Search Results

Search found 13344 results on 534 pages for 'anonymous inner classes'.

Page 203/534 | < Previous Page | 199 200 201 202 203 204 205 206 207 208 209 210  | Next Page >

• Admin access when forms authentication on sharepoint

  - by user33760

  Hi everyone, I'm fairly new to Sharepoint, i'm catching up fast (reading + experimenting) but i can't seem to get around this.... I have a web application with its respective site collection and sites, i have anonymous access allowed for all the sites with forms authentication. Everything is working fine but i don't know how to login with the administrator account from the internet. With Windows auth you have the "login" link and you just have to use your admin credentials, how can i do that with forms auth?? Any help will be highly appreciated. Thanks in advance.

  Read the article

• can't login to new install of SQL 2008 x64 via SSMS

  - by tpcolson

  I have performed a fresh install of SQL 2008 x64 on a fresh install of Server 2008 R2 x64 in an AD environment. Upon install completion, I cannot login to the SQL Instance via SSMS, with the following error: Login failed for user domain\user. Reason: Token-based server access validation failed with an infrastructure error. Check for previous errors. [CLIENT: ]. Background: the server is correctly joined to the AD Domain, the install was performed with defaults, windows authentication only (per organizational rules), the SQL install completes with no errors, domain\user was added as SQL Amin during setup account provisioning, I am logged into to console as domain\user when this error occurs, windows firewall is OFF, UAC is ON (an will never be turned off in accordance with organizational policy). To troubleshoot this error I have tried: Run SSMS as administrator: fail; Start SQL in single user mode, run SSMS: fail Start SQL in single user mode, run SSMS as administrator: Success Start SQL in single user mode, run SSMS as administrator, remove domain\user from sysadmin group, re-add, run SSMS: fail; Any combination and permutation of log off and log on, reboot, and chant gregorian prayers: fail; Reimage server with 2008 x64, slipstream SP2 into SQL 2008 install, all above troubleshooting steps are repeatable exactly, so I've narrowed this down to not being a SP issue; (this is NOT 2008 SQL R2) Any suggestion on how to grant management access to this fresh install of SQL 2008 via SSMS? Our organizational policy is no console access to servers, management will be done via management tools intalled on client workstations. domain\user is a group of 8 users whom will have SSMS installed on workstations. However, we can't even access SQL via SSMS from the console! We cannot deploy this in an environment where these 8 users will have to sneak into the server closet on the weekends and have console access to SQL and run SSMS as administrator. EDIT: domain\group is a replacement for the actual object; the queries indicate that domain\group does indeed have the right privelges....!?! 1> EXEC xp_logininfo 'domain\group' go account name type privilege mapped login name permission path 'domain\group' group admin 'domain\group' NULL xp_logininfo seems to show 'domain\group' in the sql admin group; 1> SELECT A.name AS 'Role', B.name AS 'Login' 3> FROM sys.server_role_members C 5> INNER JOIN sys.server_principals A ON A.principal_id = C.role_principal_id 7> INNER JOIN sys.server_principals B ON B.principal_id = C.member_principal _id 9> go Role Login sysadmin sa sysadmin NT AUTHORITY\SYSTEM sysadmin NT SERVICE\MSSQLSERVER sysadmin NT SERVICE\SQLSERVERAGENT sysadmin domain\group 1> SELECT PRINCIPAL_ID AS [Principal ID], 2> NAME AS [User], 3> TYPE_DESC AS [Type Description], 4> IS_DISABLED AS [Status] 5> FROM sys.server_principals 6> GO Principal ID User Type Description Status ------------ ------------------------------------------------------------------- ------------------------------------------------------------- ------------------ ------------------------------------------ ------ 1 sa SQL_LOGIN 1 2 public SERVER_ROLE 0 3 sysadmin SERVER_ROLE 0 4 securityadmin SERVER_ROLE 0 5 serveradmin SERVER_ROLE 0 6 setupadmin SERVER_ROLE 0 7 processadmin SERVER_ROLE 0 8 diskadmin SERVER_ROLE 0 9 dbcreator SERVER_ROLE 0 10 bulkadmin SERVER_ROLE 0 101 ##MS_SQLResourceSigningCertificate## CERTIFICATE_MAPPED _LOGIN 0 102 ##MS_SQLReplicationSigningCertificate## CERTIFICATE_MAPPED _LOGIN 0 103 ##MS_SQLAuthenticatorCertificate## CERTIFICATE_MAPPED _LOGIN 0 105 ##MS_PolicySigningCertificate## CERTIFICATE_MAPPED _LOGIN 0 257 ##MS_PolicyTsqlExecutionLogin## SQL_LOGIN 1 259 NT AUTHORITY\SYSTEM WINDOWS_LOGIN 0 260 NT SERVICE\MSSQLSERVER WINDOWS_GROUP 0 262 NT SERVICE\SQLSERVERAGENT WINDOWS_GROUP 0 263 ##MS_PolicyEventProcessingLogin## SQL_LOGIN 1 264 ##MS_AgentSigningCertificate## CERTIFICATE_MAPPED _LOGIN 0 265 domain\group WINDOWS_GROUP 0 (21 rows affected)

  Read the article

• Issue in extending webapplication sharepoint

  - by GHIYA

  I have extended a webapplication in a farm. main server vsmoss1 where i did vsmoss1 ->webapplication(80) vm.com -> extended web app(of above one)anonymous WFE server name vsmoss2 WFE server name vsmoss3 i have load balanced it to got to vsmoss2 and vsmoss3 when someone hits vm.com when i hit vm.com it works fine without authentication(shows content query webpart also on my page) I know there is no need to do that but when I hit vsmoss2 and vsmoss3 it shows me error on my content query webpart ....any solution for that? Finding this strange tried this : I closed both extended webapp in vsmoss2 and vsmoss3 result: site is up and running but this time with authentication I closed both extended and main webapplication site in vsmoss2 and vsmoss3 is down I closed main webapplication in vsmoss2 and vsmoss3 site is up and running without authentication Anyone is having idea why this is showing behaviour like this...?

  Read the article

• IIS7.5 Windows Authentication missing providers menu item (ntlm)

  - by Alex Bilbie

  I'm trying to enable NTLM authentication on a Windows Server 2008 R2 machine with IIS 7.5 for a specific file in my web root. I've been following these instructions http://docs.moodle.org/en/NTLM_authentication#IIS_Configuration In the IIS Manager I open the Authentication module, disable anonymous authentication and enable Windows Authentication however according to every post I can find on the matter I should have a 'providers' option appear but I don't. I've double checked in Server Manager that the 'Windows Authentication' security feature is enabled for IIS. Any help anyone can offer would be great, Thank you!

  Read the article

• issue using Postfix as authen SMTP client relay to Exchange 2010

  - by Gk

  Hi, I'm using postfix to relay mail to Exchange 2010. Here is my config: relayhost = [smtp.exchange.2010] smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/relay_passwd smtp_sasl_security_options = #smtp_sasl_mechanism_filter = ntlm (/etc/postfix/relay_passwd contains login information of some accounts on Exchange) With this configuration I can relay email to Exchange. The problem is: the message send from Postfix has header: X-MS-Exchange-Organization-AuthAs: Anonymous and the message is treated like unAuthenicated message on Exchange system (i.e when sending to distribution group require senders are authenicated, I received error: #550 5.7.1 RESOLVER.RST.AuthRequired; authentication required ##rfc822;[email protected]). I using Outlook with the same account as in Postfix and it can send without problem. The different I realized between two case is: Outlook send with NTLM auth mech, Postfix using LOGIN mech. Any idea?

  Read the article

• Hyper-V Server hvremote.wsf Script - ns lookup for DNS Verification test fails

  - by Vazgen

  I'm trying to connect my Hyper-V Server to a Windows 8 client for remote management. I have: Joined server to WORKGROUP Enabled Remote Management Set the server name Set a static IP Set the DNS servers to my ISPs DNS Servers (same as default DNS Servers on my Windows 8 remote management client) Set the correct time zone Created net user on server (net user /add admin password) Added user to special Administrators group on server (hvremote /add:admin) Granted anonymous dcom access on client using hvremote However, the "ns lookup for DNS verification" fails on both the client and server with the same error: Server: my.isps.server.name.net Address: 111.222.333.1 *** my.isps.server.name.net can't find 192.168.1.3: Non-existent domain Thanks for the help.

  Read the article

• Issues with FTP on my server

  - by homestead

  I installed FTP on my windows 2003 box I created a FTP site on a ipaddress, I am not allowing anonymous access. I created a user that has access to the folder c:\ftptest connecting to my server using filezilla shows: connectiong to -0.0.0.0 connection established, waiting for welcome message could not connect to server I tried both active and passive modes. The port on the server is open i.e. TCP 21 I can connect to other FTP sites so my locla firewall isnt' the issue. (now I know why sys admin work is so fun!)

  Read the article

• How to test KVM guest CPU maximum allocation limit?

  - by Ace

  Running Ubuntu 13.04 Host and vm Guest. Using virtio for hdd, nic. Max-allocaion CPU cores is 6, minimum is 2. Ive made a vm with virt-manager just to play with, and to test out kvm. Alright, I have a decent understand how the memory balloon driver works, but I still dont know how to test if the guest OS can utilize the max setting for cpu cores. From what i gather, the host will start one thread of qemu for each core allocated per vm. When i run htop inside the guest, it only shows two cores. (also here is the output of cat /proc/cpuinfo: https://gist.github.com/anonymous/93a361545130923537da ) How can I "force" the guest to allocate the other 4 cores so that it can show 6 cores in htop? Is there a way to do this?

  Read the article

• Google Docs: Tie the Form with a Spreadsheet to email addresses and responses?

  - by Nick Gorbikoff

  Hello. I'm just trying to figure out if I'm doing something wrong or it's not possible. I created a small form ( I'm trying to get current mailing addresses from my friends and relatives - since I lost my address book) and it ties to a Google Spreadsheet. I sent out a sample to my work address - filled out a form and saved it. However when I go to see the responses - in a spreadsheet - it has a time stamp but it has no email associated with a response - so I don't know who made it ( well in this case I know it's me - but when you have 100 replies?) I understand - it may be great for anonymous surveys - but in this case I'd like to know who responded with what - and I don't wan to make them fill out Email and First Name & Last Name - I already have this information. Any suggestions?

  Read the article

• New Session Failed

  - by PhilPursglove

  We've started to see instances on our Intranet server where for any page the server just responds with the error page 'HTTP/1.1 New Session Failed'. It seems we can fix it by running IISRESET but this feels like we're only treating the symptom. The server is a virtualised server running IIS6 on Windows Server 2003 with 0.5Gb of RAM. Our Intranet is written in ASP, but we also have ASP.NET 2.0 applications running on the web site. The site is set up for Anonymous and Integrated Authentication. What causes IIS to get into this error state? Could the server be saturated with requests i.e. we need to scale out and move some applications onto another server? I've seen KB210842 but I'm not sure it applies as that is applicable to IIS 4

  Read the article

• Attempting Unauthorized operation - SQL 2008 R2 install

  - by Fred L

  I've been banging against this for a few days. Keep getting this unauthorized error when trying to install SQL 2008 R2 on a Windows 7 machine. I've changed permissions on the key, does not fix... Created an admin user, gave specific permissions on that key, does not fix... Disabled all firewalls, installed from a local admin, does not fix... I'm out of patience and ideas! :) Help? 2012-07-06 13:09:11 Slp: Sco: Attempting to set value AppName 2012-07-06 13:09:11 Slp: SetValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSTAHostConfig\SSIS_ScriptComponent\2.0, Name = AppName 2012-07-06 13:09:11 Slp: Sco: Attempting to create base registry key HKEY_LOCAL_MACHINE, machine 2012-07-06 13:09:11 SSIS: Processing Registry ACLs for SID 'S-1-5-21-2383144575-3599344511-819193542-1074' 2012-07-06 13:09:11 Slp: Sco: Attempting to open registry subkey SOFTWARE\Microsoft\Microsoft SQL Server\100 2012-07-06 13:09:11 SSIS: Setting permision on registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\100. 2012-07-06 13:09:11 Slp: Sco: Attempting to replace account with sid in security descriptor D:(A;OICI;KR;;;S-1-5-21-2383144575-3599344511-819193542-1074) 2012-07-06 13:09:11 Slp: ReplaceAccountWithSidInSddl -- SDDL to be processed: D:(A;OICI;KR;;;S-1-5-21-2383144575-3599344511-819193542-1074) 2012-07-06 13:09:11 Slp: ReplaceAccountWithSidInSddl -- SDDL to be returned: D:(A;OICI;KR;;;S-1-5-21-2383144575-3599344511-819193542-1074) 2012-07-06 13:09:11 Slp: Sco: Attempting to set security descriptor D:(A;OICI;KR;;;S-1-5-21-2383144575-3599344511-819193542-1074) 2012-07-06 13:09:11 Slp: Sco: Attempting to normalize security descriptor D:(A;OICI;KR;;;S-1-5-21-2383144575-3599344511-819193542-1074) 2012-07-06 13:09:11 Slp: Sco: Attempting to replace account with sid in security descriptor D:(A;OICI;KR;;;S-1-5-21-2383144575-3599344511-819193542-1074) 2012-07-06 13:09:11 Slp: ReplaceAccountWithSidInSddl -- SDDL to be processed: D:(A;OICI;KR;;;S-1-5-21-2383144575-3599344511-819193542-1074) 2012-07-06 13:09:11 Slp: ReplaceAccountWithSidInSddl -- SDDL to be returned: D:(A;OICI;KR;;;S-1-5-21-2383144575-3599344511-819193542-1074) 2012-07-06 13:09:11 Slp: Sco: Attempting to normalize security descriptor D:(A;OICI;KR;;;S-1-5-21-2383144575-3599344511-819193542-1074) 2012-07-06 13:09:11 Slp: Sco: Attempting to replace account with sid in security descriptor D:(A;OICI;KR;;;S-1-5-21-2383144575-3599344511-819193542-1074) 2012-07-06 13:09:11 Slp: ReplaceAccountWithSidInSddl -- SDDL to be processed: D:(A;OICI;KR;;;S-1-5-21-2383144575-3599344511-819193542-1074) 2012-07-06 13:09:11 Slp: ReplaceAccountWithSidInSddl -- SDDL to be returned: D:(A;OICI;KR;;;S-1-5-21-2383144575-3599344511-819193542-1074) 2012-07-06 13:09:11 Slp: Prompting user if they want to retry this action due to the following failure: 2012-07-06 13:09:11 Slp: ---------------------------------------- 2012-07-06 13:09:11 Slp: The following is an exception stack listing the exceptions in outermost to innermost order 2012-07-06 13:09:11 Slp: Inner exceptions are being indented 2012-07-06 13:09:11 Slp: 2012-07-06 13:09:11 Slp: Exception type: Microsoft.SqlServer.Configuration.Sco.ScoException 2012-07-06 13:09:11 Slp: Message: 2012-07-06 13:09:11 Slp: Attempted to perform an unauthorized operation. 2012-07-06 13:09:11 Slp: Data: 2012-07-06 13:09:11 Slp: WatsonData = 100 2012-07-06 13:09:11 Slp: DisableRetry = true 2012-07-06 13:09:11 Slp: Inner exception type: System.UnauthorizedAccessException 2012-07-06 13:09:11 Slp: Message: 2012-07-06 13:09:11 Slp: Attempted to perform an unauthorized operation. 2012-07-06 13:09:11 Slp: Stack: 2012-07-06 13:09:11 Slp: at System.Security.AccessControl.Win32.GetSecurityInfo(ResourceType resourceType, String name, SafeHandle handle, AccessControlSections accessControlSections, RawSecurityDescriptor& resultSd) 2012-07-06 13:09:11 Slp: at System.Security.AccessControl.NativeObjectSecurity.CreateInternal(ResourceType resourceType, Boolean isContainer, String name, SafeHandle handle, AccessControlSections includeSections, Boolean createByName, ExceptionFromErrorCode exceptionFromErrorCode, Object exceptionContext) 2012-07-06 13:09:11 Slp: at Microsoft.SqlServer.Configuration.Sco.SqlRegistrySecurity..ctor(ResourceType resourceType, SafeRegistryHandle handle, AccessControlSections includeSections) 2012-07-06 13:09:11 Slp: at Microsoft.SqlServer.Configuration.Sco.SqlRegistrySecurity.Create(InternalRegistryKey key) 2012-07-06 13:09:11 Slp: at Microsoft.SqlServer.Configuration.Sco.InternalRegistryKey.GetAccessControl() 2012-07-06 13:09:11 Slp: at Microsoft.SqlServer.Configuration.Sco.InternalRegistryKey.SetSecurityDescriptor(String sddl, Boolean overwrite) 2012-07-06 13:09:11 Slp: ---------------------------------------- 2012-07-06 13:09:24 Slp: User has chosen to retry this action 2012-07-06 13:09:24 Slp: Sco: Attempting to normalize security descriptor D:(A;OICI;KR;;;S-1-5-21-2383144575-3599344511-819193542-1074) 2012-07-06 13:09:24 Slp: Sco: Attempting to replace account with sid in security descriptor D:(A;OICI;KR;;;S-1-5-21-2383144575-3599344511-819193542-1074) 2012-07-06 13:09:24 Slp: ReplaceAccountWithSidInSddl -- SDDL to be processed: D:(A;OICI;KR;;;S-1-5-21-2383144575-3599344511-819193542-1074) 2012-07-06 13:09:24 Slp: ReplaceAccountWithSidInSddl -- SDDL to be returned: D:(A;OICI;KR;;;S-1-5-21-2383144575-3599344511-819193542-1074) 2012-07-06 13:09:24 Slp: Sco: Attempting to normalize security descriptor D:(A;OICI;KR;;;S-1-5-21-2383144575-3599344511-819193542-1074) 2012-07-06 13:09:24 Slp: Sco: Attempting to replace account with sid in security descriptor D:(A;OICI;KR;;;S-1-5-21-2383144575-3599344511-819193542-1074) 2012-07-06 13:09:24 Slp: ReplaceAccountWithSidInSddl -- SDDL to be processed: D:(A;OICI;KR;;;S-1-5-21-2383144575-3599344511-819193542-1074) 2012-07-06 13:09:24 Slp: ReplaceAccountWithSidInSddl -- SDDL to be returned: D:(A;OICI;KR;;;S-1-5-21-2383144575-3599344511-819193542-1074) 2012-07-06 13:09:24 Slp: Prompting user if they want to retry this action due to the following failure: 2012-07-06 13:09:24 Slp: ----------------------------------------

  Read the article

• SQL Server Installer Closes Silently Without Errors

  - by ashes999

  When I run the SQL Server 2008 R2 Express installer (32-bit or 64-bit), nothing happens. It will get to the screen where it asks me to accept the terms of license and send anonymous feedback; I check off both boxes and click Next, and it automatically starts installing the Support Files. And then the window disappears. I tried looking through the log files, but didn't see any errors. I've tried: x64 SQL Server R2 express x86 SQL Server R2 express X64 SQL Server R2 (full) X64 SQL Server Management Studio Of these, only management studio installed correctly; the two express editions failed silently, and the full version gave me different errors. I also tried running in Administrator mode (despite being logged in as an administrator user), but again, no difference.

  Read the article

• Outlook - Out Of Office can't set

  - by derjur

  Exchange 2007, Outlook 2010 Error when setting Out Of Office (Automatic Replies) from Outlook: Your automatic reply settings cannot be displayed because the server is currently unavailable. Try again later. Setting this through OWA works fine. Autodiscover is working, and all addresses are resolvable through DNS. Outlook profile created from scratch. Anonymous access disabled for EWS/OWA (IIS on Exchange box). I'm out of steam for troubleshooting. Any ideas?

  Read the article

• subversion: enforce TLS

  - by Daniel Marschall

  Hello, I am running subversion on a Debian Squeeze system with Apache2 and mod_dav for viewing the contents with a webbrowser. I want to enforce the usage of TLS, so that the login data and the SVN contents cannot be read from the connection. I have tried following: <Location /svn> DAV svn SVNParentPath /daten/subversion/ # our access control policy AuthzSVNAccessFile /daten/subversion/access_control # try anonymous access first, resort to real # authentication if necessary. Satisfy Any Require valid-user # how to authenticate a user AuthType Basic AuthName "Subversion repository" AuthUserFile /daten/subversion/.htpasswd # Test SSLRequireSSL RewriteEngine On RewriteCond %{SERVER_PORT} !443 RewriteRule ^svn/(.)$ https://www.viathinksoft.de/svn/$1 [R,L] </Location> at file /etc/apache2/conf.d/subversion.conf Alas, this does not work. There is no redirect and there is still a HTTP request working at /svn/(projectname)/(somefolder) . This SSL-enforce-policy should work for - viewing the contents with webbrowser - retrieve contents with TurtoiseSVN client - committing contents with TurtoiseSVN client Can you please help me? Regards Daniel Marschall

  Read the article

• PHP + IIS Application Pool Identity Windows\Temp permissions

  - by Matt Boothman

  I am currently running PHP (5.3) on IIS 7.5 on a Win2k8 R2 Web Edition Server and would like to know what, if any, problems or security vulnerabilities I may introduct into a system by assigning Read, Write, Modify & Execute permissions to either IUSR account or the IIS_USERS group for %SystemRoot%\Temp? Should I be altering permissions to that folder at all (as Windows reminds me I probably shouldn't when i attempt to change them)? Should I create a temp folder somewhere else and set permissions accordingly? The problem is when i set Anonymous Authentication (I'm guessing is a more secure option???) to use the App Pool identity, when starting sessions PHP gets stuck in a loop because it's unable to create session files in the %SystemRoot%\Temp folder due to lack of permission on the application pool user or IIS_USERS group. Another problem being ImageMagick (PHP Extension) is being denied access to %SystemRoot%\Temp to write temporary files so is throwing exceptions. I have tried searching Google however have not found anything that touches upon this subject specifically. Any help greatly appreciated.

  Read the article

• CentOS - Configuring Puppet to play nice with SELinux

  - by Mike Purcell

  I am running into an issue every time I attempt to start the puppetmasterd service, for which I receive the following error message: root@service1 ~ # -> /etc/init.d/puppetmaster start Starting puppetmaster: Could not prepare for execution: Got 1 failure(s) while initializing: change from absent to directory failed: Could not set 'directory on ensure: Permission denied - /etc/puppet/ssl [FAILED] Apparently there was a known issue with this scenario as outlined in this bug report, however in the bug report it states the issue has been resolved in selinux-policy-3.9.16-29.fc15, but the latest CentOS default upstream version is 3.7.19-155.el6_3.4. So I am trying to figure out the best solution. I can either create a local security policy to allow puppetmasterd the access it needs, or keep researching and install a newer version of selinux-policy outside of the default upstream channel. Anyone have any recommendations? Please don't recommend disabling SELinux... ----- Update ----- Here is the puppet.conf: [main] # The Puppet log directory. # The default value is '$vardir/log'. logdir = /var/log/puppet # Where Puppet PID files are kept. # The default value is '$vardir/run'. rundir = /var/run/puppet # Where SSL certificates are kept. # The default value is '$confdir/ssl'. ssldir = $vardir/ssl [master] certname=puppetmaster.ownij.lan dns_alt_names=puppetmaster.ownij.lan [agent] # The file in which puppetd stores a list of the classes # associated with the retrieved configuratiion. Can be loaded in # the separate ``puppet`` executable using the ``--loadclasses`` # option. # The default value is '$confdir/classes.txt'. classfile = $vardir/classes.txt # Where puppetd caches the local configuration. An # extension indicating the cache format is added automatically. # The default value is '$confdir/localconfig'. localconfig = $vardir/localconfig server=puppetmaster.ownij.lan And here are the denials per the audit log: type=AVC msg=audit(1349751364.985:666): avc: denied { search } for pid=15093 comm="puppetmasterd" name="/" dev=dm-2 ino=2 scontext=unconfined_u:system_r:puppetmaster_t:s0 tcontext=system_u:object_r:home_root_t:s0 tclass=dir type=SYSCALL msg=audit(1349751364.985:666): arch=c000003e syscall=4 success=no exit=-13 a0=1391420 a1=7fffef09ed10 a2=7fffef09ed10 a3=120c500 items=0 ppid=15092 pid=15093 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=13 comm="puppetmasterd" exe="/usr/bin/ruby" subj=unconfined_u:system_r:puppetmaster_t:s0 key=(null) type=AVC msg=audit(1349751365.302:667): avc: denied { search } for pid=15093 comm="puppetmasterd" name="/" dev=dm-2 ino=2 scontext=unconfined_u:system_r:puppetmaster_t:s0 tcontext=system_u:object_r:home_root_t:s0 tclass=dir type=SYSCALL msg=audit(1349751365.302:667): arch=c000003e syscall=4 success=no exit=-13 a0=1d18530 a1=7fffef0d04d0 a2=7fffef0d04d0 a3=8 items=0 ppid=15092 pid=15093 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=13 comm="puppetmasterd" exe="/usr/bin/ruby" subj=unconfined_u:system_r:puppetmaster_t:s0 key=(null) type=AVC msg=audit(1349751365.465:668): avc: denied { search } for pid=15093 comm="puppetmasterd" name="/" dev=dm-2 ino=2 scontext=unconfined_u:system_r:puppetmaster_t:s0 tcontext=system_u:object_r:home_root_t:s0 tclass=dir type=SYSCALL msg=audit(1349751365.465:668): arch=c000003e syscall=4 success=no exit=-13 a0=1af3930 a1=7fffef0c5c70 a2=7fffef0c5c70 a3=8 items=0 ppid=15092 pid=15093 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=13 comm="puppetmasterd" exe="/usr/bin/ruby" subj=unconfined_u:system_r:puppetmaster_t:s0 key=(null) type=AVC msg=audit(1349751365.467:669): avc: denied { search } for pid=15093 comm="puppetmasterd" name="/" dev=dm-2 ino=2 scontext=unconfined_u:system_r:puppetmaster_t:s0 tcontext=system_u:object_r:home_root_t:s0 tclass=dir type=SYSCALL msg=audit(1349751365.467:669): arch=c000003e syscall=4 success=no exit=-13 a0=1b17aa0 a1=7fffef0c5c70 a2=7fffef0c5c70 a3=8 items=0 ppid=15092 pid=15093 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=13 comm="puppetmasterd" exe="/usr/bin/ruby" subj=unconfined_u:system_r:puppetmaster_t:s0 key=(null) type=AVC msg=audit(1349751366.401:670): avc: denied { write } for pid=15093 comm="puppetmasterd" name="puppet" dev=dm-0 ino=132035 scontext=unconfined_u:system_r:puppetmaster_t:s0 tcontext=system_u:object_r:puppet_etc_t:s0 tclass=dir type=SYSCALL msg=audit(1349751366.401:670): arch=c000003e syscall=83 success=no exit=-13 a0=2d7a400 a1=1f9 a2=2d7a40f a3=7fffef0a6df0 items=0 ppid=15092 pid=15093 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=13 comm="puppetmasterd" exe="/usr/bin/ruby" subj=unconfined_u:system_r:puppetmaster_t:s0 key=(null) And the audit log if I pass through audit2allow: root@service1 ~ # -> fgrep puppetmasterd /var/log/audit/audit.log | audit2allow -m puppetmasterd module puppetmasterd 1.0; require { type home_root_t; type puppetmaster_t; type puppet_etc_t; type puppet_var_run_t; type httpd_sys_content_t; class lnk_file { relabelfrom relabelto }; class file { relabelfrom read getattr open }; class dir { write read search getattr setattr }; } #============= puppetmaster_t ============== allow puppetmaster_t home_root_t:dir { search getattr }; allow puppetmaster_t httpd_sys_content_t:dir read; allow puppetmaster_t httpd_sys_content_t:file { read getattr open }; #!!!! The source type 'puppetmaster_t' can write to a 'dir' of the following types: # puppet_log_t, puppet_var_lib_t, puppet_var_run_t, puppetmaster_tmp_t allow puppetmaster_t puppet_etc_t:dir { write setattr }; allow puppetmaster_t puppet_etc_t:lnk_file { relabelfrom relabelto }; allow puppetmaster_t puppet_var_run_t:file relabelfrom;

  Read the article

• User accounts in FTP

  - by Brad

  I have an FTP server(proftpd on debian) that I'm going to allow a couple friends access to, and I want some safety nets in place, just in case. These are some of the things I'd like to do: Jail the accounts to their home directories and impose a cap on the amount of data they can upload Allow them access to a shared folder(via symlink or something) where they have full access(Also with a storage cap, but larger) Allow my own account full access to the system(Using groups I guess) Not allow anonymous access, or allow it with its own folder, separate from the shared user folder Currently, I've got the accounts set up and jailed, but it seems like the symlink that I put in is not allowing them to visit the shared folder. I suppose this has to do with them not having read permissions anywhere but their own home directories, or maybe it's something else, I'll continue to look into it and provide any information that is requested. Is what I'm trying to do possible? Any tips or resources that you can share are appreciated. Thanks.

  Read the article

• Password for iis after installing

  - by zapping

  After installing IIS on my dev system, window xp professional, its asking for username and password while trying to access http://localhost. Can you please help me out. Tried googling and tried may things but could not resolve the issue. Anonymous access is enabled iusr_ is given full access to the wwwroot folder asp.net2.0 has been registered etc. But still not working. :( EDIT: Now the password issue has gone off and shows this: Error Type: Microsoft VBScript runtime (0x800A0046) Permission denied: 'GetObject' /localstart.asp, line 40 Browser Type: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) Page: GET /localstart.asp

  Read the article

• Password for iis after installing

  - by zapping

  After installing IIS on my dev system, window xp professional, its asking for username and password while trying to access http://localhost. Can you please help me out. Tried googling and tried may things but could not resolve the issue. Anonymous access is enabled iusr_ is given full access to the wwwroot folder asp.net2.0 has been registered etc. But still not working. :( EDIT: Now the password issue has gone off and shows this: Error Type: Microsoft VBScript runtime (0x800A0046) Permission denied: 'GetObject' /localstart.asp, line 40 Browser Type: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) Page: GET /localstart.asp

  Read the article

• Unable to FTP, any ideas?

  - by Nick

  I'm using Windows Server 2003. I have the FTP services installed, router set to DMZ, and currently Anonymous logins allowed. (I know, security risk, but there's nothing important on there and not worried at the moment) So here's the thing... I can ftp to my computer, list directory, get files etc, BUT only if I'm using the command prompt. If I try to log in using IE or any FTP client it's just timing out. I've tried: username@ipaddress ipaddress username:password@ipaddress and not able to get any of them to work. Anyone have any ideas? Thanks!!!

  Read the article

• Encrypt EC2 API call

  - by Frank

  I have to host an AMI in the Amazon Marketplace. i need to get the type of instance, whenever some user launches the AMI., like if its small medium or large. based on that i need to make some changes in the AMI when its created. I can do this with Amazon API call, to get the instance type, but the problem is that the instances created with the AMI will be started by other users, and i cannot use my AWS Credentials in the Amazon API. Is there any way that i can create an anonymous readonly user to make only specific type of EC2 API Calls? Or can i encrypt my EC2 API credentials, so no one can use it?

  Read the article

• Samba does not reload user group members

  - by xato

  I am running a simple samba server setup where users connect to a share which contains folders for specific user groups. The folders are chmod 2770, so only users which are in the correct group can read/write in them. The problem is that if I change group memberships (i.e. remove user from group / add user to group; changes are in sync between clients and server!) samba does not automatically reload the group memberships for the user, so they can still write to groups that they are no longer a member of etc. I either have to reconnect to the share or to restart samba to apply the changes. Is there any way to prevent group caching and/or enable group membership reload in samba? My smb.conf: https://gist.github.com/anonymous/ca7c10a3b3e2168d7a03

  Read the article

• Access Denied on LAN IIS Access via Integrated Authentication

  - by Pharao2k

  I have an IIS 7.5 (Win2k8R2) Webserver, which publishes an UNC Share (on a Fileserver) with restricted access. The AppPool Identity is a Domain User-Account with read access to mentioned UNC path. Authentication modes are set to Anonymous and Integration Authentication. When I access the path via localhost from the Webserver itself, it works, but if I try the Hostname or IP from either the Webserver or a Client, I get three authentication prompts (does not accept my credentials) and a 401.3 Unauthorized error message (but it states that I am logged in as my normal credentials which definitely have access rights to the UNC path and its files). Security Zone is set to Local Intranet. Sysiniternals Process Monitor lists CreateFile operations on the UNC path (and other existing files in it) with Access Denied and Impersonating on the correct credentials. I don't understand why it is not working, it seems to use the correct credentials on every step on the way but fails with is operations.

  Read the article

• Should I impersonate PHP via FastCGI?

  - by AKeller

  I am installing the latest version of PHP onto IIS 7.5 via FastCGI, and all of the instructions say that FastCGI should impersonate the calling client by setting fastcgi.impersonate = 1 If my website will have this configuration dedicated application pool application pool identity of ApplicationPoolIdentity anonymous authentication only (as IUSR) why do I want to impersonate? I come from an ASP.NET background, where the IUSR gets read-only permissions and the application pool identity gets any write permissions. Giving write access to the IUSR usually opens the door for WebDAV vulnerabilities. So I hesitate to let PHP run as the IUSR. I can't find many people asking this question (1 | 2) so I think I must be missing something. Can someone clarify this for me?

  Read the article

• How can I anonymize my browser useragent, yet still be counted as a FF/Ubuntu user?

  - by Rory

  I read about EFF's Panopticlick project to see how unique your webbrowser's headers are. I would like to anonymize that a bit. My current User Agent is Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.7) Gecko/20100106 Ubuntu/9.10 (karmic) Firefox/3.5.7 I would like to make that more anonymous, however I still wanted to be counted as a Firefox and Ubuntu user. How can I change my User Agent in Firefox? What should I change it to so that it's less unique, but will be counted as a Firefox user and a Ubuntu user on web analytics software? I know that there is no guarantee that I will be counted a Firefox/Ubuntu user, just something that 'works most of the time' would be sufficent.

  Read the article

< Previous Page | 199 200 201 202 203 204 205 206 207 208 209 210  | Next Page >