Search Results

Search found 994 results on 40 pages for 'logon'.

Page 22/40 | < Previous Page | 18 19 20 21 22 23 24 25 26 27 28 29 | Next Page >

Retrieve user details from Active Directory using SID

- by er4z0r

Hi, How can I find a user in my AD when I have his/her SID. I don't want to rely on other attributes, since I am trying to detect changes to these. Example: I get a message about a change to user record containing: Message: User Account Changed: Target Account Name: test12 Target Domain: DOMAIN Target Account ID: %{S-1-5-21-3968247570-3627839482-368725868-1110} Caller User Name: Administrator Caller Domain: DOMAIN Caller Logon ID: (0x0,0x62AB1) Privileges: - I want to notify the user about the change. So I need their account-information from AD. When I try to retrieve the user's data from AD via VBScript like this: Wscript.StdOut.writeLine "Found an Account ID: " & objMatch.value Set objUser = GetObject("LDAP://GUID=1521396824757036278394823687258681110") Wscript.StdOut.writeLine objUser I receive an error stating The handle is invalid Code:80070006

Read the article
Problems connecting to MS Dynamics AX 2009 Application Object Server

- by Sam

I've got a funny problem connecting to an AOS server. I got a domain network containing a (VM) Server running the Application Object Server (AOS). Client computer A) can connect to the AOS without problems and work. When client computer B) tries to connect, all I get is this error message: Logon Error Connection with the Application Object Server could not be established. The event log of Client B) does not contain any messages about this. Firewalls are off on all three computers (by GP). Tcp/ip from cliebt B) to the AOS server does run fine. Both clients run the same OS (win 7 RC), sit on the same subnet, next to each other. Yesterday it all worked, today just one computer can connect. Any ideas what might cause this problem, how to resolve it, or how to debug it?

Read the article
Office365 DirSync Active Directory Integration

- by dean

I am preparing to deploy Office365 for my organization. We have an on premise Active Directory Domain Controller (Windows Server 2012 R2). We would like to leverage our Active Directory for: automatic user provisioning in Office365, and password synchronization, using the DirSync tool. Our Active Directory Domain is example.pvt. Email is currently Rackspace Exchange and email addresses follow the form [email protected]. Active Directory User Logon Name follows the form firstinitiallastname. My Questions are: What Active Directory Attribute(s) can be use in provisioning the email address in Office365? Is it possible to use the E-mail field in Active Directory to provision the email address in Office365? Will the fact that our Active Directory Domain has a different extension (.pvt vs. .com) cause a problem with our planned provisioning method?

Read the article
Windows 7 Login User Doesn't Exist

- by dcolumbus

I have another interesting issue... because of some issue with a lost password, I had to manually change the password to one of the accounts via and DOS hack. However, somehow in the process I now have a phantom username that I am asked to logon to when Windows first starts... This username doesn't exit. In order to login, I have to "change user" and manually type in the correct username. Is there a way that I can edit which username it prompts me for? I'd like to repair this without having to reinstall just yet.

Read the article
Windows 7 Login User Doesn't Exist

- by dcolumbus

I have another interesting issue... because of some issue with a lost password, I had to manually change the password to one of the accounts via and DOS hack. However, somehow in the process I now have a phantom username that I am asked to logon to when Windows first starts... This username doesn't exit. In order to login, I have to "change user" and manually type in the correct username. Is there a way that I can edit which username it prompts me for? I'd like to repair this without having to reinstall just yet.

Read the article
Winbind group lookup painfully slow

- by Marty

I am running winbind on an RHEL 6 system. Everything works fine except group lookups, so many commands (including sudo) are painfully slow. I did an strace which shows that winbind looks up every group and every user within each group for the current user. Some of these groups have 20000+ users so a simple sudo can take 60 seconds to complete. I really only care about speeding up the sudo command. Ideal solutions would make it so either: groups with more than X number of users will not be looked up, or sudo bypasses group lookups altogether. Here is my current "smb.conf" for winbind: workgroup = EXAMPLE password server = AD1.EXAMPLE.ORG realm = EXAMPLE.ORG security = ads idmap uid = 10000-19999 idmap gid = 10000-19999 idmap config EXAMPLE:backend = rid idmap config EXAMPLE:range = 10000000-19999999 winbind enum users = no winbind enum groups = no winbind separator = + template homedir = /home/%U template shell = /bin/bash winbind use default domain = yes winbind offline logon = false

Read the article
Can't access network share with name defined in hosts file

- by Einar Egilsson

I have a network share on a machine that I can only reach by IP address. I then defined an alias for the IP in my hosts file so I could use that instead of the IP but then I can't log on to the share, I just get the logon prompt again and again. So basically this: \\172.17.0.48\SomeShare works but this \\myalias\SomeShare doesn't. myalias is defined in c:\windows\system32\drivers\etc\hosts as 172.17.0.48 myalias And I can use the alias for remote desktop without problems. Can anyone tell me why this doesn't work for fileshares?

Read the article
Can we have Linked Servers when using NTLM?

- by BlueRaja

I don't have access to the Active Directory settings, nor do I have access to change anything on the linked server. From everything I've read, it seems like this means I cannot use Kerberos - which is a big problem, because I don't know how to use a linked server without it. Is there any way to connect to a linked server without Kerberos? Exact problem description When I connect to the linked server while sitting in front of my server, it works fine; but when I try to connect to the linked server from any other computer (delegating through my server), it gives the error: Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. (Microsoft SQL Server, Error: 18456) It seems that this is the "double-hop problem," and the usual solution is to enable Kerberos, which requires access to AD and the linked server. I get the same error when I set security to "Be made using the login's current security context," and I can't use "Be made using this security context" because that appears to use SQL-authentication (which is not enabled on the linked server) instead of NTLM

Read the article
SCCM Client Push FAIL - Win2000 box

- by ajp

Hello, When trying to install the SCCM client onto a Windows 2000 box, the install fails. The install script is run through a batch file (CONTENTS: \mdop\SCCM_client\ccmsetup.exe /mp:MDOP /logon smssitecode=MID smsslp=MDOP) hosted on a public area of the network. This script has worked for all machines (mostly Win2003 Server). I've tried enabling all the common services it requires (BITS, IIS Admin, Windows Installer), but it still only runs for a second or two then quits. Here's the piece of the log file where it errors out: [LOG[Couldn't get directory list for directory 'http://MDOP/CCM_Client/ClientPatch'. This directory may not exist.]LOG]! time="13:55:53.618+300" date="06-30-2009" component="ccmsetup" context="" type="0" thread="1676" file="ccmsetup.cpp:6054" Full Log: http://paste-it.net/public/gb11732/

Read the article
Revocation status of DC can't be verified

- by DotGeorge

A Domain Controller within my forest was working fine (as the story usually goes). Then, suddenly, I can't logon with my smart card. Instead, I'm greeted with the following message: The system could not log you on. The revocation status of the domain controller certificate used for smart card authentication could not be determined. I literally have no idea what's happened here. As an attempted quick fix, I removed the root certificate which issued the Smart Card's certificate from the CA of both the client and DC. Then imported a newly exported one from the DC in question. Same issue. I've spotted a number of related articles on Microsoft's forums and a HP support document. Each don't really shed much light as it's a generic error message apparently. Having said all of this, other smart cards (issued from other DCs) work fine. So I have no idea what's up with this one.

Read the article
The User Profile Service

- by Daryl Gill

I tried logging into my computer after an "ungraceful" shutdown due to a power cut.. I got prompted with a message stating the user profile service failed the login. After reading a k/b on Microsoft I managed to re-login to the "corrupt" account by making registery edits.. But the next step (After having the ability to logon) is a major concern for me.. Would the guys at superuser suggest: 1) Carry on using said account 2) Re-install Windows to eliminate the possible chance of a reoccouring problem 3) Migrate all user data over to a new account and with that being said above. I had to issue the command line: net user administrator /active:yes to activate the hidden adminstrator account, would it be recommended/secure to disable the account or leave it active?

Read the article
VPN - Remote Desktop Connection

- by alex

I've set up a VPN connection to my work network on my home PC - running Windows 7 It connects fine. Once connected, I can ping machines that are on my work network using my home pc, however, if I try to RDP to them, it doesn't connect... It seems to initially connect, It asks me for the logon user / password, and when I set them, and click OK, it gets stuck on a screen saying: "Securing Remote Connection" Eventually it pops up saying "This computer can't connect to the remote computer. Try connecting again. If the problem persists, contact the owner of the remote computer or your network administrator" I know this computer is configured to allow remote connections etc... (and I've tried it with several different machines on the remote network) Any ideas what i've set wrong?

Read the article
Transferring FSMO roles over vpn

- by Tom Bowman

I have a server located at one of our offices which is quite old and is due to be upgraded soon, this server holds the FSMO roles, I have another server in another office, both are DC's in the same domain and both are replicated, both run Server 2003 standard. I need to transfer the FSMO roles from the old server to the the one I have in the other office before I upgrade. Also I am looking at bringing in Exchange 2010 server however I cant install/configure that until I transfer the roles as it needs to be at the same site as the schema master. My question really is as both servers replicate over a vpn, how quickly will the roles transfer and will there be downtime as I need to make sure that while the transfer is running, both servers will service logon's and share files. or would it be better to do it out of hours? many thanks and apologies if I've missed out anything Regards Tom

Read the article
SQL Server to sql server linked server setup

- by ScottStonehouse

Please explain what is required to set up a SQL Server linked server. Server A is SQL 2005 windows logins only Server B is the same (SQL 2005 windows logins only) Server A runs windows XP Server B runs Windows Server 2003 Both SQL Server services are running under the same domain account. I am logged into my workstation with a domain account that has administrative rights on both SQL Servers. Note these are both SQL Server 2005 SP2 - I've had old hotfixes pointed out to me, but those are already applied. The issue I am having is this error: "Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. (Microsoft SQL Server, Error: 18456)"

Read the article
Port forwarding (portmap) works only locally

- by Tag Wint

There are four hosts hostA winXP hostB Win2003 hostC Linux RHEL hostD Linux RHEL hostA cannot connect to C and D directly, but B can hostA connects to hostB using VPN hostB and hostC belong to the same subnet1 hostD is in subnet2 From hostA I need to connect to hostC and hostD by SSH. Now I can do it as follows: 1.connecting from hostA to hostB by RDP logon and there: 2.start putty client. I'd like to omit step 1 and connect from A to C and D directly On hostB I have admin acoount and configure port forwarding as follows: netsh interface portproxy add v4tov4 listenport=N1 connectaddress=hostC_IP connectport=N2 netsh interface portproxy add v4tov4 listenport=N3 connectaddress=hostD_IP connectport=N2 netsh interface portproxy show all: Listen on IPv4: Connect to IPv4: Address Port Address Port --------------- ---------- --------------- ---------- * N1 hostC_IP N2 * N3 hostD_IP N2 Now from hostB I can connect to either C and D: ssh localhost:N1 ssh localhost:N3 from hostA ssh hostB:N1 works too, but ssh hostB:N3 DON'T I guess the reason might be different subnets, still have no idea how to fix it. What should I do?

Read the article
Active Directory Password Policy Problem

- by Will

To Clarify: my question is why isn't my password policy applying to people in the domain. Hey guys, having trouble with our password policy in Active Directory. Sometimes it just helps me to type out what I’m seeing It appears to not be applying properly across the board. I am new to this environment and AD in general but I think I have a general grasp of what should be going on. It’s a pretty simple AD setup without too many Group Policies being applied. It looks something like this DOMAIN Default Domain Policy (link enabled) Password Policy (link enabled and enforce) Personal OU Force Password Change (completely empty nothing in this GPO) IT OU Lockout Policy (link enabled and enforced) CS OU Lockout Policy Accouting OU Lockout Policy The password policy and default domain policy both define the same things under Computer ConfigWindows seetings sec settings Account Policies / Password Policy Enforce password History : 24 passwords remembered Maximum Password age : 180 days Min password age: 14 days Minimum Password Length: 6 characters Password must meet complexity requirements: Enabled Store Passwords using reversible encryption: Disabled Account Policies / Account Lockout Policy Account Lockout Duration 10080 Minutes Account Lockout Threshold: 5 invalid login attempts Reset Account Lockout Counter after : 30 minutes IT lockout This just sets the screen saver settings to lock computers when the user is Idle. After running Group Policy modeling it seems like the password policy and default domain policy is getting applied to everyone. Here is the results of group policy modeling on MO-BLANCKM using the mblanck account, as you can see the policies are both being applied , with nothing important being denied Group Policy Results NCLGS\mblanck on NCLGS\MO-BLANCKM Data collected on: 12/29/2010 11:29:44 AM Summary Computer Configuration Summary General Computer name NCLGS\MO-BLANCKM Domain NCLGS.local Site Default-First-Site-Name Last time Group Policy was processed 12/29/2010 10:17:58 AM Group Policy Objects Applied GPOs Name Link Location Revision Default Domain Policy NCLGS.local AD (15), Sysvol (15) WSUS-52010 NCLGS.local/WSUS/Clients AD (54), Sysvol (54) Password Policy NCLGS.local AD (58), Sysvol (58) Denied GPOs Name Link Location Reason Denied Local Group Policy Local Empty Security Group Membership when Group Policy was applied BUILTIN\Administrators Everyone S-1-5-21-507921405-1326574676-682003330-1003 BUILTIN\Users NT AUTHORITY\NETWORK NT AUTHORITY\Authenticated Users NCLGS\MO-BLANCKM$ NCLGS\Admin-ComputerAccounts-GP NCLGS\Domain Computers WMI Filters Name Value Reference GPO(s) None Component Status Component Name Status Last Process Time Group Policy Infrastructure Success 12/29/2010 10:17:59 AM EFS recovery Success (no data) 10/28/2010 9:10:34 AM Registry Success 10/28/2010 9:10:32 AM Security Success 10/28/2010 9:10:34 AM User Configuration Summary General User name NCLGS\mblanck Domain NCLGS.local Last time Group Policy was processed 12/29/2010 11:28:56 AM Group Policy Objects Applied GPOs Name Link Location Revision Default Domain Policy NCLGS.local AD (7), Sysvol (7) IT-Lockout NCLGS.local/Personal/CS AD (11), Sysvol (11) Password Policy NCLGS.local AD (5), Sysvol (5) Denied GPOs Name Link Location Reason Denied Local Group Policy Local Empty Force Password Change NCLGS.local/Personal Empty Security Group Membership when Group Policy was applied NCLGS\Domain Users Everyone BUILTIN\Administrators BUILTIN\Users NT AUTHORITY\INTERACTIVE NT AUTHORITY\Authenticated Users LOCAL NCLGS\MissingSkidEmail NCLGS\Customer_Service NCLGS\Email_Archive NCLGS\Job Ticket Users NCLGS\Office Staff NCLGS\CUSTOMER SERVI-1 NCLGS\Prestige_Jobs_Email NCLGS\Telecommuters NCLGS\Everyone - NCL WMI Filters Name Value Reference GPO(s) None Component Status Component Name Status Last Process Time Group Policy Infrastructure Success 12/29/2010 11:28:56 AM Registry Success 12/20/2010 12:05:51 PM Scripts Success 10/13/2010 10:38:40 AM Computer Configuration Windows Settings Security Settings Account Policies/Password Policy Policy Setting Winning GPO Enforce password history 24 passwords remembered Password Policy Maximum password age 180 days Password Policy Minimum password age 14 days Password Policy Minimum password length 6 characters Password Policy Password must meet complexity requirements Enabled Password Policy Store passwords using reversible encryption Disabled Password Policy Account Policies/Account Lockout Policy Policy Setting Winning GPO Account lockout duration 10080 minutes Password Policy Account lockout threshold 5 invalid logon attempts Password Policy Reset account lockout counter after 30 minutes Password Policy Local Policies/Security Options Network Security Policy Setting Winning GPO Network security: Force logoff when logon hours expire Enabled Default Domain Policy Public Key Policies/Autoenrollment Settings Policy Setting Winning GPO Enroll certificates automatically Enabled [Default setting] Renew expired certificates, update pending certificates, and remove revoked certificates Disabled Update certificates that use certificate templates Disabled Public Key Policies/Encrypting File System Properties Winning GPO [Default setting] Policy Setting Allow users to encrypt files using Encrypting File System (EFS) Enabled Certificates Issued To Issued By Expiration Date Intended Purposes Winning GPO SBurns SBurns 12/13/2007 5:24:30 PM File Recovery Default Domain Policy For additional information about individual settings, launch Group Policy Object Editor. Public Key Policies/Trusted Root Certification Authorities Properties Winning GPO [Default setting] Policy Setting Allow users to select new root certification authorities (CAs) to trust Enabled Client computers can trust the following certificate stores Third-Party Root Certification Authorities and Enterprise Root Certification Authorities To perform certificate-based authentication of users and computers, CAs must meet the following criteria Registered in Active Directory only Administrative Templates Windows Components/Windows Update Policy Setting Winning GPO Allow Automatic Updates immediate installation Enabled WSUS-52010 Allow non-administrators to receive update notifications Enabled WSUS-52010 Automatic Updates detection frequency Enabled WSUS-52010 Check for updates at the following interval (hours): 1 Policy Setting Winning GPO Configure Automatic Updates Enabled WSUS-52010 Configure automatic updating: 4 - Auto download and schedule the install The following settings are only required and applicable if 4 is selected. Scheduled install day: 0 - Every day Scheduled install time: 03:00 Policy Setting Winning GPO No auto-restart with logged on users for scheduled automatic updates installations Disabled WSUS-52010 Re-prompt for restart with scheduled installations Enabled WSUS-52010 Wait the following period before prompting again with a scheduled restart (minutes): 30 Policy Setting Winning GPO Reschedule Automatic Updates scheduled installations Enabled WSUS-52010 Wait after system startup (minutes): 1 Policy Setting Winning GPO Specify intranet Microsoft update service location Enabled WSUS-52010 Set the intranet update service for detecting updates: http://lavender Set the intranet statistics server: http://lavender (example: http://IntranetUpd01) User Configuration Administrative Templates Control Panel/Display Policy Setting Winning GPO Hide Screen Saver tab Enabled IT-Lockout Password protect the screen saver Enabled IT-Lockout Screen Saver Enabled IT-Lockout Screen Saver executable name Enabled IT-Lockout Screen Saver executable name sstext3d.scr Policy Setting Winning GPO Screen Saver timeout Enabled IT-Lockout Number of seconds to wait to enable the Screen Saver Seconds: 1800 System/Power Management Policy Setting Winning GPO Prompt for password on resume from hibernate / suspend Enabled IT-Lockout

Read the article
MS Word - Keeps requesting user to save Normal template

- by MikeT505

We have Small Business Server 2008 setup on a couple of our clients networks and we have the following issue. Whenever they logon, Microsoft word automatically opens and requests them to save their changes to the template 'Normal'. It constantly happens, we have a mixture of Win 2000 and XP machines and it seems to happen more often on XP than 2000. Any idea why this might be happening and how we can resolve it, it's just frustrating for the end users. PS: This is happening on Office 2000 and Office 2003.

Read the article
SQL Server Windows Auth Login sees Domain as untrusted...

- by Mr Shoubs

I've had someone set up a domain controller on windows 2008 on one server, and sql server 2008 on another. The domain seems to be working fine, I'm logged on as a domain user on both servers, nothing seems to be a problem there. However, when I try to add a domain user/group to SQL Server Security (e.g. clicking ok from the create login screen) it says it can't find it (even though I've used the search to find the correct account in the first place), when I try to logon (even though I haven't added it yet) it says something about the account being part of an untrusted domain instead of saying I don't have permission to log on. Anyone have any ideas on what is set up incorrectly?

Read the article
Troubles logging into VPN on Win7 64bit

- by mike

Hi, Before I can successfully logon to my company's VPN it runs a small check in the browser to check my current processes. One of the things it checks (among other things) is to see if you have an antivirus running. If you don't, you can't connect and it says please install one with a couple links to some free ones. The issue I'm having is I recently upgraded to Win7 x64 and I haven't been able to get past the "antivirus check" part. Before, I had AVG running and I never had a single problem for years. Now I tried both AVG and Avast and I still get blocked. Does it have something to do with both of these antiviruses running in *32 mode in the processes? Any help or ideas on how to fix this would be awesome. Thanks!

Read the article
How can I edit local security policy from a batch file?

- by Stephen Jennings

I am trying to write a utility as a batch file that, among other things, adds a user to the "Deny logon locally" local security policy. This batch file will be used on hundreds of independent computers (not on a domain and aren't even on the same network). I assumed one of the following were my options, but perhaps there's one I haven't thought of. A command line utility similar to net.exe which can modify local security policy. A VBScript sample to do the same. Write my own using some WMI or Win32 calls. I'd rather not do this one if I don't have to.

Read the article
SQL Server Windows Auth Login not working

- by Mr Shoubs

I've had someone set up a domain controller on windows 2008 on one server, and sql server 2008 on another. The domain seems to be working fine, I'm logged on as a domain user on both servers, nothing seems to be a problem there. However, when I try to add a domain user/group to SQL Server Security (e.g. clicking ok from the create login screen) it says it can't find it (even though I've used the search to find the correct account in the first place), when I try to logon (even though I haven't added it yet) it says something about the account being part of an untrusted domain instead of saying I don't have permission to log on. Anyone have any ideas on what is set up incorrectly?

Read the article
Temporarily disable an AD server

- by 3molo

Topology and setup We have main office A, and branch office (abroad) B. Our ISP somehow messed up the MPLS, and office A<B will not be connected until a few days. At location B, we have an AD (and the other two ADs at location A). Location A also have an exchange server. The problems A few users at A have problem to login to their computers running Windows XP, the logon process kind of hangs where "Applying computer policies". Additionally, I can't start the Exchange management shell, it fails on get-recipient because the AD abroad (location B) is unreachable. Solution? I could delete the AD at B, but Im pretty sure it will be a hazzle to re-join it, and since the office is abroad it's not an option to just go there and re-install it - re join, I now wonder how I in location As primary and secondary ADs can temporarily disable AD at location B.

Read the article
Windows AD, bulk user creation, homedrv creation via commandline

- by Neil

I am Bulk creating AD users from the commandline (dsadd) and whilst doing so am setting the homedir and homedrv to a DFS location. I observe when I create the user with all these settings via the GUI (dsa.msc) that the homedrv gets created on the DFS share with all the permissions set correctly. But when using dsadd, the folder is not created. How can I replicate this GUI behaviour via the commandline when creating the user? I don't really want to rely on logon scripts to set it up. Do I have to use mkdir and cacls and something else to give the user Ownership? Or maybe I am missing something easy. Any help much appreciated!

Read the article
Configuring WPA2-Enterprise with Freeradius

- by Vincent O.

I'm trying to set up an authenticated wifi network with Freeradius. I've managed to get things working using self-signed certs etc. The problem is Windows clients need to uncheck the "Automatically use my windows logon name and password [etc.]" option in the MSCHAPv2 settings. When I connect to my local university with Eduroam, it automatically asks for a username and password instead of sending windows login credentials. How did the sysadmins accomplish this? Is it some kind of RADIUS Attribute that gets sent back?

Read the article
cannot add a user to sysadmin role in SQL Server

- by George2

I am using SQL Server 2008 Management Studio. The current logon account belongs to machine local administrator group. I am using Windows Integrated Security mode in SQL Server 2008. My issue is, after log into SQL Server Management Studio, I select my login name under Security/Logins, then select Server Roles Tab, then select the last item -- sysadmin to make myself belong to this group/role, but it says I do not have enough permission. Any ideas what is wrong? I think local administrator should be able to do anything. :-)

Read the article

< Previous Page | 18 19 20 21 22 23 24 25 26 27 28 29 | Next Page >