Search Results

Search found 6090 results on 244 pages for 'digest authentication'.

Page 167/244 | < Previous Page | 163 164 165 166 167 168 169 170 171 172 173 174  | Next Page >

• Web based interface for open SSL client certificates

  - by Felix

  Hi there! We are currently developing a apache2-based web application and want to invite some beta testers to give it a try. To be on the safe side, access should be provided by individual browser certificates (.p12) which are issued using a (fake) CA. Our users should be passing a complete register/login process and some of them will be granted administrative privileges within the application. That's why a preceding simple web-based authentication won't be sufficient. Atm, I am using a serverside shellscript to generate the certificates each time. Do you know about a small, web-based tool to simplify the process of generating / revoking those certificates? Maybe an overview of the CA's index.txt plus the option to revoke a cert and a link to download them directly?

  Read the article

• /etc/profile.d and "ssh -t"

  - by petersohn

  I wanted to run a script on a remote machine. The simple solution is this: ssh remote1 some-script This works until the remote script doesn't want to connect to another remote machine (remote2) which requires interactive authentication, like tis one (remote2 is only reachable through remote1 in this case): ssh remote1 "ssh remote2 some-script" The solution for the problem is to use the -t option for ssh. ssh -t remote1 "ssh remote2 some-script" This works, but I get probems in case I use this (where some-script may execute further ssh commands): ssh -t remote1 some-script I found that some environment variables are not set which are set when I don't use the -t option. These envrionment variables are set in scripts from /etc/profile.d. I guess that these scripts are not run for some reason if using the -t option, but are run if I don't use it. What's the reason of this? Is there any way to work around it? I am using SUSE linux (version 10).

  Read the article

• concrete uses of LDAP?

  - by ajsie

  im new to LDAP. i wonder what are some concrete examples of using LDAP. things that are MUCH more easier to do when you got 3-7 linux computers in a small company network. one use that is very important for me seems to be that you configure LDAP to handle system authentication. then you dont have to create same accounts in all computers. are there other things that are a MUST DO for a small network to save more time? my small network is for apache servers and database servers. and should LDAP be in an own machine? cause i guess its not good to put it in apache or database servers since these are performance dependent.

  Read the article

• Is there a way to correct wrongly typed password / abort the operation while on password prompt in the console in MINGW32?

  - by jakub.g

  I sometimes mistype a password when being asked for it, e.g. by Git when pushing to remote repository. The password is not displayed (even masked as asterisks) in the console. Is there a way either to correct the password, or to abort the operation? Backspace for editing and CtrlC for aborting do not seem to work. I want to save some time instead of waiting for the remote authentication to fail, or providing a bad password, then Enter, CtrlC. Edit: Unfortunately CtrlU doesn't work for me (MINGW32 @ Windows XP). Any other guesses?

  Read the article

• media is write protected when using diskshadow.exe, start-bitstransfer powershell cmdlet

  - by Aaron - Solution Evangelist

  i am trying to use the powershell start-bitstransfer cmdlets to transfer a file i have exposed using a vss snapshot (via diskshadow), but unfortunately i am receiving the following error: Start-BitsTransfer : The media is write protected. At line:1 char:49 + Import-CSV c:\hda1\bits.txt | start-bitstransfer <<<< -transfertype upload -Authentication "Basic" -Credential $cred + CategoryInfo : InvalidOperation: (:) [Start-BitsTransfer], Exception + FullyQualifiedErrorId : StartBitsTransferCOMException,Microsoft.BackgroundIntelligentTransfer.Management.NewBits TransferCommand we really want to utilize the bits endpoint we are attempting to transfer the files to. is there any other way we can go about this (aside from copying the files elsewhere first, unless we can copy one slice at a time and transfer that)?

  Read the article

• Redmine Subversion: LDAP _and_ local auth

  - by Frank Brenner

  I need to set up a subversion repository with apache authentication against both an external LDAP server as well as the local Redmine database. That is, we have users whose accounts exist only in the LDAP directory and some users whose accounts only exist in the local Redmine db - all should be able to access the repo. I can't quite seem to get the apache config right for this. I know I saw a how-to for this at some point, I think using Redmine.pm, but I can't seem to find it anymore.. Thanks.

  Read the article

• Demoted domain controller and now IIS has permissions issues

  - by tladuke

  I have a machine that was a domain controller and everything else, includin an IIS site. I built new 2 new domain controllers and transferred the FSMO roles and waited a day and then demoted the original domain controller. Now the IIS site says : HTTP Error 401.2 - Unauthorized You are not authorized to view this page due to invalid authentication headers. I have a call in with the web app vendor, but maybe someone can guess what I need to fix now. I haven't looked at IIS since this was installed and am pretty lost. I thought about restoring the machine from a backup, but I think that would be an Active Directory disaster, right? The server is Windows 2008 (not R2). The new DCs are 2008 R2

  Read the article

• How to get password prompt from scp when launched remotely via ssh

  - by Zek

  When I ssh to a remote system and execute scp, I do not get a password prompt: # ssh 192.168.1.32 "scp joe\@192.168.1.31:/etc/hosts /tmp" Permission denied, please try again. Permission denied, please try again. Permission denied (publickey,password,keyboard-interactive). If I break it up like this, it works fine: # ssh 192.168.1.32 # scp joe\@192.168.1.31:/etc/hosts /tmp [email protected]'s password: How can I make it prompt me for the password in the first example above? Note: No, I cannot use key-based authentication for this.

  Read the article

• Sending emails with remote mail server in ASP.NET blocked by Windows firewall?

  - by Dave

  I want to migrate a web application from a Windows Server 2003 to a Windows Server 2008 R2. All works fine except sending emails from the application. If I configure the application to use the smtp server on "localhost" it works, but changing it to the "real" host name (e.g. mail.example.org) no mail is sent. The error message says, that the remote server needs a secure connection or smtp authentication. But since it works when using "localhost" instead of the host name I doubt that this is the problem. Also it's unlikely a problem with the mail server, I also tried it with another one. So for me it seems like the firewall is blocking the outgoing connection to the mail server. I tried to open port 25, but it still did not work. Maybe I just did it the wrong way.

  Read the article

• Blocked connections passing through firewall. What is wrong?

  - by Kiranu

  In our company we have a small business router (Cisco RV082) on which we are using its standard configuration (block all incoming traffic). We also have an SMTP relay configured (using WS2008R2) so that our internal applications can send email through google apps (which requires authentication). The thing is that the server was being used to send spam. We fixed the problem by only allowing the server to relay email from our internal IP address range (10.0.0.0/16). My concern is that there was a way by which external IPs connected to the network and that underlying problem has not been fixed, but I cannot imagine how these machines connected. Any thoughts?

  Read the article

• Can you specify git-shell in .ssh/authorized_keys to restrict access to only git commands via ssh?

  - by Matt Connolly

  I'd like to be able to use a ssh key for authentication, but still restrict the commands that can be executed over the ssh tunnel. With Subversion, I've achieved this by using a .ssh/authorized_keys file like: command="/usr/local/bin/svnserve -t --tunnel-user matt -r /path/to/repository",no-port-forwarding,no-agent-forwarding,no-X11-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAABIetc... I've tried this with "/usr/bin/git-shell" in the command, but I just get the funky old fatal: What do you think I am? A shell? error message.

  Read the article

• Connecting to Google SMTP with Konica Minolta Printers

  - by VictorKilo

  I have spent the better portion of two days trying to get a number of Bizhub MFCs to connect to Google's SMTP service. Our company recently switched from an exchange server, which handled SMTP requests to Gmail. We have 20 branches each with different MFCs. I was able to get the Cannons connected, but the Konicas are giving me major problems. The three models that are giving me issues are the C203, C250 and the C280. I have used the following: smtp.gmail.com port 465 Gmail Username/Pass aspmx.l.google.com port 25 no authentication aspmx.l.google.com port 25 Gmail Username/Pass None of these methods are working despite the fact that all of those have worked on different makes/models. Any help would be greatly appreciated, I'm at my whit's end.

  Read the article

• IIS web service responds on server, not from remote client

  - by Aharon Manne

  I have installed a web service on a server running IIS (v6, as far as I can tell). There is another service installed, which responds as expected. My service responds correctly when a browser is pointed to localhost, but there is no response when a remote client tries to query the service. Fiddler on the remote client simply reports a timeout. Wireshark on the remote client shows no response at all from the server, no NACK, nothing. Wireshark on the server detects no query at the relevant port (the service is installed on port 8080). There are no relevant entries in the event viewer. Obviously there is some issue of permissions or authentication. I have tried to compare my service to the service that works, but I have not been able to locate relevant parameters. Any help would be greatly appreciated.

  Read the article

• IIS permissions issue pointing docroot to Samba share

  - by lalalalalalalambda

  I have an IIS project which is stored on a Samba shared, network mounted with the following line: X: \\my-samba-server\dev /user:freddie Connectivity is fine, can read/write files from X:. In IIS, I'm trying to set it as the Physical path via \\my-samba-server\dev\folder\to\my\files, which results in the following 500.19 error: Config Error | Cannot read configuration file due to insufficient permissions It is by default trying to use the Pass-through authentication. If I try to set this to connect as the specific user freddie, I receive: The specified user does not exist What is the correct way to connect to a path which has been setup as described above? *Samba man pages indicate version 3.6 is on the Debian host

  Read the article

• Postfix/dovecot remove LDAP user

  - by dove221

  I have to remove or blacklist an LDAP/dovecot user. The authentication is setup from active directory what I cannot manage so I thought there should be a way at least to disable this specific user on the mailserver locally. # Virtual Accoutns - LDAP - MS AD virtual_mailbox_maps = ldap:/etc/postfix/ldap_mailbox_maps.cf virtual_alias_maps = ldap:/etc/postfix/ldap_alias_maps_redirect_true.cf ldap:/etc/postfix/ldap_alias_maps_redirect_false.cf ldap:/etc/postfix/ldap_mailbox _groups.cf virtual_mailbox_domains = domain.com virtual_uid_maps = static:1000 virtual_gid_maps = static:1000 virtual_transport = dovecot dovecot_destination_recipient_limit = 1 Anybody knows how to do it? I followed this guide for disabling 1 user through postfixes access file: http://www.cyberciti.biz/faq/howto-blacklist-reject-sender-email-address/ Unfortunately it doesn't work. It's like the settings stored in LDAP are overruling the access rule. Instead of postfix rejecting the mail it keeps accepting it. Thanks!

  Read the article

• PHP + IIS Application Pool Identity Windows\Temp permissions

  - by Matt Boothman

  I am currently running PHP (5.3) on IIS 7.5 on a Win2k8 R2 Web Edition Server and would like to know what, if any, problems or security vulnerabilities I may introduct into a system by assigning Read, Write, Modify & Execute permissions to either IUSR account or the IIS_USERS group for %SystemRoot%\Temp? Should I be altering permissions to that folder at all (as Windows reminds me I probably shouldn't when i attempt to change them)? Should I create a temp folder somewhere else and set permissions accordingly? The problem is when i set Anonymous Authentication (I'm guessing is a more secure option???) to use the App Pool identity, when starting sessions PHP gets stuck in a loop because it's unable to create session files in the %SystemRoot%\Temp folder due to lack of permission on the application pool user or IIS_USERS group. Another problem being ImageMagick (PHP Extension) is being denied access to %SystemRoot%\Temp to write temporary files so is throwing exceptions. I have tried searching Google however have not found anything that touches upon this subject specifically. Any help greatly appreciated.

  Read the article

• Forcing the from address when postfix relays over smtp

  - by John Whitlock

  I'm trying to get email reports from our AWS EC2 instances. We're using Exchange Online (part of Microsoft Online Services). I've setup a user account specifically for SMTP relaying, and I've setup Postfix to meet all the requirements to relay messages through this server. However, Exchange Online's SMTP server will reject messages unless the From address exactly matches the authentication address (the error message is 550 5.7.1 Client does not have permissions to send as this sender). With careful configuration, I can setup my services to send as this user. But I'm not a huge fan of being careful - I'd rather have postfix force the issue. Is there a way to do this?

  Read the article

• Replacing sick NTP server source and re-synching (with internal time currently 2 minutes late)

  - by l0c0b0x

  One of the external NTP servers (the primary one--currently) we're using as source seems to not be responding to NTP calls. Unfortunately, on our core router (Cisco 6509), the NTP functionality hasn't switched to the secondary NTP external server as it was expected. As a result, our core router which is pretty much our main internal NTP source is 2 minutes late. I'm planning to fix the external router issue by making the external NTP source be the one currently working. I'm wondering, how much will a 2 minute change affect my users and services? Specially since these days, we're heavily relying on certificate-based authentication. We're a Windows/Cisco shop. Internal NTP setup: [Core Router 1 / Cisco 6509]: looking out to two external NTP servers (in which the primary one is not responding to NTP calls) [Core Router 2]: Synching with Core router 1 (primary), working external router (secondary) [Other Cisco network devices]: Synching with Core router 1 (primary), core router 2 (secondary) [Domain controller(s)]: Synching with Core router 1 [All windows clients/servers]: Synching with domain controllers

  Read the article

• Windows 8 mail cause event 529 when connect to exchange

  - by holian

  I set my company exchange mailbox in Windows 8.1 mail. (outsite). Everything works fine, but after i start the Windows 8.1 mail i get event with id 529 in the security log continously. Reason: Unknown user name or bad password Username: [email protected] range: Type of login: 8 Logon Process: Advapi Authentication Package: Negotiate Workstation Name: SERVERNAME Caller User Name: SERVERNAME $ Calling range BAR NUL Caller Logon ID: (0x0, 0x3E7) Caller Process ID: 4384 Transmitted services: - Source Network Address: 56.43.213.122 Source Port: 55 698 If i close windows mail, events stop flooding the security log in the server. Connection parameters in windwos 8: email:[email protected] password domain:company.local username:myemail server:mydomain.dyndns.org SSL:yes. Any idea whats the problem? I can check my mail, with the same setting on my android phone without any problem. Thank you

  Read the article

• Microsoft CA certificate templates expires sooner than expected

  - by Tim Brigham

  The certificates my Microsoft CA is generating do not match the time period indicated in the template used. How can I resolve this? I recently created a new certificate template for use on my Linux boxes on my Microsoft CA (2008 R2 Enterprise). This template is approved for server and client authentication purposes with a validity period of 10 years - the expected lifetime of our Linux boxes - and the subject name supplied in the request. I have checked both the intermediate and offline CA - both have more than 10 years of life listed. Is there some kind of hard limit I'm hitting here?

  Read the article

• How to tell httpd to preserve the proxied error message?

  - by ZNK - M

  I have an httpd server proxying the requests to 2 different tomcat servers. One of my server handles the authentication and returns a specific http error code 521 when the user already have a running session. My issue is httpd automatically maps this 521 error code to a 500 (internal server error) and then my client can not handle it properly. I have tried to disable ProxyErrorOverride, to remove the /error/HTTP_INTERNAL_SERVER_ERROR.html.var but it does not changes anything. How can I ask httpd to not change anything to the proxied message? <IfModule proxy_module> ProxyPass /context1 http://127.0.0.1:8001/context1 ProxyPass /context2 http://127.0.0.1:8002/context2 ProxyPreserveHost Off ProxyErrorOverride Off </IfModule> Thanks in advance httpd 2.2.22 (Win32) mod_ssl tomcat 7.25 windows 7 64-bits

  Read the article

• Powershell SQL query--connection string

  - by sean

  I am trying to query several different SQL servers and run a command on each of them. I am unable to get the connection string right. Code, below. I receive the following error:Login failed. The login is from an untrusted domain and cannot be used with Windows authentication. I thought if I passed it the credentials it wouldn't care about the domain. How do I get around this? Thanks in advance. $serverList = @(Get-Content "c:\AllServers.txt") $query = "SELECT COUNT(thing) AS [RowCount] FROM My_table" $Database = "My_DB" # Read a file foreach ( $svr in $serverList ) { $conn=new-object System.Data.SqlClient.SQLConnection $ConnectionString = "Server={0};Database={1};User ID=sa;Password=Password;Integrated Security=True" -f $svr, $Database $conn.ConnectionString=$ConnectionString $conn.Open() $cmd=new-object system.Data.SqlClient.SqlCommand($Query,$conn) $conn.Close() }

  Read the article

• Apache - Same username in several .htpasswd files

  - by greydet

  In a virtual host, I setup two different <Location> blocks for which the access is restricted by two basic authentication htpasswd files. One htpasswd contains different usernames + a common user name. The other htpasswd file only contains the common user name. My problem is that once users connect a location with the common user name, they have immediate access to the other location without being asker for a different user name. Is there a way to restrict the username access only to the corresponding htpasswd file? Is there a way for users to ask to be re-prompted for another username/password?

  Read the article

• apache, shibboleth, load balancing aliase, ssl

  - by Nikolaidis Fotis

  Good morning folks Could you give me a bit of help with the following problem ? I have a dns load balancing mechanism and an alias (hostAlias) which may point to host01, or host02 I want to configure apache and shibboleth to work with that alias. What happens is ... User types : https://hostAlias (it points to host01) apache host01 : redirect to shibboleth shibboleth host01 : redirect to **https://hostAlias.cern.ch/Shibboleth.sso/ADFS** Now, there are two cases. Either this time hostAlias will point again to host01 , or it will point to host02. If it points to host02, host01 will not get the anwser and the authentication fails. Also, about ssl certificates, I guess that each host will need its own certificate. right ? Should I need a certificate with DNS aliases ? Thanks in advance !

  Read the article

• Web application design with distributed servers

  - by Bonn

  I want to build a web application/server with this structure: main-server sub-server transaction-server (create, update, delete) view-server (view, search) authentication-server documents-server reporting-server library-server e-learning-server The main-server acts as host server for sub-server. I can add many sub-servers and connect it to main-server (via plug-play interface maybe), then it can begin querying data from another sub-servers (which has been connected to the main-server). The sub-servers can be anywhere as long as connected to internet. The main-server can manage all sub-servers which are connected to it (query data, setting permission between sub-servers, etc). The purpose is simple, the web application will be huge as the company grows, so I want to distribute it into small connected plug-able servers. My question is, does the structure above already have a standardized method? or are there any different views? what are the technologies needed? I need a lot of researches before the execution plan begin. thanks a lot.

  Read the article

< Previous Page | 163 164 165 166 167 168 169 170 171 172 173 174  | Next Page >