Search Results

Search found 14099 results on 564 pages for 'group policy preferences'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 276/564 | < Previous Page | 272 273 274 275 276 277 278 279 280 281 282 283  | Next Page >

  • Linux Unable to Write to Directory Despite Permissions

    - by Nick Q.
    I'm trying to give myself permissions to /var/www/ however for some reason I am unable to do so. Currently what I'm facing is this: nick@server1:/var$ ls -l drwxrwxr-x 5 root wwwusers 232 Mar 15 19:31 www nick@server1:/var$ groups nick wwwusers nick@server1:/var$ mkdir www/trying mkdir: cannot create directory `www/trying': Permission denied I am running Ubuntu 10.04 LTS on a VPS and am used to running unix on my own machine so I may be doing something absolutely stupid, but I would like to be able to have the group wwwusers be able to write to www.

    Read the article

  • ASP.NET Security Exception when Switch IIS7 to Use UNC Path for Content

    - by Jeremy H.
    I have a Windows Server 2008 R2 box running IIS7.5 with Medium Trust configured for ASP.NET. When I have the website running from local content (e.g.: c:\inetpub\wwwroot) everything works fine. When I change IIS to use a UNC path for the content (e.g.: \\computer\wwwroot) I get the following error: Security Exception Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file. Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Data.SqlClient.SqlClientPermission, System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. I'm trying to figure out why ASP.NET/IIS would allow for the SQL call when using local content but not when using a UNC path. Any ideas what I need to do to use a UNC path from IIS7 properly?

    Read the article

  • Question regarding the SELinux type enforcement file

    - by Luke Bibby
    In my SElinux te file, I define two new types called voice_t and data_t which certain directories will be classified in the fc file (/data/ will be of type data_t and /voice/ will be of type voice_t). I would like the one SELinux policy to be used for all servers in my network, but, some servers will log VoIP data and other servers will be used to log IP data. I only want the voice_t type to be defined on some servers and data_t to be defined on the others - is this possible? I have tried using an if statement with a boolean expression, and then defining the type when the condition is true but this does not seem to work (it tells me there is a syntax error at 'type data_t'' or 'type voice_t;'). Example: if (data_logger) { type data_t; } else { type voice_t; } Any help would be greatly appreciated. Cheers, Luke

    Read the article

  • BIND authoritative name server: SERVFAIL?

    - by Luca Tettamanti
    I have a BIND 9.6 instance that acts as a caching NS for the whole building and is also authoritative for an internal zone ("example" below): zone "example" { type master; file "example"; update-policy { grant dhcp-update subdomain example. A TXT; }; }; Due to a rogue switch we lost connectivity with the rest of the world, and the NS started answering SERVFAIL; what surprised me was that the server was also unable to respond to queries for the example domain. What is the reason of this behavior? Shouldn't the NS be able to answer since it has authoritative data? edit: The rest of the configuration is the standard one shipped with Debian: hints for the root servers and the zones for localhost and broadcast.

    Read the article

  • Set up FTP user with ProFTPD on Ubuntu

    - by kidrobot
    I want to set up a user "ftp" so they can upload and download files in my /home/httpd/mysite/public_html directory. All files in public_html are owned by user ftp and in group www-data so the ftp user looks like so: uid=108(ftp) gid=33(www-data) groups=33(www-data),65534(nogroup) When I try to connect via an FTP client I get 530 Login incorrect. ftp: Login failed. What do I need to uncomment/add to the proftpd.conf file to make this work?

    Read the article

  • SMTP server on Win2008, SPF ecc

    - by Ronnie
    I want be able to send outgoing email from my website. I want to setup Win2008 smtp to be able to send them respecting all the spam rules. My checklist is: the smtp should be able to accept outgoing email only from internal sites: I will limit it to relay only 127.0.0.1 is this correct? it should have set SPF, DKIM and all the policy avaiable to not be marked as spam: how you would configure it for the internal SMTP? Should I use another kind of server like hMail server? I should be able to send like 30 email from each user session on the website without obliging the user to wait that the email is effectivly sent (I thought to save it on a folder and then use a batch to send them asynchronously). What are my options? What other steps would you add to be sure that the outgoing email is not marked as spam?

    Read the article

  • creating a new user Ubuntu

    - by Matt
    I am trying to new user that can sftp on a server....i did this ubuntu@ip-10-112-46-15:~$ sudo useradd jesse -p testPass ubuntu@ip-10-112-46-15:~$ sudo passwd jesse Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully but when i try to login via sftp I cant get in....am i missing something like adding a group or something the answer was PasswordAuthentication yes

    Read the article

  • Running Apache 2.2 as another user on Windows Server 2008 R2

    - by futureelite7
    Hi, I would like to run apache as a limited user on Windows 2008 R2 for security reasons. I've created a user in the user group (let's call it apache), and set the user to run as in the services pane, but then I am unable to start the service (probably not enough permission to bind to port 80). What is the minimum privileges needed to run apache on windows 2008, or what should I do to allow the user apache to bind apache 2.2 to port 80? Thanks!

    Read the article

  • UNIX - mount: only root can do that

    - by Travesty3
    I need to allow a non-root user to mount/unmount a device. I am a total noob when it comes to UNIX, so please dumb it down for me. I've been looking all over teh interwebz to find an answer and it seems everyone is giving the same one, which is to modify /etc/fstab to include that device with the 'user' option (or 'users', tried both). Cool, well I did that and it still says "mount: only root can do that". Here are the contents of my fstab: # /etc/fstab: static file system information. # # Use 'vol_id --uuid' to print the universally unique identifier for a # device; this may be used with UUID= as a more robust way to name devices # that works even if disks are added and removed. See fstab(5). # # proc /proc proc defaults 0 0 # / was on /dev/mapper/minicc-root during installation UUID=1a69f02a-a049-4411-8c57-ff4ebd8bb933 / ext3 relatime,errors=remount-ro 0 1 # /boot was on /dev/sda5 during installation UUID=038498fe-1267-44c4-8788-e1354d71faf5 /boot ext2 relatime 0 2 # swap was on /dev/mapper/minicc-swap_1 during installation UUID=0bb583aa-84a8-43ef-98c4-c6cb25d20715 none swap sw 0 0 /dev/scd0 /media/cdrom0 udf,iso9660 user,noauto,exec,utf8 0 0 /dev/scd0 /media/floppy0 auto rw,user,noauto,exec,utf8 0 0 /dev/sdb1 /mnt/sdcard auto auto,user,rw,exec 0 0 My thumb drive partition shows up as /dev/sdb1. I'm pretty sure my fstab is set up OK, but everyone on the other posts seems to fail to mention how they actually call the 'mount' command once this entry is in the fstab file. I think this is where my problem may be. The command I use to mount the drive is: $ mount /dev/sdb1 /mnt/sdcard. /bin/mount is owned by root and is in the root group and has 4755 permissions. /bin/umount is owned by root and is in the root group and has 4755 permissions. /mnt/sdcard is owned by me and is in one of my groups and has 0755 permissions. My mount command works fine if I use sudo, but I need to be able to do this without sudo (need to be able to do it from a PHP script using shell_exec). Any suggestions? Sorry for making you read so much...just trying to get as much info in the initial post as possible to preemptively answer questions about configuration stuff. If I missed anything tho, ask away. Thanks! -Travis

    Read the article

  • Fortigate - Accessing a Virtual Server address from several interfaces

    - by Jeremy G
    I am setting up a new application in its own DMZ on our Fortigate 300C firewalls. I have defined a load-balancing configuration for part of the application, and this works fine for traffic coming in from our internal network. However, I would also like this application to be reachable from other DMZs, for inter-application traffic, and from the SSL VPN interface. I can't seem to define the required policy, and it seems this is due to Virtual Servers being bound to the client interface on the Fortigate rather than the server interface (and so my virtual IP is not accessible from any of these other interfaces) Does anyone have an idea how I might go about this ? I guess I could create other virtual IPs for each interface, but this gets complicated to handle as clients need to change the address they use depending on how they are connecting. Thanks, Jeremy G

    Read the article

  • Linux networking "jail" for a single process

    - by halp
    I need to tune up a networking app for network specific things like: make it use a DNS server different than the default one from /etc/resolv.conf make sure it does not try to connect to certain hosts/ports using tcp/udp connections I know I can get away with just modifying /etc/resolv.conf and writing some iptables rules, but going for a default DENY firewall policy for outgoing IP packets can trigger malfunctions in other services running on the server. I know I can set up a virtual machine with a whole OS and run my app there, but it seems a bit overkill. Is it possible to have a networking "jail" for a single app (think single Linux process) that could accept iptables-like rules for network traffic (think in terms of IP packets and above) allowed to and from this particular app? Maybe this is achievable through some dynamically loaded library that can deal with the networking layer, the same manner tsocks does, but more fine-grained?

    Read the article

  • What are the best practices for service accounts?

    - by LockeCJ
    We're running several services in our company using a shared domain account. Unfortunately, the credentials for this account are widely distributed and being used frequently for both service and non-service purposes. This has led to a situation where it is possible that the services will be temporarily down due to this shared account being locked. Obviously, this situation needs to change. The plan is to change the services to run under a new account, but I don't think this goes far enough, as that account is subject to the same locking policy. My questions is this: Should we be setting up the service accounts differently than other domain accounts, and if we do, how do we manage those accounts. Please keep in mind that we are running a 2003 domain, and upgrading the domain controller is not a viable solution in the near term.

    Read the article

  • How can I expire non-active sessions on my Netscreen SSG140?

    - by David Mackintosh
    I have a Juniper Netscreen SSG-140. While experimenting with a VoIP service, I defined a custom policy that was to be used to permit the possible ports in use to be sent back to the VoIP server from systems connecting across the internet. Because I'd had problems in the past with VoIP systems getting broken when their UDP sessions were expired out faster than their keep-alives were generated, I set the timeout on this custom service to be 'never'. After much experimentation, I happened to notice that my session count on the firewall has grown from a couple thousand to over 36000. After discussion with the VoIP "expert", I set the timeout to be 30 minutes; however, all the sessions set up during the experimentation process are still there, more than 3 days later. Is there a way I can force these old sessions to get expired and removed from the session table, or am I looking at resetting my firewall? (Both firewalls, actually -- they are in a cluster.)

    Read the article

  • Unable to authenticate Windows XP clients agains Snow Leopard Server PDC after 10.6.2 upgrade

    - by Roland
    I have setup a Snow Leopard Server 10.6.1 as a PDC without problems to authenticate Windows XP clients. Joining a Windows XP client to the SLS PDC Domain and log in from a Windows XP client to the SLS PDC Domain are working. After the update to Snow Leopard Server 10.6.2 the authentication is broken. opendirectory_smb_pwd_check_ntlmv1 gave -14090 [eDSAuthFailed] By changing the Windows XP "Network security: LAN Manager authentication level" policy to NTVLM2 responses only the authentication agains a SMB share is possible, but trying to join SLS PDC Domain is still not possible. opendirectory_smb_pwd_check_ntlmv2 gave -14090 [eDSAuthFailed] Any ideas? Is anyone else having similar authentication difficulties?

    Read the article

  • Are there any good references coparing Software Development CM best practices to IT CM best practice

    - by dkackman
    I have spent my career on the software development side of things and in the latter part have become more and more involved in the realm of Software Configuration Management. Now I am moving into an IT group and need to ramp up on CM practices from that standpoint. Are there any good references (books, websites, blogs whatever) out there comparing Software CM practices to IT CM practices? Basically I'm in learning mode and am trying compare things I already know from the software development side to things on the IT side.

    Read the article

  • Can't get Passwordless (SSH provided) SFTP working

    - by Shoaibi
    I have chrooted sftp setup as below. # Package generated configuration file # See the sshd_config(5) manpage for details # What ports, IPs and protocols we listen for Port 22 # Use these options to restrict which interfaces/protocols sshd will bind to #ListenAddress :: #ListenAddress 0.0.0.0 Protocol 2 # HostKeys for protocol version 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key #Privilege Separation is turned on for security UsePrivilegeSeparation yes # Lifetime and size of ephemeral version 1 server key KeyRegenerationInterval 3600 ServerKeyBits 768 # Logging SyslogFacility AUTH LogLevel INFO # Authentication: LoginGraceTime 120 PermitRootLogin without-password StrictModes yes AllowGroups admins clients RSAAuthentication yes PubkeyAuthentication yes #AuthorizedKeysFile %h/.ssh/authorized_keys # Don't read the user's ~/.rhosts and ~/.shosts files IgnoreRhosts yes # For this to work you will also need host keys in /etc/ssh_known_hosts RhostsRSAAuthentication no # similar for protocol version 2 HostbasedAuthentication no # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication #IgnoreUserKnownHosts yes # To enable empty passwords, change to yes (NOT RECOMMENDED) PermitEmptyPasswords no # Change to yes to enable challenge-response passwords (beware issues with # some PAM modules and threads) ChallengeResponseAuthentication no # Change to no to disable tunnelled clear text passwords #PasswordAuthentication yes # Kerberos options #KerberosAuthentication no #KerberosGetAFSToken no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes # GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCredentials yes X11Forwarding yes X11DisplayOffset 10 PrintMotd no PrintLastLog yes TCPKeepAlive yes #UseLogin no #MaxStartups 10:30:60 #Banner /etc/issue.net # Allow client to pass locale environment variables AcceptEnv LANG LC_* #Subsystem sftp /usr/lib/openssh/sftp-server # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication and # PasswordAuthentication. Depending on your PAM configuration, # PAM authentication via ChallengeResponseAuthentication may bypass # the setting of "PermitRootLogin without-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication # and ChallengeResponseAuthentication to 'no'. UsePAM yes Subsystem sftp internal-sftp Match group clients ChrootDirectory /var/chroot-home X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp a dummy user root:~# tail -n1 /etc/passwd david:x:1000:1001::/david:/bin/sh Now in this case david can sftp using say filezilla client and he is chrooted to /var/chroot-home/david/. But what if i was to setup a passwordless auth? I have tried pasting his key in /var/chroot-home/david/.ssh/authorized_keys but no use, tried ssh'ing as david to the box and it just stops at "debug1: Sending env LC_CTYPE = C" after i supply it password and there is nothing shown in auth.log, may be because it can't find the homedir. If i do "su - david" as root i see "No directory, logging in with HOME=/" which makes sense. Symlink doesn't help either. I have also tried with: Match group clients ChrootDirectory /var/chroot-home/%u X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp a dummy user root:~# tail -n1 /etc/passwd david:x:1000:1001::/var/chroot-home/david:/bin/sh This way if i don't change /var/chroot-home/david to root:root sshd complains about bad ownership or permission modes, and if i do, david can no longer upload/delete anything directly in his home while using sftp from filezilla.

    Read the article

  • VMWare vmfs vs NFS datastore with vmdk?

    - by CarpeNoctem
    I want to add a new harddisk to an existing VM and want the best performance possible. The new hard disk will exist on an NFS datastore. Currently I did the following: Created new vmdk on NFS datastore Created new lvm partition using fdisk Create new physical volume, volume group, and logical volume (2TB) Created ext3 partition on logical volume Is there a better way to do this? Should I be doing some vmware-ish file system instead?

    Read the article

  • How do I allow remote access to mysql using xampp?

    - by sprugman
    I'm using xampp and navicat to manage mysql on two dev machines (laptop & desktop). The laptop is my main machine, while the desktop acts as a local dev server for the group. Connecting to mysql via localhost in navicat is working fine on the laptop. Is there a way (other than the http tunneling method) to allow access to the desktop from the laptop via navicat?

    Read the article

  • iproute2 rules and iptables NAT... what is the difference?

    - by Jakobud
    We have 2 different ISP connections. Our previous "IT guy" setup our firewall like so: When /etc/rc.local was executed on startup, it did a bunch of ip rule add and ip route add commands in order to route certain internal hosts to use certain ISP connections. Then at the end of /etc/rc.local, he executed our iptables firewall rules that were generated by Firewall Builder. These iptables rules have both Policy and NAT rules setup in them. What I don't understand, is why did he use iproute2 to specify rules and routes but also specify NAT rules for iptables? Why didn't he just do it all in one or the other instead of using them both? Could he have got rid of the iproute2 rules and routes and just put all those same rules into the iptables NAT settings?

    Read the article

  • ASP.NET Security Exception when Switch IIS7 to Use UNC Path for Content

    - by Jeremy H.
    I have a Windows Server 2008 R2 box running IIS7.5 with Medium Trust configured for ASP.NET. When I have the website running from local content (e.g.: c:\inetpub\wwwroot) everything works fine. When I change IIS to use a UNC path for the content (e.g.: \\computer\wwwroot) I get the following error: Security Exception Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file. Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Data.SqlClient.SqlClientPermission, System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. I'm trying to figure out why ASP.NET/IIS would allow for the SQL call when using local content but not when using a UNC path. Any ideas what I need to do to use a UNC path from IIS7 properly?

    Read the article

  • Nt4.0 Printer Driver not compatible with Vista?

    - by PhillC
    I've got a Brother Fax-8360P printer that has a standard printer port so it can be connected to my WindowsXP machine. I've found some drivers on the net that work and it is a pretty decent laser printer. However, when I try and connect up to it from my Vista machine over the network, it tells me that "The printer driver is not compatible with a policy enabled on your computer that blocks NT4.0 drivers". Main question - is it possible to alter this so that my Vista machine will allow me to print via the network. Secondary question - does anyone know of any generic driver that will work instead?

    Read the article

  • Problems with login scripts on Terminal Server 2008

    - by discovery
    We are having issues with login scripts not running on Windows 2008 Terminal Server. This is a brand new implementation and they have never worked. The test user in question doesn't have any problems running login scripts on their workstation. I have tried logging into the server directly with their account, but still no scripts run. I have setup a test account with Domain Admins rights in the same OU as theirs and the scripts don't run. I can manually run the scripts from the SYSVOL\somedomain.com\Policies folder and they run fine. The Terminal 2008 Server is in a mixed 2003/2008 domain. The user can run the gpupdate on the server without error. I have also run the Group Policy Results for this user and the terminal server and everything looks good, no errors. Any suggestions?

    Read the article

  • Cannot login to SQL Server 2008 R2 with Windows authentication

    - by Ian Boyd
    When i try to connect to SQL Server (2008 R2) using Windows authentication: i cannot: Checking the Windows Application event log, i find the error: Login failed for user 'AVATOPIA\ian'. Reason: Token-based server access validation failed with an infrastructure error. Check for previous errors. [CLIENT: ] Log Name: Application Source: MSSQLSERVER Event ID: 18456 Level: Information User: AVATOPIA\ian OpCode: Task Category: Logon i can login to the computer itself using Windows authentication. i can log into SQL Server using the local Windows Administrator account. We can connect to 8 other SQL Servers on the domain using Windows Authentication. Just this one, whitch is the only one that is 2008 R2 is failing. So i assume it's a bug with *2008 R2. Note: i cannot logon locally, or remotely, using Windows authentication. i can login locally and remotely using SQL Server Authentication. Update Note: It's not limited to SQL Server Management Studio, standalone applications that connect using Windows authentication: fail: Note: It's not a client problem, as we can connect fine to other (non-SQL Server 2008 R2 machines): i'm sure there's a technote or knowledge base article describing why SQL Server 2008 R2 is broken by default, but i can't find it. Update 2 Matt figure out the change that Microsoft made so that SQL Server 2008 R2 is broken by default: Administrators are no longer administrators All that remains is to figure out how to make Administrators administrators. One of these days i'm going to start a list of changes around Microsoft's "broken by default" initiative. Steps to reproduce the problem How do i add a group to the sysadmin fixed server role? Here's the steps i try, that don't work: Click Add: Click Object Types: Ensure that you have no ability to add groups: and click OK. Under Enter the object names to select, enter Administrators: Click Check Names, and ensure that you are not allowed to add groups: and click Cancel. Click Browse..., and ensure that you have no ability to add groups: You should now still not have added any group to the sysadmin role. Additional information SQL Server Management Studio is being run as an administrator: SQL Server is set to use Windows Authentication: tried while logged into SQL with both sa and the only other sysadmin domain account (screenshot can be supplied for those who don't believe)

    Read the article

  • Snmp configuration giving me timeout, no response

    - by imaginative
    This is definitely not a firewall issue as no firewalls are in between the src and tgt machines. I'm simply setting up snmp to be queried by a nagios server. My snmpd.conf looks like the following (I'm using net-snmp on Ubuntu 9.10): com2sec nagiossrv 10.10.10.10 public group Nagios v1 nagiossrv view all included .1 access Nagios any noauth exact all none none When I try to walk it: t:/etc/nagios3# snmpwalk -v1 -c public 10.10.10.10 system Timeout: No Response from 10.10.10.10 Any idea where I went wrong with my configuration?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 272 273 274 275 276 277 278 279 280 281 282 283  | Next Page >