN=wrong.domain.name, O=Our organization, L=Location, ST=State, C=Country SerialNumber: [ d??????? ????????] ] Algorithm: [SHA1withRSA] Signature: 0000: 65 Signature is here 0070: 96 . ] *** http-bio-8080-exec-4, SEND TLSv1 ALERT: fatal, description = certificate_unknown http-bio-8080-exec-4, WRITE: TLSv1 Alert, length = 2 http-bio-8080-exec-4, called closeSocket() http-bio-8080-exec-4, handling exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target I tried to convert our pem certificate to der format and imported it to trustedKeyStore (cacerts) (without private key), but it didn't change anything. But I'm not confident that I did it rigth. Also I must inform you that I don't know passphrase for our servier-key.pem file, and probably it differs from password for keystore created by me. OS: CentOS 6.2 Architecture: x64 Tomcat version: 7 Apache HTTP Server version: 2.4 Is there any way to make Tomcat accepts our certificate?

    Read the article

  • How to grant secure access to an untrusted developer to an exisiting virtual host?

    - by Margaret Thorpe
    Our security policy does not permit ftpd on our servers. Our trusted developers use ftps to access our webservers and they have full access to the server. How do we grant limited access to a single untrusted developer for an existing virtual host. Ive configured rssh to only allow sftp to our untrusted developer, but we dont want him browsing around our other sites. I've investigated chroot, but it seems overly complex and more for restricting access to their home folders. I want to limit access to /srv/www/vhostx/ and below. Whats the best solution?

    Read the article

  • MS SQL 2000 and SSL Certificate

    - by smoak
    I'm trying to set up a MS SQL 2000 server to use an already existing SSL certificate installed on the server. I verified that the certificate shows up in the Personal/Certificate folder of the account that is running the MSSQLSERVER service using the Certificate MMC snap-in. I also verified that the certificate for the CA is installed under the Trusted Root Certificate Authorities. Additionally, to make sure that it is using this specific certificate I created a Certificate registry value of type REG_BINARY in: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSQLServer\MSSQLServer\SuperSocketNetLib and I set it to the certificates thumbprint like it mentions in: http://support.microsoft.com/kb/276553 Finally, I opened up the Server Network Utility, checked Force protocol encryption, clicked OK, and restarted the MSSQLSERVER service. Unfortunately, it fails to start and looking at the event log it's failing with: 19015: Encryption requested but no valid certificate was found. SQL Server terminating. I'm at a loss. Any ideas? Where did I go wrong?

    Read the article

  • Group Policy for IE Security Zones

    - by Doug Luxem
    We are currently using the following Group Policy to control the Internet Explorer security zones: User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page Then setting the Site to Zone Assignment List with the various values using the following chart: Value Setting ------------------------------ 0 My Computer 1 Local Intranet Zone 2 Trusted sites Zone 3 Internet Zone 4 Restricted Sites Zone This works well; however, users are then unable to edit (or especially add) to their zone settings. Is there a way to lock in our custom zone settings while still giving users the ability to add their own sites to the security zones? Yes, I do realize the slight security risk in opening this up.

    Read the article

  • Boot time virus scan from USB drive

    - by Tomas Sedovic
    I want to check for viruses on a computer that I suspect may be infected with malware. Its users are running an antivirus, but there's always the risk that something slips past and the way I see it, once the system is infected the antivirus is useless because the malware can hide itself from the AV. I think the best way to go (besides clean reinstall of the OS) would be to have an antivirus running at a boot time from a CD or a USB key. That way, the malware is just lying on the disk and cannot do any of its hide-and-seek stuff (provided the AV comes from an uninfected PC and all that). So, I'm looking for something that: Runs at boot time (off USB key or CD-ROM) Does not touch or require the local OS Discovers malware fairly well (like, Avast, AVG, Norton, whatever -- I think the're all the same anyway) Can handle Windows filesystems (FAT 32, NTFS, WinFS ;-) ) Comes from some sort of trusted source (no Windows Antivirus 2009) I know that this is no silver bullet (nothing is, really*), but I do have a feeling it's more likely to help than doing the scan* within the infected system.

    Read the article

< Previous Page | 11 12 13 14 15 16 17 18 19 20 21 22  | Next Page >