Search Results

Search found 31564 results on 1263 pages for 'users group'.

Page 205/1263 | < Previous Page | 201 202 203 204 205 206 207 208 209 210 211 212 | Next Page >

Supporting early versions of Android

- by Philip Sheard

What policy do developers have when it comes to supporting earlier versions of Android? I still support Android 2.1 and above, but this means that I am unable to use features such as the action bar. Over 40% of my users are still running versions below 3.0, so I feel somewhat constrained about this. The problem is that 3.x was not very successful, so 2.3.x will be with us for some time. But all new devices will now be shipping with 4.x. I am wondering whether 4.x users are more likely to pay for an app, while most 2.3.x users are just looking.

Read the article
Silverlight 4 minor update–June 2010

Today we released a service update for Silverlight 4. This is a minor release that addresses some items found immediately after release that have now completed our test passes with those who reported them. Most of the items found wont affect all users, but media developers will want to get this update for their applications and encourage their users to upgrade. This update (4.0.50524.0) addresses a few media-related items found by some of our media customers. A few items were serviced for DRM users...Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

Read the article
5 Best SEO Strategies to Promote Your Website

People nowadays use the internet and visit websites to search for any available information. Some users tend to use popular search engines like Google, Yahoo and MSN if they don't know the URL or the web address of what they are searching. Thus, these search engines will help them to generate easily all the necessary information that they needed. In line with this, some users don't want to waste time so they tend to click or visit the top websites generated by the search engine from a certain keyword. The question is, how would you put your website on top so that users can easily visit it?

Read the article
Online File Library

- by janvdl

I'm looking for a preferably PHP and web based system, to run on Ubuntu server. Basically it should be a "file forum" in the sense that users can register and be approved to post files to categories. Users with "read" privileges can then go through the categories and download files. Basically I sort of want a FTP-like system, but it should be as easy to manage users, categories, etc as that of a forum system like vB or phpBB. If it could have a forum look and feel that would also be great, but I don't want any discussions taking place.

Read the article
Silverlight 4 minor update–June 2010

Today we released a service update for Silverlight 4. This is a minor release that addresses some items found immediately after release that have now completed our test passes with those who reported them. Most of the items found wont affect all users, but media developers will want to get this update for their applications and encourage their users to upgrade. This update (4.0.50524.0) addresses a few media-related items found by some of our media customers. A few items were serviced for DRM users...Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

Read the article
Opencart Dashboard show last months statistics

- by John Magnolia

How could I added the option to show the statistics for last month. PHP public function chart() { $this->load->language('common/home'); $data = array(); $data['order'] = array(); $data['customer'] = array(); $data['xaxis'] = array(); $data['order']['label'] = $this->language->get('text_order'); $data['customer']['label'] = $this->language->get('text_customer'); if (isset($this->request->get['range'])) { $range = $this->request->get['range']; } else { $range = 'month'; } switch ($range) { case 'day': for ($i = 0; $i < 24; $i++) { $query = $this->db->query("SELECT COUNT(*) AS total FROM `" . DB_PREFIX . "order` WHERE order_status_id > '0' AND (DATE(date_added) = DATE(NOW()) AND HOUR(date_added) = '" . (int)$i . "') GROUP BY HOUR(date_added) ORDER BY date_added ASC"); if ($query->num_rows) { $data['order']['data'][] = array($i, (int)$query->row['total']); } else { $data['order']['data'][] = array($i, 0); } $query = $this->db->query("SELECT COUNT(*) AS total FROM " . DB_PREFIX . "customer WHERE DATE(date_added) = DATE(NOW()) AND HOUR(date_added) = '" . (int)$i . "' GROUP BY HOUR(date_added) ORDER BY date_added ASC"); if ($query->num_rows) { $data['customer']['data'][] = array($i, (int)$query->row['total']); } else { $data['customer']['data'][] = array($i, 0); } $data['xaxis'][] = array($i, date('H', mktime($i, 0, 0, date('n'), date('j'), date('Y')))); } break; case 'week': $date_start = strtotime('-' . date('w') . ' days'); for ($i = 0; $i < 7; $i++) { $date = date('Y-m-d', $date_start + ($i * 86400)); $query = $this->db->query("SELECT COUNT(*) AS total FROM `" . DB_PREFIX . "order` WHERE order_status_id > '0' AND DATE(date_added) = '" . $this->db->escape($date) . "' GROUP BY DATE(date_added)"); if ($query->num_rows) { $data['order']['data'][] = array($i, (int)$query->row['total']); } else { $data['order']['data'][] = array($i, 0); } $query = $this->db->query("SELECT COUNT(*) AS total FROM `" . DB_PREFIX . "customer` WHERE DATE(date_added) = '" . $this->db->escape($date) . "' GROUP BY DATE(date_added)"); if ($query->num_rows) { $data['customer']['data'][] = array($i, (int)$query->row['total']); } else { $data['customer']['data'][] = array($i, 0); } $data['xaxis'][] = array($i, date('D', strtotime($date))); } break; default: case 'month': for ($i = 1; $i <= date('t'); $i++) { $date = date('Y') . '-' . date('m') . '-' . $i; $query = $this->db->query("SELECT COUNT(*) AS total FROM `" . DB_PREFIX . "order` WHERE order_status_id > '0' AND (DATE(date_added) = '" . $this->db->escape($date) . "') GROUP BY DAY(date_added)"); if ($query->num_rows) { $data['order']['data'][] = array($i, (int)$query->row['total']); } else { $data['order']['data'][] = array($i, 0); } $query = $this->db->query("SELECT COUNT(*) AS total FROM " . DB_PREFIX . "customer WHERE DATE(date_added) = '" . $this->db->escape($date) . "' GROUP BY DAY(date_added)"); if ($query->num_rows) { $data['customer']['data'][] = array($i, (int)$query->row['total']); } else { $data['customer']['data'][] = array($i, 0); } $data['xaxis'][] = array($i, date('j', strtotime($date))); } break; case 'year': for ($i = 1; $i <= 12; $i++) { $query = $this->db->query("SELECT COUNT(*) AS total FROM `" . DB_PREFIX . "order` WHERE order_status_id > '0' AND YEAR(date_added) = '" . date('Y') . "' AND MONTH(date_added) = '" . $i . "' GROUP BY MONTH(date_added)"); if ($query->num_rows) { $data['order']['data'][] = array($i, (int)$query->row['total']); } else { $data['order']['data'][] = array($i, 0); } $query = $this->db->query("SELECT COUNT(*) AS total FROM " . DB_PREFIX . "customer WHERE YEAR(date_added) = '" . date('Y') . "' AND MONTH(date_added) = '" . $i . "' GROUP BY MONTH(date_added)"); if ($query->num_rows) { $data['customer']['data'][] = array($i, (int)$query->row['total']); } else { $data['customer']['data'][] = array($i, 0); } $data['xaxis'][] = array($i, date('M', mktime(0, 0, 0, $i, 1, date('Y')))); } break; } $this->response->setOutput(json_encode($data)); } HTML <select name="range"> <option value="day">Today</option> <option value="week">This Week</option> <option value="month">This Month</option> <option value="year">This Year</option> </select>

Read the article
Android ActivityGroup

- by Vahag Vardanyan

I know that ActivityGroup is in the "past", but I want to learn how to use it. So I write a simple TabHost, and want to show different activities using ActivityGroup. Here are the parts of code Player.java package player.org; import android.app.Activity; import android.app.TabActivity; import android.content.Context; import android.content.Intent; import android.content.res.Resources; import android.media.MediaPlayer; import android.os.Bundle; import android.util.Log; import android.view.MotionEvent; import android.view.View; import android.view.View.OnClickListener; import android.view.animation.AlphaAnimation; import android.view.animation.Animation; import android.view.animation.AnimationUtils; import android.widget.Button; import android.widget.ProgressBar; import android.widget.SeekBar; import android.widget.SeekBar.OnSeekBarChangeListener; import android.widget.TabHost; import android.widget.TabWidget; import android.widget.TextView; public class Player extends TabActivity { /** Called when the activity is first created. */ private MediaPlayer media=null; private SeekBar progress; private View play; private Progress p; TabHost tabhost; @Override public void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.tabs); Resources res=getResources(); //TabHost tabhost=(TabHost) findViewById(R.id.tabhost); // tabhost.setup(); tabhost=getTabHost(); TabHost.TabSpec spec; Intent intent; intent=new Intent(this,Progress.class); spec=tabhost.newTabSpec("now playing").setIndicator("Now playing", res.getDrawable(R.drawable.icon)) .setContent(intent); tabhost.addTab(spec); intent=new Intent(this,Group.class); spec=tabhost.newTabSpec("all_songs").setIndicator("All songs", res.getDrawable(R.drawable.songs)) .setContent(intent); tabhost.addTab(spec); //intent=new Intent(this,Progress.class); spec=tabhost.newTabSpec("artists").setIndicator("Artists", res.getDrawable(R.drawable.icon)) .setContent(intent); tabhost.addTab(spec); spec=tabhost.newTabSpec("alboom").setIndicator("Alboom", res.getDrawable(R.drawable.icon)) .setContent(intent); tabhost.addTab(spec); tabhost.setCurrentTab(0); } } Group.java import android.os.Bundle; import android.view.View; public class Group extends ActivityGroup { @Override public void onCreate(Bundle savedInstanceStated) { super.onCreate(savedInstanceStated); View view = getLocalActivityManager().startActivity("AllSongs", new Intent(this, AllSongs.class).addFlags(Intent.FLAG_ACTIVITY_CLEAR_TOP)).getDecorView(); setContentView(view); } AllSongs.java package player.org; import java.util.ArrayList; import android.R.id; import android.app.ActivityGroup; import android.app.ListActivity; import android.content.Intent; import android.os.Bundle; import android.view.View; import android.view.Window; import android.widget.AdapterView; import android.widget.AdapterView.OnItemClickListener; import android.widget.ArrayAdapter; import android.widget.ListView; import android.widget.TabHost; public class AllSongs extends ListActivity{ ArrayList<String> listItem=new ArrayList<String>(); ArrayAdapter<String> adapter; ListView listView; //Player p; TabHost tab; public void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); //p=new Player(); adapter=new ArrayAdapter<String>(this,R.layout.list_item,listItem); setListAdapter(adapter); listView=getListView(); listView.setTextFilterEnabled(true); listView.setOnItemClickListener(listener); addItem("vahag"); addItem("vahagvahag"); } private OnItemClickListener listener=new OnItemClickListener() { @Override public void onItemClick(AdapterView<?> arg0, View arg1, int arg2, long arg3) { // TODO Auto-generated method stub Intent intent = new Intent(AllSongs.this,Progress.class); intent.addFlags(Intent.FLAG_ACTIVITY_CLEAR_TOP); Group group= (Group) getParent(); View view=group.getLocalActivityManager().startActivity("Progress",intent).getDecorView(); setContentView(view); } }; public void addItem(String s) { listItem.add(s); adapter.notifyDataSetChanged(); } } and the Progress.java package player.org; import android.app.Activity; import android.app.ActivityGroup; import android.app.Dialog; import android.app.TabActivity; import android.content.Context; public class Progress extends Activity { // Called when the activity is first created. public void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.main); } } So, AllSongs.java try to change current activity with Progress activity, but when I press on list item, the Programm forsed closed, and logChat says "08-17 12:49:26.471: ERROR/AndroidRuntime(1500): java.lang.RuntimeException: Your content must have a ListView whose id attribute is 'android.R.id.list'" I can't figure how to fix this problem, Can anyone helps?

Read the article
I have a bunch of template parameters that I want to hide from my users. How can I do this?

- by Alex

I have a superclass which is defined in terms of a few internal types it uses. Subclassing is performed as so: template <class InternalType1, class InternalType2> class Super { ... } class Sub : Super <interalTypeClass1, interalTypeClass2> { ... } But when I want to write a function that takes a pointer to the superclass, this happens : template <class InternalType1, class InternalType2> void function(Super<InternalType1, InternalType2>* in) { ... } The user really shouldn't know anything about the inside classes, and should really just concern himself with the use of the function. Some of these template lists become very very large, and expecting the user to pass them every time is wasteful, in my opinion. Any suggestions? EDIT: The function needs to know the internal types in use, so unless there is a way to access template types at compile time, I think there is no solution? Potential solution: Have each class do the following: #define SubTemplateArgs <SubTypeName, SubInternalType1, SubInternalType2> ?

Read the article
R Package Installation with Oracle R Enterprise

- by Sherry LaMonica-Oracle

Normal 0 false false false EN-US X-NONE X-NONE Programming languages give developers the opportunity to write reusable functions and to bundle those functions into logical deployable entities. In R, these are called packages. R has thousands of such packages provided by an almost equally large group of third-party contributors. To allow others to benefit from these packages, users can share packages on the CRAN system for use by the vast R development community worldwide. R's package system along with the CRAN framework provides a process for authoring, documenting and distributing packages to millions of users. In this post, we'll illustrate the various ways in which such R packages can be installed for use with R and together with Oracle R Enterprise. In the following, the same instructions apply when using either open source R or Oracle R Distribution. In this post, we cover the following package installation scenarios for: R command line Linux shell command line Use with Oracle R Enterprise Installation on Exadata or RAC Installing all packages in a CRAN Task View Troubleshooting common errors 1. R Package Installation BasicsR package installation basics are outlined in Chapter 6 of the R Installation and Administration Guide. There are two ways to install packages from the command line: from the R command line and from the shell command line. For this first example on Oracle Linux using Oracle R Distribution, we’ll install the arules package as root so that packages will be installed in the default R system-wide location where all users can access it, /usr/lib64/R/library.Within R, using the install.packages function always attempts to install the latest version of the requested package available on CRAN:R> install.packages("arules")If the arules package depends upon other packages that are not already installed locally, the R installer automatically downloads and installs those required packages. This is a huge benefit that frees users from the task of identifying and resolving those dependencies.You can also install R from the shell command line. This is useful for some packages when an internet connection is not available or for installing packages not uploaded to CRAN. To install packages this way, first locate the package on CRAN and then download the package source to your local machine. For example:$ wget http://cran.r-project.org/src/contrib/arules_1.1-2.tar.gz Then, install the package using the command R CMD INSTALL:$ R CMD INSTALL arules_1.1-2.tar.gzA major difference between installing R packages using the R package installer at the R command line and shell command line is that package dependencies must be resolved manually at the shell command line. Package dependencies are listed in the Depends section of the package’s CRAN site. If dependencies are not identified and installed prior to the package’s installation, you will see an error similar to:ERROR: dependency ‘xxx’ is not available for package ‘yyy’As a best practice and to save time, always refer to the package’s CRAN site to understand the package dependencies prior to attempting an installation. If you don’t run R as root, you won’t have permission to write packages into the default system-wide location and you will be prompted to create a personal library accessible by your userid. You can accept the personal library path chosen by R, or specify the library location by passing parameters to the install.packages function. For example, to create an R package repository in your home directory: R> install.packages("arules", lib="/home/username/Rpackages")or$ R CMD INSTALL arules_1.1-2.tar.gz --library=/home/username/RpackagesRefer to the install.packages help file in R or execute R CMD INSTALL --help at the shell command line for a full list of command line options.To set the library location and avoid having to specify this at every package install, simply create the R startup environment file .Renviron in your home area if it does not already exist, and add the following piece of code to it:R_LIBS_USER = "/home/username/Rpackages" 2. Setting the RepositoryEach time you install an R package from the R command line, you are asked which CRAN mirror, or server, R should use. To set the repository and avoid having to specify this during every package installation, create the R startup command file .Rprofile in your home directory and add the following R code to it:cat("Setting Seattle repository")r = getOption("repos") r["CRAN"] = "http://cran.fhcrc.org/"options(repos = r)rm(r) This code snippet sets the R package repository to the Seattle CRAN mirror at the start of each R session. 3. Installing R Packages for use with Oracle R EnterpriseEmbedded R execution with Oracle R Enterprise allows the use of CRAN or other third-party R packages in user-defined R functions executed on the Oracle Database server. The steps for installing and configuring packages for use with Oracle R Enterprise are the same as for open source R. The database-side R engine just needs to know where to find the R packages.The Oracle R Enterprise installation is performed by user oracle, which typically does not have write permission to the default site-wide library, /usr/lib64/R/library. On Linux and UNIX platforms, the Oracle R Enterprise Server installation provides the ORE script, which is executed from the operating system shell to install R packages and to start R. The ORE script is a wrapper for the default R script, a shell wrapper for the R executable. It can be used to start R, run batch scripts, and build or install R packages. Unlike the default R script, the ORE script installs packages to a location writable by user oracle and accessible by all ORE users - $ORACLE_HOME/R/library.To install a package on the database server so that it can be used by any R user and for use in embedded R execution, an Oracle DBA would typically download the package source from CRAN using wget. If the package depends on any packages that are not in the R distribution in use, download the sources for those packages, also. For a single Oracle Database instance, replace the R script with ORE to install the packages in the same location as the Oracle R Enterprise packages. $ wget http://cran.r-project.org/src/contrib/arules_1.1-2.tar.gz$ ORE CMD INSTALL arules_1.1-2.tar.gzBehind the scenes, the ORE script performs the equivalent of setting R_LIBS_USER to the value of $ORACLE_HOME/R/library, and all R packages installed with the ORE script are installed to this location. For installing a package on multiple database servers, such as those in an Oracle Real Application Clusters (Oracle RAC) or a multinode Oracle Exadata Database Machine environment, use the ORE script in conjunction with the Exadata Distributed Command Line Interface (DCLI) utility.$ dcli -g nodes -l oracle ORE CMD INSTALL arules_1.1-1.tar.gz The DCLI -g flag designates a file containing a list of nodes to install on, and the -l flag specifies the user id to use when executing the commands. For more information on using DCLI with Oracle R Enterprise, see Chapter 5 in the Oracle R Enterprise Installation Guide.If you are using an Oracle R Enterprise client, install the package the same as any R package, bearing in mind that you must install the same version of the package on both the client and server machines to avoid incompatibilities. 4. CRAN Task ViewsCRAN also maintains a set of Task Views that identify packages associated with a particular task or methodology. Task Views are helpful in guiding users through the huge set of available R packages. They are actively maintained by volunteers who include detailed annotations for routines and packages. If you find one of the task views is a perfect match, you can install every package in that view using the ctv package - an R package for automating package installation. To use the ctv package to install a task view, first, install and load the ctv package.R> install.packages("ctv")R> library(ctv)Then query the names of the available task views and install the view you choose.R> available.views() R> install.views("TimeSeries") 5. Using and Managing R packages To use a package, start up R and load packages one at a time with the library command.Load the arules package in your R session. R> library(arules)Verify the version of arules installed.R> packageVersion("arules")[1] '1.1.2'Verify the version of arules installed on the database server using embedded R execution.R> ore.doEval(function() packageVersion("arules"))View the help file for the apropos function in the arules packageR> ?aproposOver time, your package repository will contain more and more packages, especially if you are using the system-wide repository where others are adding additional packages. It’s good to know the entire set of R packages accessible in your environment. To list all available packages in your local R session, use the installed.packages command:R> myLocalPackages <- row.names(installed.packages())R> myLocalPackagesTo access the list of available packages on the ORE database server from the ORE client, use the following embedded R syntax: R> myServerPackages <- ore.doEval(function() row.names(installed.packages()) R> myServerPackages 6. Troubleshooting Common ProblemsInstalling Older Versions of R packagesIf you immediately upgrade to the latest version of R, you will have no problem installing the most recent versions of R packages. However, if your version of R is older, some of the more recent package releases will not work and install.packages will generate a message such as: Warning message: In install.packages("arules") : package ‘arules’ is not availableThis is when you have to go to the Old sources link on the CRAN page for the arules package and determine which version is compatible with your version of R.Begin by determining what version of R you are using:$ R --versionOracle Distribution of R version 3.0.1 (--) -- "Good Sport" Copyright (C) The R Foundation for Statistical Computing Platform: x86_64-unknown-linux-gnu (64-bit)Given that R-3.0.1 was released May 16, 2013, any version of the arules package released after this date may work. Scanning the arules archive, we might try installing version 0.1.1-1, released in January of 2014:$ wget http://cran.r-project.org/src/contrib/Archive/arules/arules_1.1-1.tar.gz$ R CMD INSTALL arules_1.1-1.tar.gzFor use with ORE:$ ORE CMD INSTALL arules_1.1-1.tar.gzThe "package not available" error can also be thrown if the package you’re trying to install lives elsewhere, either another R package site, or it’s been removed from CRAN. A quick Google search usually leads to more information on the package’s location and status.Oracle R Enterprise is not in the R library pathOn Linux hosts, after installing the ORE server components, starting R, and attempting to load the ORE packages, you may receive the error:R> library(ORE)Error in library(ORE) : there is no package called ‘ORE’If you know the ORE packages have been installed and you receive this error, this is the result of not starting R with the ORE script. To resolve this problem, exit R and restart using the ORE script. After restarting R and ">running the command to load the ORE packages, you should not receive any errors.$ ORER> library(ORE)On Windows servers, the solution is to make the location of the ORE packages visible to R by adding them to the R library paths. To accomplish this, exit R, then add the following lines to the .Rprofile file. On Windows, the .Rprofile file is located in R\etc directory C:\Program Files\R\R-<version>\etc. Add the following lines:.libPaths("<path to $ORACLE_HOME>/R/library")The above line will tell R to include the R directory in the Oracle home as part of its search path. When you start R, the path above will be included, and future R package installations will also be saved to $ORACLE_HOME/R/library. This path should be writable by the user oracle, or the userid for the DBA tasked with installing R packages.Binary package compiled with different version of RBy default, R will install pre-compiled versions of packages if they are found. If the version of R under which the package was compiled does not match your installed version of R you will get an error message:Warning message: package ‘xxx’ was built under R version 3.0.0The solution is to download the package source and build it for your version of R.$ wget http://cran.r-project.org/src/contrib/Archive/arules/arules_1.1-1.tar.gz$ R CMD INSTALL arules_1.1-1.tar.gzFor use with ORE:$ ORE CMD INSTALL arules_1.1-1.tar.gzUnable to execute files in /tmp directoryBy default, R uses the /tmp directory to install packages. On security conscious machines, the /tmp directory is often marked as "noexec" in the /etc/fstab file. This means that no file under /tmp can ever be executed, and users who attempt to install R package will receive an error:ERROR: 'configure' exists but is not executable -- see the 'R Installation and Administration Manual’The solution is to set the TMP and TMPDIR environment variables to a location which R will use as the compilation directory. For example:$ mkdir <some path>/tmp$ export TMPDIR= <some path>/tmp$ export TMP= <some path>/tmpThis error typically appears on Linux client machines and not database servers, as Oracle Database writes to the value of the TMP environment variable for several tasks, including holding temporary files during database installation. 7. Creating your own R packageCreating your own package and submitting to CRAN is for advanced users, but it is not difficult. The procedure to follow, along with details of R's package system, is detailed in the Writing R Extensions manual.

Read the article
Securing an ADF Application using OES11g: Part 2

- by user12587121

To validate the integration with OES we need a sample ADF Application that is rich enough to allow us to test securing the various ADF elements. To achieve this we can add some items including bounded task flows to the application developed in this tutorial. A sample JDeveloper 11.1.1.6 project is available here. It depends on the Fusion Order Demo (FOD) database schema which is easily created using the FOD build scripts.In the deployment we have chosen to enable only ADF Authentication as we will delegate Authorization, mostly, to OES.The welcome page of the application with all the links exposed looks as follows: The Welcome, Browse Products, Browse Stock and System Administration links go to pages while the Supplier Registration and Update Stock are bounded task flows. The Login link goes to a basic login page and once logged in a link is presented that goes to a logout page. Only the Browse Products and Browse Stock pages are really connected to the database--the other pages and task flows do not really perform any operations on the database. Required Security Policies We make use of a set of test users and roles as decscribed on the welcome page of the application. In order to exercise the different authorization possibilities we would like to enforce the following sample policies: Anonymous users can see the Login, Welcome and Supplier Registration links. They can also see the Welcome page, the Login page and follow the Supplier Registration task flow. They can see the icon adjacent to the Login link indicating whether they have logged in or not. Authenticated users can see the Browse Product page. Only staff granted the right can see the Browse Product page cost price value returned from the database and then only if the value is below a configurable limit. Suppliers and staff can see the Browse Stock links and pages. Customers cannot. Suppliers can see the Update Stock link but only those with the update permission are allowed to follow the task flow that it launches. We could hide the link but leave it exposed here so we can easily demonstrate the method call activity protecting the task flow. Only staff granted the right can see the System Administration link and the System Administration page it accesses. Implementing the required policies In order to secure the application we will make use of the following techniques: EL Expressions and Java backing beans: JSF has the notion of EL expressions to reference data from backing Java classes. We use these to control the presentation of links on the navigation page which respect the security contraints. So a user will not see links that he is not allowed to click on into. These Java backing beans can call on to OES for an authorization decision. Important Note: naturally we would configure the WLS domain where our ADF application is running as an OES WLS SM, which would allow us to efficiently query OES over the PEP API. However versioning conflicts between OES 11.1.1.5 and ADF 11.1.1.6 mean that this is not possible. Nevertheless, we can make use of the OES RESTful gateway technique from this posting in order to call into OES. You can easily create and manage backing beans in Jdeveloper as follows: Custom ADF Phase Listener: ADF extends the JSF page lifecycle flow and allows one to hook into the flow to intercept page rendering. We use this to put a check prior to rendering any protected pages, again calling on to OES via the backing bean. Phase listeners are configured in the adf-settings.xml file. See the MyPageListener.java class in the project. Here, for example, is the code we use in the listener to check for allowed access to the sysadmin page, navigating back to the welcome page if authorization is not granted: if (page != null && (page.equals("/system.jspx") || page.equals("/system"))){ System.out.println("MyPageListener: Checking Authorization for /system"); if (getValue("#{oesBackingBean.UIAccessSysAdmin}").toString().equals("false") ){ System.out.println("MyPageListener: Forcing navigation away from system" + "to welcome"); NavigationHandler nh = fc.getApplication().getNavigationHandler(); nh.handleNavigation(fc, null, "welcome"); } else { System.out.println("MyPageListener: access allowed"); } } Method call activity: our app makes use of bounded task flows to implement the sequence of pages that update the stock or allow suppliers to self register. ADF takes care of ensuring that a bounded task flow can be entered by only one page. So a way to protect all those pages is to make a call to OES in the first activity and then either exit the task flow or continue depending on the authorization decision. The method call returns a String which contains the name of the transition to effect. This is where we configure the method call activity in JDeveloper: We implement each of the policies using the above techniques as follows: Policies 1 and 2: as these policies concern the coarse grained notions of controlling access to anonymous and authenticated users we can make use of the container’s security constraints which can be defined in the web.xml file. The allPages constraint is added automatically when we configure Authentication for the ADF application. We have added the “anonymousss” constraint to allow access to the the required pages, task flows and icons: <security-constraint> <web-resource-collection> <web-resource-name>anonymousss</web-resource-name> <url-pattern>/faces/welcome</url-pattern> <url-pattern>/afr/*</url-pattern> <url-pattern>/adf/*</url-pattern> <url-pattern>/key.png</url-pattern> <url-pattern>/faces/supplier-reg-btf/*</url-pattern> <url-pattern>/faces/supplier_register_complete</url-pattern> </web-resource-collection> </security-constraint> Policy 3: we can place an EL expression on the element representing the cost price on the products.jspx page: #{oesBackingBean.dataAccessCostPrice}. This EL Expression references a method in a Java backing bean that will call on to OES for an authorization decision. In OES we model the authorization requirement by requiring the view permission on the resource /MyADFApp/data/costprice and granting it only to the staff application role. We recover any obligations to determine the limit. Policy 4: is implemented by putting an EL expression on the Browse Stock link #{oesBackingBean.UIAccessBrowseStock} which checks for the view permission on the /MyADFApp/ui/stock resource. The stock.jspx page is protected by checking for the same permission in a custom phase listener—if the required permission is not satisfied then we force navigation back to the welcome page. Policy 5: the Update Stock link is protected with the same EL expression as the Browse Link: #{oesBackingBean.UIAccessBrowseStock}. However the Update Stock link launches a bounded task flow and to protect it the first activity in the flow is a method call activity which will execute an EL expression #{oesBackingBean.isUIAccessSupplierUpdateTransition} to check for the update permission on the /MyADFApp/ui/stock resource and either transition to the next step in the flow or terminate the flow with an authorization error. Policy 6: the System Administration link is protected with an EL Expression #{oesBackingBean.UIAccessSysAdmin} that checks for view access on the /MyADF/ui/sysadmin resource. The system page is protected in the same way at the stock page—the custom phase listener checks for the same permission that protects the link and if not satisfied we navigate back to the welcome page. Testing the Application To test the application: deploy the OES11g Admin to a WLS domain deploy the OES gateway in a another domain configured to be a WLS SM. You must ensure that the jps-config.xml file therein is configured to allow access to the identity store, otherwise the gateway will not b eable to resolve the principals for the requested users. To do this ensure that the following elements appear in the jps-config.xml file: <serviceProvider type="IDENTITY_STORE" name="idstore.ldap.provider" class="oracle.security.jps.internal.idstore.ldap.LdapIdentityStoreProvider"> <description>LDAP-based IdentityStore Provider</description> </serviceProvider> <serviceInstance name="idstore.ldap" provider="idstore.ldap.provider"> <property name="idstore.config.provider" value="oracle.security.jps.wls.internal.idstore.WlsLdapIdStoreConfigProvider"/> <property name="CONNECTION_POOL_CLASS" value="oracle.security.idm.providers.stdldap.JNDIPool"/></serviceInstance> <serviceInstanceRef ref="idstore.ldap"/> download the sample application and change the URL to the gateway in the MyADFApp OESBackingBean code to point to the OES Gateway and deploy the application to an 11.1.1.6 WLS domain that has been extended with the ADF JRF files. You will need to configure the FOD database connection to point your database which contains the FOD schema. populate the OES Admin and OES Gateway WLS LDAP stores with the sample set of users and groups. If you have configured the WLS domains to point to the same LDAP then it would only have to be done once. To help with this there is a directory called ldap_scripts in the sample project with ldif files for the test users and groups. start the OES Admin console and configure the required OES authorization policies for the MyADFApp application and push them to the WLS SM containing the OES Gateway. Login to the MyADFApp as each of the users described on the login page to test that the security policy is correct. You will see informative logging from the OES Gateway and the ADF application to their respective WLS consoles. Congratulations, you may now login to the OES Admin console and change policies that will control the behaviour of your ADF application--change the limit value in the obligation for the cost price for example, or define Role Mapping policies to determine staff access to the system administration page based on user profile attributes. ADF Development Notes Some notes on ADF development which are probably typical gotchas: May need this on WLS startup in order to allow us to overwrite credentials for the database, the signal here is that there is an error trying to access the data base: -Djps.app.credential.overwrite.allowed=true Best to call Bounded Task flows via a CommandLink (as opposed to a go link) as you cannot seem to start them again from a go link, even having completed the task flow correctly with a return activity. Once a bounded task flow (BTF) is initated it must complete correctly via a return activity—attempting to click on any other link whilst in the context of a BTF has no effect. See here for example: When using the ADF Authentication only security approach it seems to be awkward to allow anonymous access to the welcome and registration pages. We can achieve anonymous access using the web.xml security constraint shown above (where no auth-constraint is specified) however it is not clear what needs to be listed in there….for example the /afr/* and /adf/* are in there by trial and error as sometimes the welcome page will not render if we omit those items. I was not able to use the default allPages constraint with for example the anonymous-role or the everyone WLS group in order to be able to allow anonymous access to pages. The ADF security best practice advises placing all pages under the public_html/WEB-INF folder as then ADF will not allow any direct access to the .jspx pages but will only allow acces via a link of the form /faces/welcome rather than /faces/welcome.jspx. This seems like a very good practice to follow as having multiple entry points to data is a source of confusion in a web application (particulary from a security point of view). In Authentication+Authorization mode only pages with a Page definition file are protected. In order to add an emty one right click on the page and choose Go to Page Definition. This will create an empty page definition and now the page will require explicit permission to be seen. It is advisable to give a unique context root via the weblogic.xml for the application, as otherwise the application will clash with any other application with the same context root and it will not deploy

Read the article
Office 2010: It’s not just DOC(X) and XLS(X)

- by andrewbrust

Office 2010 has released to manufacturing. The bits have left the (product team’s) building. Will you upgrade? This version of Office is officially numbered 14, a designation that correlates with the various releases, through the years, of Microsoft Word. There were six major versions of Word for DOS, during whose release cycles came three 16-bit Windows versions. Then, starting with Word 95 and counting through Word 2007, there have been six more versions – all for the 32-bit Windows platform. Skip version 13 to ward off folksy bad luck (and, perhaps, the bugs that could come with it) and that brings us to version 14, which includes implementations for both 32- and 64-bit Windows platforms. We’ve come a long way baby. Or have we? As it does every three years or so, debate will now start to rage on over whether we need a “14th” version the PC platform’s standard word processor, or a “13th” version of the spreadsheet. If you accept the premise of that question, then you may be on a slippery slope toward answering it in the negative. Thing is, that premise is valid for certain customers and not others. The Microsoft Office product has morphed from one that offered core word processing, spreadsheet, presentation and email functionality to a suite of applications that provides unique, new value-added features, and even whole applications, in the context of those core services. The core apps thus grow in mission: Excel is a BI tool. Word is a collaborative editorial system for the production of publications. PowerPoint is a media production platform for for live presentations and, increasingly, for delivering more effective presentations online. Outlook is a time and task management system. Access is a rich client front-end for data-driven self-service SharePoint applications. OneNote helps you capture ideas, corral random thoughts in a semi-structured way, and then tie them back to other, more rigidly structured, Office documents. Google Docs and other cloud productivity platforms like Zoho don’t really do these things. And there is a growing chorus of voices who say that they shouldn’t, because those ancillary capabilities are over-engineered, over-produced and “under-necessary.” They might say Microsoft is layering on superfluous capabilities to avoid admitting that Office’s core capabilities, the ones people really need, have become commoditized. It’s hard to take sides in that argument, because different people, and the different companies that employ them, have different needs. For my own needs, it all comes down to three basic questions: will the new version of Office save me time, will it make the mundane parts of my job easier, and will it augment my services to customers? I need my time back. I need to spend more of it with my family, and more of it focusing on my own core capabilities rather than the administrative tasks around them. And I also need my customers to be able to get more value out of the services I provide. Help me triage my inbox, help me get proposals done more quickly and make them easier to read. Let me get my presentations done faster, make them more effective and make it easier for me to reuse materials from other presentations. And, since I’m in the BI and data business, help me and my customers manage data and analytics more easily, both on the desktop and online. Those are my criteria. And, with those in mind, Office 2010 is looking like a worthwhile upgrade. Perhaps it’s not earth-shattering, but it offers a combination of incremental improvements and a few new major capabilities that I think are quite compelling. I provide a brief roundup of them here. It’s admittedly arbitrary and not comprehensive, but I think it tells the Office 2010 story effectively. Across the Suite More than any other, this release of Office aims to give collaboration a real workout. In certain apps, for the first time, documents can be opened simultaneously by multiple users, with colleagues’ changes appearing in near real-time. Web-browser-based versions of Word, Excel, PowerPoint and OneNote will be available to extend collaboration to contributors who are off the corporate network. The ribbon user interface is now more pervasive (for example, it appears in OneNote and in Outlook’s main window). It’s also customizable, allowing users to add, easily, buttons and options of their choosing, into new tabs, or into new groups within existing tabs. Microsoft has also taken the File menu (which was the “Office Button” menu in the 2007 release) and made it into a full-screen “Backstage” view where document-wide operations, like saving, printing and online publishing are performed. And because, more and more, heavily formatted content is cut and pasted between documents and applications, Office 2010 makes it easier to manage the retention or jettisoning of that formatting right as the paste operation is performed. That’s much nicer than stripping it off, or adding it back, afterwards. And, speaking of pasting, a number of Office apps now make it especially easy to insert screenshots within their documents. I know that’s useful to me, because I often document or critique applications and need to show them in action. For the vast majority of users, I expect that this feature will be more useful for capturing snapshots of Web pages, but we’ll have to see whether this feature becomes popular. Excel At first glance, Excel 2010 looks and acts nearly identically to the 2007 version. But additional glances are necessary. It’s important to understand that lots of people in the working world use Excel as more of a database, analytics and mathematical modeling tool than merely as a spreadsheet. And it’s also important to understand that Excel wasn’t designed to handle such workloads past a certain scale. That all changes with this release. The first reason things change is that Excel has been tuned for performance. It’s been optimized for multi-threaded operation; previously lengthy processes have been shortened, especially for large data sets; more rows and columns are allowed and, for the first time, Excel (and the rest of Office) is available in a 64-bit version. For Excel, this means users can take advantage of more than the 2GB of memory that the 32-bit version is limited to. On the analysis side, Excel 2010 adds Sparklines (tiny charts that fit into a single cell and can therefore be presented down an entire column or across a row) and Slicers (a more user-friendly filter mechanism for PivotTables and charts, which visually indicates what the filtered state of a given data member is). But most important, Excel 2010 supports the new PowerPIvot add-in which brings true self-service BI to Office. PowerPivot allows users to import data from almost anywhere, model it, and then analyze it. Rather than forcing users to build “spreadmarts” or use corporate-built data warehouses, PowerPivot models function as true columnar, in-memory OLAP cubes that can accommodate millions of rows of data and deliver fast drill-down performance. And speaking of OLAP, Excel 2010 now supports an important Analysis Services OLAP feature called write-back. Write-back is especially useful in financial forecasting scenarios for which Excel is the natural home. Support for write-back is long overdue, but I’m still glad it’s there, because I had almost given up on it. PowerPoint This version of PowerPoint marks its progression from a presentation tool to a video and photo editing and production tool. Whether or not it’s successful in this pursuit, and if offering this is even a sensible goal, is another question. Regardless, the new capabilities are kind of interesting. A greatly enhanced set of slide transitions with 3D effects; in-product photo and video editing; accommodation of embedded videos from services such as YouTube; and the ability to save a presentation as a video each lay testimony to PowerPoint’s transformation into a media tool and away from a pure presentation tool. These capabilities also recognize the importance of the Web as both a source for materials and a channel for disseminating PowerPoint output. Congruent with that is PowerPoint’s new ability to broadcast a slide presentation, using a quickly-generated public URL, without involving the hassle or expense of a Web meeting service like GoToMeeting or Microsoft’s own LiveMeeting. Slides presented through this broadcast feature retain full color fidelity and transitions and animations are preserved as well. Outlook Microsoft’s ubiquitous email/calendar/contact/task management tool gains long overdue speed improvements, especially against POP3 email accounts. Outlook 2010 also supports multiple Exchange accounts, rather than just one; tighter integration with OneNote; and a new Social Connector providing integration with, and presence information from, online social network services like LinkedIn and Facebook (not to mention Windows Live). A revamped conversation view now includes messages that are part of a given thread regardless of which folder they may be stored in. I don’t know yet how well the Social Connector will work or whether it will keep Outlook relevant to those who live on Facebook and LinkedIn. But among the other features, there’s very little not to like. OneNote To me, OneNote is the part of Office that just keeps getting better. There is one major caveat to this, which I’ll cover in a moment, but let’s first catalog what new stuff OneNote 2010 brings. The best part of OneNote, is the way each of its versions have managed hierarchy: Notebooks have sections, sections have pages, pages have sub pages, multiple notes can be contained in either, and each note supports infinite levels of indentation. None of that is new to 2010, but the new version does make creation of pages and subpages easier and also makes simple work out of promoting and demoting pages from sub page to full page status. And relationships between pages are quite easy to create now: much like a Wiki, simply typing a page’s name in double-square-brackets (“[[…]]”) creates a link to it. OneNote is also great at integrating content outside of its notebooks. With a new Dock to Desktop feature, OneNote becomes aware of what window is displayed in the rest of the screen and, if it’s an Office document or a Web page, links the notes you’re typing, at the time, to it. A single click from your notes later on will bring that same document or Web page back on-screen. Embedding content from Web pages and elsewhere is also easier. Using OneNote’s Windows Key+S combination to grab part of the screen now allows you to specify the destination of that bitmap instead of automatically creating a new note in the Unfiled Notes area. Using the Send to OneNote buttons in Internet Explorer and Outlook result in the same choice. Collaboration gets better too. Real-time multi-author editing is better accommodated and determining author lineage of particular changes is easily carried out. My one pet peeve with OneNote is the difficulty using it when I’m not one a Windows PC. OneNote’s main competitor, Evernote, while I believe inferior in terms of features, has client versions for PC, Mac, Windows Mobile, Android, iPhone, iPad and Web browsers. Since I have an Android phone and an iPad, I am practically forced to use it. However, the OneNote Web app should help here, as should a forthcoming version of OneNote for Windows Phone 7. In the mean time, it turns out that using OneNote’s Email Page ribbon button lets you move a OneNote page easily into EverNote (since every EverNote account gets a unique email address for adding notes) and that Evernote’s Email function combined with Outlook’s Send to OneNote button (in the Move group of the ribbon’s Home tab) can achieve the reverse. Access To me, the big change in Access 2007 was its tight integration with SharePoint lists. Access 2010 and SharePoint 2010 continue this integration with the introduction of SharePoint’s Access Services. Much as Excel Services provides a SharePoint-hosted experience for viewing (and now editing) Excel spreadsheet, PivotTable and chart content, Access Services allows for SharePoint browser-hosted editing of Access data within the forms that are built in the Access client itself. To me this makes all kinds of sense. Although it does beg the question of where to draw the line between Access, InfoPath, SharePoint list maintenance and SharePoint 2010’s new Business Connectivity Services. Each of these tools provide overlapping data entry and data maintenance functionality. But if you do prefer Access, then you’ll like things like templates and application parts that make it easier to get off the blank page. These features help you quickly get tables, forms and reports built out. To make things look nice, Access even gets its own version of Excel’s Conditional Formatting feature, letting you add data bars and data-driven text formatting. Word As I said at the beginning of this post, upgrades to Office are about much more than enhancing the suite’s flagship word processing application. So are there any enhancements in Word worth mentioning? I think so. The most important one has to be the collaboration features. Essentially, when a user opens a Word document that is in a SharePoint document library (or Windows Live SkyDrive folder), rather than the whole document being locked, Word has the ability to observe more granular locks on the individual paragraphs being edited. Word also shows you who’s editing what and its Save function morphs into a sync feature that both saves your changes and loads those made by anyone editing the document concurrently. There’s also a new navigation pane that lets you manage sections in your document in much the same way as you manage slides in a PowerPoint deck. Using the navigation pane, you can reorder sections, insert new ones, or promote and demote sections in the outline hierarchy. Not earth shattering, but nice. Other Apps and Summarized Findings What about InfoPath, Publisher, Visio and Project? I haven’t looked at them yet. And for this post, I think that’s fine. While those apps (and, arguably, Access) cater to specific tasks, I think the apps we’ve looked at in this post service the general purpose needs of most users. And the theme in those 2010 apps is clear: collaboration is key, the Web and productivity are indivisible, and making data and analytics into a self-service amenity is the way to go. But perhaps most of all, features are still important, as long as they get you through your day faster, rather than adding complexity for its own sake. I would argue that this is true for just about every product Microsoft makes: users want utility, not complexity.

Read the article
How to target SCOM 2007 R2 monitor to monitor only one server

- by Trondh

Hi, This might be basic, but hopefully someone can help me: We have a well-working SCOM 2007 R2 implementation monitoring our Microsoft infrastructure. Now, on one of these servers there's an event (logged to the eventlog) that I need to be alerted on. I have created a group and put this one windows server in it. Then, I created a monitor with simple event detection, entered the event id and used the group name as "monitor target". This doesnt work - the monitor doesn't show up in health explorer at all. However, If I create the monitor with "Windows computers" as target it works, but that means I'll have to disable the monitor, and then enable it for the group, which is cumbersome and slightly illogical to me. Is this by design, or am I doing something wrong?

Read the article
Ldap ssh authentication is super slow... any way to speed it up?

- by Johnathon

I am running OpenSUSE. Here is the output of ssh -vvv: OpenSSH_5.8p1, OpenSSL 1.0.0c 2 Dec 2010 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to <ipaddress> [ipaddress] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug3: Incorrect RSA1 identifier debug3: Could not load "/root/.ssh/id_rsa" as a RSA1 public key debug2: key_type_from_name: unknown key type '-----BEGIN' debug3: key_read: missing keytype debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug2: key_type_from_name: unknown key type '-----END' debug3: key_read: missing keytype debug1: identity file /root/.ssh/id_rsa type 1 debug1: identity file /root/.ssh/id_rsa-cert type -1 debug1: identity file /root/.ssh/id_dsa type -1 debug1: identity file /root/.ssh/id_dsa-cert type -1 debug1: identity file /root/.ssh/id_ecdsa type -1 debug1: identity file /root/.ssh/id_ecdsa-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1 debug1: match: OpenSSH_5.1 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.8 debug2: fd 3 setting O_NONBLOCK debug3: load_hostkeys: loading entries for host "ipaddress" from file "/root/.ssh/known_hosts" debug3: load_hostkeys: found key type RSA in file /root/.ssh/known_hosts:4 debug3: load_hostkeys: loaded 1 keys debug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],[email protected],ssh-rsa debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: [email protected],[email protected],ssh-rsa,[email protected],[email protected],[email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,[email protected],zlib debug2: kex_parse_kexinit: none,[email protected],zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,[email protected],aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,[email protected],aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,[email protected] debug2: kex_parse_kexinit: none,[email protected] debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: found hmac-md5 debug1: kex: server->client aes128-ctr hmac-md5 none debug2: mac_setup: found hmac-md5 debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug2: dh_gen_key: priv key bits set: 138/256 debug2: bits set: 529/1024 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Server host key: RSA cb:7f:ff:2e:65:28:f0:95:e6:8a:71:24:2a:67:02:2b debug3: load_hostkeys: loading entries for host "<ipaddress>" from file "/root/.ssh/known_hosts" debug3: load_hostkeys: found key type RSA in file /root/.ssh/known_hosts:4 debug3: load_hostkeys: loaded 1 keys debug1: Host '<ipaddress>' is known and matches the RSA host key. debug1: Found key in /root/.ssh/known_hosts:4 debug2: bits set: 504/1024 debug1: ssh_rsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /root/.ssh/id_rsa (0xb789d5c8) debug2: key: /root/.ssh/id_dsa ((nil)) debug2: key: /root/.ssh/id_ecdsa ((nil)) debug1: Authentications that can continue: publickey,keyboard-interactive debug3: start over, passed a different list publickey,keyboard-interactive debug3: preferred publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Offering RSA public key: /root/.ssh/id_rsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply It hangs here for a good 30 seconds to a minute then debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Trying private key: /root/.ssh/id_dsa debug3: no such identity: /root/.ssh/id_dsa debug1: Trying private key: /root/.ssh/id_ecdsa debug3: no such identity: /root/.ssh/id_ecdsa debug2: we did not send a packet, disable method debug3: authmethod_lookup keyboard-interactive debug3: remaining preferred: password debug3: authmethod_is_enabled keyboard-interactive debug1: Next authentication method: keyboard-interactive debug2: userauth_kbdint debug2: we sent a keyboard-interactive packet, wait for reply debug2: input_userauth_info_req debug2: input_userauth_info_req: num_prompts 1 I added PubkeyAuthentication no to the /etc/ssh/ssh_config and the /etc/ssh/sshd_config which makes it faster getting to the password prompt, but the password prompt still takes some time. Any way to fix that? Here is where the password hangs debug3: packet_send2: adding 32 (len 25 padlen 7 extra_pad 64) debug2: input_userauth_info_req debug2: input_userauth_info_req: num_prompts 0 debug3: packet_send2: adding 48 (len 10 padlen 6 extra_pad 64) debug1: Authentication succeeded (keyboard-interactive). Authenticated to ipaddress ([ipaddress]:22). debug1: channel 0: new [client-session] debug3: ssh_session2_open: channel_new: 0 debug2: channel 0: send open debug1: Requesting [email protected] debug1: Entering interactive session. FIXED!!!!!!!!!!!!!! What is did... In the nsswitch_conf I had ldap included in the group and passwd which slows it down a lot. Thank you everybody for your input passwd: compat group: files hosts: files dns networks: files dns

Read the article
Why don't I have write permission to my vmware virtual network device?

- by Robert Martin

I want to allow my VMWare machine to force the virtual network it's on into promiscuous mode so I can play around with honeyd. I received an error message that told me to go to http://vmware.com/info?id=161 to allow this behavior. Based on their advice, I did: $ groupadd promiscuous $ cat /etc/group | grep promiscuous promiscuous:x:1002:robert $ usermod -a -G promiscuous robert $ id robert uid=1000(robert) gid=1000(robert) groups=1000(robert),....,1002(promiscuous) $ chgrp newgroup /dev/vmnet8 $ chmod g+rw /dev/vmnet8 $ ls -l /dev/vmnet8 crw-rw---- 1 root promiscuous 119, 8 2012-03-29 10:29 /dev/vmnet8 Looks like I gave RW permission to the promiscuous group, and added myself. Except that VMWare still gives me an error message that says I cannot enter promiscuous mode. To try out the group thing, I tried: $ echo "1" >/dev/vmnet8 bash: /dev/vmnet8: Permission denied That really surprised me: It makes me think that I still haven't properly given myself the correct permissions... What am I missing?

Read the article
Connecting a limited user to win server 2003 through LogMeIn

- by Jeff

Logmein support can't help me, maybe someone here can. I have a user on a windows 2003 server (non administrator). When I first created him and tried to connect through remote desktop I got the error "The local policy of the system does not permit you to logon interactively." I looked up the error and saw that this user was not a member of the Remote Desktop Users group. I added him to the group and was able to remote desktop in just fine. Then I tried to connect this user to the server through LogMeIn (pro trial version). I got the same error as when the user was not a part of the Remote Desktop Users group ("The local policy of the system does not permit you to logon interactively."). Can anyone tell me any other groups the user must be a member of in order to be allowed access through LogMeIn? I would image this is a common requirement logmein support seemed to have no idea.

Read the article
Windows 7 taskbar thumbnails fail to appear

- by Vasiliy Borovyak

Several hours after each boot the Windows 7 taskbar thumbnails stops appear. Click the currently opened window (it should not be a group of windows) - it will collapse. Than hover the mouse over any other window icon, wait a second, and nothing happens. After that no thumbnail appear at all. There is the way to return them back. You need to open two windows of the same application (group of windows), and click their group - two thumbnails should appear. After that thumbnails are back, until you click currently opened window... It there a way to fix it?

Read the article
Installing a wiki on Snow Leopard

- by JPCF

Hi... I want to instal twiki on my mac and server it from ~/Sites. Because the wiki has code to be run, I have to modify the user and group of wiki's files and directories, but I'm not sure about: 1) It is secure to change the user and group to the web server's group? If not what can I do having into account that I'll not put 777 permissions on those files? 2) How are named apache and web user groups? Thanks...

Read the article
sendmail on Ubuntu won't send from www-data user

- by bumperbox

I if call mail() function in PHP from webserver (running as www-data) i get an error sending email. If i call the same script from the cmdline logged in as root, then it works If i switch user to www-data and run from the cmdline i get this error message WARNING: RunAsUser for MSP ignored, check group ids (egid=33, want=107) can not chdir(/var/spool/mqueue-client/): Permission denied Program mode requires special privileges, e.g., root or TrustedUser. FAILEDWARNING: RunAsUser for MSP ignored, check group ids (egid=33, want=107) can not chdir(/var/spool/mqueue-client/): Permission denied Program mode requires special privileges, e.g., root or TrustedUser. FAILEDTest Complete$ WARNING: RunAsUser for MSP ignored, check group ids (egid=33, want=107) I am guessing i need to do something in sendmail configuration I have googled for some solutions but have ended up more confused. Can someone let me know what configuration I need to change to fix so i can send from www-data user?

Read the article
dhcpd: varying vendor-class-identifier

- by jessicah

I'm having trouble selectively sending parameters in response to a DHCP Inform packet using groups (or even without, just using host declarations) for bootp stuff. My configuration file right now looks like: subnet 130.123.131.128 netmask 255.255.255.128 { allow unknown-clients; } host dev-mac-09 { option vendor-class-identifier "example-identifier"; hardware ethernet 10:9a:dd:51:ff:83; } If I put vendor-class-identifier in the global scope, using tcpdump I can see that the client receives the vendor class option successfully. If I take it out, and just keep it in the host scope (or group scope), the client never receives the option. Specifying option dhcp-parameter-request list 60 doesn't help either. I did try using a class definition inside a group, but then it applied even if the host wasn't a part of the group. As an aside, how do I get detailed logging? At least something to indicate what groups and things got used to generate the response to the client.

Read the article
Again WPA Connection problem even after changed to latest version ..please help

- by Renjith G

I am using hostapd, wireless tools with madwifi for my wireless ap in my board. The WEP, WPA-PSK connections and communications between my board with linux and my desktop PC, Windows XP SP2 (with Olitec USB wireless) are fine. But when I configured the WPA type, the connection seems established but shows the status "TKIP - Key Absent" in the security dialog box. Anyone faced this problem? Am attaching the conf files and the connection status. In the AP side am complaining . I am using the in built radius server conf with the hostapd 0.4.7 hostapd.conf interface=ath0 driver=madwifi logger_syslog=0 logger_syslog_level=0 logger_stdout=0 logger_stdout_level=0 debug=0 eapol_key_index_workaround=1 dump_file=/tmp/hostapd.dump.0.0 ssid=Renjith G wpa wpa=1 wpa_passphrase=mypassphrase wpa_key_mgmt=WPA-EAP wpa_pairwise=TKIP CCMP wpa_group_rekey=600 macaddr_acl=2 /* commented */ ieee8021x=1 /* commented */ eap_authenticator=1 own_ip_addr=172.16.25.1 nas_identifier=renjithg.com auth_server_addr=172.16.25.1 auth_server_port=1812 auth_server_shared_secret=key1 ca_cert=/flash1/ca.crt server_cert=/flash1/server.crt eap_user_file=/etc/hostapd.eap_user hostapd.eap_user "*@renjithg.com" TLS And the commands am using are wlanconfig ath0 create wlandev wifi0 wlanmode ap iwconfig ath0 essid Renjith channel 6 ifconfig ath0 192.168.25.1 netmask 255.255.255.0 up hostapd -ddd /etc/hostapd.conf Please correct if am wrong .. Also am getting the debug messages on my AP when am connecting in my windows machine through WPA ~/wlanexe # ./hostapd -ddd /etc/hostapd.conf Configuration file: /etc/hostapd.conf Line 18: obsolete eap_authenticator used; this has been renamed to eap_server madwifi_set_iface_flags: dev_up=0 Using interface ath0 with hwaddr 00:0b:6b:33:8c:30 and ssid 'Renjith G wpa' madwifi_set_ieee8021x: enabled=1 madwifi_configure_wpa: group key cipher=1 madwifi_configure_wpa: pairwise key ciphers=0xa madwifi_configure_wpa: key management algorithms=0x1 madwifi_configure_wpa: rsn capabilities=0x0 madwifi_configure_wpa: enable WPA= 0x1 madwifi_set_iface_flags: dev_up=1 madwifi_set_privacy: enabled=1 WPA: group state machine entering state GTK_INIT GMK - hexdump(len=32): 9c 77 cd 38 5a 60 3b 16 8a 22 90 e8 65 b3 c2 86 40 5c be c3 dd 84 3e df 58 1d 16 61 1d 13 d1 f2 GTK - hexdump(len=32): 02 78 d7 d3 5d 15 e3 89 9c 62 a8 fe 8a 0f 40 28 ba dc cd bc 07 f4 59 88 1c 08 84 2b 49 3d e2 32 WPA: group state machine entering state SETKEYSDONE madwifi_set_key: alg=TKIP addr=00:00:00:00:00:00 key_idx=1 Flushing old station entries madwifi_sta_deauth: addr=ff:ff:ff:ff:ff:ff reason_code=3 Deauthenticate all stations l2_packet_receive - recvfrom: Network is down Wireless event: cmd=0x8c03 len=20 New STA WPA: 00:0a:78:a0:0b:09 WPA_PTK entering state INITIALIZE madwifi_del_key: addr=00:0a:78:a0:0b:09 key_idx=0 WPA: 00:0a:78:a0:0b:09 WPA_PTK_GROUP entering state IDLE WPA: 00:0a:78:a0:0b:09 WPA_PTK entering state AUTHENTICATION WPA: 00:0a:78:a0:0b:09 WPA_PTK entering state AUTHENTICATION2 IEEE 802.1X: 4 bytes from 00:0a:78:a0:0b:09 IEEE 802.1X: version=1 type=1 length=0 Wireless event: cmd=0x8c04 len=20 madwifi_del_key: addr=00:0a:78:a0:0b:09 key_idx=0 ioctl[unknown???]: Invalid argument WPA: 00:0a:78:a0:0b:09 WPA_PTK entering state DISCONNECTED WPA: 00:0a:78:a0:0b:09 WPA_PTK entering state INITIALIZE madwifi_del_key: addr=00:0a:78:a0:0b:09 key_idx=0 ioctl[unknown???]: Invalid argument Wireless event: cmd=0x8c03 len=20 New STA WPA: 00:0a:78:a0:0b:09 WPA_PTK entering state INITIALIZE madwifi_del_key: addr=00:0a:78:a0:0b:09 key_idx=0 WPA: 00:0a:78:a0:0b:09 WPA_PTK_GROUP entering state IDLE WPA: 00:0a:78:a0:0b:09 WPA_PTK entering state AUTHENTICATION WPA: 00:0a:78:a0:0b:09 WPA_PTK entering state AUTHENTICATION2 IEEE 802.1X: 4 bytes from 00:0a:78:a0:0b:09 IEEE 802.1X: version=1 type=1 length=0 < Register Fail < Register Fail Wireless event: cmd=0x8c04 len=20 madwifi_del_key: addr=00:0a:78:a0:0b:09 key_idx=0 ioctl[unknown???]: Invalid argument WPA: 00:0a:78:a0:0b:09 WPA_PTK entering state DISCONNECTED WPA: 00:0a:78:a0:0b:09 WPA_PTK entering state INITIALIZE madwifi_del_key: addr=00:0a:78:a0:0b:09 key_idx=0 ioctl[unknown???]: Invalid argument Wireless event: cmd=0x8c03 len=20 New STA WPA: 00:0a:78:a0:0b:09 WPA_PTK entering state INITIALIZE madwifi_del_key: addr=00:0a:78:a0:0b:09 key_idx=0 WPA: 00:0a:78:a0:0b:09 WPA_PTK_GROUP entering state IDLE WPA: 00:0a:78:a0:0b:09 WPA_PTK entering state AUTHENTICATION WPA: 00:0a:78:a0:0b:09 WPA_PTK entering state AUTHENTICATION2 IEEE 802.1X: 4 bytes from 00:0a:78:a0:0b:09 IEEE 802.1X: version=1 type=1 length=0 NOW am getting the following error message with latest tools. *This is the latest error messages..please refer this only..* ~/wlanexe # ./hostapd -ddd /etc/hostapd.conf TLS: Trusted root certificate(s) loaded madwifi_set_iface_flags: dev_up=0 madwifi_set_privacy: enabled=0 BSS count 1, BSSID mask ff:ff:ff:ff:ff:ff (0 bits) Flushing old station entries madwifi_sta_deauth: addr=ff:ff:ff:ff:ff:ff reason_code=3 ioctl[IEEE80211_IOCTL_SETMLME]: Invalid argument madwifi_sta_deauth: Failed to deauth STA (addr ff:ff:ff:ff:ff:ff reason 3) Could not connect to kernel driver. Deauthenticate all stations madwifi_sta_deauth: addr=ff:ff:ff:ff:ff:ff reason_code=2 ioctl[IEEE80211_IOCTL_SETMLME]: Invalid argument madwifi_sta_deauth: Failed to deauth STA (addr ff:ff:ff:ff:ff:ff reason 2) madwifi_set_privacy: enabled=0 madwifi_del_key: addr=00:00:00:00:00:00 key_idx=0 madwifi_del_key: addr=00:00:00:00:00:00 key_idx=1 madwifi_del_key: addr=00:00:00:00:00:00 key_idx=2 madwifi_del_key: addr=00:00:00:00:00:00 key_idx=3 Using interface ath0 with hwaddr 00:0b:6b:33:8c:30 and ssid 'RenjithGwpa' SSID - hexdump_ascii(len=11): 52 65 6e 6a 69 74 68 47 77 70 61 RenjithGwpa PSK (ASCII passphrase) - hexdump_ascii(len=12): 6d 79 70 61 73 73 70 68 72 61 73 65 mypassphrase PSK (from passphrase) - hexdump(len=32): a6 55 3e 76 94 8b d9 81 a1 22 5e 24 29 83 33 86 11 a8 7e 93 19 7c a9 ab ab cc 12 58 37 e5 35 b6 RADIUS local address: 172.16.25.1:1024 madwifi_set_ieee8021x: enabled=1 madwifi_configure_wpa: group key cipher=1 madwifi_configure_wpa: pairwise key ciphers=0xa madwifi_configure_wpa: key management algorithms=0x1 madwifi_configure_wpa: rsn capabilities=0x0 madwifi_configure_wpa: enable WPA=0x1 WPA: group state machine entering state GTK_INIT (VLAN-ID 0) GMK - hexdump(len=32): [REMOVED] GTK - hexdump(len=32): [REMOVED] WPA: group state machine entering state SETKEYSDONE (VLAN-ID 0) madwifi_set_key: alg=TKIP addr=00:00:00:00:00:00 key_idx=1 madwifi_set_privacy: enabled=1 madwifi_set_iface_flags: dev_up=1 ath0: Setup of interface done. l2_packet_receive - recvfrom: Network is down Wireless event: cmd=0x8b1a len=24 Wireless event: cmd=0x8c03 len=20 New STA ioctl[unknown???]: Invalid argument madwifi_process_wpa_ie: Failed to get WPA/RSN IE Failed to get WPA/RSN information element. Data frame from not associated STA 00:0a:78:a0:0b:09 Wireless event: cmd=0x8c04 len=20 Wireless event: cmd=0x8c03 len=20 New STA ioctl[unknown???]: Invalid argument madwifi_process_wpa_ie: Failed to get WPA/RSN IE Failed to get WPA/RSN information element. Data frame from not associated STA 00:0a:78:a0:0b:09 Data frame from not associated STA 00:0a:78:a0:0b:09 Data frame from not associated STA 00:0a:78:a0:0b:09 Wireless event: cmd=0x8c04 len=20 Wireless event: cmd=0x8c03 len=20 New STA ioctl[unknown???]: Invalid argument madwifi_process_wpa_ie: Failed to get WPA/RSN IE Failed to get WPA/RSN information element. Data frame from not associated STA 00:0a:78:a0:0b:09

Read the article
Light Voip and IM server for small teams

- by Sihan Zheng

So I have a small group that would need a self hosted Im/voip and possibly video conferencing solution. My goal is for a small group of people (no more than 40) to be able to collaborate within a local area network. I need something that is self hosted, so unfortunately outside solutions like Skype and hosted Lync would not work. I'm looking for something that would allow both one on one, and group communication, so and IRC server would not work. I'm hopefully looking for something that does not require multiple servers, or is too complex to set up. As a student, I have a license of Lync 2013, but setting that up on a single server without active directory is practically impossible. Would Lync 2010 be easier to do on a single server? Are there any other good solutions? Thanks

Read the article
Enterprise user management

- by Eduardo

I am looking for an enterprise user management system that meets these requirements: Delegated user administration: The group manager should be able to grant access to his supervised employees (without having to contact any administrator either to grant access or maybe create users). A group manager should be able to create other groups and restrict any permission he already has where he can add supervised employees. If a manager removes access to a supervised group, then all the subgroups will also lose access. Web based User Interface. LDAP interface to query users and groups (or may not exist at all if it is integrated in a single application). Do you know if there are any system that meet these requirements?

Read the article
How to prevent ssh git push to set file ownership?

- by e-satis

I have a remote bare git repository on an Ubuntu server, where the file are owned by the user my_project and the group my_project, with permissions set accordingly. All commiters are themself in the group my_project. When somebody commit then push from my Ubuntu laptop with the user my_user to the server via SSH, some files in the remote repository are created (updated?) so they now belong to the user and group my_user. Of course, when somebody else want to commit, he is now unable to do so because he doesn't have write permissions. I could set permission to 777 but it's not the best option. Is there any way I can solve this problem while keeping restricted write permissions.

Read the article
AWS Autoscaling issue with existing nodes in ELB

- by Ram Prasad

I already have a ELB setup called MyLoadBalancer. I already have 2 nodes running on it with health checks (that checks a URL on the node to see if they are up) Created an autoscaling group (min 2, Max 10) Associated launchconfig mylaunchconfig that provisions a node using an AMI Created a trigger, that checks for avg min connections of 100 and Max of 500 (checks the load balancer and it is support to increase the node count by 1, if avg connections are 500 and decrease by one if less than 100) as-create-or-update-trigger MyTrigger --auto-scaling-group MyAutoScalingGroup --namespace "AWS/ELB" --measure RequestCount --statistic Average --dimensions "LoadBalancerName=MyLoadBalancer" --period 60 --lower-threshold 500 --upper-threshold 800 --lower-breach-increment=-1 --upper-breach-increment=1 --breach-duration 600 Now the issue is, as soon as I put in the trigger, it start 2 nodes .... but there are already two nodes in the LB. So, why is it provisioning 2 more nodes, when the nodes are there ? is it because it is not recognizing the existing 2 nodes ? then how do I add the existing nodes to the AutoScaling group ?

Read the article
Assigning security groups different ranges

- by Mustafa Ismail Mustafa

Is it possible to assign a security group in windows 2008 a specific DHCP scope? Meaning, let's say we have 2 groups, employees and managers in the superscope Company. Assuming that each user is distinctly in either group and there are no overlaps, would it be possible to assign members of the security group employees a dhcp address in the range 192.168.1.0/24 and managers 192.168.2.0/24 ? The DHCP server is the same server. This is on Windows SBS 2008 if it makes any difference If it is possible, how do you go about setting it up. TIA

Read the article

Search Results

Search found 31564 results on 1263 pages for 'users group'.

Page 205/1263 | < Previous Page | 201 202 203 204 205 206 207 208 209 210 211 212 | Next Page >

- by Philip Sheard

- by janvdl

- by John Magnolia

- by Vahag Vardanyan

- by Alex

- by Sherry LaMonica-Oracle

- by user12587121

- by andrewbrust

- by Trondh

- by Johnathon

- by Robert Martin

- by Jeff

- by Vasiliy Borovyak

- by JPCF

- by bumperbox

- by jessicah

- by Renjith G

- by Sihan Zheng

- by Eduardo

- by e-satis

- by Ram Prasad

- by Mustafa Ismail Mustafa

< Previous Page | 201 202 203 204 205 206 207 208 209 210 211 212 | Next Page >