Search Results

Search found 1265 results on 51 pages for 'eric leroy'.

Page 19/51 | < Previous Page | 15 16 17 18 19 20 21 22 23 24 25 26  | Next Page >

  • Group policy applied to AD OU attributes

    - by Eric Smith
    I'm not well-versed in AD, so would like to resolve a question I have with regards to AD information. I understand that it is possible to apply group policy to OU's, thereby restricting access. What I'd like to know is, is it possible to do the same with OU attributes. Some context would help. There's a requirement to store address information in AD (IMO, a natural fit), but for various reasons, although obviously things like name should be globally accessible, access restrictions are desired on the address. In this case, is it possible to apply security to the address portion of the OU attributes, or does each address have to be broken into a separate OU (a solution that feels smelly given that address doesn't have identity)?

    Read the article

  • Get OWA and ActiveSync working on server using HTTP redirect in IIS 7

    - by eric
    We have two servers on our LAN. One is a Windows 2003 Server domain controller running Exchange 2003. The other is a stand-alone Windows 2008 server running IIS 7. Our company website runs on the IIS 7 (2008) server, so the firewall forwards port 80 to this. How can I get OWA and ActiveSync to work with this setup? And without using SSL. I have tried setting up a website on the IIS 7 box (mail.ourdomain.com) and using HTTP redirect to point to http://mailserver/exchange, but this doesn't work. Do we have to purchase an SSL certificate for this to work?

    Read the article

  • Unattended Kickstart Install

    - by Eric
    I've looked around quite a bit and have seen similar setup and questions, but none seem to work for me. I'm using the following command to create a custom ISO: /usr/bin/livecd-creator --config=/usr/share/livecd-tools/test.ks --fslabel=TestAppliance --cache=/var/cache/live This works great and it creates the ISO with all of the packages and configs I want on it. My issue is that I want the install to be unattended. However, every time I start the CD, it asks for all of the info such as keyboard, time zone, root password, etc. These are my basic settings I have in my kickstart script prior to the packages section. cdrom install autopart autostep xconfig --startxonboot rootpw testpassword lang en_US.UTF-8 keyboard us timezone --utc America/New_York auth --useshadow --enablemd5 selinux --disabled services --enabled=iptables,rsyslog,sshd,ntpd,NetworkManager,network --disabled=sendmail,cups,firstboot,ip6tables clearpart --all So after looking around, I was told that I need to modify my isolinux.cfg file to either do "ks=http://X.X.X.X/location/to/test.ks" or "ks=cdrom:/test.ks". I've tried both methods and it still forces me to go through the install process. When I tail the apache logs on the server, I see that the ISO never even tries to get the file. Below are the exact syntax I'm trying on my isolinux.cfg file. label http menu label HTTP kernel vmlinuz0 append initrd=initrd0.img ks=http://192.168.56.101/files/test.ks ksdevice=eth0 label localks menu label LocalKS kernel vmlinuz0 append initrd=initrd0.img ks=cdrom:/test.ks label install0 menu label Install kernel vmlinuz0 append initrd=initrd0.img root=live:CDLABEL=PerimeterAppliance rootfstype=auto ro liveimg liveinst noswap rd_NO_LUKS rd_NO_MD rd_NO_DM menu default EOF_boot_menu The first 2 give me a "dracut: fatal: no or empty root=" error until I give it a root= option and then it just skips the kickstart completely. The last one is my default option that works fine, but just requires a lot of user input. Any help would be greatly appreciated.

    Read the article

  • SQL Server Offsite Backups

    - by Eric Maibach
    We have about !TB of SQL Server databases, and these databases generate about 200GB of data changes each day. Up to this point we have been doing Weekly full backups, daily diff backups, and hourly transaction log backups. The full and diff backups are backed up to tape and taken offsite each day. We have been trying to move away from tapes, and our IT department purchased a Barracuda Backup device that backups up data and then sends it offsite using our internet connection. I have been trying to get this to work for our SQL Server backups, and have ran into a number of problems. I normally like to just use SQL Server to perform backups instead of trying to use a agent, so that is what I tried first. However the Barracuda device was not able to dedup these files very well, so it ended up being to much data to try to send offsite and to archive. I then tried installing the Barracuda agent and using it to backup the SQL Server databases. However the problem I am having there is that on some of the database servers I also have files that need backed up, and I cannot find a way to create seperate backup schedules for the file backups and the SQL Server backups. Barracuda only does full or transaction log backups. So if I want to do hourly transaction log backups I end up doing a file system backup every hour (which is not good), or if I only schedule the backups to run once a night I either have to do a full backup every night, or only do a transaction backup once a day. None of these scenarios are good options. My question is, how is everyone else getting their large SQL Server database backups offsite. Are you just using tape, or have you found a offsite backup device that works well? Is anybody else using Barracuda to backup their SQL Server databases? If you do, then how do you have it setup?

    Read the article

  • Dynamic DNS registration for VPN clients

    - by Eric Falsken
    I've got a VPN server set up in my Active Directory on a remote network. (VPN Server is separate box from DNS/AD) When I dial into the network (client machine is not a member of the AD) the machine does not register its IP or Hostname in the DNS. I've played with all possible combinations of DHCP and RRAS-allocated IP pools, and none of them seem to cause my client to register. Is it because my client has to be a member of the domain? Are there some security settins I can tweak so that it can register its hostname/ip? I've looked in the event logs (System and Security) for the AD, DNS, DHCP, RRAS, and the client machine, and don't see anything relating to DNS Registration. Here's the IPConfig on the client machine (once connected): PPP adapter My VPN Name: Connection-specific DNS Suffix . : mydomain.local Description . . . . . . . . . . . : My VPN Name Physical Address. . . . . . . . . : DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv4 Address. . . . . . . . . . . : 192.168.1.22(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.255 Default Gateway . . . . . . . . . : DNS Servers . . . . . . . . . . . : 192.168.1.52 <- DC1 192.168.1.53 <- DC2 NetBIOS over Tcpip. . . . . . . . : Enabled

    Read the article

  • SQL Server Transaction Log RAID

    - by Eric Maibach
    We have three SQL Server servers, and each server has a about five or six databases on it. We are in the process of moving these servers to a new SAN and I am working on the best RAID configuration. Currently all of the log files for all of the databases share a RAID array, there is nothing else on this RAID array except for the log files, but all of the databases use this same array for their log files. I have read that it is best to have log files on separate disks. But in our case I am not sure whether it would be best to have one big array with about 8 drives that all the log files are on. Or would it be better to create four two disk arrays and give some of the larger databases their own dedicated disks for their log files?

    Read the article

  • On OS X, what is pubsubagent and why does it connect so many places?

    - by Eric
    I use Little Snitch to monitor network connections on OS X, and I frequently see attempts by something called pubsubagent to connect to many varying sites. What is this program for and why does it use so many connections? According to this article it's used by .me sync to synchronize RSS feeds and bookmarks. But I don't have any RSS feeds. And if it's synching bookmarks, then why is it going to places like 'l.google.com' (and many more random ones) instead of just to .me?

    Read the article

  • What is IPKVM and why would I need that to install SQL Server on my Web Server?

    - by Eric
    Hello. I have a dedicated server, and will be installing SQL Server. However, my hosting company said they can connect an external CD ROM drive and give me KVM over IP to install SQL Server. My question is, what is IPKVM, and how does it work? Do I need special hardware or software on my side to use it....or do I just connect via remote desktop? Also, why can't I remote into my server through remote desktop instead of using KVM over IP?

    Read the article

  • Postfix / Dovecot and Email Retrieval

    - by Eric J.
    I have setup Postfix and Dovecot on an Ubuntu box following the instructions http://www.exratione.com/2012/05/a-mailserver-on-ubuntu-1204-postfix-dovecot-mysql/ I can see that email is being delivered to and accepted by the server, but the email is not available for retrieval via POP3. What could be missing in my configuraton? It seems that email is not being properly handed off to Dovecot. Here are what I believe are the relevant /var/log/mail.log entries for an attempt to send email from another domain (hosted by Gmail) to the domain I have setup: Logged during SMTP connection postfix/smtpd[14689]: connect from mail-vb0-f50.google.com[209.85.212.50] postfix/smtpd[14689]: Anonymous TLS connection established from mail-vb0-f50.google.com[209.85.212.50]: TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits) postfix/smtpd[14689]: 5782740ACF: client=mail-vb0-f50.google.com[209.85.212.50] postfix/cleanup[14696]: 5782740ACF: message-id=<CAEjmKcjHnTY4yk=3QXoNrD76=04g-s9utPguTFB02Fx53GMPmw@mail.gmail.com> postfix/qmgr[14687]: 5782740ACF: from=<[email protected]>, size=1947, nrcpt=1 (queue active) postfix/smtpd[14702]: connect from mail.destinationdomain.com[127.0.0.1] postfix/smtpd[14702]: 2940A41AA9: client=mail.destinationdomain.com[127.0.0.1] postfix/cleanup[14696]: 2940A41AA9: message-id=<CAEjmKcjHnTY4yk=3QXoNrD76=04g-s9utPguTFB02Fx53GMPmw@mail.gmail.com> postfix/qmgr[14687]: 2940A41AA9: from=<[email protected]>, size=2450, nrcpt=1 (queue active) amavis[21309]: (21309-02) Passed CLEAN, [209.85.212.50] <[email protected]> -> <[email protected]>, Message-ID: <CAEjmKcjHnTY4yk=3QXoNrD76=04g-s9utPguTFB02Fx53GMPmw@mail.gmail.com>, mail_id: W52ZB8FAAA+8, Hits: -0.101, size: 1946, queued_as: 2940A41AA9, [email protected], 784 ms postfix/smtpd[14702]: disconnect from mail.destinationdomain.com[127.0.0.1] postfix/smtp[14698]: 5782740ACF: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=1.1, delays=0.29/0.01/0/0.79, dsn=2.0.0, status=sent (250 2.0.0 from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 2940A41AA9) postfix/qmgr[14687]: 5782740ACF: removed dovecot: lda([email protected]): msgid=<CAEjmKcjHnTY4yk=3QXoNrD76=04g-s9utPguTFB02Fx53GMPmw@mail.gmail.com>: saved mail to INBOX postfix/pipe[14703]: 2940A41AA9: to=<[email protected]>, relay=dovecot, delay=0.08, delays=0.02/0.02/0/0.04, dsn=2.0.0, status=sent (delivered via dovecot service) postfix/qmgr[14687]: 2940A41AA9: removed Logged during POP3 retrieval attempts dovecot: pop3-login: Login: user=<[email protected]>, method=PLAIN, rip=209.85.220.135, lip=10.195.83.10, mpid=14706 dovecot: pop3([email protected]): Disconnected: Logged out top=0/0, retr=1/2557, del=1/1, size=2540 postfix/smtpd[14689]: disconnect from mail-vb0-f50.google.com[209.85.212.50] dovecot: pop3-login: Login: user=<[email protected]>, method=PLAIN, rip=209.85.212.31, lip=10.195.83.10, mpid=14708 dovecot: pop3([email protected]): Disconnected: Logged out top=0/0, retr=0/0, del=0/0, size=0

    Read the article

  • Ubuntu Software RAID 0 on AWS Does Not Survive Reboot

    - by Eric J.
    I'm experimenting with creating a software RAID 0 device from 4 EBS volumes on Ubuntu 9.10 running at Amazon AWS following this guide: http://alestic.com/2009/06/ec2-ebs-raid The device appears (and according to SysBench is 3.5x faster than a regular attached EBS volume). Problem is, when I reboot the instance, all files on the RAID device are gone. The device is available and mounted where expected, but contains no files. I am able to write new files to it, which survive until the next reboot.

    Read the article

  • How do I protect large file downloads through PHP and/or Apache?

    - by Eric
    We have some large files (1-8GB) that are not publicly accessible. Currently we're serving them up through a PHP script that buffers the files in 1MB chunks and writes it to the output. It's incredibly CPU intensive and slows the server down when only a few downloads are active. We want to move the file transfer work to Apache or a more efficient method. We are using cookie authentication. FTP downloads are out unless there's some way to authenticate FTP sessions through the existing PHP session cookie. Ideally we'd like something where we can use PHP to hide the link to the file while it passes off the file transfer work to Apache, which is no doubt far more efficient at HTTP file transfers than PHP. We want to be able to resume downloads as well. Any help is appreciated.

    Read the article

  • Additional Security Measures for Syslog over SSH

    - by Eric
    I'm currently working on setting up some secure syslog connections between a few Fedora servers. This is my currently setup 192.168.56.110 (syslog-server) <---- 192.168.57.110 (syslog-agent) From the agent, I am running this command: ssh -fnNTx -L 1514:127.0.0.1:514 [email protected] This works just fine. I have rsyslog on the syslog-agent pointing to @@127.0.0.1:1514 and it forwards everything to the server correctly on port 514 via the tunnel. My issue is, I want to be able to lock this down. I am going to use ssh keys so this is automated because there will be multiple agents talking to the server. Here are my concerns. Someone getting on the syslog-agent and logging into the server directly. I have taken care of this by ensuring that syslog_user has a shell of /sbin/nologin so that user can't get a shell at all. I don't want someone to be able to tunnel another port over ssh. Ex. - 6666:127.0.0.1:21. I know my first line of defense against this is to just not have anything listening on those ports and it's not an issue. However I want to be able to lock this down somehow. Are there any sshd_config settings on the server that I can use to make it where only port 514 can be tunneled over ssh? Are there any other major security concerns I'm overlooking at this point? Thanks in advance for your help/comments.

    Read the article

  • SSL to SSL Redirects in IIS - Possible?

    - by Eric
    We have a situation where we would like to redirect https://service1.domain.com to https://service2.domain.com. I know this is very simple with http endpoints, but I'm not too sure about https. We have some legacy windows application web service clients that will not be updating their software version soon, and we cannot update their web references to https://service2.domain.com. Is there any way to leave these web service clients pointing to https://service1.domain.com, but have their requests forwarded to (and responded to by) https://service2.comain.com? The old server is running IIS 6.0. The new server is running IIS 7.0. We could probably upgrade it to 7.5 if needed, but I'm not certain. We could also probably make a seamless transition of the old web service to a new server using public DNS, but we cannot change the DNS name of "service1.domain.com." Thanks ServerFault!

    Read the article

  • One PC, 4 iOS Devices, 4 iCloud Accounts?

    - by Eric J.
    I have one PC running iTunes, my iPhone, and one iPod for each of three kids. Ideally I would like the iPhone to use my iCloud account and each iPod to use an iCloud account specific to each kid. According to Apple: You can ... use one Apple ID for iCloud services and another Apple ID for store purchases However, the method described Enter the Apple ID you want to use for iCloud in Control Panel Network and Internet iCloud. Enter the Apple ID you want to use for Store purchases (including iTunes in the Cloud and iTunes Match) in iTunes iTunes Store. would require that all iOS devices share the same iCloud account if they use iTunes on the same PC. Short of having one PC per family member, is there a method to use different iCloud accounts on each iOS device?

    Read the article

  • Using fedora 17 commandline 'mail' program cannot send to hotmail

    - by Eric Leschinski
    I am trying to use the console in Fedora 17 to send an automated email to myself. I run this: echo "email content" | mail -s "blah" [email protected] It works fine, google treats it as a spam email, but when you mark it not spam everything is cool. For Hotmail there are policies to prevent the email from being sent. I do this: echo "email content" | mail -s "blah" [email protected] And the email returns as undeliverable, the email does not even appear in the spam folder and I get this as a response: ----- Transcript of session follows ----- ... while talking to mx3.hotmail.com.: >>> MAIL From:<[email protected]> SIZE=685 <<< 550 DY-001 (BAY0-MC3-F8) Unfortunately, messages from 184.90.101.28 weren't sent. Please contact your +Internet service provider. You can tell them that Hotmail does not relay dynamically-assigned IP ranges. +You can also refer your provider to http://mail.live.com/mail/troubleshooting.aspx#errors. 554 5.0.0 Service unavailable So apparently hotmail doesn't like spammers so much, they they are blocking anything with a dynamically assigned IP range. Google does not do this. What is the easiest way to just get around this and send an email to hotmail and end up in their spam folder to be unblocked later by the user?

    Read the article

  • Outlook Signature Broken in Entourage

    - by Eric J.
    Some of our company uses Windows with Outlook 2010, and the rest use Mac with Entourage. When our standard signature line is included in an email that goes to Entourage, the result does not display correctly. It appears that Entourage is mangling the HTML. My working theory is that Entourage encounters inline CSS styles it does not know about and stops processing styles, but I'm really not sure. Question: How can I enter a signature into Outlook 2010 that will render correctly in Entourage? For example, can I specify somehow the exact HTML to use? Here's an example of how the HTML is being changed. Original on Outlook, as received by another Outlook client: <span style='font-size:9.0pt;font-family:"Century Gothic","sans-serif"; color:#1785C5'>My Company<br> </span></b><span class=apple-style-span><span style='font-size:9.0pt; font-family:"Century Gothic","sans-serif";color:#666666'>123 Main St.</span></span><span class=apple-style-span><span style='font-size:9.0pt;font-family:"Century Gothic","sans-serif"; color:#AFAFAF'>&nbsp;</span></span><span class=apple-style-span><span style='font-size:9.0pt;font-family:"Century Gothic","sans-serif";color:#666666'>Suite 100</span></span> Note the use of spans, color #1785C5 and color #666666. Same original email, as displayed in an Entourage client: <span style='font-size:9.0pt;font-family:"Century Gothic","sans-serif"; mso-fareast-font-family:"Times New Roman"'><br> <span style='color:#656565'>My Company<br> 123 Main St Suite 100<br> </span> Note the use of br tags rather than spans, and the color #656565.

    Read the article

  • Selected wrong OS from bootloader settings and now can't do anything

    - by Eric
    I'm trying to help a friend out with an urgent issue he is having. He has two Windows 7 installations when he was starting up his computer so the bootloader menu was making him select an OS every time he restarted. One installation is functional and the other is not. He wanted to make it so that he did not have to select the correct OS every time he booted up. He chose the wrong (non-functional) operating system in the windows settings and set the time to select an operating system int he bootloader menu to 0 seconds. Now, his computer attempts to boot into a non-working operating system and he has no way of selecting the correct operating system so that he can fix his mistake. What can he do to get into the functional OS so that he can fix his mistake? Thanks so much.

    Read the article

  • Simple UPDATE query with (sometime) long query times

    - by Eric
    I run a dedicated MySQL server (2 cores, 16GB RAM) serving 100-200 requests per second. It is getting sluggish during peak traffic and I have a hard time optimizing the server. So I'm looking for some ideas now that I have done lots of Innodb fine-tuning with the "TUNING PRIMER" The query that now generates most slow queries is the following (see result from mysqldumpslow): Count: 433 Time=3.40s (1470s) Lock=0.00s (0s) Rows=0.0 (0), UPDATE user_sessions SET tid='S' WHERE idsession='S' I am very surprised to have so many long queries for such a simple query with no locking. Fyi, the table is InnoDB and has 14000 rows. It contains all active sessions on the site with approx 10 UPDATE and SELECT hits per second. Here is its structure: CREATE TABLE `user_sessions` ( `personid` mediumint(9) NOT NULL DEFAULT '0', `ip` varchar(18) COLLATE utf8_unicode_ci NOT NULL, `idsession` varchar(32) COLLATE utf8_unicode_ci NOT NULL, `datum` date NOT NULL DEFAULT '0000-00-00', `tid` time NOT NULL DEFAULT '00:00:00', `status` tinyint(4) NOT NULL DEFAULT '0', KEY `personid` (`personid`), KEY `idsession` (`idsession`), KEY `datum` (`datum`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci Any ideas?

    Read the article

  • What is the best way to remove duplicate files on web hosting's FTP server?

    - by Eric Harrison
    For some reason(Happened before I started working on this project)- my client's website has 2 duplicates of every single file. Effectively tripling the size of the site. The files look much like this: wp-comments-post.php | 3,982 bytes wp-comments-post (john smith's conflicted copy 2012-01-12).php | 3,982 bytes wp-comments-post (JohnSmith's conflicted copy 2012-01-14).php | 3,982 bytes The hosting that the website is on has no access to bash or SSH. In your opinion, what would be the easiest way to delete these duplicate files that would take the least time?

    Read the article

  • Selecting Interface for SSH Port Forwarding

    - by Eric Pruitt
    I have a server that we'll call hub-server.tld with three IP addresses 100.200.130.121, 100.200.130.122, and 100.200.130.123. I have three different machines that are behind a firewall, but I want to use SSH to port forward one machine to each IP address. For example: machine-one should listen for SSH on port 22 on 100.200.130.121, while machine-two should do the same on 100.200.130.122, and so on for different services on ports that may be the same across all of the machines. The SSH man page has -R [bind_address:]port:host:hostport listed I have gateway ports enabled, but when using -R with a specific IP address, server still listens on the port across all interfaces: machine-one: # ssh -NR 100.200.130.121:22:localhost:22 [email protected] hub-server.tld (Listens for SSH on port 2222): # netstat -tan | grep LISTEN tcp 0 0 100.200.130.121:2222 0.0.0.0:* LISTEN tcp 0 0 :::22 :::* LISTEN tcp 0 0 :::80 :::* LISTEN Is there a way to make SSH forward only connections on a specific IP address to machine-one so I can listen to port 22 on the other IP addresses at the same time, or will I have to do something with iptables? Here are all the lines in my ssh config that are not comments / defaults: Port 2222 Protocol 2 SyslogFacility AUTHPRIV PasswordAuthentication yes ChallengeResponseAuthentication no GSSAPIAuthentication no GSSAPICleanupCredentials no UsePAM yes AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT AcceptEnv LC_IDENTIFICATION LC_ALL AllowTcpForwarding yes GatewayPorts yes X11Forwarding yes ClientAliveInterval 30 ClientAliveCountMax 1000000 UseDNS no Subsystem sftp /usr/libexec/openssh/sftp-server

    Read the article

  • set internet explorer as default browser from command line

    - by eric cartman
    Is it possible to set internet explorer as default browser from command line? I have a web application that runs only under ie but if it happens that firefox is the default one, it doesn't work. Users are in a domain environment and even though I try to launch our application from a batch in this way start "C:\Program Files\Internet Explorer\iexplore.exe" http://server_ip/home_page my app doesn't start unless I change the browser manually. Moreover I'd like to know if it's possible to set some policy on a domain to prevent that users with limited privileges could change the default browser. Thanks in advance.

    Read the article

  • Changing Text in Visio Org Chart Shape Changes Multiple Shapes' Text

    - by Eric
    I have inherited an organizational chart that was created in Visio 2003. I am updating it with Visio 2007. When changing the text in one shape, such as a person's title, multiple shapes nearby change their text to the same. For example, if I change Bob's title from Programmer to Programmer/DBA then Wendy's text will change to "Bob - Programmer/DBA". Some changes update three or four other boxes. Some changes will only update one box. My thought is the originator copied or duplicated the one box to create multiple boxes and it created some type of link between them. How do I remove this link? Thanks!

    Read the article

  • Environment variables in Weblogic Managed Server with SSL nodemanager

    - by Eric Darchis
    We have a C legacy application start with JNI that requires environment variables. Not java -Djava.library.path -Dvar=foo as these are purely java. I need real environment variables. When we setup our domains, we usually use the SSH method to start the node managers. This works fine and the env variables are set properly. Recently the sysadmin has decided for a few reasons to use the SSL mode for nodemanagers. The servers start but the environment variables are not set. I checked with "pargs -e" (this is a Solaris machine) that the env variable was indeed not present from the nodemanager and for the managed server. Is SSL starting the managed server without running the .sh scripts or I am missing a parameter somewhere ?

    Read the article

  • Is there a way to prevent password expiration when user has no password?

    - by Eric DANNIELOU
    Okay, we all care about security so users should change their passwords on a regular basis (who said passwords are like underwear?). On redhat and centos (5.x and 6.x), it's possible to make every real user password expires after 45 days, and warn them 7 days before. /etc/shadow entry then looks like : testuser:$6$m8VQ7BWU$b3UBovxC5b9p2UxLxyT0QKKgG1RoOHoap2CV7HviDJ03AUvcFTqB.yiV4Dn7Rj6LgCBsJ1.obQpaLVCx5.Sx90:15588:1:45:7::: It works very well and most users often change their passwords. Some users find it convenient not to use any password but ssh public key (and I'd like to encourage them). Then after 45 days they can't log in as they forgot their password and are asked to change it. Is there a way to prevent password expiration if and only if password is disabled? Setting testuser:!!:15588:1:45:7::: in /etc/shadow did not work : testuser is asked to change his password after 45 days. Of course, setting back password expiration to 99999 days works but : It requires extra work. Security auditors might not be happy. Is there a system wide parameter that would prompt the user to change expired password only if he really has one ?

    Read the article

< Previous Page | 15 16 17 18 19 20 21 22 23 24 25 26  | Next Page >