Search Results

Search found 28603 results on 1145 pages for 'active users'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 22/1145 | < Previous Page | 18 19 20 21 22 23 24 25 26 27 28 29  | Next Page >

  • Is it possible to extend the Active Directory schema in a Windows 2003 DC (NOT R2) to support DFSR?

    - by JohannesH
    We're in the process of installing a brand new Windows Server 2008 Web cluster and we would like to synchronize some files between the servers. The problem is that the DC in the domain is an old Windows Server 2003 Standard (NOT R2) which apparently doesn't contain some extension to the AD schema. Is it possible to upgrade the schema without upgrading the DC servers to R2? When I try to create a Replication Group on the 2008 Server I get the following message: --------------------------- Error --------------------------- srv.XXXXXX.XX: The Active Directory Domain Services schema on domain controller activedc07.srv.XXXXXX.XX cannot be read. This error might be caused by a schema that has not been extended, or was extended improperly. See Help and Support Center for information about extending the Active Directory Domain Services schema. Schema version 30 is not supported. --------------------------- OK ---------------------------

    Read the article

  • How to do safely test Biztalk app by manipulating the Windows OS system time w/o breaking the Active Directory?

    - by melaos
    i have a biztalk - window service tied middleware application which talks to other system. recently we had a request to test for scenarios which relates to the date. as we have a lot of places in the application which uses the .net Datetime.Now value, we don't really want to go into the code level and change all these values. so we're looking at the simplest way to test which is to just change the OS time. but what we notice is that sometimes when we change the system date time, we will get account lock out due to Active Directory. So my question is what's a good and safe way that i can test for future dates, etc by changing the windows OS system date time but without causing any issues with the Active Directory. And where can i find out more about AD and how it issues token and what's the correlation with the system date time changes. Thanks! ~m

    Read the article

  • How do I speed up load times on roaming profiles with Active Directory?

    - by user65712
    I've done some reading and apparently the main obstacle to fast remote profile syncing is that Samba takes a long time to transfer lots of little files like cookies. After reading Roaming Profiles: Best Practices , I plan to use Folder Redirection, but I want my users to be able to login as rapidly as possible, even if it means that their data is still coming in when they reach their desktop. Is there a way to do this with GPO or a third party add-on that can load user profile data faster/speed up the login process for users?

    Read the article

  • Batch add/import of a list of users to a group in Active Directory?

    - by JB
    We have two lists of users (about 1000 each) that we need to add to groups in Active Directory (Windows Server 2003...one list will be in one group, one in the other). All the users currently exist in the directory, but we just need to assign them properly. Is there an easy way to do this without scripting? If not, can it be scripted with Ruby, Perl or Python? Thanks!

    Read the article

  • Configuring permissions with Bastille

    - by Lucio
    I was using Bastille to improve the security of OS and I found the next question there I don't know if I should answer for YES or NOT: Questions: Would you like to set more restrictive permissions on the administration utilities? Explanation: In general, the default file permissions set by most vendors are fairly secure. To make them more secure, though, you can remove non-root user access to some administrator functions. If you choose this option, you'll be changing the permissions on some common system administration utilities so that they're not readable or executable by users other than root. These utilities (which include linuxconf, fsck, ipconfig, runlevel and portmap) are ones that most users could never have a need to access. This option will increase your system security, but there's a chance it will inconvenience your users. My users: When I installed Ubuntu I had create a user (admin), then I was able to create another user (people) but I cannot change the permissions of this user. Questions: The user there I am using like admin it's not the root, right? The effects of this option will affect to the two users (admin & people) or just to people?

    Read the article

  • Supporting users if they're not on your site

    - by Roger Hart
    Have a look at this Read Write Web article, specifically the paragraph in bold and the comments. Have a wry chuckle, or maybe weep for the future of humanity - your call. Then pause, and worry about information architecture. The short story: Read Write Web bumps up the Google rankings for "Facebook login" at the same time as Facebook makes UI changes, and a few hundred users get confused and leave comments on Read Write Web complaining about not being able to log in to their Facebook accounts.* Blindly clicking the first Google result is not a navigation behaviour I'd anticipated for folks visiting big names sites like Facebook. But then, I use Launchy and don't know where any of my files are, depend on Firefox auto-complete, view Facebook through my IM client, and don't need a map to find my backside with both hands. Not all our users behave in the same way, which means not all of our architecture is within our control, and people can get to your content in all sorts of ways. Even if the Read Write Web episode is a prank of some kind (there are, after all, plenty of folks who enjoy orchestrated trolling) it's still a useful reminder. Your users may take paths through and to your content you cannot control, and they are unlikely to deconstruct their assumptions along the way. I guess the meaningful question is: can you still support those users? If they get to you from Google instead of your front door, does what they find still make sense? Does your information architecture still work if your guests come in through the bathroom window? Ok, so here they broke into the house next door - you can't be expected to deal with that. But the rest is well worth thinking about. Other off-site interaction It's rarely going to be as funny as the comments at Read Write Web, but your users are going to do, say, and read things they think of as being about you and your products, in places you don't control. That's good. If you pay attention to it, you get data. Your users get a better experience. There are easy wins, too. Blogs, forums, social media &c. People may look for and find help with your product on blogs and forums, on Twitter, and what have you. They may learn about your brand in the same way. That's fine, it's an interaction you can be part of. It's time-consuming, certainly, but you have the option. You won't get a blogger to incorporate your site navigation just in case your users end up there, but you can be there when they do. Again, Anne Gentle, Gordon McLean and others have covered this in more depth than I could. Direct contact Sales people, customer care, support, they all talk to people. Are they sending links to your content? if so, which bits? Do they know about all of it? Do they have the content they need to support them - messaging that funnels sales, FAQ that are realistically frequent, detailed examples of things people want to do, that kind of thing. Are they sending links because users can't find the good stuff? Are they sending précis of your content, or re-writes, or brand new stuff? If so, does that mean your content isn't up to scratch, or that you've got content missing? Direct sales/care/support interactions are enormously valuable, and can help you know what content your users find useful. You can't have a table of contents or a "See also" in a phonecall, but your content strategy can support more interactions than browsing. *Passing observation about Facebook. For plenty if folks, it is  the internet. Its services are simple versions of what a lot of people use the internet for, and they're aggregated into one stop. Flickr, Vimeo, Wordpress, Twitter, LinkedIn, and all sorts of games, have Facebook doppelgangers that are not only friendlier to entry-level users, they're right there, behind only one layer of authentication. As such, it could own a lot of interaction convention. Heavy users may well not be tech-savvy, and be quite change averse. That doesn't make this episode not dumb, but I'm happy to go easy on 'em.

    Read the article

  • Migrate users from one Active Directory domain to another?

    - by Matt
    I work for a company that hosts desktops for a number of different companies. At the moment, all the clients access a single domain controller called HOSTING. Under that are groups for each company. Each of the hosting servers exist on the same network and so are therefore potentially browseable by other terminal servers. This has raised some security issues and I've found it a little tricky to manage the security. As well, it's possible to see who the other hosted companies are even though other users cannot see their data. What I'd like to do is isolate each clients terminal server/s into their own VLAN. In addition, I'm thinking that each TS would have it's own DC which could just run on the TS for that company. Overhead for a DC is fairly minimal. This would isolate users on that TS from seeing the other companies completely. Firstly, does this sound like a sensible plan? Second... if it is sensible, how would I go about pulling the accounts from the HOSTING domain to a new domain? ideally, without the need for users to change their passwords?

    Read the article

  • How do large companies handle software updates for users without administrative rights?

    - by CT
    I just started working for a small-medium size company doing IT support. Maybe 150 or less users. Right now every user has administrative rights to their own machine. This allows them to install updates or whatever else they would like to. I'm tired of getting on user's machines that are bloated with crap they put on themselves. So my first thought would be to take away administrative rights to their computer. This would also have other advantages such as preventing a lot of drive-by malware on the web etc. The problem arises that users are unable to install updates. (Even though I find most ignore these anyway) How do large companies handle software updates on all client machines? EDIT: Windows environment. Most servers are Windows Server 2003 Enterprise. Clients are all Windows. Win XP, Vista, and 7.

    Read the article

  • Is there any way to synchronize AD users with Office 365 but still be able to edit them online?

    - by Massimo
    I'm performing a migration to Office 365 from a third-party mail server (MDaemon); the local Active Directory doesn't include any Exchange server, and never had any. We will need directory synchronization in order to enable users to log on to Office 365 using their domain credentials; but it seems that as soon as you enable directory synchronization, you can't perform any action anymore on Office 365 users: all changes need to be made on the local Active Directory, and then replicated by the synchronization process. For ordinary users with a single e-mail address and standard features, this is not a big problem; but what about users which need an additional address? What if I need to configure some nonstandard setting, like "hide from address list" or a custom mailbox quota? From what I've gathered, the only supported way to do this, as you can't directly edit Office 365 objects anymore after synchronization is enabled, is to extend the local AD schema with Exchange attributes, and then manually edit them (!). Or, you can install at least one local Exchange server, and then use the Exchange administrative tools to configure the required settings. Is this correct or am I missing something? Is there any way to synchronize user accounts and password, but still be able to edit user settings directly in Office 365? If not (everything really needs to be set locally and then synchronized), is there any simpler way to do this than manually editing LDAP attributes or installing a local Exchange server?

    Read the article

  • PAM with KRB5 to Active Directory - How to prevent update of AD password?

    - by Ex Umbris
    I have a working Fedora 9 system that's set up to authenticate users via PAM - krb5 - Active Directory. I'm migrating this to Fedora 14, and everything works, but it's working too well :-) On Fedora 9, if a Linux user updated their password, it did not propagate to their Active Directory account. On Fedora 14, it is changing their A/D password. The problem is I don't want A/D to be updated. Here's my password-auth-ac: auth required pam_env.so auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 500 quiet auth sufficient pam_krb5.so use_first_pass auth required pam_deny.so account required pam_unix.so account sufficient pam_localuser.so account sufficient pam_succeed_if.so uid < 500 quiet account [default=bad success=ok user_unknown=ignore] pam_krb5.so account required pam_permit.so password requisite pam_cracklib.so try_first_pass retry=3 type= password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok password sufficient pam_krb5.so use_authtok password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so -session optional pam_systemd.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so session optional pam_krb5.so I tried removing the line password sufficient pam_krb5.so use_authtok But then when attempting to change the Linux password, if they provide their A/D password for the authentication prompt, they get the error: passwd: Authentication token manipulation error What I want to achieve is: Allow authentication with either the A/D or Linux password (the Linux password is a fall-back for certain sysadmin users in case A/D is unavailable for some reason). This is working now. Allow users to change their Linux passwords without affecting their A/D passwords. Is this possible?

    Read the article

  • How to use Windows login for single-sign-on and for Active Directory entries for Desktop Java applic

    - by Touko
    I'd like to have my desktop Java application to have single sign on related to Active Directory users. In two steps, I'd like to : Be sure that the particular user has logged in to Windows with some user entry. Check out some setup information for that user from the Active Directory With http://stackoverflow.com/questions/31394/java-programatic-way-to-determine-current-windows-user I can get the name of the current Windows user but can I rely to that? I think the System.getProperty("user.name") won't be secure enough? ("user.name" seems to be got from environment variables, so I can't rely on that, I think?) Question http://stackoverflow.com/questions/390150/authenticating-against-active-directory-with-java-on-linux provides me the authentication for given name+pass but I'd like to authenticate based on the Windows logon? For the Active Directory access, the LDAP would probably be the choise? I'm not totally sure if I'm asking the right questions but hopefully somebody has some ideas to forward me on.

    Read the article

  • An XEvent a Day (4 of 31) – Querying the Session Definition and Active Session DMV’s

    - by Jonathan Kehayias
    Yesterdays post, Managing Event Sessions , showed how to manage Event Sessions in Extended Events Sessions inside the Extended Events framework in SQL Server. In today's post, we’ll take a look at how to find information about the defined Event Sessions that already exist inside a SQL Server using the Session Definition DMV’s and how to find information about the Active Event Sessions that exist using the Active Session DMV’s. Session Definition DMV’s The Session Definition DMV’s provide information...(read more)

    Read the article

  • How to highlight the last active window in the Gonme launcher

    - by Yisela
    Is there a way to highlight (with some sort of indicator) the last active window in the Gnome launcher? Suppose this is my launcher, and I have just used the Terminal. I'm wondering if there is a way to highlight it as the last active one, to differentiate it from the rest of the windows: So the result would be something like this: I'm completely new to Ubuntu and Ask Ubuntu, so please let me know if this question needs to be edited.

    Read the article

  • How to highlight the last active window in the GNOME shell preview

    - by Yisela
    Is there a way to highlight (with some sort of indicator) the last active window in the Gnome launcher? Suppose this is my launcher, and I have just used the Terminal. I'm wondering if there is a way to highlight it as the last active one, to differentiate it from the rest of the windows: So the result would be something like this: I'm completely new to Ubuntu and Ask Ubuntu, so please let me know if this question needs to be edited.

    Read the article

  • Active Directory Management with PowerShell in Windows Server 2008 R2

    One of the first things you notice with Windows Server 2008 R2 is that PowerShell 2.0 has become central to the admin function There is a powerful Active Directory module for Powershell that contains a provider and cmdlets that are designed to allow you to manage Active Directory from the command line. Now, you can also use versions for previous versions of Windows Server.

    Read the article

  • How to track users who access an app three times a week in Google Analytics

    - by exceptionerror
    I have an IOS app that is being tracked, and I'm looking to find unique users who use the app 3 or more times a week. I am able to find users who logged three sessions in a particular week, but I'd like to find users who log three sessions every week since a given start period. Similarly, I'd like to find the number of users who use the app 1 time a week and one and 1 time a month. Is this possible through Google Analytics?

    Read the article

  • Is there a way to add AD LDS users to an AD Domain Group or allow them domain security rights?

    - by Tom
    I have a web application in which our outside customers need access to run transactions (stored procs on Sql Server) on our domain. We have looked into LDS to keep these users separate from our domain. The problem we are having is allowing the LDS users the AD security rights to access these stored procs. For administration purposes we would like to use an AD group for each transaction (stored proc) which has access to execute. Is there a way to add LDS users to this AD group or allow them the security rights to do this? We have setup LDS and can authenicate an AD user thru to runs these transactions. LDS is running on Server 08 R2. AD is also Server 08 R2. Thanks.

    Read the article

  • How to view / enumerate / obtain a list of all effective rights / permissions on an Active Directory object?

    - by Laura
    I am new to Server Fault and was hoping to find an answer to a question that I have been struggling with for the past week or so. I have been recently asked by my management to furnish a list of all the effective rights / permissions delegated on the Active Directory object for our Domain Admins group. I initially figured I'd use the Effective Permissions Tab in Active Directory Users and Computers but had two problems with it. The first was that it doesn't seem very accurate and the second was that it requires me to enter the name of a specific user, and it only shows me what it figures are effective permissions for that user. Now, we have more than a 1000 users in our environment so there's no way I can possibly enter 1000 user names one by one. Plus, there is no way to export that information either. I also looked at dsacls from MS but it doesn't do effective permissions. Someone pointed me to a tool called ADUCAdmin but that seems to falsely claim to do effective permissions. Could someone kindly help me find a way to obtain this listing? Basically, I need to generate a list of all the modify effective permissions granted on the Domain Admins group object along with the list of all the admins to which these permissions are granted. In case it helps, I don't need a fancy listing - simple text / CSV output would be enough I would be grateful for any assistance since this is time and security sensitive for us.

    Read the article

  • Migrating Identity Providers - specifying a new users password hash.

    - by Stephen Denne
    We'd like to switch Identity Provider (and Web Access Manager), and also the user directory we use, but would like to do so without users needing to change their password. We currently have the SSHA of the passwords. I'm expecting to write code to perform the migration. I don't mind how complex the code has to be, rather my concern is whether such a migration is possible at all. MS Active Directory would be our preferred user store, but I believe that it can not have new users set up in it with a particular password hash. Is that correct? What user directory stores can be populated with users already set up with a SSHA password? What Identity Provider and Access Management products work with those stores?

    Read the article

  • Virus that tries to brute force attack Active Directory users (in alphabetical order)?

    - by Nate Pinchot
    Users started complaining about slow network speed so I fired up Wireshark. Did some checking and found many PCs sending packets similar to the following: (screenshot) http://imgur.com/45VlI.png I blurred out the text for the username, computer name and domain name (since it matches the internet domain name). Computers are spamming the Active Directory servers trying to brute force hack passwords. It will start with Administrator and go down the list of users in alphabetical order. Physically going to the PC finds no one anywhere near it and this behavior is spread across the network so it appears to be a virus of some sort. Scanning computers which have been caught spamming the server with Malwarebytes, Super Antispyware and BitDefender (this is the antivirus the client has) yields no results. This is an enterprise network with about 2500 PCs so doing a rebuild is not a favorable option. My next step is to contact BitDefender to see what help they can provide. Has anybody seen anything like this or have any ideas what it could possibly be?

    Read the article

  • How many users can be in a AD LDS group?

    - by ixe013
    Microsoft published the recommended maximum limits for users in an Active Directory group. It basically says : Starting with Windows Server 2003, the ability to replicate discrete changes to linked multivalued properties was introduced as a technology called Linked Value Replication (LVR). and This allows the number of group memberships to exceed the former recommended limit of 5,000 for Windows 2000 or Windows Server 2003 at a forest functional level of Windows 2000. Given the replication meta data below, can anybody tell me what is the maximum number of users a AD-LDS group can hold ? Getting 'CN=Member,CN=Schema,CN=Configuration,CN={67B333FE-ADB4-430D-AAEE-D4CCE4B98A2E}' metadata... 23 entries. AttID Ver Loc.USN Originating DSA Org.USN Org.Time/Date ===== === ======= =============== ======= ============= 0 1 95 8ba30efb-9aa4-4e55-8f7c-268e3dcc536b 95 2012-07-17 14:25:49 3 1 95 8ba30efb-9aa4-4e55-8f7c-268e3dcc536b 95 2012-07-17 14:25:49 20001 1 95 8ba30efb-9aa4-4e55-8f7c-268e3dcc536b 95 2012-07-17 14:25:49 20002 1 95 8ba30efb-9aa4-4e55-8f7c-268e3dcc536b 95 2012-07-17 14:25:49 2001e 1 95 8ba30efb-9aa4-4e55-8f7c-268e3dcc536b 95 2012-07-17 14:25:49 20020 1 95 8ba30efb-9aa4-4e55-8f7c-268e3dcc536b 95 2012-07-17 14:25:49 20021 1 95 8ba30efb-9aa4-4e55-8f7c-268e3dcc536b 95 2012-07-17 14:25:49 20032 1 95 8ba30efb-9aa4-4e55-8f7c-268e3dcc536b 95 2012-07-17 14:25:49 200a9 1 95 8ba30efb-9aa4-4e55-8f7c-268e3dcc536b 95 2012-07-17 14:25:49 200c2 1 95 8ba30efb-9aa4-4e55-8f7c-268e3dcc536b 95 2012-07-17 14:25:49 200da 1 95 8ba30efb-9aa4-4e55-8f7c-268e3dcc536b 95 2012-07-17 14:25:49 200e2 1 95 8ba30efb-9aa4-4e55-8f7c-268e3dcc536b 95 2012-07-17 14:25:49 200e7 1 95 8ba30efb-9aa4-4e55-8f7c-268e3dcc536b 95 2012-07-17 14:25:49 20119 1 95 8ba30efb-9aa4-4e55-8f7c-268e3dcc536b 95 2012-07-17 14:25:49 2014e 1 95 8ba30efb-9aa4-4e55-8f7c-268e3dcc536b 95 2012-07-17 14:25:49 201cc 1 95 8ba30efb-9aa4-4e55-8f7c-268e3dcc536b 95 2012-07-17 14:25:49 90001 1 95 8ba30efb-9aa4-4e55-8f7c-268e3dcc536b 95 2012-07-17 14:25:49 90094 1 95 8ba30efb-9aa4-4e55-8f7c-268e3dcc536b 95 2012-07-17 14:25:49 90095 1 95 8ba30efb-9aa4-4e55-8f7c-268e3dcc536b 95 2012-07-17 14:25:49 900aa 1 95 8ba30efb-9aa4-4e55-8f7c-268e3dcc536b 95 2012-07-17 14:25:49 90177 1 95 8ba30efb-9aa4-4e55-8f7c-268e3dcc536b 95 2012-07-17 14:25:49 9027f 1 95 8ba30efb-9aa4-4e55-8f7c-268e3dcc536b 95 2012-07-17 14:25:49 9030e 1 95 8ba30efb-9aa4-4e55-8f7c-268e3dcc536b 95 2012-07-17 14:25:49

    Read the article

  • Dynamically writing page titles and active classes with php

    - by toomanyairmiles
    For some time now I've been using the following code to dynamically write in html page titles and add an active class to menu items. Is this still a good why to achieve this or are there better/smarter/optimal ways of achieving the same thing? <?php echo (basename($_SERVER['SCRIPT_FILENAME'])=='contact.php'? 'class="active"' : '');?> Menu example <ul id="nav"> <li><a href="index.php" target="_parent" <?php echo (basename($_SERVER['SCRIPT_FILENAME'])=='index.php'? 'class="active"' : '');?>><span>Home</span></a></li> <li><a href="services.php" target="_parent" <?php echo (basename($_SERVER['SCRIPT_FILENAME'])=='services.php'? 'class="active"' : '');?><?php echo (basename($_SERVER['SCRIPT_FILENAME'])=='services-landlords.php'? 'class="active"' : '');?><?php echo (basename($_SERVER['SCRIPT_FILENAME'])=='services-sellers.php'? 'class="active"' : '');?><?php echo (basename($_SERVER['SCRIPT_FILENAME'])=='services-tennants.php'? 'class="active"' : '');?>><span>Our Services</span></a></li> <li><a href="for-sale.php" target="_parent" <?php echo (basename($_SERVER['SCRIPT_FILENAME'])=='sales.php'? 'class="active"' : '');?>><span>Sales</span></a></li> <li><a href="to-let.php" target="_parent" <?php echo (basename($_SERVER['SCRIPT_FILENAME'])=='lettings.php'? 'class="active"' : '');?>><span>Lettings</span></a></li> <li><a href="register.php" target="_parent" <?php echo (basename($_SERVER['SCRIPT_FILENAME'])=='register.php'? 'class="active"' : '');?><?php echo (basename($_SERVER['SCRIPT_FILENAME'])=='register-thanks.php'? 'class="active"' : '');?>><span>Register</span></a></li> <li><a href="contact.php" target="_parent" <?php echo (basename($_SERVER['SCRIPT_FILENAME'])=='contact.php'? 'class="active"' : '');?>><span>Contact Us</span></a></li> </ul> Page title Example <?php echo (basename($_SERVER['SCRIPT_FILENAME'])=='services.php'? 'Services' : '');?> <?php echo (basename($_SERVER['SCRIPT_FILENAME'])=='services-landlords.php'? 'Services for Landlords' : '');?>

    Read the article

  • Do I have to prepare Active Directory prior to installing an Exchange service pack?

    - by music2myear
    I'm having trouble determining the proper procedure for installing Exchange 2007 sp3 on a Server 2008 R2 box running Exchange 2007 sp1. It is not clear on websites I have consulted (Microsoft TechNet and others) whether preparing Active Directory is only required on a NEW install of Exchange 2007 sp3, or if it is required when upgrading an existing Exchange 2007 install to sp3. Could someone who has experience with this please set me straight?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 18 19 20 21 22 23 24 25 26 27 28 29  | Next Page >