Search Results

Search found 60836 results on 2434 pages for 'system io directory'.

Page 166/2434 | < Previous Page | 162 163 164 165 166 167 168 169 170 171 172 173 | Next Page >

What is the minimal steps to setup a client-server network using Windows Server 2008 R2 standard?

- by Motivated Student

Background I have One computer server with Win Server 2008 R2 standard installed but it has not been configured. This server has 2 LAN adapters. One adapter is connected to ISP and the other one connected to HUB/Switch. Other computers working as clients are connected to the same HUB/Switch to which the server is connected. IP Printers, IP scanners, IP camera are also connected to the same HUB/Switch. Note: I am a newbie. I only know how to plug RJ-45 sockets and assembly computer peripherals. I have no prior experience in Windows Server at all. Please teach me from the newbie's point of view. Objective I want to establish the following: Each client can access the internet, printers, scanners after it has been successfully authenticated by the server. Unauthenticated clients cannot access the internet, printers, etc. The server hosts a local site. Clients can browse internally using a private domain www.company.com. If the same domain name has been used by other on the internet, my private domain must override the public domain.

Read the article
How to make security group in one forest show up in another forest?

- by Jake

I have two Win2k8 forests which I do maintenance on. The two forests have full 2 way external, non transitive trust with each other. I have a folder in forest X, domain countryX.mycompany.com accessible ONLY by the global security group named $group. In forest Y, domain countryY.mycompany.com, countryY\user1, countryY\user2 etc needs to have access to the folder. The natural instinct is to put user1, user2 etc into the $group. However, none of the methods for adding user to group works as it appears that the AD cannot find the groups in the other forest. Question: 1.How to make forests see each other's security groups and be able to add? 2.In practice, what is the recommended way to achieve the user access to the folders/files in another forest?

Read the article
AD license query

- by Rajeev

Hi, A basic question about AD license, if on my company website, clients makes an account and would be authenticated through AD server, do i need to have the licenses for the clients coming via web. and what all license would come into picture.

Read the article
Are Windows Domain Service Accounts Really Necessary?

- by Zach Bonham

One of the biggest problems we have in automating application deployments is the idea that running IIS AppPools and Windows Services under domain service accounts is a 'best practice'. Unfortunately, this best practice sometimes causes deployment headaches in that either we need to provision a new domain level service account quickly, or once we have the account, we now need to manage the account credentials. I had a great conversation about not making domain level service accounts a requirement and effectively taking one of two approaches: Secure at the node level using machine account(domain\machine$) and add the node to appropriate ActiveDirectory/Sql groups/roles Create local app specific accounts on each machine (machine\myapp) and add that account to appropriate ActiveDirectory/Sql groups/roles (the password here can change per deployment, it doesn't need to be stored) In both cases, it seems that its easier to manage either adding an account to appropriate group/role, or even stand up new, local account, than it is to have to provision a new domain level account and manage those credentials. This would hopefully ease the management burden on ActiveDirectory, Sql Server and Operations teams as there would be no more password management. We've not actually been able to implement this in practice yet. I am coming from a development background, so I'm curious as to how many ways this approach could go wrong? Can we really get rid of domain level service accounts with this direction? I'd appreciate any thoughts from anyone who has taken this path! Thanks! Zach

Read the article
I/O APIC on Virtualbox

- by RidDeBakTiYar

I'm trying to use the PIT to do APIC timer calibration, and I want to use the PIT through I/O APIC instead of PIC. On Bochs I get interrupts from the PIT at the asked frequency from the I/O APIC, while on Virtualbox I can't receive a single interrupt. It must be an I/O APIC configuration problem because as I unmask the first PIC entry, the IRQ fires. However that's not what I want. Can you imagine any possible condition that wouldn't make Virtualbox fire the IRQ? I'm not assuming single I/O APIC configuration (even though Virtualbox has only 1). I'm not assuming identity mappings between ISA IRQs and I/O APIC GSIs (using ACPI MADT table to get I/O APIC base address and Int override). I'm setting the Trigger Mode and Polarity bits correctly (on Virtualbox they are set as '00 - default' which means edge high right?). I'm putting the BSP APIC ID into the Destination field (using Physical destination) and vector 0x20. Being the BSP APIC ID 0 on Virtualbox, it ends up with 0x0000000000000020 written to the IOREDTBL. And, just in case I'm getting the wrong values from the Interrupt Override descriptor, I'm setting this value to all the IOREDTBL entries (I know this is very very bad, and it wont be kept as I understand what's going on). The only thing I didn't check out is Local APIC configuration. Actually I'm not writing any value to the BSP LAPIC. Just reading the APIC ID and using it to boot APs through IPIs. And obviously I'm setting bit 11 in the IA32_APIC_BASE MSR to enable the LAPIC. Any ideas? Thanks in advance.

Read the article
MS DNS lookup issue

- by 3molo

Hi, Got two AD/DNS servers, and on the secondary I can't seem to lookup the external site www.iis.se (or any other hostname that their name servers control). The central firewall at this office allows any any outbound, tcp and udp. The DNS server has no local firewall nor antivirus. My windows client, located in the same subnet as the DNS server can do the lookup by asking the nameservers that are in control of www.iis.se. 'dig NS iis.se' shows iis.se. 2517 IN NS ns2.nic.se. iis.se. 2517 IN NS ns.nic.se. iis.se. 2517 IN NS ns3.nic.se. on AD/DNS server C:\Users\Administratornslookup www.iis.se 212.247.7.228 Server: UnKnown Address: 212.247.7.228 Name: www.iis.se Addresses: 2a00:801:f0:80::80 212.247.7.221 C:\Users\Administratornslookup www.iis.se 194.17.45.54 Server: UnKnown Address: 194.17.45.54 Name: www.iis.se Addresses: 2a00:801:f0:80::80 212.247.7.221 C:\Users\Administratornslookup www.iis.se 212.247.3.83 Server: UnKnown Address: 212.247.3.83 Name: www.iis.se Addresses: 2a00:801:f0:80::80 212.247.7.221 And still: C:\Users\administratornslookup www.iis.se Server: UnKnown Address: 127.0.0.1 DNS request timed out. timeout was 2 seconds. DNS request timed out. timeout was 2 seconds. * Request to UnKnown timed-out

Read the article
LDAP Authentication for multiple AD Domains

- by TrevJen

I have 3 full trust domains (2 child and one root). I need to use LDAP to allow authntication for domain users. The trick is that I need the application to use an AD server for the child domain BUT proxy the LDAP query and authentication for the root domain. I see that it maty be possible with AD LDS and some trusts and synching, but it looks pretty hairy and overly complicated. The short of it is: 3 domains (Parent, ChildA, ChildB) My 3rd party app will need to use ChildA domain servers to authenticate either: a. a user in the parent domain or b. a user in the ChildB domain I already have full trusts between all domains, and regular NTLM authentication works fine (unless you are trying to authenticate with LDAP)

Read the article
What are the consequences of giving an AD domain differing NetBIOS and DNS names?

- by Newt

In the past, when creating AD domains, I've used the common convention of using a sub-domain of the company's publicly registered domain name, e.g "corp.mycompany.com" or "int.mycompany.com". I've always accepted the default NetBIOS name when running DCPromo, for fear that creating a NetBIOS name that differs from the sub-domain may cause complications. I've recently been doing a bit of research on the consequences of providing an alternate NetBIOS name. The main reasons behind this are: The NetBIOS name isn't particularly descriptive or unique to the company Apparently generic NetBIOS names such as "CORP" or "INT" can cause issues when merging IT systems (although I've not had experience with this myself) Providing something "before the slash" that means more to users (less important) In looking at the possible downsides, the only one I can come up with is the disjointed namespace issue when configuring Exchange. Can anybody with more experience than I elaborate on my findings at all? Many thanks

Read the article
Exchange\AD Authentication Using Alternate Email Domain

- by Aaron Wurthmann

I did this once. I can't recall how to do it anymore AND/OR it works differently in Windows 2008 than it did in Windows 2003. I recall it being an Exchange hosting feature. I would like users to login with their email addresses instead of only with their domain name. EXAMPLE: User: John Doe User logon name: [email protected] User logon name (pre-Windows 2000): DOMAIN\jdoe E-mail: [email protected] I would like for jdoe to be able to login as [email protected]

Read the article
Why can't this user connect to domain share?

- by Saariko

Part of my reorganizing credentials in the domain, I have created several users that will be used solely for services (backup, LDAP, etc) The idea is that systems that need specific usage will use a user/service user, that will give them what they need. However, I am having trouble setting the correct needed data. For this example, I have a NAS (Ready NAS 1100 by Netgear), that runs it's own backup jobs. The job reads from a domain share: \domain\qa and copies all data to another location. When using the domain\administrator everything works. When I input the domain\srv.backup user I get an error connecting to the folder. The srv.backup is part of the 'Domain Admins' group, which is a member of 'Administrators' I thought there might be propagation issues, but even when the srv.backup user was a direct member of 'Administrators' the error still occurred. I have 2 DC's (W2K8R2 replicas) - I thought that could also cause a problem, AFAIKT it's not the issue. Sharing permissions are open to everyone The Security on the folder is as follow This is the test window from the NAS dashboard I doubled check that the 'srv.domain' is part of the 'Domain Admins' group As well as tried with a simple 1-9 password. What else do I need to check? thanks.

Read the article
Changing Network Path of Offline Files

- by Adam

Many of our users have their Home folder set as Available Offline. Their Windows 7 laptops will not be back on our network for a few weeks. In the mean time, we're setting up new servers and reorganizing our files, so the network path to the Home folder is going to be completely different. Based on some testing I did, when the users return, any files they've created or modified while offline will be gone, and the new Home folder will be there and not set to sync. The offline cache of the old Home folder is still accessible through the Sync Center, but they're not going to want to dig through that and try to find what's missing. Avoiding this would involve keeping the old server around and moving everyone to the new location in person, so we know for sure they're synced first. Is there any way to avoid this that isn't as tedious, like a quick registry edit or something that will point the old offline cache to the new location?

Read the article
What Defines an AD Object as "Inactive"

- by Malnizzle

I am going to be using some DSQUERY/DSMOVE scripts to clean up my AD Domin. One option is to move inactive objects to a OU that has restrictive GPOs applied to it. Something like: DSQUERY computer -inactive 10 | DSMOVE -newparent <distinguished name of target OU> My question is what value defines an object, both user and computer, as "inactive" for a period of time? Is it the last time a computer was logged on to for computer accounts, and for users is it the last time that the user account logged on to a computer? But what if, say for example, I had a web server that wasn't rebooted and or logged into for a couple of months but remain powered on and functioning as normal, would it be defined as "inactive" where as technically it's still serving web pages and so on? Thanks for the help!

Read the article
How to change location of Maildir/ in postfix mail system

- by adesh

I'm using Postfix with imap and pop servers running on ubuntu linux. I want to change the the location of Maildir folder from user's home directory to some other shared folder so that all mail is in one place. I also have problem sending local mails to users who does not have a home directory (e.g. www-data), the system users created by default. I'm getting the following error. postfix/local[32123]: DCE1D221BBD: to=<www-data@********>, orig_to=<www-data>, relay=local, delay=33, delays=33/0/0/0.12, dsn=5.2.0, status=bounced (maildir delivery failed: create maildir file /var/www/Maildir/tmp/1382169296.P32123.********: Permission denied) I'd like to have a folder structure similar to this: /all-mail/<user-name>/<mail-goes-here>

Read the article
How a password is transmited to AD Server

- by erdogany

My question is how ADSI performs SetPassword operation. According to what I have read ADSI is a COM interface and it has more capabilities than AD provides through LDAP. While you are suppose to update unicodePwd attribute of a personaccount entity through LDAP, ADSI provides you SetPassword call. I know that ADSI & AD provides Kerberos during authentication. So how the password is transmitted to server when SetPassword is called? Is it raw binary unencrypted data? Or does Kerberos comes into play at this call?

Read the article
Double root folder vs single root folder

- by Tomas

On my Linux box, in bash, I have access to a "double root" folder denoted by two forward slashes: tomas:~ $ cd / tomas:/ $ ls bin/ cdrom@ ... tomas:/ $ cd // tomas:// $ ls bin/ cdrom@ ... The content of the folder and its subfolder is identical to the "normal" single slash root. The double slash does not go away when I access its subfolders. The annomaly does not repeat itself with three or more slashes; these are simple synonyms for the root: tomas:// $ cd home/tomas tomas://home/tomas $ cd /// tomas:/ $ cd //// tomas:/ $ What kindof place is it? Is it a bug? Can anyone explain the annomaly?

Read the article
How to correct time on Windows PDC server without affecting logons

- by Kieran Walsh

I know how to set an authoritative time server in Server 2008 R2. That's not what this question is. I want to know how I can change the time on a network where the PDC (and therefore everything) is a month out of date? I know that a 5 minute difference in time between clients and the domain prevents logons, so just changing the time on the PDC will break everything. What is the best way to fix this? Thanks Kieran.

Read the article
AD query to see what PCs a user has logged onto recently

- by Mike

Hi, Is there any way to run a query in AD to check what PCs a user has logged into recently. regards Mike

Read the article
Granting rights to Windows domain Users in Ubuntu?

- by Pseudonymous

I've connected an Ubuntu 9.10 server to my Windows domain with Likewise Open. I am able to log into the server with my domain account (as DOMAIN\user), but my administrative rights don't carry over. How can I grant admin rights to domain user accounts?

Read the article
Windows Server: Change AD account name

- by Bastien974

Hello everybody, In my SBS 08 (AD, exchange), is it possible to change the name, email address of a user because he is leaving and I'd like to transfer all the account and credential to the new employee that is replacing him. Lot's of thing are set up for this user and it would save me lots of time if I can transfer an account like this. Thanks for your help !

Read the article
Where do I define a group policy that will set a users desktop background color to green the first time they log in?

- by Tyler

Servers: W2k8 R2 x64 Desktops: Win7 Pro x64 Our current group policy uses a custom ADM file to define certain properties of the desktop (Background Image (centered), Background Color is green (00 74 00)). This policy works for us, but the down-side is that policies defined in our custom ADM are only applied after a GPUpdate /Force is applied. We would like these desktop theme settings to be applied the first time the user logs onto the computer. I've been working on a new policy that forces the computer to wait for the network when the user logs on to handle folder redirection. The reason for writing the new policy was to resolve the issue that a user needs to run GPupdate /Force the first time they log in, so it doesn't make sense for me to implement the new policy if there is still something that requires GPUpdate /Force to get the user in the state that we want them. I've moved the setting for background image out into Admin Templates- Desktop- Desktop- "Desktop Wallpaper" so this is now being set properly when the user first logs in. Now I'm left with a black background until I force a group policy update. I have tried to play around with setting a default "Theme" and had limited success; this was not reliable enough to call a solution. I suppose I could set the background color with a script? Any thoughts? It feels like I'm missing something obvious, or that this should be much easier than it is.

Read the article
Querying Domain Controller objects using Powershell

- by Neobyte

Could someone explain to me why this does not work? Import-Module ActiveDirectory $dcs = Get-ADComputer -Filter {DistinguishedName -Like "*Domain Controllers*"} I get no results for this query. Alternatively, could someone suggest a way using the module above that I can generate a list of systems on my domain that are NOT Domain Controllers (which is what I'm eventually trying to achieve). Cheers

Read the article
Specify Credentials to run Powershell Script to Query AD

- by Ben

I want to run a powershell script to query AD from a machine that is NOT on the domain. Basically I want to query to see if there is computer account already on the domain for this machine and create it if there is not. Because this has to happen before the machine joins the domain I assume I will need to specify some credentials to enable it to run. (I'm pretty new to Powershell, so apologies if this is a newbie question!) The script I am using to check the account is below, and then once this has run it will join the domain using the computername specified. Can you tell me how to specify some domain credentials to run this section of the script as? Cheers, Ben $found=$false $thisComputer = <SERVICE TAG FROM BIOS> $ou = [ADSI]"LDAP://OU=My Computer OU,DC=myDomain,DC=com" foreach ($child in $ou.psbase.Children ) { if ($child.ObjectCategory -like '*computer*') { If ($child.Name -eq $thisComputer) { $found=$true } } } If ($found) { <DELETE THE EXISTING ACCOUNT> }

Read the article
LDAP authentication issue with Kerio Connect

- by djk

Hi, We have Kerio Connect (mail server) running on a Windows Server 2003 server on a domain. In the webmail client, users are able to change their domain password. This functionality used to work fine until a user tried to change their password a few days ago, when every password they'd try would result in the webmail client claiming their password was "invalid". I spoke to Kerio about this and they claim that this error is returned by the domain controller, which supports my initial investigations. The error that the DC is logging when an attempt is made to change the password is this: "80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 52e, vece" The "data 52e" part indicates that this is an "invalid credentials" error. I don't see how this can be as I've tried (in the Kerio Connect configuration) various accounts that have privileges to modify accounts, including my own as I am a domain admin. I have ran 'dcdiag' (all tests) on the DC and it came back passing every single one of them. I've searched high and low for an answer to this and came up empty. Does anyone have any idea why this may have suddenly started happening? Thanks! Edit: I should mention that the passwords we are changing to do comply with the complexity policy.

Read the article
How to resolve SSPI context error without changing Service Account from MSSQL

- by kockiren

There is a issue while connecting from new Windows 8.1 Clients to SQL Server 2008 running on Windows Server 2008 R2. The SQL Service running under account Domain\mssqlservice on a machine thats works fine I get this output from setspn -l domain\mssqlservice C:\>setspn -l domain\mssqlservice Registrierte Dienstprinzipalnamen (SPN) für CN=MSSQLService,CN=Users,DC=domain, DC=local,DC=tld: MSSQLSvc/mssql.domain.local.tld:1433 MSSQLSvc/mssql.domain.local.tld MSSQLSERVER/mssql.domain.local.tld:1433 On a windows 8.1 machine that don't work I get this output: C:\>setspn -l domain\msssqlservice FindDomainForAccount: Fehler beim Aufrufen von DsGetDcNameWithAccountW mit dem R ückgabewert 0x0000054B. Konto kockiren wurde nicht gefunden. On this Post I found a solution but, I can't change the Service Account who runs the SQL Service. Some application need this service delegation. But how I can realize that it works on my Windows 8.1 Clients?

Read the article
Move flag for follow of a specific color to a folder in Outlook 2003

- by Campo

I have a user request to be able to create a rule that would move an email in outlook 2003 that the user flagged for follow up to a specific folder. That seemed simple enough till he requested that depending on the flag color they were to be moved to a specific folder. Issue is that in outlook 2003 that's not an option when creating a rule. I know that this is very straight forward in outlook 2007 and 2010 and using the categories feature is very convenient as it displays as a list when you right click.... Though in 2003 categories are not so convenient. as an example the user will flag for follow up as so... Red Flag for sales Blue Flag for requests Green Flag for personal They want a rule that will move all items with a red flag to the sales folder, Green flag to the requests folder and so on.... Thank you for your suggestions.

Read the article

< Previous Page | 162 163 164 165 166 167 168 169 170 171 172 173 | Next Page >