Search Results

Search found 4884 results on 196 pages for 'ad hoc distribution'.

Page 21/196 | < Previous Page | 17 18 19 20 21 22 23 24 25 26 27 28  | Next Page >

  • Login with Enterprise Principal Name using sssd AD backend in Ubuntu 14.04 LTS

    - by Vinícius Ferrão
    I’m running sssd version 1.11 with the AD backend in Ubuntu 14.04 LTS (1.11.5-1ubuntu3) to authenticate users from Active Directory running on Windows Server 2012 R2, and I’m trying to achieve logins with the User Principal Name for all users of the domain. But the UPN are always Enterprise Principal Names. Let-me illustrate the problem with my user account: Domain: local.example.com sAMAccountName: ferrao UPN: [email protected] (there’s no local in the UPN) I can successfully login with the sAMAccountName atribute, which is fine, but I can’t login with [email protected] which is my UPN. The optimum solution for me is to allow logins from sAMAccountName and the UPN (User Principal Name). If’s not possible, the UPN should be the right way instead of the sAMAccountName. Another annoyance is the homedir pattern with those options in sssd.conf: default_shell = /bin/bash fallback_homedir = /home/%d/%u What I would like to achieve is separated home directories from the EPN. For example: /home/example.com/user /home/whatever.example.com/user But with this pattern I can’t map the way I would like to do. I’ve looked through man pages and was unable to find any answers for this issues. Thanks,

    Read the article

  • Resolve another domain from current AD domain

    - by faulty
    We have 2 AD domain setup in our office. First is the primary domain for our office and exchange. The 2nd one is for development use to simulate production environment of our clients. Both domain are hosted on Windows 2008 R2 Enterprise. We, the development team has no access to the office domain other than login and email purpose. DNS is running on PDC of both domain. Both domain does not use public domain name. Now, our machines are joined to the development domain and we use outlook to access our office's exchange. We've added DNS entries for both the domain. From time to time we are having problem resolving our office domain (i.e. during outlook login), which we need to edit our NIC's DNS to have only DNS server from our office and then flush DNS. After that switch back once it's able to resolve. Is there a permanent solution for this scenario like specifying that the office domain be resolve with another DNS server when requested from the development domain? Thanks

    Read the article

  • samba joined to AD canot see users when in the security tab on client

    - by Jonathan
    I've got samba joined via kerberos and winbindd to our AD network and user authentication and everything else is working great. However when I try to add users/groups to file permissions it tells me they are not found. All the users groups show up fine with getent so I'm not sure why they are not showing up. Here is my smb.conf and I would much appreciate any help with this. #GLOBAL PARAMETERS [global] socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE SO_RCVBUF=11264 SO_SNDBUF=11264 workgroup = [hidden] realm = [hidden] preferred master = no server string = xerxes web/file server security = ADS encrypt passwords = yes log level = 3 log file = /var/log/samba/%m max log size = 50 printcap name = cups printing = cups winbind enum users = Yes winbind enum groups = Yes winbind use default domain = Yes winbind nested groups = Yes winbind separator = + winbind refresh tickets = yes idmap uid = 1600-20000 idmap gid = 1600-20000 template primary group = "Domain Users" template shell = /bin/bash kerberos method = system keytab nt acl support = yes [homes] comment = Home Direcotries valid users = %S read only = No browseable = No create mask = 0770 directory mask = 0770 force create mode = 0660 force directory mode = 2770 inherit owner = no [test] comment = Test path=/mnt/test writeable=yes valid users = %s create mask = 0770 directory mask = 0770 force create mode = 0660 force directory mode = 2770 inherit owner = no [printers] comment = All Printers path = /var/spool/cups browseable = no printable = yes

    Read the article

  • Sharepoint AD imported users are becomming sporadically corrupted, causing us to have to create a ne

    - by TrevJen
    Sharepoint 2007 MOSS with AD imported users. All servers are 2008. I have around 50 users, over the past 2 months, I have had a handful of the users suddenly unable to login to Sharepoint. When they login, they either get a blank screen or they are repropmted. These users are using accounts that have been used for many months, sometimes the problem originates with a password change. In all cases, the users account works on every other Active Directory authenticated resource (domain, exchange, LDAP). In the most recent case, last night I was forced deleted a user ("John smith") because of corruption. The orifinal account name was jsmith. I deleted him from active directory, then deleted him from the profile list in Sharepoint Shared Services. I could not find a way to delete him from the Sharepoint user list, but I reran the import after recreating his account (renamed it too just to be sure to "smithj"). At first, this did not wor, the user could still access all other resources but Sharepoint. then, some 30 minutes later it inexplicably started working. This morning, the user changed passwords, which immediatly broke the login on Sharepoint again. I am at a loss on how to troubleshoot this.

    Read the article

  • Quota, AD and C#

    - by Gnial0id
    At first, my mother tongue is not English, so I apologize for the possible mistakes. I'm working on a WS2008R2 server with an Active Directory and a web platform manages this AD with C# code. A group of users have to be able to create user accounts but during the procedure, a disk quota for this new account is (and have to be) created. As the "creator" must not be a member of the Administrators group, the access to the c/: disk is denied. So, I want to perform the File Server Resource Manager operations with C# code by an non-admin account. The code is correct, it works normally with admin account. So, the problem turns around the permissions on the hard drive. I've looked after help on the Internet, without success. It seems that quota delegation is impossible. Only admin can perform this. A colleague helped me a bit, and found the GPO "By pass traverse checking" on a forum but it doesn't seems to be the good way. Any help would be appreciate.

    Read the article

  • Regarding AD Domain controllers and remote branch offices

    - by Alex
    We have central HQ building and a lot of small branch offices connecting via VPN and want to implement AD (If you can believe we still haven't). We want everyone to log in using domain accounts and be policed centrally. We are OK with having a RODC in a branch office with like 10 computers. But we have these small branches with two to four PCs only. Some of these branches connect to HQ via IPSec site-to-site VPN, some via remote access (client-based) VPN. So there is no problem with ones that have local RODC or connecting to HQ DCs via VPN router. But how about small branches? We don't really want to set up a machine there, neither we want to invest into Windows Server licenses or fancy network equipment. Also, the problem is that we cannot access HQ DCs via VPN because we are not logged in and connected to HQ internal network yet, so DCs aren't reachable. What is typically done in that situation if it is needed to have central management over policies on those PCs? Or is it better to let 'em loose and use local policies and accounts in this situation?

    Read the article

  • do I need to create an AD site for VPN network

    - by ykyri
    I have Windows Domain level 2008 R2. There are four GC DC in four different physical locations. I have Kerio-based VPN network for replication and remote administration. Here is how network configured: dc1: local IP: 192.168.0.10 VPN IP: 192.168.1.10 dc2: local IP: 10.10.8.11 VPN IP: 192.168.1.11 dc3: local IP: 10.10.9.12 VPN IP: 192.168.1.12 dc4: local IP: 10.10.10.13 VPN IP: 192.168.1.13 That's simple, replication and all works fine but when running dcdiag on dc3 I have an error: A warning event occurred. EventID: 0x000016AF During the past 4.12 hours there have been 216 connections to this Domain Controller from client machines whose IP addresses don't map to any of the existing sites in the enterprise. <...> The log(s) may contain additional unrelated debugging information. To filter out the needed information, please search for lines which contain text 'NO_CLIENT_SITE:'. The first word after this string is the client name and the second word is the client IP address. Here is netlogon.log lines example: 05/30 12:07:39 DOMAIN.NAME: NO_CLIENT_SITE: dc2 192.168.1.11 05/31 09:52:11 DOMAIN.NAME: NO_CLIENT_SITE: dc4 192.168.1.13 05/31 19:49:31 DOMAIN.NAME: NO_CLIENT_SITE: adm-note 192.168.1.101 07/01 05:16:26 DOMAIN.NAME: NO_CLIENT_SITE: dc1 192.168.1.10 All VPN-joined computers are generates same log line as above. Computer amd-note is for example administrator's notebook, also have VPN. Question is should I add new AD site and bind VPN subnet 192.168.1.0/24 with that site?

    Read the article

  • New AD user request form and workflow

    - by user66390
    I'm wondering if anyone is providing a solid solution for creating New Network User Account Request forms, and attaching workflows to them to automate account creation? I'm currently investigating a number of options, but am surprised that such a ubiquitous task hasn't been solved a dozen times over and thoroughly documented. Or at least isn't integrated into current off-the-shelf change management and ticketing systems. Ideally, I'd like for our current ticketing system, ServiceDesk+ to present a standard 'New User' form to department heads, which they can fill in with the required new user details. This triggers a workflow that submits the request as a ticket that can be reviewed and actioned. Actioning the ticket triggers a workflow that creates a user in AD with the details provided, and notifies the department head upon completion. All told, a pretty standard requirement that I'm sure most organizations have. What are other people doing to accomplish this? Edit: I should add, I'm more looking for "supported" methods. As is, I've submitted a number of scripted solutions, none of which have met with manager approval.

    Read the article

  • Help - Three20 Distribution Build

    - by Lukas
    Hey there, I just wanted to build my App for submitting it to the AppStore - it includes the widely used three20 framework. As the Debug Versions on the Dev-Devices worked great, i'm having trouble compiling the project for distribution. XCode says: No architectures to compile for (ONLY_ACTIVE_ARCH=YES, active arch=armv6, VALID_ARCHS=i386). Any idea what's happening there? I've tried to google it, but i haven't found a solution yet. Thanks!

    Read the article

  • Force CloudFront distribution/file update

    - by Martin
    I'm using Amazon's CloudFront to serve static files of my web apps. Is there no way to tell a cloudfront distribution that it needs to refresh it's file or point out a single file that should be refreshed? Amazon recommend that you version your files like logo_1.gif, logo_2.gif and so on as a workaround for this problem but that seems like a pretty stupid solution. Is there absolutely no other way?

    Read the article

  • xCode Distribution error {iPhone SDK}

    - by Momeks
    Hi , when i want compile my app with the Distribution or Release method i get 140 ERRORS, i am using facebook connect on my app , and the path is right [my errors refer to fbconnect] , xcode runs my app fine on the debug !!!!!!! what's the problem ?

    Read the article

  • Build warning for distribution configuration of an iPad only application

    - by alan
    Hi, I'm getting the following warning when building an ad hoc distribution copy of a new iPad only application: [BWARN]warning: building with 'Targeted Device Family' that includes iPad ('2') requires building with the 3.2 or later SDK. These are my build settings: Architectures: Optimized (armv6 armv7) Any iPhone OS Simulator: i386 Any iPhone OS Device: Optimized (armv6 armv7) Base SDK: iPhone Device 3.2 Valid Architectures: armv6 armv7 Target Device Family: iPad iPhone OS Deployment Target: iPhone OS 3.2 With this in mind I don't understand the warning. It seems to build and run OK but I'd rather not have warnings in my build for obvious reasons. Any ideas? Thanks in advance, Alan.

    Read the article

  • AD GIT SELinux RHEL 6 : Can not get SELinux to allow connetion to git

    - by Johan Sörell
    I have a problem with SELinux! I have installed git on Red Hat Enterprise 6 with AD group control and SSL Cert . Everything works fine if I do setenforce 0 ( set SELinux in detection only mode ) or if I do semanage permissive -a httpd_t (Set httpd_t in detection only mode) I do not want to use this on my git production server. Is there anyone out there who can help we with SELinux? Below is some info that you might need to be able to help me: All help I can get would be apriciated: This is the output of ls -lZa /preproduction/git/repositories/ ls -lZa /preproduction/git/repositories/ drwxr-xr-x. apache apache unconfined_u:object_r:httpd_sys_rw_content_t:s0 . drwxr-xr-x. apache apache unconfined_u:object_r:file_t:s0 .. drwxr-xr-x. apache apache unconfined_u:object_r:httpd_sys_rw_content_t:s0 playground drwxr-xr-x. apache apache unconfined_u:object_r:httpd_sys_rw_content_t:s0 shamrock.git drwxr-xr-x. apache apache unconfined_u:object_r:httpd_sys_rw_content_t:s0 test Here is the out put of getsebool -a |grep -i httpd getsebool -a |grep -i httpd allow_httpd_anon_write --> off allow_httpd_mod_auth_ntlm_winbind --> off allow_httpd_mod_auth_pam --> off allow_httpd_sys_script_anon_write --> off httpd_builtin_scripting --> on httpd_can_check_spam --> off httpd_can_network_connect --> off httpd_can_network_connect_cobbler --> off httpd_can_network_connect_db --> off httpd_can_network_memcache --> off httpd_can_network_relay --> off httpd_can_sendmail --> off httpd_dbus_avahi --> on httpd_enable_cgi --> on httpd_enable_ftp_server --> off httpd_enable_homedirs --> off httpd_execmem --> off httpd_read_user_content --> off httpd_setrlimit --> off httpd_ssi_exec --> off httpd_tmp_exec --> off httpd_tty_comm --> on httpd_unified --> on httpd_use_cifs --> off httpd_use_gpg --> off httpd_use_nfs --> off Tis is the status of : sestatus sestatus SELinux status: enabled SELinuxfs mount: /selinux Current mode: enforcing Mode from config file: enforcing Policy version: 24 Policy from config file: targeted

    Read the article

  • IntelliJ 12 - Grails Distribution in specified path is broken

    - by Prayag Upd
    I am struggling to configure grails 2.3.X in IntelliJ idea 12. Grails 2.2.X is configured successfully. Grails 2.3.2 is working properly from terminal. I can compile, test, run my application. But while trying to configure it in IntelliJ so that dependencies get resolved, I get the IntelliJ shouting straight to me(as pictured below). Looks like Grails Distribution in specified path is broken. Cannot determinate version. What I see is changes in grails-2.3.x/dist/ to earlier version's grails-2.2.x/dist/. Is this because there's no support for newer version(2.3.x) of grails in IntelliJ 12 or what ? I want nothing else but my application (jar) dependencies to be resolved in the IDE.

    Read the article

  • ActiveDirectoryMembershipProvider and ADAM (or AD LDS) and SetPassword

    - by Iulian
    By the subject line it seems to be a rather broad subject and I need some help here. Basically what I want is to use ActiveDirectoryMembershipProvider with an ADAM instance to authenticate users in an ASP.NET web application. My development environment is a windows 7 machine with an AD LDS instance on it whilst the QA server is a Windows 2003 server with an ADAM instance on it. I have all the required users on both instances plus one with adminsitrator role (CN=Admin,CN=xxx,DC=xxx,C=xx) which I want to use as the connection user. Using connectonProtecton="None" connectionUsername="CN=Admin,CN=xxx,DC=xxx,C=xx" connectionPassword="xxx" I am able to authenticate on both environments (dev & qa). If I change to the connectionProtection to "Secure" I am not able to authenticate anymore; the error I get is "Parser Error Message: Unable to establish secure connection with the server" To me it sounds wrong to use connectionProtection="None" although I found on the net a lot of samples using this setting. Can I use connectionProtection="Secure" to connect to an ADAM instance using an account defined on that instance having Administrator role? What other choices do I have (like using an domain account)? What if my machine where I am to deploy the application is not a part of the domain, will this affect in any way the behavior? I am novice in the respect so I would really appreciate some clear answers or some directions as where to look? Now beside the "signing in" feature of the ActiveDirectoryMembershipProvider I also want to add an extra one, which is setting the password without knowing the old one (something that will be used by a "reset password" feature). So I added a couple of extension methods to the provider, and used System.DirectoryServices classes like DirectoryEntry and the like. When creating a directory entry I use the same credentials provided in web.config for the provider minus the AuthenticationType as I don't know what is right combination of the flags that corresponds to None/Secure. I am able to use Invoke "SetPassword" with ADS_OPTION_PASSWORD_METHOD option as ADS_PASSWORD_ENCODE_CLEAR on my dev machine (w/ AD LDS instance); nevertheless on qa environment (w/ ADAM instance) I am getting an error like "Exception Details: System.DirectoryServices.DirectoryServicesCOMException: An operations error occurred. (Exception from HRESULT: 0x80072020)" I am quite sure it is not about AD LDS vs ADAM but probably another configuration / permission issue. So can anyone help me with some hints on how to use this SetPassword feature? And as a general question what are the best practices when it comes to using ADAM regarding security, programming etc? Thanks in advance Iulian

    Read the article

  • SSAS: distribution of measures over percentage

    - by Alex
    Hi there, I am running a SSAS cube that stores facts of HTTP requests. The is a column "Time Taken" that stores the milliseconds a particular HTTP request took. Like... RequestID Time Taken -------------------------- 1 0 2 10 3 20 4 20 5 2000 I want to provide a report through Excel that shows the distribution of those timings by percentage of requests. A statement like "90% of all requests took less than 20millisecond". Analysis: 100% <2000 80% <20 60% <20 40% <10 20% <=0 I am pretty much lost what would be the right approach to design aggregations, calculations etc. to offer this analysis through Excel. Any ideas? Thanks, Alex

    Read the article

  • Configuring Pydev Interpreter in Eclipse to use Enthought Python Distribution

    - by Curious2learn
    I downloaded Pydev plugin for Eclipse (3.5.2) today on Mac OSX 10.5.8. To be able to use Pydev, I need to configure the interpreter in Eclipse. I am not clear what exactly I need to do here, or what this step does. I want to make sure that when I run programs from Eclipse using Pydev, it uses the Enthought Python Distribution (EPD) I have installed, and can use all the packages that come with EPD. Can someone please tell me simple steps that I need to follow. If I click on autoconfig, it shows a bunch of folders with the path /System/Library/Frameworks/Python.Framework/Versions/2.5/... But I know that the Python that came with EPD is version 2.6.4, so autoconfig is not choosing EPD. Thanks for any help.

    Read the article

  • Student's t distribution in JavaScript

    - by Sai Emrys
    Google Spreadsheets currently does not support the standard function TDIST - i.e. the Student's t-distribution. This function is critical for calculating p-values. It seems that this is related to the fact that no integral-using functions (AFAICT) are implemented either. However, Google Docs allows people to add and publish their own scripts, in JavaScript. So ideally we should have something like: function tdist(t_value, degrees_of_freedom, two_tailed [defaults true]) {...} Anyone know of either an extant implementation of this (my google-fu has not turned up one, but may be weaker than yours) or a good idea for how to do it? I'd like to publish this together with some other useful functions that are currently calculable but a bit of a pain (like Student's t-test itself). Thanks!

    Read the article

< Previous Page | 17 18 19 20 21 22 23 24 25 26 27 28  | Next Page >