Search Results

Search found 3926 results on 158 pages for 'same origin policy'.

Page 27/158 | < Previous Page | 23 24 25 26 27 28 29 30 31 32 33 34  | Next Page >

  • How to audit a specific folder in Windows Server 2003?

    - by saint
    We have had several cases of file deletion in one of our windows file servers. Server is also a domain controller. Unfortunately we kept the auditing disabled completely due it being such a resource hog. So I was wondering If there is a way to audit a specific folder for a specific security group, for just file and folder deletions within the specified folder. Also is there a recommended third party application for auditing or monitoring. Many Thanks.

    Read the article

  • User/Group Policies in Windows 2000 domain controller

    - by Chris
    In Server 2000 active directory, I have 5 groups of users and every user has different policies. The problem is that a different desktop loads for only one specific user no matter what changes I make in administrative templates. If I copy this user profile and paste it into another group with a different name, windows workaround loads as it should, but some policies are not applied. Does anybody know a way to solve this problem instead of creating a new group and user from scratch?

    Read the article

  • User/Group Policies in Windows 2000 domain controller

    - by Chris
    In Server 2000 active directory, I have 5 groups of users and every user has different policies. The problem is that a different desktop loads for only one specific user no matter what changes I make in administrative templates. If I copy this user profile and paste it into another group with a different name, windows workaround loads as it should, but some policies are not applied. Does anybody know a way to solve this problem instead of creating a new group and user from scratch?

    Read the article

  • GPO startup script not copying files

    - by marcwenger
    I created a GPO startup script to execute for computers in a specific AD container. The script takes a file from the AD netlogon share and places it on a directory on the computer. Given the right permissions (ie: myself) can execute the script just fine and the file copies. But it doesn't work on startup - the file does not copy over from the AD server. The startup script should run as localsystem (am I right?). So the question is why do the files not copy on startup? Could it be because of: Is it permissions of the local system user? Reading the registry is problematic on startup? Obtaining files from the AD netlogon folder is problematic on startup? Am I missing it completely? My test machine does have the registry key and local directories as described in the script. I myself have standard user permissions on the test machine. AD server is Windows 2008, test client is Windows XP SP3 (and soon to be Windows 7, which I assume permissions issues will be inevitable) Dim wShell, fso, oraHome, tnsHome, key, srcDir Set wShell = WScript.CreateObject("WScript.Shell") Set fso = CreateObject("Scripting.FileSystemObject") key = "HKLM\Software\Oracle\Oracle_Home" On Error Resume Next orahome = wShell.RegRead(key) If err.Number = 0 Then tnsHome = oraHome + "\" + "network\admin\" srcDir = wShell.ExpandEnvironmentStrings("%logonserver%") + "\netlogon\UpdatedFiles\" fso.CopyFile srcDir + "file1.ext", tnsHome, true End If Side note: To ensure that the script is properly deployed, I purposely put some errors in the script, and on the next startup the error message appeared. So I know the GPO is deployed properly.

    Read the article

  • Managing self-updating Windows software in GPO-deployed packages

    - by Paul
    Being very new to Windows software distribution for a small network (<50 clients) I was wondering how software packages like Adobe's Reader or Java are handled. I can deploy them as MSIs via group policies just fine. But what happens when the client software detects updates? What are common ways to handle this? Disable the software's autoupdate feature? Redeploy when the admin detects a new version? Just fishing for knowledge, thanks for any hint.

    Read the article

  • Users are getting a temporary profile

    - by Serhiy
    A bit about current setup: It is windows 2008 R2 AD servers (all of them are 2008R2) and couple locations which set as Sites. Each location has DFS on AD server. Roaming profiles are not used nor configured. Users have their home folder configured as mapped S: drive to DFS shared folder. For example: in profile tab user has: Home Folder - connect - S: to \\domain.com\dc\users\%username% We also have redirected Desktop, Documents and Downloads folders to \\domain.com\dc\users. Everything was fine. Suddenly (today), users in most locations lost their local profile (both XP and W7 desktops) and got temporary profiles. Also, it looks like local profile was created today (from folder properties). I checked events at couple machines and there is not errors related to profiles or logon process. I do not see issues in event logs at servers as well. Basically, I run out of ideas what is wrong and why machines lost their local profiles. PS: Laptop users do not have their folders redirected, but lost profiles as well.

    Read the article

  • Is it possible, via GPO or other method, to turn Internet Explorer's intranet compatibility mode OFF across a domain?

    - by dunc
    Our school's VLE has a few problems when running in IE8/IE9's Compatibility View. Mainly it causes difficulties with uploading files. This problem is easily remedied by un-ticking the Display intranet sites in Compatibility View option from Internet Explorer's Compatibility View options. However, I'm unable to find a way of doing this en masse. I can't find anything regarding this in GPO - would a registry hack or similar do the trick? Thanks in advance,

    Read the article

  • Temporary user-profiles on Windows Server 2008 TS

    - by sinni800
    Hello, for a publicly accessible terminal server I have created a user profile which only allows running of a few programs (demonstration of applications). This results in many people connecting to the same user name on the server, essentially sharing the same profile. How can I copy the original, empty profile on every logon to a seperate directory and delete it afterwards, so everybody starts with a clean copy of the "Guest"-Account?

    Read the article

  • Behaviour of disabling "Allow non-administrators to receive notifications" GPO

    - by Jaymz
    Hi everyone, As the title suggests, I'm trying to figure out the specific behaviour of the following GPO when disabled: Administrative Templates Windows Components Allow non-administrators to receive update notifications We've just started using WSUS, and have added a few machines for testing. At the moment, this is set to Enabled. The problem with this setting is it seems to allow users to opt out of certain updates if they deselect the checkbox after hitting custom install. My main concern with disabling this setting is this: Does it stop non-admins from getting the installs deployed to them? My guess would be that it will just install them silently at the set scheduled time, suppressing any prompts and ensuring they don't get the opportunity to cancel them (this is what I want). My worry is that non-admin users will never get updates pushed to them unless an admin goes and logs on to their machine (not what I want, and seems like a silly situation to be in). Thanks in advance, Jaymz.

    Read the article

  • shut down FTP from IIS 6 after <X> failed login attempts

    - by Justin C
    Is there a setting in IIS 6 to turn an FTP site off after a specified number of failed login attempts? It has already been documented on this site that a Windows server sitting on a static IP address can record tens of thousands of failed login attempts a month. One server I maintain has had tens of thousands of attempts made against the FTP port. I have solid passwords in place, so I am not overly concerned. I rarely have to use the FTP, so for the most part I turn it on and off as I need it. Sometimes though I forget to turn it off when I am done, only to find the next day that my EventLog is full of audit failures. I would want to set a high number, in case I just messed up the password. Something like if 50 failed login attempts happen, just turn off the FTP site. Then if I need it later I can just start it again.

    Read the article

  • task scheduler - run interactively as any user with admin credentials

    - by Force Flow
    I'm trying to deploy a scheduled task with a GPO. The task is set to run at login and executes a batch file, which then executes an EXE file. However, I also need it to be interactive and run with admin privledges to bypass the UAC prompt for a username and password when the exe file runs. I created the task for "Vista and later". I've tried running the task as mydoman\administrator and as NT AUTHORITY\Authenticated users with "run only when user is logged in" and "run with highest privledges" selected. If I log in as anyone but administrator, the task does run in the background, as I can see the cmd.exe process running in task manager as mydomain\administrator. Only if I log in as administrator do I then see the cmd window with the batch script running. How can I get the cmd window to display no matter which user logs in?

    Read the article

  • Windows 7 blocks network access to network-installed apps

    - by VokinLoksar
    Windows 2008 R2 domain. Users, running Windows 7 Enterprise, are trying to run some software from a network share. Specifically, I've tested this with MATLAB and PuTTY. When starting, MATLAB has to contact a licensing server to get its license. This action fails for regular users when they start MATLAB from the network share. However, if they copy the installation directory to a local disk everything works fine. Running MATLAB as an admin user from the network share also works. Same story with PuTTY. If the executable is launched from the share, regular users cannot connect to any servers. Something is blocking network communications for programs that are launched from a network drive. Here's the only other mention I could find of the same problem: https://social.technet.microsoft.com/Forums/en-US/w7itpronetworking/thread/4504b192-0bc0-4402-8e00-a936ea7e6dff It's not the Windows firewall or the IE security settings. Does anyone have any clue as to what this is?

    Read the article

  • how to change the default open-with program to a program on the second disk

    - by Scott????
    I have a 250GB HDD for my system and a 60GB SSD using a SATA port. I installed most of my applications on the SSD. There's a strange thing though. I can not change the default open-with program to a program which is on the SSD. I think it may be caused by permission so I gave my user a 'full control' permission on the security tab in disk properties. But changing permissions is not work. After I choose an application (I've tried Notepad++, Sublime, 7Zip, etc.), nothing is added in the below window: Also, if I install 7Zip on my machine, the right click menu items can not be added.

    Read the article

  • GPO Startup Script can't modify HKU Registry?

    - by pepoluan
    I've been scratching my head with my current problem. You see, I have this Startup Script that I pushed via GPO. Problem is, although the script starts alright (I see the event it created when starting in the event log), it always fails when trying to enumerate and/or modify registry settings under HKU. If I login as administrator and execute the script manually, it works! If I startup a Command Prompt as SYSTEM (using the "at" workaround) and execute the script manually, it also works! If I reboot... the script always fails. Can anyone shed a light on my problem? Additional information: This script injects some registry values for the Local Administrator (i.e., S-1-5-21-etc etc etc-500), so I'm not sure that it's doable via GPP, not to mention that since nearly all the workstations in my domain are still using XP, so no guarantee of GPP support.

    Read the article

  • How to stop domain users from installing any software?

    - by Chris
    Hi everyone, I was wondering which policies, etc I could setup to stop any installations from occurring in a server 2003 domain environment? I have 2003 RC2 and XP Pro clients. I guess the quick easy way is to make everyone guests, but this also blocks them from other things that they might need to do/access. I've seen a lot of ideas but they do not fully block everything. I know there probably isn't a fix all but would like to get as close as possible. Thank you all,

    Read the article

  • Managing SharePoint permissions via Active Directory?

    - by rgmatthes
    My company has thousands of employees organized thoroughly via Active Directory. I have confidence in the accuracy of the Department and Title information displayed in the user profiles. I'm helping to put up a brand new SharePoint 2007 site, and I contacted IT about managing the site's permissions through AD Groups. The goal is to have the site automatically assign read/write/contribute/whatever permissions based on the information in AD. For example, we could create an AD Group called "Managers" that would contain anyone with the "Manager" title in their AD user profile. I would have SharePoint tap into this AD Group to mass assign permissions if I knew all managers would need a certain level of access (read/write/contribute/whatever). Then if a manager joins the company or leaves it, the group is automatically updated (provided AD gets updated, of course). My IT rep called back and said it couldn't be done. This seems like a pretty straightforward business requirement, and one of the huge benefits of having Active Directory, but maybe I'm mistaken. Could anyone shed some light on this? A) Is it possible to use dynamically-updated AD Groups when assigning permissions via SharePoint? (Does anyone know of a guide I could show my doubtful IT rep?) B) Is there a "best practice" way to go about this? I've read some debate on whether SharePoint Groups or AD Groups are the way to go. My main concern is dynamic updating. C) If this isn't available out of the box, can someone recommend third-party software that will provide the functionality I'm looking for? A big thanks to anyone who can help me out!!

    Read the article

  • Deleting sender from Outlook Safe Senders using GPO?

    - by Hutch
    We're having an external company do a mailshot to our users. The message contains images that are linked rather than embedded in the image (bandwidth isn't an issue). So of course on recent versions of Outlook you're prompted to download the images, not the end of the world, but it would be nice if that didn't happen. There's a bug in the Office/Outlook ADM/ADMX templates that means that a custom list of Safe Senders won't import unless you follow this: http://support.microsoft.com/kb/2252421 Thing is, if I remove an entry from the Safe Senders file, it doesn't seem to remove it from Outlook, which seems odd?

    Read the article

  • What should I do about this user?

    - by Tim Brigham
    What should I do about this user? The user is: Downloading pornography Attempting unauthorized access Running hacking software Sending unsolicited email Installing software / tampering with the system etc This is intended as a generic answer for employee behavioral problems, a la Can you help me with my software licensing question? I could see where acceptable use issues are a touch out of scope for SF, however it is one of those things most sysadmins will run into. I don't want to keep rewriting similar answers.

    Read the article

  • User permission settings on DNS with windows 2003 server R2 standard edition

    - by Ghost Answer
    I have windows server 2003 r2 standard edition and some XP OS clients systems. I have created the DNS and profiles for all user. Now I want to authorized some users to installation of softwares, remove softwares and other such kind of things. How to I make such kind of policies for all different users on DNS. Please help me. May be this question can be same for another but I didn't get the solutions.

    Read the article

  • Can a GPO Startup Script starts a background process and exit immediately?

    - by pepoluan
    I have Googled, and not yet found an answer. Scenario: One of my GPOs have a Startup Script that takes a long time to finish. For some reasons, we have to run the scripts synchronously. Naturally, this causes slow startup time (sometimes as long as 15 minutes!) before the Logon screen appears. After profiling and analyzing the perpetrator script, I conclusively determined that the step where it's taking a long time to finish will not affect the result of the succesive GPOs. In other words, that particular step (and all steps afterwards) can run in the background. My Question: Is it possible for the Startup Script to just 'trigger' another script/program that will run to completion even when the Startup Script exits? That is, the "child processes" of the Startup Script continues to live even when the Startup Script's process ends? Additional Info: The Domain Controllers are 2008 and 2008 R2's. The workstations are Windows XP.

    Read the article

  • I need a script to lockdown the system time to users via gpedit.msc

    - by Chester
    I need to lockdown the system time on a number of PCs via gpedit.msc and then removing administrators from the group and then adding 'administrator' and 'polling'. Can I do this via a script? Essentially I have to; Run gpedit.msc Computer Configuration Windows Settings Security Settings Local Policies User Rights Assignment Double Click Change the system time Select Administrators Click Remove Click Add User or Group Type Administrator Click Check Names Type polling Click Check Names OK Apply OK Logoff I have to do this for a huge number of computers so is there a batch file I could run on each PC to do this? Your help would be very much appreciated. Best Regards

    Read the article

  • Some doubts about the use of usermod and groupmod command

    - by AndreaNobili
    I am not yet a true "Linux guy" and I have the following doubts about how exactly do the following shell procedure (a list of commands steps) founded in a tutorial that I am following (I want deeply understand what I am doing before do it): sudo passwd root then login again as root usermod -l miner pi usermod -m -d /home/miner miner groupmod -n miner pi exit So at the beginning it enable the root account and I have to login again in the system as root...this is perfectly clear for me. And now I have the followings doubts: 1) The usermod command: usermod -l miner pi usermod -m -d /home/miner miner Reading the official documentation of the usermod command I understand that this command modify the informations related to an existing account Reading the documentation it seems to me that the -l parmether modify the name of the user pi in miner and then the -m -d paramether move the contents of the old home directory to the new one (named miner) and use this new directory as home directory My doubt is: what exactly do the executions of these operation? I think that: Rename the existing pi user in miner Then move the content of the old home directory (the pi home directory? or what?) into a new directory (/home/miner) that now is the home directory for the miner user. Is it right? The the second doubt is related to this command groupmod -n miner pi It seems to me that change the group name from pi in miner But what exactly is a group in Linux and why is it used? Tnx

    Read the article

  • Upgrade manually-installed msi by assigning software through gpo

    - by Mr Happy
    In the past I rolled out software by manually installing it on a "golden" workstation, creating an (ghost)image from that and rolling that out to the other workstations. I try not to do that any more for simple/small software, and when possible (if it's an .msi) I assign the software through gpo. I'm having a problem with one of those. The software was manually installed on the image, which was rolled out, and now I have an update for that software (new msi) and I'd like to assign it through gpo. Don't know if it's relevant but it's user assigned. The new version gets installed alongside with the old version (this is possible since the program folder is different between those versions). When I install the same msi by hand, it properly removes/upgrades the old version though. Is what I am trying to do possible?

    Read the article

  • Add site to trusted sites through GPO

    - by Matt Bear
    I need to add a site to trusted sites on all computers in my domain. I can do it with the "site to zone assignment list", however when I do, it locks trusted sites on the client computer "this setting is managed by your administrator". What I need is a way to add the site, make it persistant, and not affects the users ability to add trusted sites of thier own. (It's a development enviroment, sites are created and tested regularly, they need that ability.)

    Read the article

  • Limit display/session resolution for machines @ VDI environment on RDS 2012

    - by WarP
    I have couple of windows 7 entprise virtual machines in collection as part of VDI environment - so users connecting to them through RDS 2012 web site. Is there any way to fix resolution of remote desktops, that user receives (instead of full screen all time) ? I've tried different group policies, but none of them are worked, probably because all those policies are for RDS sessions and not virtual desktops ... And i don't know how to limit resolution locally on win7 machine itself, so connecting users will receive fixed resolution.

    Read the article

< Previous Page | 23 24 25 26 27 28 29 30 31 32 33 34  | Next Page >