user 123 - Page 261 - Developer IT

How to set up an FTP user on UBUNTU 9 server using vsftpd utility?

- by Pavel

Hi guys. I'm kinda new to this so bear with me. I've set up a server and now I need to create ftp user for it. I'm doing this by typing: useradd pavel passwd pavel And then I'm running iptables -I INPUT 1 -p tcp --dport 21 -j ACCEPT iptables-save > /etc/iptables.rules in order to open ftp ports and lastly, I'm changing the usermod by: usermod -s /bin/sh pavel So now tell me - what I'm doing wrong here? I just want to connect using FTP protocol. Please help...

Read the article

`sh` access denied over ssh connection

- by inspectorG4dget

I have an ubuntu server and a windows XP client running Cygwin. The server ssh's into the client and tries to execute a shell script with some params, with the following command: ssh user@IP_ADDR 'sh /home/user/project/clientside 2 5 7 6 9 5 7 IP_ADDR' where IP_ADDR is the IP address of client. However, while doing so, I get the following error: Access is denied. Thinking this might be a user permissions error, I tried running sh /home/user/project/clientside 2 5 7 6 9 5 7 IP_ADDR on the client, on Cygwin, while logged in as user. This works as expected. Then I thought that this might be an error with the login that I use when I ssh into the client. So I executed this instead: ssh user@IP_ADDR 'whoami' and got back user. This happened even after I did chmod -R 777 /home/user/project on the client, in Cygwin. For kicks, I got on Cygwin on the client and did ssh localhost and manually executed sh /home/user/project/clientside 2 5 7 6 9 5 7 IP_ADDR. This worked as expected. However, when I did ssh IP_ADDR from Cygwin and did ssh localhost and manually executed sh /home/user/project/clientside 2 5 7 6 9 5 7 IP_ADDR, I get the same Access is denied. error. Why is this happening? How can I fix this? By the way, both the server and the client have each other's rsa public key for passwordless ssh

Read the article

Sendmail - preventing aliased users from receiving multiple copies of the same email

- by MikeQ

Is there any way to prevent a user from receiving multiple copies of the same email if an email is sent to both an alias for the user as well as the user themselves? For example, suppose bob.smith is a included in the alias list for developers (@company.com) If I send the email to both the user and an alias for the user: To: [email protected], [email protected] ... is there any way to prevent user Bob from receiving the same email two times? EDIT: I've observed that if Bob is a member of two different alias groups, and I send an email just to those two groups (not the user directly), sendmail correctly expands the groups and removes the duplicate. The behavior I want to fix occurs when you send directly to the user AND a group they belong to.

Read the article

Windows Shares / NTFS permissions on folder redirection in Active Directory

- by Shawn Gradwell

A client has folder redirection in AD setup on each user's Home Folder set to the Z:\ drive as \server\share\username. A Group Policy redirects the user's Documents to the user's Home Folder with the option 'Grant the user to exclusive rights to Documents' selected. The share on the server has permissions for the relevant user security group with 'Full Control', but each user's folder only have NTFS permissions only for 'CREATOR OWNER' and 'Domain Admins'. Why can the different users access other user's folders? I thought the most restrictive permissions applied effectively between the share and the NTFS permissions. Also, this setup has been like this for years, and this client recently updated all client computers to Windows 7. What is the best way to setup this redirection now? I assume only in Group Policy, also Basic Redirection - to create a folder for each user under the root path?

Read the article

ipmi - can't ping or remotely connect

- by Fidel

I've tried configuring the IPMI controller to accept remote connections, but I can't even ping it. Here is it status: #/usr/local/bin/ipmitool lan print 2 Set in Progress : Set Complete Auth Type Support : NONE PASSWORD Auth Type Enable : Callback : : User : NONE PASSWORD : Operator : PASSWORD : Admin : PASSWORD : OEM : IP Address Source : Static Address IP Address : 192.168.1.112 Subnet Mask : 255.255.255.0 MAC Address : 00:a0:a5:67:45:25 IP Header : TTL=0x40 Flags=0x40 Precedence=0x00 TOS=0x10 BMC ARP Control : ARP Responses Enabled, Gratuitous ARP Enabled Gratituous ARP Intrvl : 8.0 seconds Default Gateway IP : 192.168.1.1 Default Gateway MAC : 00:00:00:00:00:00 802.1q VLAN ID : Disabled 802.1q VLAN Priority : 0 RMCP+ Cipher Suites : 0,1,2,3 Cipher Suite Priv Max : uaaaXXXXXXXXXXX : X=Cipher Suite Unused : c=CALLBACK : u=USER : o=OPERATOR : a=ADMIN : O=OEM # /usr/local/bin/ipmitool user list 2 ID Name Enabled Callin Link Auth IPMI Msg Channel Priv Limit 1 true false true true USER 2 admin true false true true ADMINISTRATOR # /usr/local/bin/ipmitool channel getaccess 2 2 Maximum User IDs : 5 Enabled User IDs : 2 User ID : 2 User Name : admin Fixed Name : No Access Available : callback Link Authentication : enabled IPMI Messaging : enabled Privilege Level : ADMINISTRATOR # /usr/local/bin/ipmitool channel info 2 Channel 0x2 info: Channel Medium Type : 802.3 LAN Channel Protocol Type : IPMB-1.0 Session Support : multi-session Active Session Count : 0 Protocol Vendor ID : 7154 Volatile(active) Settings Alerting : disabled Per-message Auth : disabled User Level Auth : disabled Access Mode : always available Non-Volatile Settings Alerting : disabled Per-message Auth : disabled User Level Auth : disabled Access Mode : always available # /usr/local/bin/ipmitool chassis status System Power : on Power Overload : false Power Interlock : inactive Main Power Fault : false Power Control Fault : false Power Restore Policy : unknown Last Power Event : Chassis Intrusion : inactive Front-Panel Lockout : inactive Drive Fault : false Cooling/Fan Fault : false # arp Address HWtype HWaddress Flags Mask Iface 192.168.1.112 ether 00:A0:A5:67:45:25 C bond0 # /usr/local/bin/ipmitool -I lan -H 192.168.1.112 -U admin -P admin chassis power status Error: Unable to establish LAN session Unable to get Chassis Power Status In summary. It exists on the ARP list so arp's are being broadcast. I can't ping it and can't connect to it. Can anyone spot any glaring mistakes in the configuration? Many thanks, Fidel

Read the article

What permissions / ownership to set on PHP Sessions Folder when running FastCGI / PHP-FPM (as user "nobody")?

- by Professor Frink

I'm having trouble getting a number of scripts running because PHP-FPM can't write to my session folder: "2009/10/01 23:54:07 [error] 17830#0: *24 FastCGI sent in stderr: "PHP Warning: Unknown: open(/var/lib/php/session/sess_cskfq4godj4ka2a637i5lq41o5, O_RDWR) failed: Permission denied (13) in Unknown on line 0 PHP Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/var/lib/php/session) in Unknown on line 0" while reading upstream" Obviously this is a permission issue; my session folder's owner/group is the webserver's user, NGINX. PHP-FPM runs as nobody though, and hence adding it to the nginx group is not so trivial. A temporary solution is to set the permissions of /var/lib/php/session to 777 - I have a feeling that's not the "best practice" though. What is the best practice when you need to assign a daemon write access to a folder, but it is running as nobody ?

Read the article

Reverse Proxy Wordpress with Lighttpd

- by Jonah

I am deploying an application and a Wordpress installation on AWS. I have Wordpress set up under Apache on an EC2, and my application under Lighttpd, and I want to reverse-proxy Wordpress through the application node. This works fine, I just set up the reverse proxy in Lighttpd as so: $HTTP["url"] =~ "^/blog" { proxy.server = ( "/blog" => ( "blog" => ( "host" => "123.456.789.123", "port" => 80 )) ) } url.rewrite-once = ( "^(.*?)$" => "/index.php/$1" ) However, the issue is in the rewrite. When I enable rewriting, it catches it before the reverse proxy, and routes to index.php on the application server. I need it to not rewrite if it's going to the blog. I tried various regex matches and other configurations, but I haven't been able to get it to support rewriting and proxying at the same time. How can this be done?

Read the article

Reverse bash console text flow

- by radman

Hi, This is a bit of a weird question and I'm not sure that there is any easy answer to it but I am very interested in finding a solution. So when I work on a linux machine via a console I find that I am constantly staring at the bottom of the screen, as once you have executed a bunch of commands text fills toward the bottom. Now I find that this is decidedly not good for my neck and it would be far better if instead of scrolling to the bottom, the text would scroll to the top instead. So does anyone out there know if there is a way to reverse the direction text appears in a console? (note that i am aware of the clear command) Example: default behaviour user@machine:~$ command 1 user@machine:~$ command 2 user@machine:~$ command 3 user@machine:~$ __active_prompt__ desired behaviour user@machine:~$ __active_prompt__ user@machine:~$ command 3 user@machine:~$ command 2 user@machine:~$ command 1 Running Kubuntu 10.04 using Konsole I realise this is an odd question, thanks for any help.

Read the article

DELL DRAC & Ubuntu VPN Connection

- by Mikunos

I am trying to connect to a DELL DRAC card without success by Ubuntu VPN Connection Manager. I have these data: Protocol: PPTP SERVER IP PPTP: 1233.123.123.123 DRAC IP: 192.168.10.25 Subnet: 255.255.0.0 User: myuser Pass: mypass where have I to write these parameters? I have configured the PPTP connection using the graphical tool in Ubuntu 11.10 ... but in the /var/log/syslog I get these messages: Apr 15 11:33:15 shinet NetworkManager[1035]: <info> Starting VPN service 'pptp'... Apr 15 11:33:15 shinet NetworkManager[1035]: <info> VPN service 'pptp' started (org.freedesktop.NetworkManager.pptp), PID 18180 Apr 15 11:33:15 shinet NetworkManager[1035]: <info> VPN service 'pptp' appeared; activating connections Apr 15 11:33:15 shinet NetworkManager[1035]: <info> VPN plugin state changed: 3 Apr 15 11:33:15 shinet NetworkManager[1035]: <info> VPN connection 'Connessione VPN 1' (Connect) reply received. Apr 15 11:33:15 shinet pppd[18182]: Plugin /usr/lib/pppd/2.4.5/nm-pptp-pppd-plugin.so loaded. Apr 15 11:33:15 shinet pppd[18182]: pppd 2.4.5 started by root, uid 0 Apr 15 11:33:15 shinet pppd[18182]: Using interface ppp0 Apr 15 11:33:15 shinet pppd[18182]: Connect: ppp0 <--> /dev/pts/1 Apr 15 11:33:15 shinet NetworkManager[1035]: SCPlugin-Ifupdown: devices added (path: /sys/devices/virtual/net/ppp0, iface: ppp0) Apr 15 11:33:15 shinet NetworkManager[1035]: SCPlugin-Ifupdown: device added (path: /sys/devices/virtual/net/ppp0, iface: ppp0): no ifupdown configuration found. Apr 15 11:33:15 shinet pptp[18185]: nm-pptp-service-18180 log[main:pptp.c:314]: The synchronous pptp option is NOT activated Apr 15 11:33:46 shinet pppd[18182]: LCP: timeout sending Config-Requests Apr 15 11:33:46 shinet pppd[18182]: Connection terminated. Apr 15 11:33:46 shinet avahi-daemon[1081]: Withdrawing workstation service for ppp0. Apr 15 11:33:46 shinet NetworkManager[1035]: SCPlugin-Ifupdown: devices removed (path: /sys/devices/virtual/net/ppp0, iface: ppp0) Apr 15 11:33:46 shinet NetworkManager[1035]: <warn> VPN plugin failed: 1 Apr 15 11:33:46 shinet pppd[18182]: Modem hangup Apr 15 11:33:46 shinet NetworkManager[1035]: <warn> VPN plugin failed: 1 Apr 15 11:33:51 shinet pppd[18182]: Exit. Apr 15 11:33:51 shinet NetworkManager[1035]: <warn> VPN plugin failed: 1 Apr 15 11:33:51 shinet NetworkManager[1035]: <info> VPN plugin state changed: 6 Apr 15 11:33:51 shinet NetworkManager[1035]: <info> VPN plugin state change reason: 0 Apr 15 11:33:51 shinet NetworkManager[1035]: <warn> error disconnecting VPN: Could not process the request because no VPN connection was active. Apr 15 11:33:51 shinet NetworkManager[1035]: <info> Policy set 'Wired connection 1' (eth0) as default for IPv4 routing and DNS. Apr 15 11:33:57 shinet NetworkManager[1035]: <info> VPN service 'pptp' disappeared Thanks

Read the article

Why is my mdadm raid-1 recovery so slow?

- by dimmer

On a system I'm running Ubuntu 10.04. My raid-1 restore started out fast but quickly became ridiculously slow (at this rate the restore will take 150 days!): dimmer@paimon:~$ cat /proc/mdstat Personalities : [linear] [multipath] [raid0] [raid1] [raid6] [raid5] [raid4] [raid10] md0 : active raid1 sdc1[2] sdb1[1] 1953513408 blocks [2/1] [_U] [====>................] recovery = 24.4% (477497344/1953513408) finish=217368.0min speed=113K/sec unused devices: <none> Eventhough I have set the kernel variables to reasonably quick values: dimmer@paimon:~$ cat /proc/sys/dev/raid/speed_limit_min 1000000 dimmer@paimon:~$ cat /proc/sys/dev/raid/speed_limit_max 100000000 I am using 2 2.0TB Western Digital Hard Disks, WDC WD20EARS-00M and WDC WD20EARS-00J. I believe they have been partitioned such that their sectors are aligned. dimmer@paimon:/sys$ sudo parted /dev/sdb GNU Parted 2.2 Using /dev/sdb Welcome to GNU Parted! Type 'help' to view a list of commands. (parted) p Model: ATA WDC WD20EARS-00M (scsi) Disk /dev/sdb: 2000GB Sector size (logical/physical): 512B/512B Partition Table: gpt Number Start End Size File system Name Flags 1 1049kB 2000GB 2000GB ext4 (parted) unit s (parted) p Number Start End Size File system Name Flags 1 2048s 3907028991s 3907026944s ext4 (parted) q dimmer@paimon:/sys$ sudo parted /dev/sdc GNU Parted 2.2 Using /dev/sdc Welcome to GNU Parted! Type 'help' to view a list of commands. (parted) p Model: ATA WDC WD20EARS-00J (scsi) Disk /dev/sdc: 2000GB Sector size (logical/physical): 512B/4096B Partition Table: gpt Number Start End Size File system Name Flags 1 1049kB 2000GB 2000GB ext4 I am beginning to think that I have a hardware problem, otherwise I can't imagine why the mdadm restore should be so slow. I have done a benchmark on /dev/sdc using Ubuntu's disk utility GUI app, and the results looked normal so I know that sdc has the capability to write faster than this. I also had the same problem on a similar WD drive that I RMAd because of bad sectors. I suppose it's possible they sent me a replacement with bad sectors too, although there are no SMART values showing them yet. Any ideas? Thanks. As requested, output of top sorted by cpu usage (notice there is ~0 cpu usage). iowait is also zero which seems strange: top - 11:35:13 up 2 days, 9:40, 3 users, load average: 2.87, 2.58, 2.30 Tasks: 142 total, 1 running, 141 sleeping, 0 stopped, 0 zombie Cpu(s): 0.0%us, 0.2%sy, 0.0%ni, 99.8%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st Mem: 3096304k total, 1482164k used, 1614140k free, 617672k buffers Swap: 1526132k total, 0k used, 1526132k free, 535416k cached PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 45 root 20 0 0 0 0 S 0 0.0 2:17.02 scsi_eh_0 1 root 20 0 2808 1752 1204 S 0 0.1 0:00.46 init 2 root 20 0 0 0 0 S 0 0.0 0:00.00 kthreadd 3 root RT 0 0 0 0 S 0 0.0 0:00.02 migration/0 4 root 20 0 0 0 0 S 0 0.0 0:00.17 ksoftirqd/0 5 root RT 0 0 0 0 S 0 0.0 0:00.00 watchdog/0 6 root RT 0 0 0 0 S 0 0.0 0:00.02 migration/1 ... dmesg errors, definitely looking like hardware: [202884.000157] ata5.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x6 frozen [202884.007015] ata5.00: failed command: FLUSH CACHE EXT [202884.013728] ata5.00: cmd ea/00:00:00:00:00/00:00:00:00:00/a0 tag 0 [202884.013730] res 40/00:00:ff:59:2e/00:00:35:00:00/e0 Emask 0x4 (timeout) [202884.033667] ata5.00: status: { DRDY } [202884.040329] ata5: hard resetting link [202889.400050] ata5: link is slow to respond, please be patient (ready=0) [202894.048087] ata5: COMRESET failed (errno=-16) [202894.054663] ata5: hard resetting link [202899.412049] ata5: link is slow to respond, please be patient (ready=0) [202904.060107] ata5: COMRESET failed (errno=-16) [202904.066646] ata5: hard resetting link [202905.840056] ata5: SATA link up 3.0 Gbps (SStatus 123 SControl 300) [202905.849178] ata5.00: configured for UDMA/133 [202905.849188] ata5: EH complete [203899.000292] ata5.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x6 frozen [203899.007096] ata5.00: failed command: IDENTIFY DEVICE [203899.013841] ata5.00: cmd ec/00:01:00:00:00/00:00:00:00:00/00 tag 0 pio 512 in [203899.013843] res 40/00:00:ff:f9:f6/00:00:38:00:00/e0 Emask 0x4 (timeout) [203899.041232] ata5.00: status: { DRDY } [203899.048133] ata5: hard resetting link [203899.816134] ata5: SATA link up 3.0 Gbps (SStatus 123 SControl 300) [203899.826062] ata5.00: configured for UDMA/133 [203899.826079] ata5: EH complete [204375.000200] ata5.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x6 frozen [204375.007421] ata5.00: failed command: IDENTIFY DEVICE [204375.014799] ata5.00: cmd ec/00:01:00:00:00/00:00:00:00:00/00 tag 0 pio 512 in [204375.014800] res 40/00:00:ff:0c:0f/00:00:39:00:00/e0 Emask 0x4 (timeout) [204375.044374] ata5.00: status: { DRDY } [204375.051842] ata5: hard resetting link [204380.408049] ata5: link is slow to respond, please be patient (ready=0) [204384.440076] ata5: SATA link up 3.0 Gbps (SStatus 123 SControl 300) [204384.449938] ata5.00: configured for UDMA/133 [204384.449955] ata5: EH complete [204395.988135] ata5.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x6 frozen [204395.988140] ata5.00: failed command: IDENTIFY DEVICE [204395.988147] ata5.00: cmd ec/00:01:00:00:00/00:00:00:00:00/00 tag 0 pio 512 in [204395.988149] res 40/00:00:ff:0c:0f/00:00:39:00:00/e0 Emask 0x4 (timeout) [204395.988151] ata5.00: status: { DRDY } [204395.988156] ata5: hard resetting link [204399.320075] ata5: SATA link up 3.0 Gbps (SStatus 123 SControl 300) [204399.330487] ata5.00: configured for UDMA/133 [204399.330503] ata5: EH complete

Read the article

Can I import contacts from an Exchange 2003 EDB file for a single user?

- by Drarok

We have recently had to reinstall a very unhappy Exchange 2003 server for a client, and whilst rebuilding their server we moved them onto a temporary one. During the course of all this, ExMerge was used due to Windows being so broken that none of the backup software could run. As a number of the user mailboxes were way over 2GB, we had to do date ranges of a few months at a time to avoid ExMerge's 2GB limit. We went back as far as 2006, as the files produced by ExMerge seemed empty that far back. Unfortunately, one of the users has reported that around 2 3rds of their contacts are missing, and that pre-2006 sounds about right for the missing items. Is there any way I can mount the old EDB file into Exchange, or otherwise read their contacts into a usable format? The server is running Windows Server 2003 SBS R2 (SP2), and Exchance 2003 (SP2, I think).

Read the article

How to detect when a user copies files from a server over the network?

- by Mr. Graves

I have a few virtual servers + desktops that are used for shared development with remote users, including some consultants. Each user has an account with access to most aspects of the server. I don't want to prevent people from being productive, or track passwords or read emails, but I do want to know when and what files they copy from the virtual server or what they upload from the server to a remote site, and what if any applications they install. This will help make sure my IP is protected, that no one is installing tools they shouldn't, and that things are licensed appropriately. What is the simplest way to do this? In order of importance I would say detecting file transfers off the machine to be most critical. Thanks

Read the article

How can I change my mysql user that has all privileges on a database to only have select privileges on one specific table?

- by Glenn

I gave my mysql user the "GRANT ALL PRIVILEGES ON database_name.* to my_user@localhost" treatment. Now I would like to be more granular, starting with lowering privileges on a specific table. I am hoping mysql has or can be set to follow a "least amount of privileges" policy, so I can keep the current setup and lower it for the one table. But I have not seen anything like this in the docs or online. Other than removing the DB level grant and re-granting on a table level, is there a way to get the same result by adding another rule?

Read the article

Does LDAP fit the role of a user database for an application?

- by Spredzy

I (my company) run a webservice that integrates pieces of few entreprisey-level software. Most of them offer different type of authentication but all offers at least LDAP. I was wondering if storing my application users directly in an LDAP directory would be a good idea. This way all the application I am using could rely on it for authentication purpose. I am aware that LDAP is not a database per se, but it is a datastore. I am also aware that there is no kind of constraints thus deleting a user on the LDAP directory won't do anything on my actual data, but this case would be taken care of with an extra process. My main question here is : is there any reason why I shouldn't use LDAP as my users database ?

Read the article

Varnish VCL not allowing two separate IP addresses as backends

- by Peter Griffin

Every time I attempt to add an extra back end into our VCL file, it's fails. Here is the DAEMON_OPTS we are running off: DAEMON_OPTS="-a :80 \ -T localhost:6082 \ -f /etc/varnish/custom.vcl \ -u varnish -g varnish \ -S /etc/varnish/secret \ -s malloc,10G" And here is the offending backend(s) backend default { .host = "114.123.456.789"; .port = "8080"; } backend alt { .host = "203.123.456.789"; .port = "80"; } Any Ideas ? Gut feeling is it might need the backends to be set somewhere, but I'm not sure where.

Read the article

TIME_WAIT in netstat of Apache processes

- by Howard

What are the meaning of the TIME_WAIT when using netstat of my web server process? I am sure the web server is not over loaded. tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 15655/apache2 tcp 0 0 x.x.x.x:80 123.125.66.35:19667 SYN_RECV - tcp 0 0 x.x.x.x:80 113.138.59.140:12186 TIME_WAIT - tcp 0 0 x.x.x.x:80 66.249.67.121:59493 ESTABLISHED 23702/apache2 tcp 0 0 x.x.x.x:80 69.28.51.206:40652 TIME_WAIT - tcp 0 0 x.x.x.x:80 221.126.149.99:51877 TIME_WAIT - tcp 0 0 x.x.x.x:80 221.126.149.99:51872 TIME_WAIT - tcp 0 0 x.x.x.x:80 123.125.66.19:13084 TIME_WAIT -

Read the article

How to limit access to Exchange 2003 Mobile Activesync server by user?

- by micilin

So I was asked to set up an Exchange Activesync mobile gateway. That's done. It's a separat eExchange 2003 front-end server configured for SSL, and I've put an off-domain ISA server in front of it. Now I'm being asked to limit which users can connect to it. By default an Exchange front-end server allows any user who has a mail account to connect to the front -end server. So I'm looking at the permissions on the various IIS sites/apps on the server, but I know that it's easy to break Exchange Front-end server perms. So I've got the following in IIS: Exadmin Exchange EchWeb Microsoft-SErver-ActiveSync MobileAdmin OMA And a couple of others that I dont think are relevant. Can I change the permissions on one of these to restrict who can connect to Activesync? As a bonus: Can I do it in a way that does not affect ordinary browser based Exchange Access? Thanks in Advance!!

Read the article

trying to understand how Linux /etc/hosts file works with local and external IP addresses

- by gkdsp

Let's say I have a Linux server with an external IP of 123.456.789.012 and a local IP of 192.168.0.1. If it's /etc/hosts file looks like, for example, 123.456.789.012 host2.mydomain.com 192.168.0.1 host2.mydomain.com When an application on the server generates traffic to send using host2.mydomain.com, how does the server know whether to use the local or external IP address (since the same host name shows two IP addresses)? Or, does it need something additional than what I've presented here to decide this? Or, does it just sent it out as host2.mydomain.com and let the receiving end deal with it (if so, how to make sure traffic intended for local network indeed goes to local network)?

Read the article

Should I limit end-user gigabit ports to avoid saturating uplink/trunk connections?

- by Joel Coel

We have a campus with 16 buildings and older 850nm 1Gbps fiber links between the buildings, that all come to a core switch for our servers that also uses 1Gbps ports. We're finally starting to replace our aging 10/100 end-user switches, and much of what we're looking at are 1 Gbps units. My question is, since the trunk/uplink lines are still 1Gbps, if I were to install 1 Gbps switches for end users, should I limit the ports to 100Mbps until I can also upgrade the trunks to avoid allowing a bad-behaving host to saturate a trunk line (since we're a college, we have plenty of mis-behaving hosts) and thereby create a DoS situation for a building, or will TCP congestion control typically take care of that for me? What if we have a lot of UDP traffic (games, video chats, even a small amount of bittorrent)?

Read the article

PsExec - what if the .exe you run remotely requires user interaction?

- by Luca Matteis

I use PsExec to deploy small .exe files to my workstations. Sometimes the .exe, for some reason, is incompatible with the system and opens a popup window with an error or some other message. Is there any way to know when the executable is 'stuck' there requiring user interaction? On my side I just have psexec running and waiting for the .exe to return (which will never return because the popup is stuck there). Since I run PsExec programmatically and I automate all the executions, when this Popup thing happens I find myself with hundreds of psexec processes stuck there and have no result back from them.. What's the best way to handle this sort of issue? Thanks.

Read the article

How to limit access to Exchange 2003 Mobile Actviesync server by user?

- by micilin

So I was asked to set up an Exchange Activesync mobile gateway. That's done. It's a separat eExchange 2003 front-end server configured for SSL, and I've put an off-domain ISA server in front of it. Now I'm being asked to limit which users can connect to it. By default an Exchange front-end server allows any user who has a mail account to connect to the front -end server. So I'm looking at the permissions on the various IIS sites/apps on the server, but I know that it's easy to break Exchange Front-end server perms. So I've got the following in IIS: Exadmin Exchange EchWeb Microsoft-SErver-ActiveSync MobileAdmin OMA And a couple of others that I dont think are relevant. Can I change the permissions on one of these to restrict who can connect to Activesync? As a bonus: Can I do it in a way that does not affect ordinary browser based Exchange Access? Thanks in Advance!!

Read the article

dig gets the right result from DNS server, but name still fails to resolve

- by EMiller

Under what conditions would the following occur? From a given OSX machine on an internal network: $~ cat /etc/resolv.conf nameserver 10.102.120.7 nameserver 10.102.120.2 From the same machine: $~ dig @10.102.120.7 in.local <snip> ... ;; QUESTION SECTION: ;in.local. IN A ;; ANSWER SECTION: in.local. 43200 IN A 10.102.123.30 <snip> ... And yet, this workstation cannot ping in.local, nor load pages hosted by apache on that machine. 10.102.123.30 is definitley up (2 OSX machines I know fail to resolve in.local - but other machines on the network can). I have also checked their /etc/hosts to see if anything there might interfere... Not sure what else to check...

Read the article

DNS no longer works after server reboot

- by Burning the Codeigniter

Strangely enough, when I reboot my Ubuntu 12.04 server, the DNS no longer works, which makes the domain unavailable to access to my site. Normally the DNS should be working after a reboot, but this doesn't happen anymore. I use nginx to serve content, but nginx is already configured to work with my domains. What are the typical practises must I do after a reboot and how can I solve this issue I experience? I already have BIND, networking and resolvconf to boot when the server boots up. ; <<>> DiG 9.8.1-P1 <<>> mysite.com ;; global options: +cmd ;; connection timed out; no servers could be reached This is my output with dig $ttl 38400 mysite.com. IN SOA ns1.mysite.com. webmaster.mysite.com. ( 1055026205 6H 1H 5D 20M ) mysite.com. IN A xx.xx.xx.xx # Server IP *.mysite.com. IN A xx.xx.xx.xx # Server IP www.mysite.com. IN CNAME mysite.com. ns1.mysite.com. IN A xx.xx.xx.xx # Server 2nd IP ns2.mysite.com. IN A xx.xx.xx.xx # Server 3rd IP mysite.com. IN NS ns1.mysite.com. mysite.com. IN NS ns2.mysite.com. mail.mysite.com. IN MX 1 mysite.com. This is the contents of /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 85.17.150.123 nameserver 85.17.96.69 nameserver 62.212.64.122 search localdomain After using more dig commands, outputs: ; <<>> DiG 9.7.3-P3 <<>> @85.17.150.123 mysite.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 24847 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;mysite.com. IN A ;; Query time: 2145 msec ;; SERVER: 85.17.150.123#53(85.17.150.123) ;; WHEN: Mon Nov 5 16:31:32 2012 ;; MSG SIZE rcvd: 30 ; <<>> DiG 9.7.3-P3 <<>> @85.17.96.69 mysite.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 27879 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;mysite.com. IN A ;; Query time: 949 msec ;; SERVER: 85.17.96.69#53(85.17.96.69) ;; WHEN: Mon Nov 5 16:32:59 2012 ;; MSG SIZE rcvd: 30 ; <<>> DiG 9.7.3-P3 <<>> @62.212.64.122 mysite.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 29293 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;mysite.com. IN A ;; Query time: 825 msec ;; SERVER: 62.212.64.122#53(62.212.64.122) ;; WHEN: Mon Nov 5 16:33:39 2012 ;; MSG SIZE rcvd: 30 With Google DNS (8.8.8.8): ; <<>> DiG 9.7.3-P3 <<>> @8.8.8.8 mysite.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 38498 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;mysite.com. IN A ;; Query time: 3982 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Mon Nov 5 16:37:27 2012 ;; MSG SIZE rcvd: 30

Read the article

Single Sign On 802.1x Wireless - saying “Connecting to <SSID>”, hangs for 10 seconds, fails with “Unable to connect to <SSID>, Logging on…”.

- by Phaedrus

We are implementing WiFi on Windows 7 machines in our corporate environment. Machines should be able to log into the domain by WiFi as the Machine (Pre-Logon), and as the User (Post-Logon). We have everything working correctly except for 2 things: 1) Sometimes the login scripts don't run 2) The user VLAN is sometimes different than the machine vlan, and no DHCP renew occurs after user logon. I am clear that both these problems should be fixable by using the "Single Sign On" Option under the 802.1x Wireless Vista GPO, and setting the wireless to connect immediately before user logon and also by enabling "This network uses different VLAN for authentication with machine and user credentials" If I enable these GPO settings in a lab, the computer does authenticate & gets WIFI before the user logs on, so when the login box is displayed, it says “Windows will try to connect to ”, even though it is already connected (which should be ok?). Enter the user credentials and it goes to a screen saying “Connecting to ”, hangs for 10 seconds, fails with “Unable to connect to , Logging on…”. Desktop fires up and then the user re-authenticates with no problem as himself instead of the machine, but by that point, we defeat the point of the WiFi SSO “before user logon”. Also by that point, no DHCP renew seems to occur, and the user is still stuck with the wrong IP address for the new VLAN. When the “Connecting to ” screen comes up, there’s no indication on the AP or the Radius server that anything whatsoever is happening after credentials are entered until after the domain logon. Also with this policy enabled, sometimes windows hangs on a black screen indefinitely until I disable the Wireless NIC, so something is knackered for sure. What have I missed? Suggestions are much appreciated... /P

Read the article

How do I get rid of the Cisco CP one-time user message on a Cisco 2901 router?

- by user65712

I get this message on a new 2901 Cisco router: Cisco Configuration Professional (Cisco CP) is installed on this device and it provides the default username "cisco" for one-time use. If you have already used the username "cisco" to login to the router and your IOS image supports the "one-time" user option, then this username has already expired. You will not be able to login to the router with this username after you exit this session. It is strongly suggested that you create a new username with a privilege level of 15 using the following command. username <myuser> privilege 15 secret 0 <mypassword> Replace and with the username and password you want to use. It appears every time I login and everytime I show run. I already set up my username. How do I turn it off?

Search Results

Search found 90974 results on 3639 pages for 'user 123'.

Page 261/3639 | < Previous Page | 257 258 259 260 261 262 263 264 265 266 267 268 | Next Page >

- by Pavel

- by inspectorG4dget

- by MikeQ

- by Shawn Gradwell

- by Fidel

- by Professor Frink

- by Jonah

- by radman

- by Mikunos

- by dimmer

- by Drarok

- by Mr. Graves

- by Glenn

- by Spredzy

- by Peter Griffin

- by Howard

- by micilin

- by gkdsp

- by Joel Coel

- by Luca Matteis

- by micilin

- by EMiller

- by Burning the Codeigniter

- by Phaedrus

- by user65712

< Previous Page | 257 258 259 260 261 262 263 264 265 266 267 268 | Next Page >