Search Results

Search found 77 results on 4 pages for 'activedirectory'.

Page 2/4 | < Previous Page | 1 2 3 4  | Next Page >

  • Trusted Sites via GPO: <*.> gets left off

    - by HannesFostie
    As stated in the question title: one of our end users has to make use of a web application which requires her to add the website to trusted sites. By default, this is disabled, but after my colleague added the sites to the GPO pushing these in such form: *.domain.com it shows up as domain.com in her trusted sites. Has anyone encountered or even fixed this issue?

    Read the article

  • How to delete MS Message Queue from Active Directory - Error A queue with the same path name already

    - by Clarence Klopfstein
    I deleted a Public Queue from my local box this morning and then went to recreate the queue. When I go to recreate it I get the message: Error: A queue with the same path name already exists From research it appears that the queue gets replicated in the AD and sometimes it doesn't delete. So now the AD admin has to delete this for me, but they don't seem to understand. So how can I get past this error?

    Read the article

  • Set NTFS Permissions with DirectorySecurity after created Active Dirctory Groups c#

    - by maverick
    Hi I am a little confused about setting NTFS Permissions to a directory after I created Active Directory Groups (both programmatically). When I created the Active Directory Objects then I have to wait a few seconds to set the NTFS Permissions. If I have not this timeout then I get sometimes an error message that the identify (active directory groupname) could not found. Is it possible that the DirectorySecurity-Class from DirectoryInfo-Class has an different algorithm to get the idenfity from active directory objects? Because when I checking the existing of the groups in active directory with System.DirectoryServices all the objects exist suddenly after creation. Kind regards

    Read the article

  • Active Directoy LDAP - Lock User Account

    - by Germ
    What is the prefered way to lock an Active Directory account? int val = (int)directoryentry.Properties["userAccountControl"].Value; directoryentry.Properties["userAccountControl"].Value = val | 0x0010; vs. directoryentry.InvokeSet("IsAccountLocked", true); Is there a better way?

    Read the article

  • Creating a two-way Forest trust with Powershell

    - by Michel Klomp
    Here is a small Powershell script for creating a two-way forest trust. $localforest = [System.DirectoryServices.ActiveDirectory.Forest]::getCurrentForest() $strRemoteForest = ‘domain.local’ $strRemoteUser = ‘administrator’ $strRemotePassword = ‘P@ssw0rd’ $remoteContext = New-Object System.DirectoryServices.ActiveDirectory.DirectoryContext(‘Forest’, $strRemoteForest,$strRemoteUser,$strRemotePassword) $remoteForest = [System.DirectoryServices.ActiveDirectory.Forest]::getForest($remoteContext) $localForest.CreateTrustRelationship($remoteForest,’Bidirectional’)

    Read the article

  • How to use IIS as a trusted proxy for ActiveDirectory SSO?

    - by brofield
    I'm trying to add Active Directory single-sign-on support to an existing SOAP server. The server can be configured to accept a trusted reverse-proxy and use the X-Remote-User HTTP header for the authenticated user. I want to configure IIS to be the trusted proxy for this service, so that it handles all of the Active Directory authentication for the SOAP server. Basically IIS would have to accept HTTP connections on port X and URL Y, do all the authentication, and then proxy the connection to a different server (most likely the same X and Y). Unfortunately, I have no knowledge of IIS or AD (so I am trying my best to learn enough to build this solution) so please be gentle. I would assume that this is not an uncommon scenario, so is there some easy way to do this? Is this sort of functionality built into IIS or do I need to build some sort of IIS proxy program myself? Is there a better option for getting the authentication done and the X-Remote-User HTTP header set than requiring IIS?

    Read the article

  • Can I use IIS to do ActiveDirectory single-sign-on for another website?

    - by brofield
    I'm trying to add Active Directory single-sign-on support to an existing SOAP server. The server can be configured to accept a trusted reverse-proxy and use the X-Remote-User HTTP header for the authenticated user. I want to configure IIS to be the trusted proxy for this service, so that it handles all of the Active Directory authentication for the SOAP server. Basically IIS would have to accept HTTP connections on port X and URL Y, do all the authentication, and then proxy the connection to a different server (most likely the same X and Y). Unfortunately, I have no knowledge of IIS or AD (so I am trying my best to learn enough to build this solution) so please be gentle. I would assume that this is not an uncommon scenario, so is there some easy way to do this? Is this sort of functionality built into IIS or do I need to build some sort of IIS proxy program myself? Is there a better option for getting the authentication done and the X-Remote-User HTTP header set than requiring IIS? Update: For example, what I am trying to create is: [CLIENT] [IIS] [AD] [SOAP-SERVER] 1. |---------------->| 2. |<--------------->|<---------->| 3. |--------------------------->| 4. |<---------------------------| 5. |<----------------| 1. POST to http://example.com/foo/bar.cgi 2. Client is not authenticated, so do authentication 3. Once validated, send request to server (X-Remote-User: {userid}) 4. Process request, send response 5. Forward response to client I need to know how to configure IIS to do the automatic authentication of the user using AD, and then to proxy the request to the actual server, sending the userid in the X-Remote-User HTTP header.

    Read the article

  • Unit Testing using InternalsVisibleToAttribute requires compiling with /out:filename.ext?

    - by Will Marcouiller
    In my most recent question: Unit Testing Best Practice? / C# InternalsVisibleTo() attribute for VBNET 2.0 while testing?, I was asking about InternalsVisibleToAttribute. I have read the documentation on how to use it, and everything is fine and understood. However, I can't instantiate my class Groupe from my Testing project. I want to be able to instantiate my internal class in my wrapper assembly, from my testing assembly. Any help is appreciated! EDIT #1 Here's the compile-time error I get when I do try to instantiate my type: Erreur 2 'Carra.Exemples.Blocs.ActiveDirectory.Groupe' n'est pas accessible dans ce contexte, car il est 'Private'. C:\Open\Projects\Exemples\Src\Carra.Exemples.Blocs.ActiveDirectory\Carra.Exemples.Blocs.ActiveDirectory.Tests\GroupeTests.vb 9 18 Carra.Exemples.Blocs.ActiveDirectory.Tests (This says that my type is not accessible in this context, because it is private.) But it's Friend (internal)! EDIT #2 Here's a piece of code as suggested for the Groupe class implementing the Public interface IGroupe: #Region "Importations" Imports System.DirectoryServices Imports System.Runtime.CompilerServices #End Region <Assembly: InternalsVisibleTo("Carra.Exemples.Blocs.ActiveDirectory.Tests")> Friend Class Groupe Implements IGroupe #Region "Membres privés" Private _classe As String = "group" Private _domaine As String Private _membres As CustomSet(Of IUtilisateur) Private _groupeNatif As DirectoryEntry #End Region #Region "Constructeurs" Friend Sub New() _membres = New CustomSet(Of IUtilisateur)() _groupeNatif = New DirectoryEntry() End Sub Friend Sub New(ByVal domaine As String) If (String.IsNullOrEmpty(domaine)) Then Throw New ArgumentNullException() _domaine = domaine _membres = New CustomSet(Of IUtilisateur)() _groupeNatif = New DirectoryEntry(domaine) End Sub Friend Sub New(ByVal groupeNatif As DirectoryEntry) _groupeNatif = groupeNatif _domaine = _groupeNatif.Path _membres = New CustomSet(Of IUtilisateur)() End Sub #End Region And the code trying to use it: #Region "Importations" Imports NUnit.Framework Imports Carra.Exemples.Blocs.ActiveDirectory.Tests #End Region <TestFixture()> _ Public Class GroupeTests <Test()> _ Public Sub CreerDefaut() Dim g As Groupe = New Groupe() Assert.IsNotNull(g) Assert.IsInstanceOf(Groupe, g) End Sub End Class EDIT #3 Damn! I have just noticed that I wasn't importing the assembly in my importation region. Nope, didn't solve anything =( Thanks!

    Read the article

  • How can I check a user/password combination on an ActiveDirectory without putting the password in a String?

    - by Jean Hominal
    I want to check User/Password combination on a Windows domain. Right now I do it with the following code: bool Login(String username, String password) { var principalContext = new PrincipalContext(ContextType.Domain); principalContext.ValidateCredentials(username, password); } While it works, the thing that bugs me is that I have to put the password in a String in order to use that API; as I am using a SecureString to store the password everywhere else, I would really like to use some way of checking the username / password combination without having to pass the password as a managed System.String. What would be the best way of achieving that?

    Read the article

  • Any homologue of InternalsVisibleToAttribute, but for internal classes?

    - by Will Marcouiller
    In my most recent question: Unit Testing Best Practice? / C# InternalsVisibleTo() attribute for VBNET 2.0 while testing?, I was asking about InternalsVisibleToAttribute. I have read the documentation on how to use it, and everything is fine and understood. However, I can't instantiate my class Groupe from my Testing project. I want to be able to instantiate my internal class in my wrapper assembly, from my testing assembly. Any help is appreciated! EDIT Here's the compile-time error I get when I do try to instantiate my type: Erreur 2 'Carra.Exemples.Blocs.ActiveDirectory.Groupe' n'est pas accessible dans ce contexte, car il est 'Private'. C:\Open\Projects\Exemples\Src\Carra.Exemples.Blocs.ActiveDirectory\Carra.Exemples.Blocs.ActiveDirectory.Tests\GroupeTests.vb 9 18 Carra.Exemples.Blocs.ActiveDirectory.Tests (This says that my type is not accessible in this context, because it is private.) But it's Friend (internal)!

    Read the article

  • BIP 10.1.3.4.x June 2010 Update Available

    - by Tim Dexter
    A new patchset for 10.1.3.4.0 and 10.1.3.4.1 is available on Metalink. some notes: The patch number is 9791839. This patchset includes 28 new bug fixes since the last patchset release on March 31. This is a culmulative update that includes all the fixes and enhancements from previous updates. The patch will supercede the other two updates. Install instructions are in the readme inside the patch There is also a new BIP client patch available, 9821068. No new template building features to my knowledge but there is an update to the template viewer to allow you to test and debug you siny new Excel templates. Server 8529759XMLP_TEMPLATE_DESIGNER CANNOT SAVE / UPLOAD TEMPLATE 8566455 BI PUBLISHER SCHEDULER DOES NOT START WITH JNDI DATA SOURCE 9295667RESPONSE OF GETSCHEDULEDREPORTINFO RETURNS STATUS AS 'UNKNOWN' INSTEAD OF 'SCHED 9542413 UNABLE TO CREATE A NEW TEMPLATE FROM UI 9546137 EXCEL ANALYZER TEMPLATE FAILS FOR A STRUCTURED XML WHEN IT IS UPLOADED 9556338 SIEBEL - BIP PARAMETERS SORT ORDER 9560562 BI PUBLISHER CACHE DIRECTORY FILLING UP AND POINTING TO INVALID DIRECTORY 9646599 USER ROLE DEFINED AS PRIMARYGROUP IN ACTIVEDIRECTORY GROUP ARE NOT RECOGNIZED 9664768 ER: NEED TO BIND USER ATTRIBUTE VALUES DEFINED IN ACTIVEDIRECTORY IN DATA QUERY 9665075 BI PUBLISHER AFTER 9546699 NOTIFICATIONS FOR REPORTS FAIL 9669973 ER: NEED TO SUPPORT PRE-PROCESSING XML WITH XSL FOR EXCEL TEMPLATE 9704401 ER: NEED TO SUPPORT DEFAULT GROUP FOR ALL USERS IN LDAP/AD SECURITY 9711899 SEARCH PARAMETER IS NOT VISIBLE WHEN SCHEDULE A REPORT 9753736 SOME ROLES FROM ACTIVEDIRECTORY ARE NOT LISTED IN ADMIN ROLE-FOLDER MAPPING 9771354 MULTIPLE PARAMETERS IN 10.1.3.4.1 DATA TEMPLATE ACT ACT DIFFERENTLY FROM 10.1.3. 9772982 "REFRESH OTHER PARAMETERS ON CHANGE" DOESN'T WORK PROPERLY Core  8599646 ER:EXTRA SPACE ADDED BELOW IMAGE IN A TABLE CELL OF TEMPLATE IN FIREFOX 9377593 SOME ROWS HEIGHT IN HTML/EXCEL OUTPUT ARE TOO BIG IN BI PUBLISHER 9487030 NAVIGATION TREE REPEATING TWICE IN PDF DCCUMENT CREATED BY BI PUBLISHER 9509432 PERFORMANCE ISSUE WHEN USING PDF TEMPLATE 9534424 PS: DOCUMENT-REPEAT-FULLPATH-ELEMENTNAME SHOULDNT USE DOT "." AS PATH SEPARATOR 9553360 FORMPROCESSOR CANNOT PARSE SOME PDF TEMPLATES 9554959 TEXT IN AUTOSHAPE IS NOT PROPERLY CUT OFF FOR LINE WRAPPING 9569417 AFTER APPLYING PATCH 9509432 PDF TEMPLATES WITH DBDRV PRODUCE NO OUTPUT 9571670 ER: EXCEL TEMPLATE TO SUPPORT XSLT LOGIC AND XSL CUSTOM EXTENTIONS 9589809 XSL:CALL-TEMPLATE IS MISSING IN GENERATED XSL FILE 9605920 BOOKMARK TESTCASE FAILED DUE TO ER9283933 9689634 PRINT FLOW CHART USING ACROSS 3 DOWN 0 GIVES EXTRA BLANK PAGES You might have noticed some fixes and ehancements to the Excel templates so I can get back on those now. There is a part two to the Mapviewer BIP Mashup coming ... just need aanother 4 hours in the day to squeeze it in.

    Read the article

  • How can I set up Redmine => Active Directory authentication?

    - by Chris R
    First, I'm not an AD admin on site, but my manager has asked me to try to get my personal Redmine installation to integrate with ActiveDirectory in order to test-drive it for a larger-scale rollout. Our AD server is at host:port ims.example.com:389 and I have a user IMS/me. Right now, I also have a user me in Redmine using local authentication. I have created an ActiveDirectory LDAP authentication method in RedMine with the following parameters: Host: ims.example.com Port: 389 Base DN: cn=Users,dc=ims,dc=example,dc=com On-The-Fly User Creation: YES Login: sAMAccountName Firstname: givenName Lastname: sN Email: mail Testing this connection works just fine. I have, however, not successfully authenticated with it. I've created a backup admin user so that I can get back in to the me account if I break things, and then I've tried changing me to use the ActiveDirectory credentials. However, once I do, nothing works to log in. I have tried all of these login name options: me IMS/me IMS\me I've used my known Domain password, but no joy. So, what setting do I have wrong, or what information do I need to acquire in order to make this work?

    Read the article

  • Are Windows Domain Service Accounts Really Necessary?

    - by Zach Bonham
    One of the biggest problems we have in automating application deployments is the idea that running IIS AppPools and Windows Services under domain service accounts is a 'best practice'. Unfortunately, this best practice sometimes causes deployment headaches in that either we need to provision a new domain level service account quickly, or once we have the account, we now need to manage the account credentials. I had a great conversation about not making domain level service accounts a requirement and effectively taking one of two approaches: Secure at the node level using machine account(domain\machine$) and add the node to appropriate ActiveDirectory/Sql groups/roles Create local app specific accounts on each machine (machine\myapp) and add that account to appropriate ActiveDirectory/Sql groups/roles (the password here can change per deployment, it doesn't need to be stored) In both cases, it seems that its easier to manage either adding an account to appropriate group/role, or even stand up new, local account, than it is to have to provision a new domain level account and manage those credentials. This would hopefully ease the management burden on ActiveDirectory, Sql Server and Operations teams as there would be no more password management. We've not actually been able to implement this in practice yet. I am coming from a development background, so I'm curious as to how many ways this approach could go wrong? Can we really get rid of domain level service accounts with this direction? I'd appreciate any thoughts from anyone who has taken this path! Thanks! Zach

    Read the article

  • How can I make sure one Upstart job starts before other Upstart jobs?

    - by marrusl
    This is a general Upstart question, but let me use a specific case: Centrify is an NIS to ActiveDirectory gateway. It needs to load before any service that will depend the authentication service that it provides, e.g. autofs, cron, nis, et al. This has proven to be quite challenging to achieve, even when trying to change the dependencies of the other services (which I don't think we should be doing anyway, I don't want to touch the other Upstart jobs if at all possible). Suggestions?

    Read the article

  • Windows Server 2008 (x64): Wont boot past bios page

    - by WebSolProv
    Happy New Year, Since a month or so ago I inherited responsibility for small network administration for my sins. The domain controller (yes there is only one, and yes I know it is best practice to have two even in a small domain setup) went down overnight and I have been trying all day to get it back up and running. Unfortunately this machine also administers our entire ActiveDirectory setup: 1) It goes thru the BIOS without any errors, nothing whatsoever 2) It gets into the “select safe mode, safe mode with networking, normal” etc and if you select either of the safe mode options it loads a few files then reboots. If you select normal it just runs for a bit (doesn’t get to the windows splash screen) and then reboots again. 3) If you select windows repair, it asks for an image to repair too: however it would appear that none was taken that can be used (!!) or one is not being shown. 4) I have tried repairing the boot sector and the boot configuration using Bootrec.exe, both which it says were completed successfully but still it doesn’t work. 5) I have tried swapping the drives into another server to rule out hardware and that didn’t work either so clearly it’s the OS. 6) I have tried running chkdsk which ran fine, and also memory check which was also fine. We do have another machine on the network that was installed as a DC so when we decommission the current infrastructure but when I try and "promote" this to the lead DC then I get “you cannot modify domain or trust information because a PDC emulator cannot be contacted" so I am unable to replicare the ActiveDirectory details. If anyone can think of any direction I should follow it would be greatly appreciated, Thanks, Alex

    Read the article

  • Unable to run WCAT against DotNetNuke with NTLM authentication

    - by David Neale
    I have a ubr file setup to stress test an internal DotNetNuke site with WCAT: transaction { id = "Intranet Home Page"; weight = 1000; cookies{clear = true;} sleep{delay = rand("1","500");} request { url = "/"; statuscode = 401; } request { url = "/"; authentication = ntlm; username = "mydomain\\accountname"; password = "password"; statuscode = 200; } close{ method = reset;} } When running this (wcat.wsf -run -clients localhost -s myserver -t test.ubr -f settings.ubr -x) I simply get lots of error 500s: 2010-03-08 10:29:31 192.168.11.239 GET / - 80 - 192.168.52.139 - 401 2 2148074254 2010-03-08 10:29:31 192.168.11.239 GET / - 80 - 192.168.52.139 - 401 1 0 2010-03-08 10:29:31 192.168.11.239 GET /Default.aspx - 80 mydomain\myaccount 192.168.52.139 - 500 0 0 DNN is reporting these errors as: AssemblyVersion: 5.2.3 PortalID: 0 PortalName: My Company UserID: -1 UserName: ActiveTabID: 39 ActiveTabName: Home RawURL: /Default.aspx AbsoluteURL: /Default.aspx AbsoluteURLReferrer: UserAgent: DefaultDataProvider: DotNetNuke.Data.SqlDataProvider, DotNetNuke.SqlDataProvider ExceptionGUID: 28d8821f-1ef2-41db-8a65-d33e97a69130 InnerException: *Unhandled Error:* FileName: FileLineNumber: 0 FileColumnNumber: 0 Method: DotNetNuke.Authentication.ActiveDirectory.HttpModules.AuthenticationModule.OnAuthenticateRequest StackTrace: Message: System.Exception: Unhandled Error: --- System.NullReferenceException: Object reference not set to an instance of an object. at DotNetNuke.Authentication.ActiveDirectory.HttpModules.AuthenticationModule.OnAuthenticateRequest(Object s, EventArgs e) at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) --- End of inner exception stack trace --- Source: Server Name: MYSERVER It seems to be losing the username somehow.

    Read the article

  • How to explore the local active directory ?

    - by Quandary
    Question: On Windows7, how can I explore the local active directory ? I mean getting all directory entries I would see when I execute this code: Dim AD As New System.DirectoryServices.DirectoryEntry("WinNT://" + Environment.MachineName & ",computer") I have found a systernals tool, called activedirectory explorer, (http://technet.microsoft.com/en-us/sysinternals/bb963907.aspx) and I run it as complete administrator (root), but it always says "server not working/running". But the server obviously works, since I can query it from .net... and it's definitely local, since I plugged the network connection

    Read the article

  • Cisco ASA: Allowing and Denying VPN Access based on membership to an AD group

    - by milkandtang
    I have a Cisco ASA 5505 connecting to an Active Directory server for VPN authentication. Usually we'd restrict this to a particular OU, but in this case users which need access are spread across multiple OUs. So, I'd like to use a group to specify which users have remote access. I've created the group and added the users, but I'm having trouble figuring out how to deny users which aren't in that group. Right now, if someone connects they get assigned the correct group policy "companynamera" if they are in that group, so the LDAP mapping is working. However, users who are not in that group still authenticate fine, and their group policy becomes the LDAP path of their first group, i.e. CN=Domain Users,CN=Users,DC=example,DC=com, and then are still allowed access. How do I add a filter so that I can map everything that isn't "companynamera" to no access? Config I'm using (with some stuff such as ACLs and mappings removed, since they are just noise here): gateway# show run : Saved : ASA Version 8.2(1) ! hostname gateway domain-name corp.company-name.com enable password gDZcqZ.aUC9ML0jK encrypted passwd gDZcqZ.aUC9ML0jK encrypted names name 192.168.0.2 dc5 description FTP Server name 192.168.0.5 dc2 description Everything server name 192.168.0.6 dc4 description File Server name 192.168.0.7 ts1 description Light Use Terminal Server name 192.168.0.8 ts2 description Heavy Use Terminal Server name 4.4.4.82 primary-frontier name 5.5.5.26 primary-eschelon name 172.21.18.5 dmz1 description Kerio Mail Server and FTP Server name 4.4.4.84 ts-frontier name 4.4.4.85 vpn-frontier name 5.5.5.28 ts-eschelon name 5.5.5.29 vpn-eschelon name 5.5.5.27 email-eschelon name 4.4.4.83 guest-frontier name 4.4.4.86 email-frontier dns-guard ! interface Vlan1 nameif inside security-level 100 ip address 192.168.0.254 255.255.255.0 ! interface Vlan2 description Frontier FiOS nameif outside security-level 0 ip address primary-frontier 255.255.255.0 ! interface Vlan3 description Eschelon T1 nameif backup security-level 0 ip address primary-eschelon 255.255.255.248 ! interface Vlan4 nameif dmz security-level 50 ip address 172.21.18.254 255.255.255.0 ! interface Vlan5 nameif guest security-level 25 ip address 172.21.19.254 255.255.255.0 ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 switchport access vlan 3 ! interface Ethernet0/2 switchport access vlan 4 ! interface Ethernet0/3 switchport access vlan 5 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! ftp mode passive clock timezone PST -8 clock summer-time PDT recurring dns domain-lookup inside dns server-group DefaultDNS name-server dc2 domain-name corp.company-name.com same-security-traffic permit intra-interface access-list companyname_splitTunnelAcl standard permit 192.168.0.0 255.255.255.0 access-list companyname_splitTunnelAcl standard permit 172.21.18.0 255.255.255.0 access-list inside_nat0_outbound extended permit ip any 172.21.20.0 255.255.255.0 access-list inside_nat0_outbound extended permit ip any 172.21.18.0 255.255.255.0 access-list bypassingnat_dmz extended permit ip 172.21.18.0 255.255.255.0 192.168.0.0 255.255.255.0 pager lines 24 logging enable logging buffer-size 12288 logging buffered warnings logging asdm notifications mtu inside 1500 mtu outside 1500 mtu backup 1500 mtu dmz 1500 mtu guest 1500 ip local pool VPNpool 172.21.20.50-172.21.20.59 mask 255.255.255.0 no failover icmp unreachable rate-limit 1 burst-size 1 no asdm history enable arp timeout 14400 global (outside) 1 interface global (outside) 2 email-frontier global (outside) 3 guest-frontier global (backup) 1 interface global (dmz) 1 interface nat (inside) 0 access-list inside_nat0_outbound nat (inside) 2 dc5 255.255.255.255 nat (inside) 1 192.168.0.0 255.255.255.0 nat (dmz) 0 access-list bypassingnat_dmz nat (dmz) 2 dmz1 255.255.255.255 nat (dmz) 1 172.21.18.0 255.255.255.0 access-group outside_access_in in interface outside access-group dmz_access_in in interface dmz route outside 0.0.0.0 0.0.0.0 4.4.4.1 1 track 1 route backup 0.0.0.0 0.0.0.0 5.5.5.25 254 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 ldap attribute-map RemoteAccessMap map-name memberOf IETF-Radius-Class map-value memberOf CN=RemoteAccess,CN=Users,DC=corp,DC=company-name,DC=com companynamera dynamic-access-policy-record DfltAccessPolicy aaa-server ActiveDirectory protocol ldap aaa-server ActiveDirectory (inside) host dc2 ldap-base-dn dc=corp,dc=company-name,dc=com ldap-scope subtree ldap-login-password * ldap-login-dn cn=administrator,ou=Admins,dc=corp,dc=company-name,dc=com server-type microsoft aaa-server ADRemoteAccess protocol ldap aaa-server ADRemoteAccess (inside) host dc2 ldap-base-dn dc=corp,dc=company-name,dc=com ldap-scope subtree ldap-login-password * ldap-login-dn cn=administrator,ou=Admins,dc=corp,dc=company-name,dc=com server-type microsoft ldap-attribute-map RemoteAccessMap aaa authentication enable console LOCAL aaa authentication ssh console LOCAL http server enable http 192.168.0.0 255.255.255.0 inside no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart sla monitor 123 type echo protocol ipIcmpEcho 4.4.4.1 interface outside num-packets 3 frequency 10 sla monitor schedule 123 life forever start-time now crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 crypto dynamic-map outside_dyn_map 20 set pfs crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map crypto map outside_map interface outside crypto isakmp enable outside crypto isakmp policy 10 authentication pre-share encryption 3des hash sha group 2 lifetime 86400 ! track 1 rtr 123 reachability telnet timeout 5 ssh 192.168.0.0 255.255.255.0 inside ssh timeout 5 ssh version 2 console timeout 0 management-access inside dhcpd auto_config outside ! threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept webvpn group-policy companynamera internal group-policy companynamera attributes wins-server value 192.168.0.5 dns-server value 192.168.0.5 vpn-tunnel-protocol IPSec password-storage enable split-tunnel-policy tunnelspecified split-tunnel-network-list value companyname_splitTunnelAcl default-domain value corp.company-name.com split-dns value corp.company-name.com group-policy companyname internal group-policy companyname attributes wins-server value 192.168.0.5 dns-server value 192.168.0.5 vpn-tunnel-protocol IPSec password-storage enable split-tunnel-policy tunnelspecified split-tunnel-network-list value companyname_splitTunnelAcl default-domain value corp.company-name.com split-dns value corp.company-name.com username admin password IhpSqtN210ZsNaH. encrypted privilege 15 tunnel-group companyname type remote-access tunnel-group companyname general-attributes address-pool VPNpool authentication-server-group ActiveDirectory LOCAL default-group-policy companyname tunnel-group companyname ipsec-attributes pre-shared-key * tunnel-group companynamera type remote-access tunnel-group companynamera general-attributes address-pool VPNpool authentication-server-group ADRemoteAccess LOCAL default-group-policy companynamera tunnel-group companynamera ipsec-attributes pre-shared-key * ! class-map type inspect ftp match-all ftp-inspection-map class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect ftp ftp-inspection-map parameters class ftp-inspection-map policy-map type inspect dns migrated_dns_map_1 parameters message-length maximum 512 policy-map global_policy class inspection_default inspect dns migrated_dns_map_1 inspect ftp inspect h323 h225 inspect h323 ras inspect http inspect ils inspect netbios inspect rsh inspect rtsp inspect skinny inspect sqlnet inspect sunrpc inspect tftp inspect sip inspect xdmcp inspect icmp inspect icmp error inspect esmtp inspect pptp ! service-policy global_policy global prompt hostname context Cryptochecksum:487525494a81c8176046fec475d17efe : end gateway# Thanks so much!

    Read the article

  • Querying Domain Controller objects using Powershell

    - by Neobyte
    Could someone explain to me why this does not work? Import-Module ActiveDirectory $dcs = Get-ADComputer -Filter {DistinguishedName -Like "*Domain Controllers*"} I get no results for this query. Alternatively, could someone suggest a way using the module above that I can generate a list of systems on my domain that are NOT Domain Controllers (which is what I'm eventually trying to achieve). Cheers

    Read the article

  • Using Java for 'nslookup -type=srv'

    - by user321524
    Hi: Is there a way in Java to do a Nslookup search on SRV records? I need to bind to Active Directory and would like to use the SRV records to help determine which of the ADs in the cluster are live. In command line the nslookup search string is: 'nslookup -type=srv _ ldap._tcp.ActiveDirectory domain name' Thanks.

    Read the article

< Previous Page | 1 2 3 4  | Next Page >