Search Results

Search found 20029 results on 802 pages for 'directory permissions'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 21/802 | < Previous Page | 17 18 19 20 21 22 23 24 25 26 27 28  | Next Page >

  • Running a service with a user from a different domain not working

    - by EWood
    I've been stuck on this for a while, not sure what permission I'm missing. I've got domain A and domain B, A trusts B, but B does not trust A. I'm trying to run a service in domain A with a user account from domain B and I keep getting Access is Denied. I'm using the FQDN after the username and the password is correct. The user account from domain B is a local administrator on the domain A server, the user account has the logon locally, and as a service permissions. Must. Get. This. Working. Update: I found something interesting in the logs I must have missed. This ought to get me pointed in the right direction. Event ID: 40961 - LsaSrv : The Security System could not establish a secured connection with the server ldap/{server fqdn/fqdn@fqdn} No authentication protocol was available. I've found a few fixes for 40961 but nothing has worked so far. I've verified reverse lookup zones. nslookup resolves the correct dc properly. still workin' at it. Upadte: In response to Evan; I ran " runas /env /user:ftp_user@fqdn "notepad" " then entered the users password and notepad came up. It seems to work successfully. This issue is now resolved. The problem is visible in the screenshot. Windows tries to use the UPN for the user account if you dig your user out of AD with the Browse button. This fails every time even with the right user and password. Simply using the SAM format (Domain\User) works. So simple, yet so annoying. Can't believe I missed this. Thanks to everyone who helped.

    Read the article

  • Restricting Access to Application(s) on Point of Sale system

    - by BSchlinker
    I have a customer with two point of sale systems, a few workstations and a Windows 2003 SBS Server. The point of sale systems are typically running QuickBooks Point of Sale and are logged in with a user who has restricted permissions / access (via Group Policy). Occasionally, one of the managers needs to be able to run a few additional applications -- including some accounting software. I have created an additional user for this manager, allowing them to login and access the accounting software. The problem is, it can be problematic to switch users on the system, as QuickBooks takes a few minutes to close (on POSUser) and then reopen (on ManagerUser). If customers are waiting, this slows things down drastically. Since the accounting software is stored on a network drive, it would be easiest if the manager could simply double click something, authenticate against the network drive / domain controller and then the program would launch. When they close the program, the session to the network drive would be lost and the program would no longer be accessible. Is there any easy way to do this? Both users are on a domain and the system is Windows 7. I just don't want to require the user to switch back and forth. In a worst case scenario, they forget to switch back and leave the accounting software wide open.

    Read the article

  • Quota, AD and C#

    - by Gnial0id
    At first, my mother tongue is not English, so I apologize for the possible mistakes. I'm working on a WS2008R2 server with an Active Directory and a web platform manages this AD with C# code. A group of users have to be able to create user accounts but during the procedure, a disk quota for this new account is (and have to be) created. As the "creator" must not be a member of the Administrators group, the access to the c/: disk is denied. So, I want to perform the File Server Resource Manager operations with C# code by an non-admin account. The code is correct, it works normally with admin account. So, the problem turns around the permissions on the hard drive. I've looked after help on the Internet, without success. It seems that quota delegation is impossible. Only admin can perform this. A colleague helped me a bit, and found the GPO "By pass traverse checking" on a forum but it doesn't seems to be the good way. Any help would be appreciate.

    Read the article

  • Incompatible group permissions in Linux - Is it a bug?

    - by Sachin
    I am on Ubuntu 11.04. I am creating another user and placing an existing user in the group of other user, hoping to write in the home directory of other user. # uname -a Linux vini 2.6.38-11-generic #50-Ubuntu SMP Mon Sep 12 21:18:14 UTC 2011 i686 athlon i386 GNU/Linux # whoami sachin # su root # useradd -m -U foo // create user foo # usermod -a -G foo sachin // add user `sachin' to group `foo' # chmod 770 /home/foo/ # exit # whoami sachin # cd /home/foo/ bash: cd: /home/foo/: Permission denied # groups sachin sachin : sachin foo This is totally weird. Though user sachin is in group foo, and group bits for /home/foo/ is set to rwx, sachin can't chdir to /home/foo/. I am not able to understand this. But, if at the exit step, I switch to sachin user from root, this is what happens: # uname -a Linux vini 2.6.38-11-generic #50-Ubuntu SMP Mon Sep 12 21:18:14 UTC 2011 i686 athlon i386 GNU/Linux # whoami sachin # su root # useradd -m -U foo // create user foo # usermod -a -G foo sachin // add user `sachin' to group `foo' # chmod 770 /home/foo/ # su sachin # whoami sachin # cd /home/foo/ # ls examples.desktop Now, whatever is happening here is totally incomprehensible. Does su sachin inherits some permissions from the root user at this step? Any explanations would be much appreciated.

    Read the article

  • CHMOD To Prevent Deletion Of File Directory

    - by Sohnee
    I have some hosting on a Linux server and I have a few folders that I don't ever want to delete. There are sub folders within these that I do want to delete. How do I set the CHMOD permissions on the folders I don't want to delete? Of course, when I say "I don't ever want to delete" - what I mean is that the end customer shouldn't delete them by accident, via FTP or in a PHP script etc. As an example of directory structure... MainFolder/SubFolder MainFolder/Another I don't want "MainFolder" to be accidentally deleted, but I'm happy for "SubFolder" and "Another" to be removed!

    Read the article

  • directory listing on Mac OS X

    - by user27150
    I dumped a bunch of files (music and otherwise) onto my shiny new Macbook, and since I'm more comfortable with linux than Mac (at this point) I tend to use the terminal. I did a ls -al on the files I'd transfered, and some had an "@" at the end of the permissions string, and some did not. Something like: drwxrwxr--@ 93 user staff etc. drwxrwxr-- 107 user staff etc. The ones without "@" could be seen in Finder and accessed by other programs-- the "@" files and directories were invisible. Can anyone explain what the "@" means, and how to chmod (or whatever) so I can use these files? I assume it is some sort of system flag but I don't know how to unset it. Chmod 777 had no effect and I already own the files. Thanks

    Read the article

  • Squid - Active Directory - permissions based on Nodes rather than Groups

    - by Genboy
    Hi, I have squid running on a gateway machine & I am trying to integrate it with Active Directory for authentication & also for giving different browsing permissions for different users. 1) /usr/lib/squid/ldap_auth -b OU=my,DC=company,DC=com -h ldapserver -f sAMAccountName=%s -D "CN=myadmin,OU=Unrestricted Users,OU=my,DC=company,DC=com" -w mypwd 2) /usr/lib/squid/squid_ldap_group -b "OU=my,DC=company,DC=com" -f "(&(sAMAccountName=%u)(memberOf=cn=%g,cn=users,dc=company,dc=com))" -h ldapserver -D "CN=myadmin,OU=Unrestricted Users,OU=my,DC=company,DC=com" -w zxcv Using the first command above, I am able to authenticate users. Using the second command above, I am able to figure out if a user belongs to a particular active directory group. So I should be able to set ACL's based on groups. However, my customer's AD setup is such that he has users arranged in different Nodes. For eg. He has users setup in the following way cn=usr1,ou=Lev1,ou=Users,ou=my,ou=company,ou=com cn=usr2,ou=Lev2,ou=Users,ou=my,ou=company,ou=com cn=usr3,ou=Lev3,ou=Users,ou=my,ou=company,ou=com etc. So, he wants that I have different permissions based on whether a user belongs to Lev1 or Lev2 or Lev3 nodes. Note that these aren't groups, but nodes. Is there a way to do this with squid? My squid is running on a debian machine.

    Read the article

  • Cant Add Columns to a AD Task pad except for the top level of the domain

    - by Darktux
    We are working on Active Directory taskpads application for user management in our organization and facing stange issue. When we create a taskpad, and when we are at top level of the domain, i can click view - Add/Remove Columns and add "Pre Windows Name" (and lots of other properties) to the taskpad as columns, but when i just go 1 level down , i can only see "Operating System" and "Service Pack" ; why is it happening , isnt "Domain Admins" supposed to god access to all the things in AD domain , atleast of objects they own? It is important to have "Pre Windows 2000" Name as a column begause with out that our "Shell Command" task wont show up in taskpads, since its bound to parameter "Col<9" (which is pre qindows name). Please do let me know if any additions questions to clarify my problem.

    Read the article

  • How can I recursively change the permissions of files and directories?

    - by Nikhil
    I have ubuntu installed on my local computer with apache / php / mysql. I now have a directory at /var/www - inside which I have several of my ongoing projects. I also work with opensource ( drupal, magento, sugarcrm ). The problem I am facing is changing file permission with terminal. Sometime I need to change the permission of entire folder and its subsequent sub-folders and files. I have to individually change using sudo chmod 777 foldername How can I do this recursively. Also why do I have to always do it 777, I tried 755 for folders and 644 for files, but that won't work.

    Read the article

  • Will the program installed in a folder function properly if I remove the write permission in linux? [on hold]

    - by Kevin Powell
    I have a user account on a cluster( a server), and can only install program like python on the home folder. In case I might accidentally delete the bin, lib, share,include folders coming with the installation of python on the home folder. I change the permissions of the above folder like this chmod -w folder but I am worried when the program need to write/delete some files of the folders, it might not function because the removal of write permission. Am I right? or I the run, including write files in the folder, of a program have permissions different than the permission of user. BTW, is there a way to hide the folders without changing the names?

    Read the article

  • rsync - how to set/keep directory permissions?

    - by Dylan
    I'm using CwRsync to connect from my Windows development machine to a linux webserver : rsync -avuz -e ./ssh --exclude=".svn" /cygdrive/c/xampp/htdocs/project123/ [email protected]:/home/user123/public_html This syncs my development project directory nicely and fast to the server. But after doing this, all directory properties are reset to the local user 'user123' only, so the website is not available anymore. I need to manually reset those properties. Why is this happening, and how to prevent it? PS. coming from a Windows environment I'm having a really hard time understanding rsync. I copied the above command from some examples... just need to get this one small thing working too...

    Read the article

  • Setting SQL database Permissions for Visual Studio Data Config Wizard

    - by Raven Dreamer
    Hello, Stackoverflow! I'm new to SQL. I have created a new database in SQL Server Management Studio, and am now trying to attach it to a windows forms project in Visual Studio via the built in Data Configuration Wizard. Currently, whenever I try to attach the database file, I get a permissions error: "You don't have permission to open this file. Contact file owner or administrator to obtain permission" So, simple question -- how do I modify the permissions of my database to allow this?

    Read the article

  • Drupal: How long should it take to rebuild permissions

    - by Shaun
    Hi, I have just installed the ACL and Content Access module. Imedietly after enabling them I was asked to rebuild the permissions. All perfectly normal I am told. However, I set the 'rebuild' permissions page running about 40 minutes ago and it still says 'Initializing'. How long should it take? Am I doing something wrong?

    Read the article

  • Row level user permissions, help with design

    - by bambam
    Hi, Say I am creating a forums application, I understand how to design a forum level permission system with Groups. i.e. you create a forum to group mapping, and assign users to a group to give them access to a particular forum. How can I refine the permissions to allow for row level permissions (or in forum terms, post level).

    Read the article

  • Where should I store custom permissions for my web app

    - by vikp
    Hi, I'm wondering where is the ideal place to store custom permissions in my web applications. For example I have the following permissions: AdminPermission ReadPermission WritePermission At the moment I store these in the static utilities class as the constant string type objects. Thank you

    Read the article

  • Maintain share permissions migrating from Windows 2003 to Samba 3.5 or 4

    - by SeanFromIT
    The title says it all. I'm interested in replacing a Windows file server with a Linux Samba file server, but the caveat is that share/folder permissions must be preserved. We'd be using the new active directory authentication in Samba, so the two servers would at least be in the same domain to make things a little simpler, and all the users/groups are domain-level users/groups. Does anyone know if this is possible?

    Read the article

  • Owner of uploads directory is `www-data` but this prevents FTP access via PHP scripts

    - by letseatfood
    To allow write access to Apache, I needed to chown www-data:www-data /var/www/mysite/uploads to my site's upload folder. This allows me to delete files from the folder via unlink() in a PHP script. Unfortunately, this prevents another PHP script, which uses FTP functions, from working. I think it is because the FTP user is mike and now that the uploads directory is owned by www-data, mike cannot access it. I added mike to the group www-data, but this does not fix the issue. Can somebody advise me on how to allow PHP FTP functions to work in addition to file deletion using PHP's unlink() function?

    Read the article

  • How can I setup a group writeable directory?

    - by meder
    $ whoami meder $ cd /var/www $ sudo mkdir html $ sudo groupadd web $ sudo usermod -a -G web meder $ sudo usermod -a -G web medertest $ sudo chown meder:web html $ sudo chmod -R g+rwx html The problem is, anytime I create a new file in /var/www/html even though the group is set to web, it is only writeable by the original user. I was given the advice of setting the umask to be 002 because the default is what causes the problems. But I would have to do this for all users in that group, and as far as I know it would be tedious having all of them modify ~/.bashrc to have umask 002. Even if I can do it myself with a shell command for all of those users, it still seems too tedious. Can anyone offer any advice on having a group writeable directory?

    Read the article

  • Extract all files with directory path in given directory

    - by gaurav
    I have a tar archive in which I have a directory which I need to extract in a given directory. For example: I have a directory TarPrefix/x/y/z in a tar archive I want to extract it in a given target directory for example: extracted/a/ this directory should contain all the files and directories contained in directory TarPrefix/x/y/z. subdir_and_files = [ tarinfo for tarinfo in tar.getmembers() if tarinfo.name.startswith("subfolder/") ] to get the list of all the members in the directory path "subfolder/" and then I extract it using tar.extractall(extracted/a,subdir_and_files) but it extracts all the members with their directory path For example this results in extracted/a/x/y/z. Could you please help me in extracting these files in the given folder.

    Read the article

  • Active directory integration not working properly with winbind and samba

    - by tubaguy50035
    I'm trying to get my linux box to use active directory authentication. I believe I have almost everything setup correctly. I'm able to issue wbinfo -g and wbinfo -u and see all the groups and users respectively. Brief intro to my setup: The username I use on my linux box to do admin things is nick. My active directory username is nwalke. They have two different passwords. I am able to log in to the box with nick and that user's password and I'm also able to login as nwalke with nwalke's password. The curious bit: Upon creating the active directory user's home directory, I run a script that requires root access. This is to setup some system wide things like a samba share for them. When I log in as nwalke, I enter my nwalke password and it succeeds. I'm then greeted with [sudo] password for nick:. If I enter my nwalke password here, it says Sorry, try again.. If I enter nick's password, it says Sorry, user nick is not allowed to execute scriptname as root. If I do groups as nwalke, I see that magically my user has been given the group nick. Now, I accidentally thought that nick had a UID of 100, not 1000. So originally in my smb.conf I had idmap uid 1000-10000. The only thing I can think of, is that I logged in with nwalke while that was still set and now I'm just being presented with a UID of 1000 forcing linux to think I'm nick. I'm not really sure where to go from here. Like I said, I'm fairly certain active directory is communicating with my server properly, but something must not be mapped right on the linux side. Any thoughts? Here is my smb.conf: [global] security = ads netbios name = hostname realm = COMPANY.COM password server = adshost.company.com workgroup = COMPANY idmap uid = 10000-90000 idmap gid = 10000-90000 winbind separator = + winbind enum users = no winbind enum groups = no winbind use default domain = yes template homedir = /home/%D/%U template shell = /bin/bash client use spnego = yes domain master = no load printers = no printing = bsd printcap name = /dev/null disable spoolss = yes Let me know if more information about something is required.

    Read the article

  • Apache directory structure with multiple hosted languages.

    - by anomareh
    I just got a new work machine up and running and I'm trying to decide on how to set everything up directory wise. I've done some digging around and really haven't been able to find anything conclusive. I know it's a question with a variety of answers but I'm hoping there's some sort of general guidelines or best practices to go by. With that said, here are a few things specific to my situation. I will be doing actual development and testing on the same machine as the server. It is a single user machine in the sense that I will be the only one working on the machine. There will be multiple hosted languages, specifically PHP and RoR while possibly expanding later. I'd like the setup to translate well to a production environment. With those 3 things in mind there are a couple of things I've had in the back of mind. Seeing as it's a single user machine I haven't been able to decide whether or not I should be working on things out of my home directory or if they should be located outside of it. I'm feeling that outside of a user directory would be better as it would translate better to a production environment, but I'm also not sure if that will come with any permission annoyances or concerns seeing as I'll be working on the same machine. Hosting multiple languages seems like it may be a bit quirky. With PHP I've found you're generally just dumping the project somewhere in the document root where as something like a Rails app you have the entire project and you only want the public directory in the document root. Thanks for any insight, opinion, or just personal preference from experience anyone can offer.

    Read the article

  • Joining an Ubuntu 14.04 machine to active directory with realm and sssd

    - by tubaguy50035
    I've tried following this guide to set up realmd and sssd with active directory: http://funwithlinux.net/2014/04/join-ubuntu-14-04-to-active-directory-domain-using-realmd/ When I run the command realm –verbose join domain.company.com –user-principal=c-u14-dev1/[email protected] –unattended everything seems to connect. My sssd.conf looks like the following: [nss] filter_groups = root filter_users = root reconnection_retries = 3 [pam] reconnection_retries = 3 [sssd] domains = DOMAIN.COMPANY.COM config_file_version = 2 services = nss, pam [domain/DOMAIN.COMPANY.COM] ad_domain = DOMAIN.COMPANY.COM krb5_realm = DOMAIN.COMPANY.COM realmd_tags = manages-system joined-with-adcli cache_credentials = True id_provider = ad krb5_store_password_if_offline = True default_shell = /bin/bash ldap_id_mapping = True use_fully_qualified_names = True fallback_homedir = /home/%d/%u access_provider = ad My /etc/pam.d/common-auth looks like this: auth [success=3 default=ignore] pam_krb5.so minimum_uid=1000 auth [success=2 default=ignore] pam_unix.so nullok_secure try_first_pass auth [success=1 default=ignore] pam_sss.so use_first_pass # here's the fallback if no module succeeds auth requisite pam_deny.so # prime the stack with a positive return value if there isn't one already; # this avoids us returning an error just because nothing sets a success code # since the modules above will each just jump around auth required pam_permit.so # and here are more per-package modules (the "Additional" block) auth optional pam_cap.so However, when I try to SSH into the machine with my active directory user, I see the following in auth.log: Aug 21 10:35:59 c-u14-dev1 sshd[11285]: Invalid user nwalke from myip Aug 21 10:35:59 c-u14-dev1 sshd[11285]: input_userauth_request: invalid user nwalke [preauth] Aug 21 10:36:10 c-u14-dev1 sshd[11285]: pam_krb5(sshd:auth): authentication failure; logname=nwalke uid=0 euid=0 tty=ssh ruser= rhost=myiphostname Aug 21 10:36:10 c-u14-dev1 sshd[11285]: pam_unix(sshd:auth): check pass; user unknown Aug 21 10:36:10 c-u14-dev1 sshd[11285]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=myiphostname Aug 21 10:36:10 c-u14-dev1 sshd[11285]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=myiphostname user=nwalke Aug 21 10:36:10 c-u14-dev1 sshd[11285]: pam_sss(sshd:auth): received for user nwalke: 10 (User not known to the underlying authentication module) Aug 21 10:36:12 c-u14-dev1 sshd[11285]: Failed password for invalid user nwalke from myip port 34455 ssh2 What do I need to do to allow active directory users the ability to log in?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 17 18 19 20 21 22 23 24 25 26 27 28  | Next Page >