Search Results

Search found 5866 results on 235 pages for 'authentication'.

Page 158/235 | < Previous Page | 154 155 156 157 158 159 160 161 162 163 164 165 | Next Page >

Windows 2008 Domain Controller - Backup (BDC) to Primary (PDC)

- by Klaptrap

I have created a new domain controller with my single domain forest. I have also made it DHCP and DNS ready - all 3 services have synchronised with the existing W2K8 domain controller. I even migrated the FSMO roles and thought everything was fine. Indeed all machines on network appear to obtain DHCP and DNS from new server and the AD is working on the new server as my internal website uses it for login authentication. I have just noticed, via BgInfo - Sys Internals - that the new server is showing as "backup" and the old as "primary" - I thought I had already achieved this. Have the FSMO roles swapped back - as I have yet to have removed the old server from AD (dcpromo). Do I need to do anything before I run dcpromo on the old server? Any thoughts appreciated....

Read the article
AirPlay over unicast DNS-SD. Anyone got it working?

- by Moduspwnens

We set up AirPrint using unicast DNS-SD on our campus about a year ago and it turned out to be a big success, so we're looking at trying to get AirPlay working so our faculty and students can wirelessly show content on our classroom projectors. There are still a couple of other things preventing an ideal implementation (username and password authentication, for starters), but I've been trying to set up a working demo nonetheless. Getting AirPrint working was basically just a matter of advertising the same records over a DNS-SD domain instead of the multicast (.local) one, but doing the same thing for AirPlay doesn't seem to cut it. The devices don't recognize the DNS-SD AirPlay servers as available. I've uploaded a screenshot of my DNS-SD configuration with the original (from AirServer, which works normally for multicast) here. I realize this is still a fairly new feature and documentation is lacking, but has anyone been able to get AirPlay working via DNS-SD? If it simply only works over multicast, I can accept that, but its potential is so appealing for us that I thought it'd be worth asking if anyone else has figured it out.

Read the article
Windows 7 connect to Lion file sharing

- by McKvack

Trying to access my Mac from a Windows 7 computer, I fail with the infamous error 86 incorrect password. Now this appears to be a well-known problem with countless threads on the internet giving as many "solutions" as there are discussion threads about it (mostly ranging from installing third-party commercial samba servers, to switching to some other protocol, to compiling a plain-vanilla Samba installation - the latter which I will probably do when I give up this :) ) I am stubborn, and I believe there must be some problem here that can be solved or worked around, but there is surprisingly little detail about this problem. It appears to have something to do with a mismatch of authentication methods. Trying to run samba in debug mode: sudo /usr/sbin/smbd -debug -stdout gets me this output when trying to access it from Win 7 ... smb1_dispatch_one [smb_dispatch.cpp:377] dispatching SMB_COM_SESSION_SETUP_ANDX smb1_dispatch_session_setup [session_setup.cpp:261] FIXME erase existing sessions log_gss_error [gssapi_mechanism.cpp:97] gssapi: gss-code: Miscellaneous failure (see text) log_gss_error [gssapi_mechanism.cpp:113] gssapi: mech-code: unknown mech-code 22 for mech unknown What is the problem here, and how do I fix it?

Read the article
Solaris 10 opencsw git package issue with bitbucket git hosting

- by zephyrus00jp

Has anyone tried using `git' from opencsw package in order to work with bitbucket source hosting service (under solaris10)? I tried to use git as the bitbucket documentation explains, and - under Debian GNU/Linux, it worked flawlessly as described, but - under Solaris 10, I got Authentication Failed message. I even tried to run truss to see anything is suspicious but could not find any smoking gun under solaris why it failed. ldd git-binary didnd't show anything suspicious either (except for the libcrypt library which could be a suspicious to think about export restrictions. Have they shipped incompatible version? BUT since the password is typed into https: connection, I suspect it is only a matter of web-level cryptography and should be universal these days.) I am now tempted to compile git suite under solaris 10, but I did find people who seem to be using git with bitbucket under solaris 10 and am wondering what could be wrong.

Read the article
Backup Exec backup-to-disk folder creation - Access denied

- by ewwhite

I'm having a difficult time creating a backup-to-disk folder in Symantec Backup Exec 12.5 and Backup Exec 2010. The backend storage is a Nexenta/ZFS-based NAS filer sharing the volume via CIFS. I've also seen the issue on other *nix-based NAS devices. I've attempted mapping the drive, providing the full paths to the folder, etc. I can browse to the share just fine from within Windows, but Backup Exec fails to create the B2D folder with different variants of a Unable to create new backup folder. Access denied error. I've attempted creating service accounts in Backup Exec to handle the authentication, but nothing seems to work. What's the key to making this work?

Read the article
subversion: enforce TLS

- by Daniel Marschall

Hello, I am running subversion on a Debian Squeeze system with Apache2 and mod_dav for viewing the contents with a webbrowser. I want to enforce the usage of TLS, so that the login data and the SVN contents cannot be read from the connection. I have tried following: <Location /svn> DAV svn SVNParentPath /daten/subversion/ # our access control policy AuthzSVNAccessFile /daten/subversion/access_control # try anonymous access first, resort to real # authentication if necessary. Satisfy Any Require valid-user # how to authenticate a user AuthType Basic AuthName "Subversion repository" AuthUserFile /daten/subversion/.htpasswd # Test SSLRequireSSL RewriteEngine On RewriteCond %{SERVER_PORT} !443 RewriteRule ^svn/(.)$ https://www.viathinksoft.de/svn/$1 [R,L] </Location> at file /etc/apache2/conf.d/subversion.conf Alas, this does not work. There is no redirect and there is still a HTTP request working at /svn/(projectname)/(somefolder) . This SSL-enforce-policy should work for - viewing the contents with webbrowser - retrieve contents with TurtoiseSVN client - committing contents with TurtoiseSVN client Can you please help me? Regards Daniel Marschall

Read the article
What's the difference between sudo su - postgres and sudo -u postgres?

- by Craig Ringer

PostgreSQL users peer authentication on unix sockets by default, where the unix user must be the same as the PostgreSQL user. So people frequently use su or sudo to become the postgres superuser. I often see people using constructs like: sudo su - postgres rather than sudo -u postgres -i and I'm wondering why. Similarly, I've seen: sudo su - postgres -c psql instead of sudo -u postgres psql Without the leading sudo the su versions would make some sense if you were on an old platform without sudo. But why on a less than prehisoric UNIX or Linux would you use sudo su ?

Read the article
Meraki's Accounting-Requests to RADIUS server

- by PachinSV

I'm running a RADIUS server with some Meraki APs, the process of Authentications is fine... But it seems that the Meraki Cloud Controller is just sending the authentication packets and not the accounting requests. I've tested the RADIUS sending accounting requests with the radclient tool (locally) and it worked. I think that maybe my RADIUS server is ignoring the accounting requests from the MCC because there are some Vendor Specific Attributes that my RADIUS doesn't know. should I add a Meraki's dictionary to my RADIUS configurations? I'm kind of desperate, any idea?

Read the article
Security Audit Failures in Event Viewer Windows Server 2008R2

- by Jacob

When I am looking at the security tab of my event viewer on a Windows Server 2008 R2, I am showing a ton of Audit Failures with Event ID 4776. The computer attempted to validate the credentials for an account. Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 Logon Account: randy Source Workstation: HPDB1 Error Code: 0xc0000064 I verified the account "randy" exist in my Active Directory. From my understanding, there has not been any recent password changes. Is there any way to get detailed information on this error? I am wondering what program is requesting this information. Also, is there any way to clear this error up? I was thinking about resetting the password and changing it back to the original.

Read the article
need help upgrading small business wifi network

- by Henry Jackson

Our small business currently has 3 wireless access points around the building, each with their own SSID. Security is done with WEP (ick) and MAC address filtering (double ick). We are trying to reconfigure the setup, with these goals: wifi roaming between the access points user-based authentication that isn't as annoying as MAC address filtering. 1) The entire building is hardwired with ethernet, so I assume it should be easy to set up the routers to act as one big network, but I can't figure out how. Can someone point me in the right direction? The routers are consumer-grade linksys routers, is it possible to do this without getting new hardware? 2) For security, we will probably upgrade to WPA2, and I'm thinking of using the Enterprise version so that users can log in with a username, instead of having a single key (so if an employee leaves or something, their access can be removed). We have several on-site Windows servers, can one of them be set up as a RADIUS server, or is that best left to a dedicated machine (again, using existing hardware is good).

Read the article
Web based interface for open SSL client certificates

- by Felix

Hi there! We are currently developing a apache2-based web application and want to invite some beta testers to give it a try. To be on the safe side, access should be provided by individual browser certificates (.p12) which are issued using a (fake) CA. Our users should be passing a complete register/login process and some of them will be granted administrative privileges within the application. That's why a preceding simple web-based authentication won't be sufficient. Atm, I am using a serverside shellscript to generate the certificates each time. Do you know about a small, web-based tool to simplify the process of generating / revoking those certificates? Maybe an overview of the CA's index.txt plus the option to revoke a cert and a link to download them directly?

Read the article
Can't login to SQL Server after moving machine to different office/domain

- by Dan

Our company has just been bought and the over the weekend I have brought up the last few machines to plug into their network (they are under a different Windows Domain). The last machine is our Vault system and the SQL Server was using Windows Authentication. I have plugged it into their network and its working fine, but i cannot connect to SQL Server with Management Studio and, I fear, no backup jobs will also be working. When I try to login under Windows Auth, it has the user name of "NEWDOMAIN\Administrator" (greyed out) and then presents a "login failed" message with error code "18456". Can anyone help me with this, or will I just have to reinstall SQL Server, Vault and restore the backup I took before the move?

Read the article
need help upgrading small business wifi network

- by Henry Jackson

Our small business currently has 3 wireless access points around the building, each with their own SSID. Security is done with WEP (ick) and MAC address filtering (double ick). We are trying to reconfigure the setup, with these goals: wifi roaming between the access points user-based authentication that isn't as annoying as MAC address filtering. 1) The entire building is hardwired with ethernet, so I assume it should be easy to set up the routers to act as one big network, but I can't figure out how. Can someone point me in the right direction? The routers are consumer-grade linksys routers, is it possible to do this without getting new hardware? 2) For security, we will probably upgrade to WPA2, and I'm thinking of using the Enterprise version so that users can log in with a username, instead of having a single key (so if an employee leaves or something, their access can be removed). We have several on-site Windows servers, can one of them be set up as a RADIUS server, or is that best left to a dedicated machine (again, using existing hardware is good).

Read the article
need help upgrading small business wifi network

- by Henry Jackson

Our small business currently has 3 wireless access points around the building, each with their own SSID. Security is done with WEP (ick) and MAC address filtering (double ick). We are trying to reconfigure the setup, with these goals: wifi roaming between the access points user-based authentication that isn't as annoying as MAC address filtering. 1) The entire building is hardwired with ethernet, so I assume it should be easy to set up the routers to act as one big network, but I can't figure out how. Can someone point me in the right direction? The routers are consumer-grade linksys routers, is it possible to do this without getting new hardware? 2) For security, we will probably upgrade to WPA2, and I'm thinking of using the Enterprise version so that users can log in with a username, instead of having a single key (so if an employee leaves or something, their access can be removed). We have several on-site Windows servers, can one of them be set up as a RADIUS server, or is that best left to a dedicated machine (again, using existing hardware is good).

Read the article
Run script when shutting down ubuntu before the logged in user is logged out

- by Travis

I'm writing a script to backup some local directories on a unix machine (Ubuntu) to a samba drive. The script works fine and I've got it running at shutdown and restart using the method described at http://en.kioskea.net/faq/3348-ubuntu-executing-a-script-at-startup-and-shutdown It works by placing the backup script into the /etc/rc6.d and /etc/rc0.d directories. However there is a problem. After looking at the scripts logfile it seems to be run after the user is logged out. We are using LDAP authentication and when the user logs out, the system cannot backup to their samba share. Does anyone know of anyway to run the script before the user is logged out?

Read the article
Is there a way to correct wrongly typed password / abort the operation while on password prompt in the console in MINGW32?

- by jakub.g

I sometimes mistype a password when being asked for it, e.g. by Git when pushing to remote repository. The password is not displayed (even masked as asterisks) in the console. Is there a way either to correct the password, or to abort the operation? Backspace for editing and CtrlC for aborting do not seem to work. I want to save some time instead of waiting for the remote authentication to fail, or providing a bad password, then Enter, CtrlC. Edit: Unfortunately CtrlU doesn't work for me (MINGW32 @ Windows XP). Any other guesses?

Read the article
Redmine Subversion: LDAP _and_ local auth

- by Frank Brenner

I need to set up a subversion repository with apache authentication against both an external LDAP server as well as the local Redmine database. That is, we have users whose accounts exist only in the LDAP directory and some users whose accounts only exist in the local Redmine db - all should be able to access the repo. I can't quite seem to get the apache config right for this. I know I saw a how-to for this at some point, I think using Redmine.pm, but I can't seem to find it anymore.. Thanks.

Read the article
concrete uses of LDAP?

- by ajsie

im new to LDAP. i wonder what are some concrete examples of using LDAP. things that are MUCH more easier to do when you got 3-7 linux computers in a small company network. one use that is very important for me seems to be that you configure LDAP to handle system authentication. then you dont have to create same accounts in all computers. are there other things that are a MUST DO for a small network to save more time? my small network is for apache servers and database servers. and should LDAP be in an own machine? cause i guess its not good to put it in apache or database servers since these are performance dependent.

Read the article
putty pageant - forget keys after period of inactivity

- by pQd

in the environment where windows client computers are used to run putty to connect to multiple linux servers i'm considering moving away from password based authentication and using public/private key pairs with pass-phrases. using ssh-agent would be nice, but at the same time i'd like it to 'forget' the pass-phrases after given period of inactivity. it seems that putty's pageant does not provide such feature; what would you suggest as alternative? solutions that i'm considering: patching pageant code [might be tricky, code is probably quite rusty and project - sadly - stagnant] writing small custom application using GetLastInputInfo and killing pageant if the machine was idle for more than let's say 15 minutes [ yes, there'll be separate policy for locking the desktops as well ] using alternative ssh client and ssh agent. any suggestions? thanks!

Read the article
/etc/profile.d and "ssh -t"

- by petersohn

I wanted to run a script on a remote machine. The simple solution is this: ssh remote1 some-script This works until the remote script doesn't want to connect to another remote machine (remote2) which requires interactive authentication, like tis one (remote2 is only reachable through remote1 in this case): ssh remote1 "ssh remote2 some-script" The solution for the problem is to use the -t option for ssh. ssh -t remote1 "ssh remote2 some-script" This works, but I get probems in case I use this (where some-script may execute further ssh commands): ssh -t remote1 some-script I found that some environment variables are not set which are set when I don't use the -t option. These envrionment variables are set in scripts from /etc/profile.d. I guess that these scripts are not run for some reason if using the -t option, but are run if I don't use it. What's the reason of this? Is there any way to work around it? I am using SUSE linux (version 10).

Read the article
How to get password prompt from scp when launched remotely via ssh

- by Zek

When I ssh to a remote system and execute scp, I do not get a password prompt: # ssh 192.168.1.32 "scp joe\@192.168.1.31:/etc/hosts /tmp" Permission denied, please try again. Permission denied, please try again. Permission denied (publickey,password,keyboard-interactive). If I break it up like this, it works fine: # ssh 192.168.1.32 # scp joe\@192.168.1.31:/etc/hosts /tmp [email protected]'s password: How can I make it prompt me for the password in the first example above? Note: No, I cannot use key-based authentication for this.

Read the article
media is write protected when using diskshadow.exe, start-bitstransfer powershell cmdlet

- by Aaron - Solution Evangelist

i am trying to use the powershell start-bitstransfer cmdlets to transfer a file i have exposed using a vss snapshot (via diskshadow), but unfortunately i am receiving the following error: Start-BitsTransfer : The media is write protected. At line:1 char:49 + Import-CSV c:\hda1\bits.txt | start-bitstransfer <<<< -transfertype upload -Authentication "Basic" -Credential $cred + CategoryInfo : InvalidOperation: (:) [Start-BitsTransfer], Exception + FullyQualifiedErrorId : StartBitsTransferCOMException,Microsoft.BackgroundIntelligentTransfer.Management.NewBits TransferCommand we really want to utilize the bits endpoint we are attempting to transfer the files to. is there any other way we can go about this (aside from copying the files elsewhere first, unless we can copy one slice at a time and transfer that)?

Read the article
Demoted domain controller and now IIS has permissions issues

- by tladuke

I have a machine that was a domain controller and everything else, includin an IIS site. I built new 2 new domain controllers and transferred the FSMO roles and waited a day and then demoted the original domain controller. Now the IIS site says : HTTP Error 401.2 - Unauthorized You are not authorized to view this page due to invalid authentication headers. I have a call in with the web app vendor, but maybe someone can guess what I need to fix now. I haven't looked at IIS since this was installed and am pretty lost. I thought about restoring the machine from a backup, but I think that would be an Active Directory disaster, right? The server is Windows 2008 (not R2). The new DCs are 2008 R2

Read the article
Can you specify git-shell in .ssh/authorized_keys to restrict access to only git commands via ssh?

- by Matt Connolly

I'd like to be able to use a ssh key for authentication, but still restrict the commands that can be executed over the ssh tunnel. With Subversion, I've achieved this by using a .ssh/authorized_keys file like: command="/usr/local/bin/svnserve -t --tunnel-user matt -r /path/to/repository",no-port-forwarding,no-agent-forwarding,no-X11-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAABIetc... I've tried this with "/usr/bin/git-shell" in the command, but I just get the funky old fatal: What do you think I am? A shell? error message.

Read the article
Blocked connections passing through firewall. What is wrong?

- by Kiranu

In our company we have a small business router (Cisco RV082) on which we are using its standard configuration (block all incoming traffic). We also have an SMTP relay configured (using WS2008R2) so that our internal applications can send email through google apps (which requires authentication). The thing is that the server was being used to send spam. We fixed the problem by only allowing the server to relay email from our internal IP address range (10.0.0.0/16). My concern is that there was a way by which external IPs connected to the network and that underlying problem has not been fixed, but I cannot imagine how these machines connected. Any thoughts?

Read the article

< Previous Page | 154 155 156 157 158 159 160 161 162 163 164 165 | Next Page >