Search Results

Search found 6090 results on 244 pages for 'digest authentication'.

Page 167/244 | < Previous Page | 163 164 165 166 167 168 169 170 171 172 173 174 | Next Page >

subversion: enforce TLS

- by Daniel Marschall

Hello, I am running subversion on a Debian Squeeze system with Apache2 and mod_dav for viewing the contents with a webbrowser. I want to enforce the usage of TLS, so that the login data and the SVN contents cannot be read from the connection. I have tried following: <Location /svn> DAV svn SVNParentPath /daten/subversion/ # our access control policy AuthzSVNAccessFile /daten/subversion/access_control # try anonymous access first, resort to real # authentication if necessary. Satisfy Any Require valid-user # how to authenticate a user AuthType Basic AuthName "Subversion repository" AuthUserFile /daten/subversion/.htpasswd # Test SSLRequireSSL RewriteEngine On RewriteCond %{SERVER_PORT} !443 RewriteRule ^svn/(.)$ https://www.viathinksoft.de/svn/$1 [R,L] </Location> at file /etc/apache2/conf.d/subversion.conf Alas, this does not work. There is no redirect and there is still a HTTP request working at /svn/(projectname)/(somefolder) . This SSL-enforce-policy should work for - viewing the contents with webbrowser - retrieve contents with TurtoiseSVN client - committing contents with TurtoiseSVN client Can you please help me? Regards Daniel Marschall

Read the article
PHP + IIS Application Pool Identity Windows\Temp permissions

- by Matt Boothman

I am currently running PHP (5.3) on IIS 7.5 on a Win2k8 R2 Web Edition Server and would like to know what, if any, problems or security vulnerabilities I may introduct into a system by assigning Read, Write, Modify & Execute permissions to either IUSR account or the IIS_USERS group for %SystemRoot%\Temp? Should I be altering permissions to that folder at all (as Windows reminds me I probably shouldn't when i attempt to change them)? Should I create a temp folder somewhere else and set permissions accordingly? The problem is when i set Anonymous Authentication (I'm guessing is a more secure option???) to use the App Pool identity, when starting sessions PHP gets stuck in a loop because it's unable to create session files in the %SystemRoot%\Temp folder due to lack of permission on the application pool user or IIS_USERS group. Another problem being ImageMagick (PHP Extension) is being denied access to %SystemRoot%\Temp to write temporary files so is throwing exceptions. I have tried searching Google however have not found anything that touches upon this subject specifically. Any help greatly appreciated.

Read the article
IIS web service responds on server, not from remote client

- by Aharon Manne

I have installed a web service on a server running IIS (v6, as far as I can tell). There is another service installed, which responds as expected. My service responds correctly when a browser is pointed to localhost, but there is no response when a remote client tries to query the service. Fiddler on the remote client simply reports a timeout. Wireshark on the remote client shows no response at all from the server, no NACK, nothing. Wireshark on the server detects no query at the relevant port (the service is installed on port 8080). There are no relevant entries in the event viewer. Obviously there is some issue of permissions or authentication. I have tried to compare my service to the service that works, but I have not been able to locate relevant parameters. Any help would be greatly appreciated.

Read the article
Is there a way to correct wrongly typed password / abort the operation while on password prompt in the console in MINGW32?

- by jakub.g

I sometimes mistype a password when being asked for it, e.g. by Git when pushing to remote repository. The password is not displayed (even masked as asterisks) in the console. Is there a way either to correct the password, or to abort the operation? Backspace for editing and CtrlC for aborting do not seem to work. I want to save some time instead of waiting for the remote authentication to fail, or providing a bad password, then Enter, CtrlC. Edit: Unfortunately CtrlU doesn't work for me (MINGW32 @ Windows XP). Any other guesses?

Read the article
Can't login to SQL Server after moving machine to different office/domain

- by Dan

Our company has just been bought and the over the weekend I have brought up the last few machines to plug into their network (they are under a different Windows Domain). The last machine is our Vault system and the SQL Server was using Windows Authentication. I have plugged it into their network and its working fine, but i cannot connect to SQL Server with Management Studio and, I fear, no backup jobs will also be working. When I try to login under Windows Auth, it has the user name of "NEWDOMAIN\Administrator" (greyed out) and then presents a "login failed" message with error code "18456". Can anyone help me with this, or will I just have to reinstall SQL Server, Vault and restore the backup I took before the move?

Read the article
Web application design with distributed servers

- by Bonn

I want to build a web application/server with this structure: main-server sub-server transaction-server (create, update, delete) view-server (view, search) authentication-server documents-server reporting-server library-server e-learning-server The main-server acts as host server for sub-server. I can add many sub-servers and connect it to main-server (via plug-play interface maybe), then it can begin querying data from another sub-servers (which has been connected to the main-server). The sub-servers can be anywhere as long as connected to internet. The main-server can manage all sub-servers which are connected to it (query data, setting permission between sub-servers, etc). The purpose is simple, the web application will be huge as the company grows, so I want to distribute it into small connected plug-able servers. My question is, does the structure above already have a standardized method? or are there any different views? what are the technologies needed? I need a lot of researches before the execution plan begin. thanks a lot.

Read the article
Windows 8 mail cause event 529 when connect to exchange

- by holian

I set my company exchange mailbox in Windows 8.1 mail. (outsite). Everything works fine, but after i start the Windows 8.1 mail i get event with id 529 in the security log continously. Reason: Unknown user name or bad password Username: [email protected] range: Type of login: 8 Logon Process: Advapi Authentication Package: Negotiate Workstation Name: SERVERNAME Caller User Name: SERVERNAME $ Calling range BAR NUL Caller Logon ID: (0x0, 0x3E7) Caller Process ID: 4384 Transmitted services: - Source Network Address: 56.43.213.122 Source Port: 55 698 If i close windows mail, events stop flooding the security log in the server. Connection parameters in windwos 8: email:[email protected] password domain:company.local username:myemail server:mydomain.dyndns.org SSL:yes. Any idea whats the problem? I can check my mail, with the same setting on my android phone without any problem. Thank you

Read the article
IIS cannot access itself

- by dave

We are on a corporate network that uses ISA and I am having issues trying to not have requests go through ISA. I have IIS7 on my local Windows 7 machine that has websites and a service layer. The websites access the service layer using a xxxx.servicelayer.local address that is set up in my HOSTS file to point to 127.0.0.1. I have Windows Firewall client which I have disabled. I have tried both adding this address into IE so that it does not go through ISA and also disabled this section altogether. When the website (which is actually IIS making the request to itself) tries to access the service layer I receive an ISA error that proxy authentication has failed. Considering that everything I can see to configure is set to not go through the proxy, ISA, I cannot see how this is actually going through the proxy and giving this error. Is there something within Windows 7 that forces the proxy setting, some sort of caching or similar?

Read the article
How can I get ssh-agent working over ssh and in tmux (on OS X)?

- by Rich

I have a private key set up for my github account, the passphrase to which is, I believe, stored in OS X's keychain. I certainly don't have to type it in when I open a terminal window and enter ssh [email protected]. However, when I'm running bash over an ssh session, or locally inside a tmux session, I have to type in the passphrase every single time I attempt to ssh to github. This question suggests that a similar problem exists with screen, but I don't really understand the issue well enough to fix it in tmux. There's also this page which includes a fairly complicated solution, but for zsh. EDIT: In response to @Mikel's answer, from a local terminal I get the following output: [~] $ echo $SSH_AUTH_SOCK /tmp/launch-S4HBD6/Listeners [~] $ ssh-add -l 2048 [my key fingerprint] /Users/richie/.ssh/id_rsa (RSA) [~] $ typeset -p SSH_AUTH_SOCK declare -x SSH_AUTH_SOCK="/tmp/launch-S4HBD6/Listeners" Whereas over ssh or in tmux I get: [~] $ echo $SSH_AUTH_SOCK [~] $ ssh-add -l Could not open a connection to your authentication agent. [~] $ typeset -p SSH_AUTH_SOCK bash: typeset: SSH_AUTH_SOCK: not found echo $SSH_AGENT_PID returns nothing whatever shell I run it from.

Read the article
Redmine Subversion: LDAP _and_ local auth

- by Frank Brenner

I need to set up a subversion repository with apache authentication against both an external LDAP server as well as the local Redmine database. That is, we have users whose accounts exist only in the LDAP directory and some users whose accounts only exist in the local Redmine db - all should be able to access the repo. I can't quite seem to get the apache config right for this. I know I saw a how-to for this at some point, I think using Redmine.pm, but I can't seem to find it anymore.. Thanks.

Read the article
Blocked connections passing through firewall. What is wrong?

- by Kiranu

In our company we have a small business router (Cisco RV082) on which we are using its standard configuration (block all incoming traffic). We also have an SMTP relay configured (using WS2008R2) so that our internal applications can send email through google apps (which requires authentication). The thing is that the server was being used to send spam. We fixed the problem by only allowing the server to relay email from our internal IP address range (10.0.0.0/16). My concern is that there was a way by which external IPs connected to the network and that underlying problem has not been fixed, but I cannot imagine how these machines connected. Any thoughts?

Read the article
Web based interface for open SSL client certificates

- by Felix

Hi there! We are currently developing a apache2-based web application and want to invite some beta testers to give it a try. To be on the safe side, access should be provided by individual browser certificates (.p12) which are issued using a (fake) CA. Our users should be passing a complete register/login process and some of them will be granted administrative privileges within the application. That's why a preceding simple web-based authentication won't be sufficient. Atm, I am using a serverside shellscript to generate the certificates each time. Do you know about a small, web-based tool to simplify the process of generating / revoking those certificates? Maybe an overview of the CA's index.txt plus the option to revoke a cert and a link to download them directly?

Read the article
Why would a FaceBook application "work" on a profile, but not a page?

- by edt

I made a FaceBook application that works fine on profiles, but I can't figure out how to get it to show on a FaceBook page. For example, after I visit the application canvas URL, allow the application, then edit application settings and "add" to box and tab view... I cannot click the "plus" symbol to the left of the tabs in order to add a tab for the application. It does not appear in the list of available applications. Meanwhile, the application is working/showing up on profiles with no issues. I DID check the "Installable to Pages" checkbox on the application (authentication tab) settings. What could cause this? Here is the application canvas URL: http://apps.facebook.com/russian_girls/

Read the article
Replacing sick NTP server source and re-synching (with internal time currently 2 minutes late)

- by l0c0b0x

One of the external NTP servers (the primary one--currently) we're using as source seems to not be responding to NTP calls. Unfortunately, on our core router (Cisco 6509), the NTP functionality hasn't switched to the secondary NTP external server as it was expected. As a result, our core router which is pretty much our main internal NTP source is 2 minutes late. I'm planning to fix the external router issue by making the external NTP source be the one currently working. I'm wondering, how much will a 2 minute change affect my users and services? Specially since these days, we're heavily relying on certificate-based authentication. We're a Windows/Cisco shop. Internal NTP setup: [Core Router 1 / Cisco 6509]: looking out to two external NTP servers (in which the primary one is not responding to NTP calls) [Core Router 2]: Synching with Core router 1 (primary), working external router (secondary) [Other Cisco network devices]: Synching with Core router 1 (primary), core router 2 (secondary) [Domain controller(s)]: Synching with Core router 1 [All windows clients/servers]: Synching with domain controllers

Read the article
Demoted domain controller and now IIS has permissions issues

- by tladuke

I have a machine that was a domain controller and everything else, includin an IIS site. I built new 2 new domain controllers and transferred the FSMO roles and waited a day and then demoted the original domain controller. Now the IIS site says : HTTP Error 401.2 - Unauthorized You are not authorized to view this page due to invalid authentication headers. I have a call in with the web app vendor, but maybe someone can guess what I need to fix now. I haven't looked at IIS since this was installed and am pretty lost. I thought about restoring the machine from a backup, but I think that would be an Active Directory disaster, right? The server is Windows 2008 (not R2). The new DCs are 2008 R2

Read the article
New Session Failed

- by PhilPursglove

We've started to see instances on our Intranet server where for any page the server just responds with the error page 'HTTP/1.1 New Session Failed'. It seems we can fix it by running IISRESET but this feels like we're only treating the symptom. The server is a virtualised server running IIS6 on Windows Server 2003 with 0.5Gb of RAM. Our Intranet is written in ASP, but we also have ASP.NET 2.0 applications running on the web site. The site is set up for Anonymous and Integrated Authentication. What causes IIS to get into this error state? Could the server be saturated with requests i.e. we need to scale out and move some applications onto another server? I've seen KB210842 but I'm not sure it applies as that is applicable to IIS 4

Read the article
Connecting to SQL Server on Parallels Desktop with PHP

- by Zen Savona

well I recently bought a Mac and am using it as my primary computer. Because I am required to work with MSSQL via PHP, I have installed Parallels Desktop and run Server 2008 R2 on it. I am using the same mixed mode authentication which I previously had on windows. When I attempt to connect to the server with PHP using either a new test file or my old code, it just doesn't find the server. I have tried running PHP on the XP install with parallels, and using the hostname as COMPUTERNAME\SQLEXPRESS, LOCALIP\SQLEXPRESS localhost localip etc, PHP never finds the server. Also note that I can connect to the database server using Management Studio without problems, so SQL Server is running. Please note that both PHP and MSSQL are running within the virtualised environment. Any contribution is appreciated

Read the article
Windows authenticated users have lost access to master (default) database

- by Rob Nicholson

Something very strange has occurred on our production SQL database. Users connecting via Windows authentication appear to have lost all access to the master database. By default, all logins have the default database set to master. So when you connect using SQL Server management studio, they get the error: "Cannot open user default database. Login failed error 4064". What's also worrying is that we have a group called "COMPANY - SQL Administrator" which has sysadmin rights and users in this group also get the same error. Worse, they don't appear to be system administrators anymore... If they change their default database to something else, they can connect and then work on the database, it's just the master database that is problematic. I'm not even sure by what mechanism windows authenticated users get access to the master database. Is it something hard coded in or some property that's got changed? Any ideas? Cheers, Rob.

Read the article
How does AuthzSVNAccessFile work?

- by grigy

I have set up an SVN repo with WebDAV access. For some reason it does not let checkout. Here is my httpd.conf part: <Location /svn> DAV svn SVNParentPath /home/svn/repositories AuthzSVNAccessFile /home/svn/dav_svn.authz Satisfy Any Require valid-user AuthType Basic AuthName "Subversion Repository" AuthUserFile /home/svn/dav_svn.passwd </Location> I have two repositories named "first" and "second" and the content of dav_svn.authz is: [first:/] doe = rw * = r [second:/] doe = rw grig = rw * = r When I'm trying to checkout the second with user doe, I get this in error_log: user doe: authentication failure for "/svn/second": Password Mismatch In order to understand what can be the problem I would like to better understand how the AuthzSVNAccessFile is supposed to work.

Read the article
Postfix/dovecot remove LDAP user

- by dove221

I have to remove or blacklist an LDAP/dovecot user. The authentication is setup from active directory what I cannot manage so I thought there should be a way at least to disable this specific user on the mailserver locally. # Virtual Accoutns - LDAP - MS AD virtual_mailbox_maps = ldap:/etc/postfix/ldap_mailbox_maps.cf virtual_alias_maps = ldap:/etc/postfix/ldap_alias_maps_redirect_true.cf ldap:/etc/postfix/ldap_alias_maps_redirect_false.cf ldap:/etc/postfix/ldap_mailbox _groups.cf virtual_mailbox_domains = domain.com virtual_uid_maps = static:1000 virtual_gid_maps = static:1000 virtual_transport = dovecot dovecot_destination_recipient_limit = 1 Anybody knows how to do it? I followed this guide for disabling 1 user through postfixes access file: http://www.cyberciti.biz/faq/howto-blacklist-reject-sender-email-address/ Unfortunately it doesn't work. It's like the settings stored in LDAP are overruling the access rule. Instead of postfix rejecting the mail it keeps accepting it. Thanks!

Read the article
Windows 2008 Domain Controller - Backup (BDC) to Primary (PDC)

- by Klaptrap

I have created a new domain controller with my single domain forest. I have also made it DHCP and DNS ready - all 3 services have synchronised with the existing W2K8 domain controller. I even migrated the FSMO roles and thought everything was fine. Indeed all machines on network appear to obtain DHCP and DNS from new server and the AD is working on the new server as my internal website uses it for login authentication. I have just noticed, via BgInfo - Sys Internals - that the new server is showing as "backup" and the old as "primary" - I thought I had already achieved this. Have the FSMO roles swapped back - as I have yet to have removed the old server from AD (dcpromo). Do I need to do anything before I run dcpromo on the old server? Any thoughts appreciated....

Read the article
Can you specify git-shell in .ssh/authorized_keys to restrict access to only git commands via ssh?

- by Matt Connolly

I'd like to be able to use a ssh key for authentication, but still restrict the commands that can be executed over the ssh tunnel. With Subversion, I've achieved this by using a .ssh/authorized_keys file like: command="/usr/local/bin/svnserve -t --tunnel-user matt -r /path/to/repository",no-port-forwarding,no-agent-forwarding,no-X11-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAABIetc... I've tried this with "/usr/bin/git-shell" in the command, but I just get the funky old fatal: What do you think I am? A shell? error message.

Read the article
concrete uses of LDAP?

- by ajsie

im new to LDAP. i wonder what are some concrete examples of using LDAP. things that are MUCH more easier to do when you got 3-7 linux computers in a small company network. one use that is very important for me seems to be that you configure LDAP to handle system authentication. then you dont have to create same accounts in all computers. are there other things that are a MUST DO for a small network to save more time? my small network is for apache servers and database servers. and should LDAP be in an own machine? cause i guess its not good to put it in apache or database servers since these are performance dependent.

Read the article
connect to a headless virtualbox instance in Linux?

- by 130490868091234

I've started a headless virtualbox instance with this command: VBoxManage startvm "Ensembl67VirtualMachine" --type headless Waiting for VM "Ensembl67VirtualMachine" to power on... VM "Ensembl67VirtualMachine" has been successfully started. It is set up with Remote Desktop Server Port:5555 with Authentication Method: Null and Extended Features: Allow Multiple Connections and it's now running, but I don't know how to connect to it from the same laptop where it's running. I would like to be able to have it running on a terminal. I tried this but nothing happens: rdesktop localhost:5555 ERROR: localhost: unable to connect rdesktop 192.168.1.1:5555 Any ideas?

Read the article
How to synchronize users, passwords, hosts, etc without NIS

- by joshxdr

I am administering a very small solaris 2.6 network with 4 boxes total. Is it possible to use scp or similar to replace NIS for synchronizing users, groups, hosts, etc? This network is only a small part of my job and I don't want to spend too much time on it, and I am worried the setup and maintenence of NIS will not pay off. I need it to behave like a proper multi-user system, when a user logs into any machine, the users, passwords, hosts, etc. are always the same. Is there an easy way to do this with scp? Right now I copy /etc/passwd from one box to another with scp, but sometimes I make mistakes or forget a step, and scp inside of shell scripts don't seem to works so well since they require password authentication. Any recommendations would be welcome.

Read the article

< Previous Page | 163 164 165 166 167 168 169 170 171 172 173 174 | Next Page >