Search Results

Search found 1466 results on 59 pages for 'authenticate'.

Page 28/59 | < Previous Page | 24 25 26 27 28 29 30 31 32 33 34 35  | Next Page >

  • Vista Enterprise doesn't find logon servers in a network with 802.1x authentication

    - by jneves
    In a network with 802.1x configuration and a samba server configured in the domain, I have a radius server that delegates the authentication against the samba domain for users (using LDAP). The radius defines which VLAN the user is supposed to have access. I'm trying to put a Windows Vista Enterprise in the same network, but it attempts to logon the domain before authenticating against the network in 802.1x and it doesn't find any logon servers. In the radius logs I see the machine trying to authenticate with 'host/'. Does Vista enterprise require that I put it in a network with access to the logon server at that point? Thanks in advance, João Miguel Neves

    Read the article

  • "svn: Cannot negotiate authentication mechanism" for OSX CLI and WinXp TortoiseSVN, but linux CLI works

    - by dacracot
    I had a working subversion server which used the passwd file which stores passwords in clear text. My requirements changed so that passwords now need to be encrypted. I did everything according to the book to use SASL, or so I believe, but now only the linux command line can authenticate. My OSX users, which also use command line, and my WinXp users, which use TortoiseSVN get errors. Linux versions are 1.6.11. OSX versions are 1.6.17. And TortoiseSVN versions are 1.7.4. /opt/subversion/QRpage/conf/svnserve.conf: [general] anon-access = none auth-access = write realm = ABC [sasl] use-sasl = true min-encryption = 128 max-encryption = 256 /etc/sasl2/svn.conf: pwcheck_method: auxprop auxprop_plugin: sasldb sasldb_path: /etc/sasldb2 mech_list: DIGEST-MD5 Then I add new users via: saslpasswd2 -c -f /etc/sasldb2 -u ABC dacracot But for instance OSX users get this error trying to check out: $ svn co svn://svn.nowhere.org/QRpage svn: Cannot negotiate authentication mechanism

    Read the article

  • KMS / Office 2010... please point to documentation.

    - by TomTom
    Trying to find out how to "modify" KMS to also accept the Office 2010 KMS key. Can anyone point me to some document about this? Basically - do I have to install an update to KMS? I wand my KMS server to authenticate both, Windows (It currently has a DataCenter R2 KMS key installed) as well as Office 2010. Keys are available ;) I can not imagine I just ptu it in - would this not overwrite the DataCenter key? I tried the MSDN website, but there is no clear document visible for my question.

    Read the article

  • Apache can't connect to LDAP server

    - by jldugger
    I'm tying SVN to LDAPS by way of Apache. I've run openssl s_client --host $host --port 636 and received an SSL certificate, so it doesn't appear to be a firewall problem. I get the following warning: [Fri Apr 02 07:38:15 2010] [warn] [client <ip withheld>] [590] auth_ldap authenticate: user jldugger authentication failed; URI /internal-svn [LDAP: ldap_simple_bind_s() failed][Can't contact LDAP server] "Can't contact LDAP server" is somewhere between vague and wrong. I'm at a loss on how to continue debugging this. Ideas?

    Read the article

  • Setting up SVN+SSH for multiple users through one local user.

    - by Warlax
    Hi, I need to make our SVN repository accessible through the firewall - but without creating a local user for each potential external user. Instead, I would like to set-up SVN+SSH to route all external users through a single local user name. We would like each external user to authenticate with SSH the regular way but then treat their instance of svnserve as if they're all that single local user and possibly, control what parts of the repository each external user can access. I know that I will need to set my svnserve config according to the official guide. I tried, but the instructions are fuzzy and I am relatively a Linux n00b. What exactly are the steps to proceed? and how would you go about testing this? Thanks for your help.

    Read the article

  • Can't send emails through sendmail, error occured

    - by skomak
    Hi, I have sendmail MTA and i use pear:Mail class to send mails through remote sendmail server. Everything was fine till yesterday. Probably nothing changes was made in configs. At maillog i can see: May 6 12:58:55 xxx sendmail[25903]: STARTTLS=server, relay=hostxxxx.static.xx.xx.pl [85.x.x.x], version=TLSv1/SSLv3, verify=NO, cipher=DHE-RSA-AES256-SHA, bits=256/256 May 6 12:58:56 xxx sendmail[25903]: o46AwtqE025903: hostxxxx.static.xx.xx.pl [85.x.x.x] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA2 and in /var/log/messages: May 6 13:00:17 lilia sendmail[27193]: realm changed: authentication aborted I use ldap to authenticate users but i used the same script to check mailing on another server and it works there good, only this server behave weird. Packets are deliverd to sendmail server i can see it in tcpdump, but there is smaller packets than on other server which sends emails. Could you tell me how can i check what is wrong with that? D.S.

    Read the article

  • Developer Laptop with SQL Server 2008 can't login to SSIS when offsite

    - by wizlb
    When I bring my Windows XP (SP3) laptop home I can still login as my domain account because Windows caches the info necessary to authenticate me when the domain controller isn't around. However, when I try to connect to Integration Services from within SQL Server Management Studio, it generates SSPI context errors. The only way it works is if I connect to the office with VPN or if I'm at the office where the domain controller is. I have both SQL Server Agent and SQL Server Integration Services 10 running under local computer accounts. It seems that the only option to connect to Integration Services from within Management Studio is to use Window authentication. Is there any way to do this when I'm not connected to the office? Why don't these services use the cached info just like Windows Login? Thanks.

    Read the article

  • How does one guarantee a remote client the same local IP address every time when connecting to a VPN?

    - by Joe Carroll
    I need to configure a VPN for secure remote access to a PACS serving DICOM radiological images. The DICOM standard requires that any clients accessing the PACS must be using a fixed IP address that is pre-registered in PACS. I haven't implemented this solution before and would appreciate any guidance. I believe it should be possible to use RADIUS on the server to authenticate users connecting to the VPN and with it assign each user their own specific local subnet IP address, which would be registered with the PACS. The server runs Windows Server 2003 R2 Enterprise Edition SP2 and the VPN device is a FortiGate 60C. The What would be the best and/or simplest way to set this up?

    Read the article

  • OSX Server 3, Mac clients binding to OD and Profile Manager failing

    - by dbf
    I've made a setup containing a Mac Mini with OSX Server 3 (Mavericks 10.9.2) using Open Directory and Profile Manager (Mail, etc all set up and working). Now the thing is, internally on the local network, everything works great. Clients can bind to the OD and the users are able to login. I can install trust and settings profiles (either custom or group profiles) and all services in the profiles mentioned are being configured correctly. I can log in and out, hump around and do it a 100 times on different macs with different users, it works. My goal is to make this service publicly. The domain is with a FQDN which I own, for simplicity let's say server.domain.com. Now the only way for me to bind the clients to the OD is using LDAP mapping RCF2307 (without SSL) and a DN suffix of dc=server,dc=domain,dc=com using the Directory Utility. The options from server, or open directory will throw several errors like Connection failed to node '/LDAPv3/server.domain.com (2100). First of all I don't really understand the problem why clients can't bind to the OD like it does locally, with and without SSL (all ports are open, literally all ports are open, not just 389,636 and 1640, wasn't sure if I was missing any). When the clients are using LDAP mapping RFC2307 to bind (without SSL only), clients are able to authenticate, login and even load the Trust profile. But every Settings profile will fail with a Debug Message: Unable to find GUID in user record OD or fail to install saying missing user identification. Is there any way to get this to work without RFC2307? Because there is quite some stuff missing when using RFC2307 and not pull the mapping from the server or use open directory. Is this setup even possible? Or should I use VPN to authenticate with the OD? The network setup is a Modem/Router (DHCP off) with WAN NATted to an Airport Extreme (Using DHCP+NAT). The AE does notify with a double NAT message but I haven't had any problems with it on any other service. So WAN - 192.168.2.220 (static), AE - 10.0.1.* (dhcp) Output of DIG from the outside using dig server.domain.com ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;server.domain.com. IN A ;; ANSWER SECTION: server.domain.com. 77 IN A 91.50.*.* (valid WAN IP) ;; SERVER 172.*.*.1#53(172.*.*.1) (iPhone) DIG locally from a client and server (same output) ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0 ;; QUESTION SECTION: ;server.domain.com. IN A ;; ANSWER SECTION: server.domain.com. 10800 IN A 10.0.1.11 ;; AUTHORITY SECTION: server.domain.com. 10800 IN NS domain.com. (used for email send in relay) server.domain.com. 10800 IN NS server.domain.com. ;; SERVER 10.0.1.11#53(10.0.1.11) Are there any things I should check? Only have OSX. -- double NAT issue, plugged in the server directly on the Modem/Router with a static IP and issue remains. Guess that rules out the double NAT thing. -- changeip -checkhostname comes with There is nothing to change, e.g. success. Primary address = 10.0.1.11 Current HostName = server.domain.com DNS HostName = server.domain.com For now, I've made a workaround by using an admin account that forces a permanent VPN connection on boot. That means before it comes to the login, a connection is already made or underway. I will continue this post when I have more time, also locating all the necessary .log files of each application involved. I have some suspicions but have to debug a bit more when I have more time on my hands .. Unless, of course, I get sidetracked with having a life. Which is arguably not very likely. krypted.com

    Read the article

  • Freeware Local Proxy for Proxy Chaining with HTTPAUTH

    - by pepoluan
    I am looking for a freeware local proxy to perform proxy-chaining with HTTPAUTH. To explain my situation: In my workplace I am forced to keep switching between several internet-connected apps, and thus everytime I have to type in the credentials (or, at least, click on 'OK' to send my previously-saved credential). To make matters more annoying, the proxy login times out every 30 minutes, requiring me to lather-rinse-repeat the whole annoyance. I'd like to just point them all to a locally installed proxy which will on its own perform the required HTTPAUTH against the corporate proxy. I've tried Cntlm, but it always fail to authenticate (and according to this thread, that is due to the proxy using HTTPAUTH which is not supported by Cntlm) Any suggestions? ETA: I found Polipo, but it's kinda wonky on Windows. Especially if I visit a new URL, and the DNS server is a bit slow, then Polipo will simply drop/refuse the connection. And I have to put my password in plaintext. If there's a better suggestion, I'm all ears.

    Read the article

  • Share files from Windows XP to Mac Snow Leopard

    - by sympleko
    Hi, I have a Windows XP desktop and a MacBook Pro on my home network. I would like to mount my "home directory" (My Documents, or whatever they call it in Windows) onto my MacBook's filesystem. So far I have been able to do this with the Shared Documents folder, using the excellent howto at Maclive. But I'd like to be able to authenticate using my Windows XP username and password, and access my files remotely without exposing them to everyone on the nextwork. Any clues or good links?

    Read the article

  • LDAP (slapd) creating users with access to specific trees

    - by Josh
    I am setting up a CentOS server with Virtualmin and Postfix, and I am trying to use LDAP to store unix users, groups, Postfix aliases and virtual domains. I am following the instructions from Webmin's site. I have created an LDAP domain and configured Postfix to fetch Aliases and Virtual Domains from LDAP, but in order to do so I had to configure postfix to authenticate with the master LDAP account, cn=Manager,dc=mydomain,dc=com. This seems like a terrible idea because that account has access to the Users and Groups, which postfix does not need access to. How can I create a new LDAP account for Postfix which only has access to the LDAP trees Postfix needs?

    Read the article

  • What could cause Citrix Xenapp to stop streaming applications after the server's IP address changed?

    - by Ken Pespisa
    We have a Citrix XenApp 5.0 server running on Windows 2008, and today we moved ISPs so our IP addresses changed. The IP addresses have propagated, the XenApp server is running, and internally we can connect to the server, choose an app, and have it streamed without issue. Externally we are only able to authenticate to the server and choose an app, but the app never launches in the client. I'm guessing there's a hand-off between the part of XenApp that authenticates a user and shows what apps they can launch, and the part that does the app streaming, and that second part is hard-coded to use an the old ip address. Any ideas why this could be happening?

    Read the article

  • Can a malicious hacker share Linux distributions which trust bad root certificates?

    - by iamrohitbanga
    Suppose a hacker launches a new Linux distro with firefox provided with it. Now a browser contains the certificates of the root certification authorities of PKI. Because firefox is a free browser anyone can package it with fake root certificates. Thus a fake root certificate would contain a the certification authority that is not actually certified. Can this be used to authenticate some websites. How? Many existing linux distros are mirrored by people. They can easily package software containing certificates that can lead to such attacks. Is the above possible? Has such an attack taken place before?

    Read the article

  • Can I rely on S3 to keep my data secure?

    - by Jamie Hale
    I want to back up sensitive personal data to S3 via an rsync-style interface. I'm currently using s3cmd - a great tool - but it doesn't yet support encrypted syncs. This means that while my data is encrypted (via SSL) during transfer, it's stored on their end unencrypted. I want to know if this is a big deal. The S3 FAQ says "Amazon S3 uses proven cryptographic methods to authenticate users... If you would like extra security, there is no restriction on encrypting your data before storing it in Amazon S3." Why would I like extra security? Is there some way my buckets could be opened to prying eyes without my knowing? Or are they just trying to save you when you accidentally change your ACLs and make your buckets world-readable?

    Read the article

  • Manually accessing GMail via IMAP

    - by Jeff Mc
    I'm trying to connect to gmail imap, but I am unable to execute any commands after login. I'm running openssl s_client -connect imap.gmail.com:993 to connect then, * OK Gimap ready for requests from 128.146.221.118 42if6514983iwn.40 . CAPABILITY * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA XLIST CHILDREN XYZZY SASL-IR AUTH=XOAUTH . OK Thats all she wrote! 42if6514983iwn.40 . LOGIN {email removed} {password removed} * CAPABILITY IMAP4rev1 UNSELECT LITERAL+ IDLE NAMESPACE QUOTA ID XLIST CHILDREN X-GM-EXT-1 UIDPLUS COMPRESS=DEFLATE . OK {email removed} authenticated (Success) . CAPABILITY at which point it simply hangs with the connection open. I'm guessing gmail pushes you off to a node in a cluster after it authenticate me?

    Read the article

  • Chef bootstrap giving 401 unauthorized

    - by loddy1234
    I'm trying to bootstrap a new chef node by running: knife bootstrap <server ip> -x lewis -N gitlab --sudo But I get the following output: [Mon, 03 Sep 2012 14:45:17 +0000] INFO: *** Chef 10.12.0 *** [Mon, 03 Sep 2012 14:45:17 +0000] INFO: Client key /etc/chef/client.pem is not present - registering [Mon, 03 Sep 2012 14:45:17 +0000] INFO: HTTP Request Returned 401 Unauthorized: Failed to authenticate. Ensure that your client key is valid. [Mon, 03 Sep 2012 14:45:17 +0000] FATAL: Stacktrace dumped to /var/chef/cache/chef-stacktrace.out [Mon, 03 Sep 2012 14:45:17 +0000] FATAL: Net::HTTPServerException: 401 "Unauthorized" My chef server is running Ubuntu 12.04 x32 and the machine I'm trying to bootstrap is running CentOS 6.3 x64 Any idea what's going wrong?

    Read the article

  • How to create chroot jail with ability to change some system settings

    - by Tadeck
    How to properly create chroot jail (on Ubuntu, or some some other Linux if not applicable) to make user able to edit system settings (eg. with ifconfig) and be able to communicate with external scripts? The use case would be to enable user to authenticate using SSH and then be able to perform very limited set of actions from command line. Unfortunately the tricky part is the access to system settings. I have considered multiple options and the alternative is to setup fake SSH server (eg. with Twisted), try to use restricted shell (however, I seem to need chroot still), or write a script on top of the shell (?).

    Read the article

  • Can't connect to domain computers until reboot

    - by thealliedhacker
    I have a domain with about 300 Windows 7 and XP machines, with the domain controllers running Server 2003. Sometimes, I lose the ability to communicate/authenticate with some of the machines until I reboot my computer. This also happens from other computers and regardless of user account and operating system. In other words, say I'm on ComputerA, and I can't connect to ComputerX. I can go to ComputerB and connect to ComputerX, but ComputerB may not be able to connect to ComputerY. If you reboot ComputerA, then it will be able to connect to ComputerX again. Here are some messages from various utilities: sc: [SC] OpenSCManager FAILED 1722: The RPC server is unavailable. mmc (compmgmt.msc): Computer (computer name) cannot be managed. The network path was not found. explorer (\\computer): Windows cannot access \\(computer name). ping: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss) / Average = 1ms

    Read the article

  • Switches with 802.1x "supplicant timeout" feature?

    - by chris
    I'm looking for a complete list of switches which will allow 802.1x and normal (non-supplicant) enabled hosts to connect to the same ports on a switch. This is useful for areas where there are semi-open ports such as a lobby area or a library where corporate and guest users may use the same ports but you want them to have different access profiles and where it isn't expected that guests would have 802.1x configured on their system. For instance, Enterasys and Extreme Networks both have a feature where if the switch doesn't see an EAPOL packet from the client in a certain amount of time, it puts the port into a "guest" VLAN; if it sees an 802.1x supplicant, it tries to authenticate the user via 802.1x and if they succeed, it does what the radius server tells it to do with that port (IE put the port into a certain VLAN, apply certain ACLs, etc) Do other vendors have this sort of feature, or is it expected that a switch will do both 802.1x and MAC authentication, and the "supplicant timeout" feature is implemented with a blanket allow on the MAC authentication?

    Read the article

  • Sharepoint 2010 and Samba LDAP groups

    - by Jon Rhoades
    The setup: Windows 2008 SP2 Sharepoint 2010 Foundation Samba 3 "Domain" I'm trying to use the Samba LDAP users & groups we already have to access to Sharepoint. I can successfully authenticate using the Samaba accounts (getting the "Error: Access Denied" message as the user has no permissions). So Sharepoint can clearly see and use the existing accounts/groups. What I can't do is be authorised as in the grant permissions interface, Sharepoint now fails to match the account (I get an "No Exact match found..."). Is there a way of getting the Sharepoint permissions interface to recognise and use our existing Samba LDAP accounts? I get it - don't use Samaba, use AD. If I had that option I would, but I don't.

    Read the article

  • Using both domain users and local users for Squid authentication?

    - by Massimo
    I'm working on a Squid proxy which needs to authenticate users against an Active Directory domain; this works fine, Samba was correctly set up and Squid authenticates users via ntlm_auth. Relevant lines in squid.conf: auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 5 auth_param ntlm keep_alive on acl Authenticated proxy_auth REQUIRED http_access allow Authenticated http_access deny all Now, I need a way to allow access to users which don't have a domain account. I know I could create an "internet user" account in the domain, but this would allow access, although limited, to domain resources (file shares, etc.); I need something that will allow only Internet access. The ideal solution would be using a local account on the proxy server, either a Linux account or a Squid one; I know Squid supports this, but I'm unable to have it use both domain authentication and Squid/local authentication if domain auth is unsuccesful. Can this be done? How?

    Read the article

  • FTP Issue when connecting to a debian machine from windows

    - by erin c
    I have a .net application which copies bunch of files to a specific FTP folder on a debian machine on periodical basis, ftp folder has 755 mod, owner of the directory is the ftp username that I authenticate in .net application. So far I tested this application with bunch of debian boxes, my initial attempts generally fail with following message if I try it with a debian machine that I haven't tried it before: "remote server returned an error 550 File unavailable" When I see this error, I log onto another debian machine on my network, and I try FTP'ing the debian box that returns the error message from command line. I generally "put" a very small file to the folder in question, right after that windows application starts copying files successfully via FTP. It is as if my command line ftp operation fixes the problem and makes debian compatible with my .net application. I checked permissions before and after the problem, it doesn't look like what I did changed anything, I am at loss understanding why this problem occurs and why it is fixed with my silly hack. Can anybody tell me where to look at next to fix this extremely annoying issue?

    Read the article

  • smtp sasl authentication failure

    - by cromestant
    hello, I have configured and fixed almost all the problems with my postfix +courier + mysql setup for virtual mailboxes. I can now receive mail and send it from webmail (squirrel). BUT, what I can't do is authenticate from outside client. Since my isp blocks port 25 I setup postfix to work on 1025 for smtp and setup verbose loging. Here is the verbose log of a failed authentication process LOG Authentication for imap and pop3 seem to be working but this one is not. Here is the postconf -n output. Also through mysql I can verify that it is trying to validate through the system, running a query that returns the encrypted password stored in the database. I can't seem to find the error for this. thank you in advance

    Read the article

  • Authenticating a Windows client to a Samba share

    - by hekevintran
    I have a Samba network share being served by a Linux machine. The share is read-only unless you give it a username and password. I want my Windows 7 client machine to connect to it. It appears that the Windows machine is connecting as a guest because it does not have write access. The Windows machine never asks me whether or not it should connect as a guest or with a username. How do I make the Windows machine authenticate? Where do I input my password? This seems like such a simple thing yet I am totally confused. On Mac OS and Linux, it simply asks you for a username.

    Read the article

< Previous Page | 24 25 26 27 28 29 30 31 32 33 34 35  | Next Page >