Search Results

Search found 5866 results on 235 pages for 'authentication'.

Page 155/235 | < Previous Page | 151 152 153 154 155 156 157 158 159 160 161 162 | Next Page >

Mac OSX Server: svn via ssh command line and encrypted passwords.

- by Ben Clayton

Hi all. When I log into our mac mini server running OSX 10.6 via ssh and use svn I get the message: ATTENTION! Your password for authentication realm: can only be stored to disk unencrypted! You are advised to configure your system so that Subversion can store passwords encrypted, if possible. See the documentation for details. You can avoid future appearances of this warning by setting the value of the 'store-plaintext-passwords' option to either 'yes' or 'no' in '/Users/xxxxxxxx/.subversion/servers'. I dont' want to store the password unencrypted though. I've found some details on how to use GNOME keychain in linux to sort this, but nothing on how to use macosx's keychain. Anyone got any ideas? Thanks a lot!

Read the article
How to configure the roles in my tomcat application to work with JNDI(WIN AUTH)

- by Itay Levin

Hi, I'm trying to change the authentication mode of my application from JDBC-REALM to JNDI-REALM. I configured the following section inside the Server.xml <Realm className="org.apache.catalina.realm.JNDIRealm" debug="99" connectionURL="ldap://****:389/DC=onsetinc,DC=com??sAMccountName?sub?(objectClass=*)" connectionName="[email protected]" connectionPassword="password" userBase="CN=Users" referrals="follow" userSearch="(sAMAccountName={0})" userSubtree="true" roleBase="CN=Users" roleName="name" roleSubtree="true" roleSearch="(member={1})"/> I have also configured the web.xml under my appfolder to contain the following: <security-role> <role-name>Admin</role-name> </security-role> <security-role> <role-name>WaterlooUsers</role-name> </security-role> <security-constraint> <web-resource-collection> <web-resource-name>Tube</web-resource-name> <url-pattern>/ComposeMessage.jsp</url-pattern> <url-pattern>/PageStatus.jsp</url-pattern> <url-pattern>/UserStatus.jsp</url-pattern> <url-pattern>/SearchEC.jsp</url-pattern> <url-pattern>/SearchEC2.jsp</url-pattern> <url-pattern>/SearchMessageStatisticsEC.jsp</url-pattern> <url-pattern>/SearchMessageStatus.jsp</url-pattern> <url-pattern>/SearchMessageStatisticsPager.jsp</url-pattern> <url-pattern>/SearchPageStatus.jsp</url-pattern> </web-resource-collection> <auth-constraint> <role-name>WaterlooUsers</role-name> </auth-constraint> </security-constraint> In my Active directory i have created a new group called WaterlooUsers It's distinguish name is : distinguishedName: CN=WaterlooUsers,CN=Users,DC=onsetinc,DC=com It has a property member which contains the following user: member: CN=Itay Levin,CN=Users,DC=onsetinc,DC=com (which is my user) My record on the active directory looks like that: sAMAccountName: itayL distinguishedName: CN=Itay Levin,CN=Users,DC=onsetinc,DC=com memberOf: CN=WaterlooUsers,CN=Users,DC=onsetinc,DC=com and when i get the popup for user/password i enter the username "ItayL" in the authentication message box (and my password) I have 2 questions: How do i configure correctly the roles parameters correctly in the Realm section in the server.xml to enable me to both authenticate and authorize both this group of users WaterlooUsers and also assign them to the appropriate role so that they can see all the relevant pages in my website. - currently it seems that all the Users in my domain are authenticated to the site but get the http-403 Error and can't access any of the pages in the site. I also want to be able to create 2 different set of roles in my site - which can both have access to the same pages - but will see different things on the page. (for instance adding some administrative ability to the admin) Hope it was clear enough and not too long. Thanks in advance, Itay

Read the article
Is there a way to allow administrators to change or reset user passwords?

- by Jon Seigel

We have a custom MembershipProvider implementation using form-based authentication (FBA) under Sharepoint 2007. I've searched high and low on Google, but only found: Active directory and FBA implementations to allow users to change their own password Active directory instructions (including video!) for administrators to change other users' passwords Have we missed an option to enable the latter under FBA? Should this work by default and is the MembershipProvider misbehaving? The procedure to do this as under active directory would be ideal, but the "Change Password" link does not appear in the Edit User screen. We verified that the logged-in user is a site collection administrator.

Read the article
Import LDIF file to external server

- by colemanm

As a follow-up to my previous question, which I've resolved part of, what we're trying to do now is take an exported .ldif file of the "Users" container on our OS X Server and import it into a separate OpenLDAP server on an EC2 instance. This we'll use for LDAP user authentication of other apps without having to open our internal network to LDAP traffic. The exported .ldif file thinks the DN of the "Users" container is cn=users,dc=server,dc=domain,dc=com. Is it easiest to configure the EC2 OpenLDAP server to think that it's domain is the same so the container is imported to the proper place? Or should we edit the text of the .ldif file to change the DN to match the external naming? Hopefully that makes sense... but I'm confused as to the best way to accomplish this.

Read the article
How can I create an external SSL wrapper/tunnel page for an insecure webpage behind a firewall?

- by Ross Rogers

I have an security cam with a built-in webpage inside my home network. That camera is using basic HTTP authentication instead of SSL. I want to be able to access the camera's webpage from outside my network, but I don't want to open an unencrypted video stream to the outside world. Right now, I'm doing some cumbersome ssh tunneling where I bounce off an ssh server like: ssh -N -L 9090:CAMERA_IP:80 [email protected] and then I connect to my web page like: http://localhost:9090 But this is a pain. Now, gentle reader, I beseech you to tell me how I can use linux (Ubuntu) to get a fully encrypted SSL connection to my internal web page without the hassle of creating an ssh tunnel each time. I believe I can use stunnel, but I'm not sure of the command.

Read the article
Strange failure audit in 2003 R2 X64 SP2

- by Az

our server is running 2003 R2 X64 SP2, we keep seeing this in clusters of around 4 rapid fire. Sometimes 2 hours, sometimes around 8 hours apart with slight variations. I am also seeing the same blank username and domain in an account locked out message, I have tried disabling all scheduled tasks, if anyone has any idea please let me know! I find these processes running out of svc host: AeLookupSvc, AppMgmt, BITS, Browser, CryptSvc, dmserver, EventSystem, helpsvc, IAS, lanmanserver, lanmanworkstation, Netman, Nla, RasMan, Schedule, seclogon, SENS, SharedAccess, ShellHWDetection, winmgmt, wuauserv, WZCSVC Logon Failure: Reason: Account currently disabled User Name: Domain: Logon Type: 3 Logon Process: Authz Authentication Package: Kerberos Workstation Name: PPCLUBES_TS Caller User Name: PPCLUBES_TS$ Caller Domain: PPCLUBES Caller Logon ID: (0x0,0x3E7) Caller Process ID: 928 Transited Services: - Source Network Address: - Source Port: -

Read the article
Apache can't connect to LDAP server

- by jldugger

I'm tying SVN to LDAPS by way of Apache. I've run openssl s_client --host $host --port 636 and received an SSL certificate, so it doesn't appear to be a firewall problem. I get the following warning: [Fri Apr 02 07:38:15 2010] [warn] [client <ip withheld>] [590] auth_ldap authenticate: user jldugger authentication failed; URI /internal-svn [LDAP: ldap_simple_bind_s() failed][Can't contact LDAP server] "Can't contact LDAP server" is somewhere between vague and wrong. I'm at a loss on how to continue debugging this. Ideas?

Read the article
Failure to create keytab file using msktutil on Centos to W2K8

- by user49321

I'm trying to setup a centos 5.5 squid server to authenticate against a windows 2008 DC. I have followed the tutorial: http://serverfault.com/questions/66556/getting-squid-to-authenticate-with-kerberos-and-windows-2008-2003-7-xp However I have run into an issue. When I run the command: (Obviously changed for my enviroment) # msktutil -c -b "CN=COMPUTERS" -s HTTP/centos.dom.local -h centos.dom.local -k /etc/HTTP.keytab --computer-name centos-http --upn HTTP/centos.dom.local --server server.dom.local --verbose --enctypes 28 I get the following error (The whole message is too long to post here): Error: Unable to set machine password for centos: (3) Authentication error Error: set_password failed kinit works fine and the computer is added to the DC under COMPUTERS and SRV records created except no keytab is created.

Read the article
SQL Server 2005 / 2008 Licensing question

- by Jose

I have read up online, and through some threads here like this one. But I'm still confused and need to see if anyone can shed some light. My company is deploying a clickonce application that will be on multiple computers (about 50). It will be accessing an SQL Server database and I was wondering what kind of SQL Server licensing should I/need to have? The application currently logs in via SQL Server authentication using one SQL Server user. It seems logical that I would just need one user CAL and even through there will be up to 50 connections it should all still work. Am I right?

Read the article
Can't send emails through sendmail, error occured

- by skomak

Hi, I have sendmail MTA and i use pear:Mail class to send mails through remote sendmail server. Everything was fine till yesterday. Probably nothing changes was made in configs. At maillog i can see: May 6 12:58:55 xxx sendmail[25903]: STARTTLS=server, relay=hostxxxx.static.xx.xx.pl [85.x.x.x], version=TLSv1/SSLv3, verify=NO, cipher=DHE-RSA-AES256-SHA, bits=256/256 May 6 12:58:56 xxx sendmail[25903]: o46AwtqE025903: hostxxxx.static.xx.xx.pl [85.x.x.x] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA2 and in /var/log/messages: May 6 13:00:17 lilia sendmail[27193]: realm changed: authentication aborted I use ldap to authenticate users but i used the same script to check mailing on another server and it works there good, only this server behave weird. Packets are deliverd to sendmail server i can see it in tcpdump, but there is smaller packets than on other server which sends emails. Could you tell me how can i check what is wrong with that? D.S.

Read the article
Postfix tutorial inconsistency

- by Desmond Hume

I'm following this tutorial to setup a Postfix/Dovecot mail server with Postfix Admin as a web front end. As regards directory structure for virtual mail users, the author of the tutorial writes: Virtual mail users are those that do not exist as Unix system users. They thus don't use the standard Unix methods of authentication or mail delivery and don't have home directories. That is how we are managing things here: mail users are defined in the database created by Postfix Admin rather than existing as system users. Mail will be kept in subfolders per domain and account under /var/vmail - e.g. [email protected] will have a mail directory of /var/vmail/example.com/me. But when he gives instructions about configuring Postfix Admin, he suggests this to be contained by Postfix Admin's config.inc.php: // Mailboxes // If you want to store the mailboxes per domain set this to 'YES'. // Examples: // YES: /usr/local/virtual/domain.tld/[email protected] // NO: /usr/local/virtual/[email protected] $CONF['domain_path'] = 'NO'; Is there an inconsistency?

Read the article
Accessing SQL Server in Windows XP Mode Virtual Pc

- by DavidStein

I have a laptop running 64bit Windows 7 Ultimate. I created a Virtual PC using Microsoft XP Mode. I've installed SQL Server 2000 on the Virtual Machine. I have SQL Server 2008 R2 installed on the Windows 7 machine (laptop). I can browse to the SQL 2000 instance (it sees it), but I cannot successfully connect using either Windows or SQL Server Authentication. I don't get an error, the attempt just times out. I have the Windows XP Mode Firewall turned off, and there doesn't appear to be anything in the Event logs either. Any ideas how I can query the XP Mode SQL Server from the Windows 7 machine?

Read the article
Using LDAP as auth method for git repositories

- by Lenni

I want to convince my boss that we should be using git for version control. He says, that it absolutely must authenticate users through our central LDAP server. I looked at the various solutions (gitweb, gitorious ... ) and couln't really find a definitive answer about whether they support LDAP authentication. The only solution I could find a little info on was a Apache+mod_ldap setting. But that would mean that the user authenticating on LDAP wouldn't necessarily be the same as the actual git user, right? (Not that this is a huge problem, but just something which would bug me.) So, what's the best way to authenticate git users via LDAP?

Read the article
Providing a public Web-Hosting service on MS Windows - advice and resources

- by crgnz

Are there any resources offering advice on how to setup a microsoft based web-hosting service? I currently offer LAMP hosting with cPanel, but there is some demand for IIS & SQL Server. As far as I can tell MS Windows Web Server 2008 R2 edition allows unlimited IIS connections. And a per-processor license for MS SQL Server Web Edition 2008 also permits unlimited connections. Where I am falling down is that I can't figure out how to get "unlimited" Active Directory users. I can't use 2008R2 Web Server edition for AD, so I will need the 2008R2 standard edition, I think. Does Microsoft have a provision for using AD in an ISP scenario? I am looking at using the cPanel Enkompas system to manage the Windows software, and Enkompas requires AD for user authentication. Any advice would be greatly appreciated!

Read the article
sendmail is using return-path instead of from address

- by magd1

I have a customer that is complaining about emails marked as spam. I'm looking at the header. It shows the correct From: [email protected] However, it doesn't like the return-path. Return-Path: <[email protected]> Received-SPF: neutral (google.com: x.x.x.x is neither permitted nor denied by domain of [email protected]) client-ip=x.x.x.x; Authentication-Results: mx.google.com; spf=neutral (google.com: x.x.x.x is neither permitted nor denied by domain of [email protected]) [email protected] How do I configure sendmail to use the From address for the Return-Path?

Read the article
Kerberos: connection from win app running from IIS to SQL failed

- by Mikhail Kislitsyn

I have an IIS web-application with Windows authentication and impersonation. This application connects to SQL server. In this case Kerberos works fine. But there is a problem. Web-application runs windows application (not .NET), which also connects to the SQL server. Windows application runs with IIS app user credentials and impersonates current site user to connect to SQL server. scheme: http://i.stack.imgur.com/2cgv7.png When delegation for IIS user is set to "Trust this computer for delegation to any service" everything works fine. But I can't use this type of delegation according to security requirements. When I set delegation to "Specific services" and choose MSSQLSvc SPN, connection from windows application fails with "ANONIMOUS" fault. WireShark shows "KRB5KDC_ERR_BADOPTION" packet. What I'm doing wrong?

Read the article
Password expiration notice for Active Directory

- by keithosu

Are there any tools/apps/scripts out there that will do password expiry notification for Windows 2008 Active Directory credentials? This is needed for our web apps that use Active Directory for LDAP authentication. The problem is those apps do not notify you that your password is going to expire when you login. We have many offsite users who do not have machines bound to the AD. So there is no way to let them know to reset their password. I'd like the user to be notified 30,7 and 1 day before it expires. I'd also like our help desk to get an email for the expiring passwords for the week and recently expired passwords. I've looked at oldcmp.exe from link text and that gets me my reports but it does not do the automation that I'm looking for on the individual users.

Read the article
How to configure citrix presentation server 4.5 login config

- by Cory

Hello, I am a little confused as to something my Citrix Server has been doing. When I login to the web login, (username, password, domain); everything logs in ok and I see all the available application. The problem that I was trying to fix is that when I try to start an application, it asks me to login again to the server that is hosting the citrix server. So, is there anyway to have the initial login credentials pass-through to the server login or skip the server login completely? Side note - I do have pass-through authentication enabled on both my internal and external Citrix site. Thanks for the help! Cory

Read the article
Using LDAP Attributes to improve performance for large directories

- by Vineet Bhatia

We have a LDAP directory with more than 50,000 users in it. LDAP Vendor suggests maximum limit of 40,000 users per LDAP group. We have number of inactive users and those are being purged but what if we don't get below the 40,000 users? Would switching to using multivalued attribute at user record level instead of using LDAP groups yield better performance during authentication, adding new users, etc? I know most server software (portal, application servers, etc) use LDAP groups. But, we have a standardized web service interface for access control instead of relying on server software to map LDAP groups to security roles. Each application uses this common "access control web service". Security roles are used within application to build fine-grained ACL used within each enterprise application.

Read the article
Apache: how to set custom 401 error page and save original behaviour

- by petRUShka

I have Kerberos-based authentication with Apache/2.2.3 (Linux/SUSE). When user is trying to open some url, browser ask him about domain login and password like in HTTP Basic Auth. If user cancel such request 3 times Apache returns 401 Authorization Required error page. My current virtual host config is <Directory /home/user/www/current/public/> Options -MultiViews +FollowSymLinks AllowOverride None Order allow,deny Allow from all AuthType Kerberos AuthName "Domain login" KrbAuthRealms DOMAIN.COM KrbMethodK5Passwd On Krb5KeyTab /etc/httpd/httpd.keytab require valid-user </Directory> I want to set nice custom 401 error page with some instructions for users. And I added such line in virtual host config: ErrorDocument 401 /pages/401 It works, when user can't authorize apache redirects him to my nice page. But Apache doesn't ask user login\password as it did before. I want this functionality and nice error page simultaneously! Is it possible to make it works properly?

Read the article
WSUS works, but checkhealth logs events 13042 12002 12012 12032 12022 12042 12052

- by jobu1324

Our WSUS server stopped working until the patch related to .NET 4.0 was installed, at which point clients started downloading and updating again. However, the WSUS mmc console occasionally disconnects when performing various tasks, such as running automatic approval rules; also wsusutil checkhealth creates the following events: 13042: Self-update is not working. 12002: The Reporting Web Service is not working. 12012: The API Remoting Web Service is not working. 12032: The Server Synchronization Web Service is not working. 12022: The Client Web Service is not working. 12042: The SimpleAuth Web Service is not working. 12052: The DSS Authentication Web Service is not working. Apparently there are many possible causes for these events. I'm looking for a way to figure out what is wrong, so that I can fix it.

Read the article
How do I restore a database on a remote SQL server 2005 from a local backup?

- by MatsT

I have been given access to (parts of) a remote SQL Server 2005 with SQL Server authentication in order to be able to make changes to a database without involving other people who is not working on the project. The database have been created on my local machine. Is there any way to restore the remote database from a backup file on my local computer? I do not currently have access to the filesystem on the remote server. EDIT: To clarify, the access I have is that i can log in to the server via the SQL Server Management Studio. I have one connection to my local database server and one connection to the remote server. What I basically want to do is copy the database from one connection to the other.

Read the article
How do I restore a database on a remote SQL server 2005 from a local backup?

- by MatsT

I have been given access to (parts of) a remote SQL Server 2005 with SQL Server authentication in order to be able to make changes to a database without involving other people who is not working on the project. The database have been created on my local machine. Is there any way to restore the remote database from a backup file on my local computer? I do not currently have access to the filesystem on the remote server. EDIT: To clarify, the access I have is that i can log in to the server via the SQL Server Management Studio. I have one connection to my local database server and one connection to the remote server. What I basically want to do is copy the database from one connection to the other.

Read the article
Corporate IM with video that actually works, suggestions?

- by Erik P. Skaalerud

Hi. Does anyone here have a suggestion for a cross-platform IM solution wich will work with voip/video on both Windows (XP and 7) and Mac OS X from 10.4 and upwards? Right now were in a kind of mixed enviroment, with some Mac users using iChat server since they need video support (conference across several offices over VPN), but it wont't work on windows clients. The rest of us are happily using Openfire+Spark, but there's no VoIP or video avaible from what i've found, unless you want to add in several 3rd party software (like red5 and asterisk). Requirements: As said before; must work on both Windows and Mac Internal server (no Skype etc) File transfer between platforms SSO (Single Sign-On) via Active Directory authentication Some sort of screen sharing would be a plus, like switching over to a screen capture (powerpoint, software training etc) We can afford to buy software if that's needed to get this working without any hiccups across platforms. Pre-thanks to anyone who gives suggestions.

Read the article
Reverse DNS (PTR) for Email

- by user3169495

We are hosting our website (http://www.redappleapartments.com) with a hosting company in Sweden. And we are using godaddy as our email provider. So, our smtp servers are smtp.europe.secureserver.net mailstore1.europe.secureserver.net Our website sends plenty of emails to our customers and we are sending via godaddy (using SMTP authentication). Some of the emails are never delivered to the recipients. And sometimes we see such warning: The hostname in the SMTP greeting does not match the reverse DNS (PTR) Can somebody out there suggest how we can solve this problem?

Read the article

< Previous Page | 151 152 153 154 155 156 157 158 159 160 161 162 | Next Page >