Search Results

Search found 40429 results on 1618 pages for 'change password'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 297/1618 | < Previous Page | 293 294 295 296 297 298 299 300 301 302 303 304  | Next Page >

  • Installing OpenLDAP on Fedora 12: ldap_bind: Invalid credentials (49)

    - by Arcturus
    Hello. I've been trying to set up the OpenLDAP installed by default on Fedora 12, very unsuccessfully. My ultimate goal is to use LDAP authentication for user login and Apache, using the OpenLDAP server running on the same machine. The server is running, but the error I always get when I try to use ldapsearch or ldapadd is: ldap_bind: Invalid credentials (49) I've been following these tutorials, but none of them helped me: http://www.howtoforge.com/openldap_fedora7 http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/ref-guide/s1-ldap-quickstart.html http://www.howtoforge.com/linux_ldap_authentication http://docs.fedoraproject.org/deployment-guide/f12/en-US/html/s1-ldap-pam.html http://www.openldap.org/doc/admin24/quickstart.html First, some components were already installed, and I installed these with yum: yum install openldap-servers openldap-devel Then, I created a basic slapd.conf file in /etc/openldap: database bdb suffix "dc=sniejana-sandbox,dc=com" rootdn "cn=root,dc=sniejana-sandbox,dc=com" rootpw {SSHA}cxdz55ygPu4T3ykg7dgu+L0VRvsFSeom directory /var/lib/ldap/sniejana-sandbox.com I obtained the rootpw with this command: slappasswd -s changeme I also created the /var/lib/ldap/sniejana-sandbox.com directory and made sure the entire contents of /var/lib/ldap were owned by the ldap user. I found two ldap.conf files, one in /etc and one in /etc/openldap. I don't know which is the right one. If I understood correctly, this file is to configure the client. I put this in both: HOST localhost BASE dc=sniejana-sandbox,dc=com I then ran the server with: service slapd start It said OK. Most of the tutorials above say to use the command ldapsearch -D "cn=Manager,dc=my-domain,dc=com" -W to ensure that everything's working. When I execute this command, a password prompt appears, and after entering the password, I get the error. ldapsearch -D "cn=root,dc=sniejana-sandbox,dc=com" -W Enter LDAP password: ldap_bind: Invalid credentials (49) The same thing happens when trying to use ldapadd. I tried with an encrypted and unencrypted password in slapd.conf, it doesn't change anything. Adding a -x for simple authentication doesn't change anything either. netstat -ap confirms the server is listening: tcp 0 0 *:ldap *:* LISTEN 4148/slapd tcp 0 0 *:ldap *:* LISTEN 4148/slapd ps -ef|grep slapd confirms the process is running: ldap 4148 1 0 15:22 ? 00:00:00 /usr/sbin/slapd -h ldap:/// -u ldap Running slaptest procudes config file testing succeeded. I read somewhere that the command ldapsearch -x -b '' -s base '(objectclass=*)' namingContext can confirm the server is running. It appears to work: # extended LDIF # # LDAPv3 # base <> with scope baseObject # filter: (objectclass=*) # requesting: namingContext # # dn: # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 I'm running out of ideas. Am I missing something obvious?

    Read the article

  • AD LDS (ADAM) user not authenticate

    - by Hongwei
    I am trying to add a user to AD LDS (formerly known as ADAM). I added the user, set the password, and set the following properties: accountsExpires=(Never) msDS-UserAccountDisabled=FALSE msDS-UserDontExpirePassword=TRUE userPrincipalName=JUser I also added the user to Readers group. However, when I used ADSI Edit to bind to the directory with this user's credential, I got an error indicating invalid username or password. What else do I have to do for the user to authenticate? Thanks.

    Read the article

  • Writting this Bash Script to accept Arguments?

    - by Urda
    How would I go about converting this bash script: mkdir /store/sftp/%USERNAME% sudo useradd -d /incoming %USERNAME% sudo passwd %USERNAME% ## Password needs to be typed or passed in here sudo usermod -g sftp %USERNAME% sudo usermod -s /bin/false %USERNAME% sudo chmod 755 /store/sftp/%USERNAME% sudo chown root:root /store/sftp/%USERNAME% sudo mkdir /store/sftp/%USERNAME%/incoming sudo chown %USERNAME%:sftp /store/sftp/%USERNAME%/incoming To accpet a username and a password?

    Read the article

  • Command View EVA Login Problem

    - by ngadimin
    I'm using Command View EVA version 9.01 on a Windows Storage Server 2003 R2. And all of a sudden I can't log in to the command view, it always say incorrect username or password, I haven't done any change on the password nor the system. Is there any way I can fix this?

    Read the article

  • setting ulimit and ubuntu 8.04

    - by Wizzard
    Hi there, We have two ubuntu 8.04 servers. With the database server I set the table_cache to 1000 however when I restart mysql the status only shows 257 and the open files limit says 1024 I adjusted ulimit by doing ulimit -n 8192 and then restarting mysql; this seemed to do the tick however after a few hours I did ulimit -n and saw it had returned back to 1024 Bit of a worry. I edited the /etc/security/limits.conf and added mysql soft nofile 8192 mysql hard nofile 8192 then rebooted, no change. I then edited and change mysql to * rebooted, no change I then edited and changed it to one line * - nofile 8192 and rebooted, no change. cat /proc/sys/fs/file-max gives me 768730 sysctl fs.file-max gives me fs.file-max = 768730 I am at a bit of a loss to how I can set and keep the ulimit value set so I can increase the table cache properly on mysql.

    Read the article

  • Hide usernames shown on Windows Server 2008 Remote Desktop login screen

    - by user38553
    When I remote desktop to my Windows Server 2008 (a hosted virtual server) I see a login screen showing an icon for each user in the system. I can click on a user then enter a password and login. This is a terrible security oversight in my opinion as it gives anyone that might want to compromise my server a full list of valid usernames. Is there a way to revert to the old style of login screen requiring both username and password? Thanks

    Read the article

  • Outlook Anywhere inconsistencies with authentication methods

    - by gravyface
    So I've read this question and attempted just about every other workaround I've found online. Problem seems completely illogical to me, anyways: SBS 2011, vanilla install; haven't touched anything in IIS or Exchange outside of what's been done through the checklist (brand new domain, completely new customer) except to import an existing wildcard certificate for *.example.com (which is valid, Remote Web Workplace and Outlook Web Access work fine). On the two test machines and one production machine running a mixture of Windows XP Pro, Windows 7 and Outlook 2003 through to 2010, I've had no problem saving the password after configuring Outlook Anywhere using the wrong authentication method. I repeat, I have had no issues using the wrong authentication method on these test machines; password saves the first time, no problem, can verify it exists in the credentials manager (Start Run control userpasswords2), close Outlook, reboot, go make a sammie, come back, credentials are still saved. When I say wrong, it's because I was choosing NTLM and Exchange (under Exchange Console Server Configuration Client Access) was set by default to use Basic. On two completely different machines setup by a co-worker, they had (under my guidance) used NTLM as well... except that frustratingly, Outlook would always ask for a password. One machine was Windows XP with Outlook 2010, the other was Windows 7 with Outlook 2003. When these two machines were set to use Basic -- the correct settings -- the option to save was there and now works without issue. Puzzled by how my machines could possibly work with the wrong authentication, I then went into one of them and changed the authentication method to Basic. Now here's where it gets a little crazy: if I go under Outlook and change the authentication to use the correct setting (Basic) it fails to save the password and Outlook prompts every time (without a "remember me" checkbox). I have not had a chance to change it to Basic on the other two machines to see if this is just a fluke or not, but something just isn't right here. My two hunches are either a missing/installed KB Update or perhaps a local security policy. I should add that none of the 5 test machines in the equation here have ever been joined to the domain.

    Read the article

  • Windows 7 Group Policy to display message for login tries left before account lock

    - by Vivek
    My requirement is to display the the remaining count left on the login screen when user trying to login using Windows 7 OS before account lock in case user enter invalid password. I am having Active Directory on Windows 2008 R2 server. I set the maximum Lockout count = 5 in GPO policy. Example: If user try login first 1 attempt is failed, next time enter password and login shold show message for remaining attemps left.( my case count 4 left) Please let me know as this is urgent for me.

    Read the article

  • XServe won't let me log in

    - by niklassaers
    Hi guys, After a power-failure, my Xserve won't let me log in on the login screen. I can still SSH into the box and access its other services, but the login box just shakes when I write either a local username and password or an ldap based username and password (this server is the LDAP server). Any suggestions on how I can go about solving this problem? Cheers Nik

    Read the article

  • Is VBoxManage guestcontrol passing parameters incorrectly?

    - by Dan Jones
    I had an idea of using my Windows VM (on a Ubuntu host) to open itms:// links (for iTunes) from the host. So, I'm using vboxmanage guestcontrol to make this happen. I have a script (win_vm_launcher.sh) that takes a link as the argument, and passes it to the host like this: vboxmanage guestcontrol "$VM" exec --image 'C:\Windows\System32\cmd.exe' --username "$USER" --password "$PASSWORD" -- /c start "$@" This works if I copy a link from my browser, and change http to itms. E.g., for https://itunes.apple.com/us/album/new-york-city/id3202598, I can do win_vm_launcher.sh itmss://itunes.apple.com/us/album/new-york-city/id3202598 and it works fine. The album opens up in iTunes on my VM. However, when I click a "View in iTunes" link from the iTunes site, it adds an extra parameter to the URI (specifically, the referrer), so it looks something like itmss://itunes.apple.com/us/album/new-york-city/id3202598?ign-msr=https%3A%2F%2Fitunes.apple.com%2Fus%2Falbum%2Fit-came-upon-midnight-clear%2Fid578946739 Unfortunately, if I try to run win_vm_launcher.sh itmss://itunes.apple.com/us/album/new-york-city/id3202598?ign-msr=https%3A%2F%2Fitunes.apple.com%2Fus%2Falbum%2Fit-came-upon-midnight-clear%2Fid578946739 it insteads opens up a regular Command Prompt window with the title "itmss://itunes.apple.com/us/album/new-york-city/id3202598?ign-msr=https%3A%2F%2Fitunes.apple.com%2Fus%2Falbum%2Fit-came-upon-midnight-clear%2Fid578946739". I don't even know how to set the command prompt window title, so I'm not sure how that's happening. If I run the command in the guest, it works fine, opening the album in iTunes: cmd /c start itmss://itunes.apple.com/us/album/new-york-city/id3202598?ign-msr=https%3A%2F%2Fitunes.apple.com%2Fus%2Falbum%2Fit-came-upon-midnight-clear%2Fid578946739 I found a VirtualBox bug that seems somewhat related, but not exactly. It probably doesn't matter, but my host is Ubuntu 12.04, and my guest is Windows 7. So, any idea if vboxmanage is incorrectly passing the arguments, and if so, is there a way around it? If I can't figure out the right way to do it, I'll end up having to process each argument, and stripping out any parameters on any URIs. P.S. I tried creating a batch script (out.bat) like this: echo %1 > %TEMP%/testing.txt and then running it from the host like this: vboxmanage guestcontrol "$VM" exec --image 'C:\Windows\System32\cmd.exe' --username "$USER" --password "$PASSWORD" -- /c "C:\path\to\out.bat" "itmss://itunes.apple.com/us/album/new-york-city/id3202598?ign-msr=https%3A%2F%2Fitunes.apple.com%2Fus%2Falbum%2Fit-came-upon-midnight-clear%2Fid578946739" It ran as expected, and when I open %TEMP%/testing.txt, it contained: "itmss://itunes.apple.com/us/album/new-york-city/id3202598?ign-msr=https%3A%2F%2Fitunes.apple.com%2Fus%2Falbum%2Fit-came-upon-midnight-clear%2Fid578946739" including the quotes. So, it sort of passed the parameter correctly (not sure why it still had quotes), so maybe the problem is with cmd.exe, or even the start command. I'm stymied.

    Read the article

  • Ssh, run a command on login, and then Stay Logged In?

    - by jonathan
    I tried this with expect, but it didn't work: it closed the connection at the end. Can we run a script via ssh which will log into remote machines, run a command, and not disconnect? So ssh in a machine, cd to such and such a directory, and then run a command, and stay logged in. -Jonathan (expect I used) #!/usr/bin/expect -f set password [lrange $argv 0 0] spawn ssh root@marlboro "cd /tmp; ls -altr | tail" expect "?assword:*" send -- "$password\r" send -- "\r" interact

    Read the article

  • Remember login when connecting to another domain on Windows 2008 Sever

    - by lox
    I run Windows 2008 Server (x64) as a workstation and my computer is on one domain and my exchange server, shared folders and intranet is on another domain. Every time I connect to these eg. every time I open Outlook I am prompted to supply username and password in a "Connect to"-dialog and the "Remember password" option has no effect. What can I do to avoid this manual step every time?

    Read the article

  • After Effects CS4: Using layer markers.

    - by GuruAbyss
    I have a question regarding Layer Markers in AE. What I'm trying to do is have a layer start off normal then in the time line I'll place a marker and have it change its color using Effect Color correction Change color to. The hue will change from 0% to 50% for 10 frames then turn back to normal. How would I go about doing this?

    Read the article

  • Safari keeps asking permission to access the keychain.

    - by GameFreak
    Normally when I save a password in Safari it will get added to my login keychain without fuss (assuming that it is already unlocked). But after I set a a master password the default keychain was changed to FileVaultMaster. When I set it back to login Safari then started to always ask for permission to access the keychain. To get it back to the default behavior should I chose always allow or is there something else I should do?

    Read the article

  • Can't make SELinux context types permanent with semanage

    - by Safado
    I created a new folder at /modevasive to hold my mod_evasive scripts and for the Log Directory. I'm trying to change the context type to httpd_sys_content_t so Apache can write to the folder. I did semanage fcontext -a -t "httpd_sys_content_t" /modevasive to change the context and then restorecon -v /modevasive to enable the change, but restorecon didn't do anything. So I used chcon to change it manually, did the restorecon to see what would happen and it changed it back to default_t. semanage fcontext -l gives: /modevasive/ all files system_u:object_r:httpd_sys_content_t:s0` And looking at /etc/selinux/targeted/contexts/files/file_contexts.local gives /modevasive/ system_u:object_r:httpd_sys_content_t:s0 So why does restorecon keep setting it back to default_t?

    Read the article

  • Cannot SVN checkout when anon-access = none

    - by sKIPper76
    When I have anon-access = write Everything works fine. When I change svnserve.conf to: anon-access = none auth-access = write And uncomment password-db and authz-db AND add user in authz with rw AND put username/password in passwd, nothing works. Eclipse keeps giving me a "Cannot map the project with svn provider" error. I have given all the files under conf 777. Any ideas what's wrong?

    Read the article

  • Free login on Windows Seven

    - by Rafael
    I have a delphi procedure to validate the user login on my system integrated with Active Directory. On Windows xP/2000 when the user use a invalid password It's OK, but on Windows seven the procedure didn't validating the username and password, then the user has a free access on the system

    Read the article

  • What changes can be made to a Microsoft Account using net user on Windows 8?

    - by nhinkle
    In Windows 8, you can log on with a local account or with a Microsoft Account. Both types show up in the Users control panel, but there are different options that you can change for each type. An administrator can change basically any aspect of a local user - name, password, access level, etc. For a Microsoft Account, you can only change the access level (admin/standard) or remove the account. From the command line though, there don't appear to be any restrictions on what you can do a Microsoft Account. Using the net user tool or the Local Users and Groups MMC snap-in, it looks like an administrator would be able to change the password, display name, profile path, etc. of Microsoft Accounts (as well as local accounts of course). Will these commands actually work when applied to a Microsoft Account? Will using them in some way break the link to the Microsoft Account, or will nothing happen at all? I'm hesitant to test since I don't want to mess up my account permanently.

    Read the article

  • Installing OpenLDAP on Fedora 12: ldap_bind: Invalid credentials (49)

    - by Alpha Hydrae
    I've been trying to set up the OpenLDAP installed by default on Fedora 12, very unsuccessfully. My ultimate goal is to use LDAP authentication for user login and Apache, using the OpenLDAP server running on the same machine. The server is running, but the error I always get when I try to use ldapsearch or ldapadd is: ldap_bind: Invalid credentials (49) I've been following these tutorials, but none of them helped me: http://www.howtoforge.com/openldap_fedora7 http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/ref-guide/s1-ldap-quickstart.html http://www.howtoforge.com/linux_ldap_authentication http://docs.fedoraproject.org/deployment-guide/f12/en-US/html/s1-ldap-pam.html http://www.openldap.org/doc/admin24/quickstart.html First, some components were already installed, and I installed these with yum: yum install openldap-servers openldap-devel Then, I created a basic slapd.conf file in /etc/openldap: database bdb suffix "dc=sniejana-sandbox,dc=com" rootdn "cn=root,dc=sniejana-sandbox,dc=com" rootpw {SSHA}cxdz55ygPu4T3ykg7dgu+L0VRvsFSeom directory /var/lib/ldap/sniejana-sandbox.com I obtained the rootpw with this command: slappasswd -s changeme I also created the /var/lib/ldap/sniejana-sandbox.com directory and made sure the entire contents of /var/lib/ldap were owned by the ldap user. I found two ldap.conf files, one in /etc and one in /etc/openldap. I don't know which is the right one. If I understood correctly, this file is to configure the client. I put this in both: HOST localhost BASE dc=sniejana-sandbox,dc=com I then ran the server with: service slapd start It said OK. Most of the tutorials above say to use the command ldapsearch -D "cn=Manager,dc=my-domain,dc=com" -W to ensure that everything's working. When I execute this command, a password prompt appears, and after entering the password, I get the error. ldapsearch -D "cn=root,dc=sniejana-sandbox,dc=com" -W Enter LDAP password: ldap_bind: Invalid credentials (49) The same thing happens when trying to use ldapadd. I tried with an encrypted and unencrypted password in slapd.conf, it doesn't change anything. Adding a -x for simple authentication doesn't change anything either. netstat -ap confirms the server is listening: tcp 0 0 *:ldap *:* LISTEN 4148/slapd tcp 0 0 *:ldap *:* LISTEN 4148/slapd ps -ef|grep slapd confirms the process is running: ldap 4148 1 0 15:22 ? 00:00:00 /usr/sbin/slapd -h ldap:/// -u ldap Running slaptest procudes config file testing succeeded. I read somewhere that the command ldapsearch -x -b '' -s base '(objectclass=*)' namingContext can confirm the server is running. It appears to work: # extended LDIF # # LDAPv3 # base <> with scope baseObject # filter: (objectclass=*) # requesting: namingContext # # dn: # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 I'm running out of ideas. Am I missing something obvious?

    Read the article

  • Some Windows AD user property cannot be changed by AD user himself, what controls it?

    - by Jimm Chen
    I'm curious with a question I find. An Windows Active Directory user can change his own telephone number, street address etc, but can NOT change his own email-address registered on the AD. Using Python+pywin32 I can also verify this behavior. When trying to change own EmailAddress, I got error General access denied error . I'd like to know where in the AD this allow/deny behavior is defined. Thank you.

    Read the article

  • How useful is hard drive encryption?

    - by D Connors
    So, let's say you have a notebook, and you encrypt the entire hard drive. Whenever you boot it's gonna ask for a password, meaning nobody can access your data without the password. On the other hand, what if your notebook got stolen whilst it was in sleep mode? Is there any protection that the encryption can offer? Thanks

    Read the article

  • Cisco ASA: Allowing and Denying VPN Access based on membership to an AD group

    - by milkandtang
    I have a Cisco ASA 5505 connecting to an Active Directory server for VPN authentication. Usually we'd restrict this to a particular OU, but in this case users which need access are spread across multiple OUs. So, I'd like to use a group to specify which users have remote access. I've created the group and added the users, but I'm having trouble figuring out how to deny users which aren't in that group. Right now, if someone connects they get assigned the correct group policy "companynamera" if they are in that group, so the LDAP mapping is working. However, users who are not in that group still authenticate fine, and their group policy becomes the LDAP path of their first group, i.e. CN=Domain Users,CN=Users,DC=example,DC=com, and then are still allowed access. How do I add a filter so that I can map everything that isn't "companynamera" to no access? Config I'm using (with some stuff such as ACLs and mappings removed, since they are just noise here): gateway# show run : Saved : ASA Version 8.2(1) ! hostname gateway domain-name corp.company-name.com enable password gDZcqZ.aUC9ML0jK encrypted passwd gDZcqZ.aUC9ML0jK encrypted names name 192.168.0.2 dc5 description FTP Server name 192.168.0.5 dc2 description Everything server name 192.168.0.6 dc4 description File Server name 192.168.0.7 ts1 description Light Use Terminal Server name 192.168.0.8 ts2 description Heavy Use Terminal Server name 4.4.4.82 primary-frontier name 5.5.5.26 primary-eschelon name 172.21.18.5 dmz1 description Kerio Mail Server and FTP Server name 4.4.4.84 ts-frontier name 4.4.4.85 vpn-frontier name 5.5.5.28 ts-eschelon name 5.5.5.29 vpn-eschelon name 5.5.5.27 email-eschelon name 4.4.4.83 guest-frontier name 4.4.4.86 email-frontier dns-guard ! interface Vlan1 nameif inside security-level 100 ip address 192.168.0.254 255.255.255.0 ! interface Vlan2 description Frontier FiOS nameif outside security-level 0 ip address primary-frontier 255.255.255.0 ! interface Vlan3 description Eschelon T1 nameif backup security-level 0 ip address primary-eschelon 255.255.255.248 ! interface Vlan4 nameif dmz security-level 50 ip address 172.21.18.254 255.255.255.0 ! interface Vlan5 nameif guest security-level 25 ip address 172.21.19.254 255.255.255.0 ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 switchport access vlan 3 ! interface Ethernet0/2 switchport access vlan 4 ! interface Ethernet0/3 switchport access vlan 5 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! ftp mode passive clock timezone PST -8 clock summer-time PDT recurring dns domain-lookup inside dns server-group DefaultDNS name-server dc2 domain-name corp.company-name.com same-security-traffic permit intra-interface access-list companyname_splitTunnelAcl standard permit 192.168.0.0 255.255.255.0 access-list companyname_splitTunnelAcl standard permit 172.21.18.0 255.255.255.0 access-list inside_nat0_outbound extended permit ip any 172.21.20.0 255.255.255.0 access-list inside_nat0_outbound extended permit ip any 172.21.18.0 255.255.255.0 access-list bypassingnat_dmz extended permit ip 172.21.18.0 255.255.255.0 192.168.0.0 255.255.255.0 pager lines 24 logging enable logging buffer-size 12288 logging buffered warnings logging asdm notifications mtu inside 1500 mtu outside 1500 mtu backup 1500 mtu dmz 1500 mtu guest 1500 ip local pool VPNpool 172.21.20.50-172.21.20.59 mask 255.255.255.0 no failover icmp unreachable rate-limit 1 burst-size 1 no asdm history enable arp timeout 14400 global (outside) 1 interface global (outside) 2 email-frontier global (outside) 3 guest-frontier global (backup) 1 interface global (dmz) 1 interface nat (inside) 0 access-list inside_nat0_outbound nat (inside) 2 dc5 255.255.255.255 nat (inside) 1 192.168.0.0 255.255.255.0 nat (dmz) 0 access-list bypassingnat_dmz nat (dmz) 2 dmz1 255.255.255.255 nat (dmz) 1 172.21.18.0 255.255.255.0 access-group outside_access_in in interface outside access-group dmz_access_in in interface dmz route outside 0.0.0.0 0.0.0.0 4.4.4.1 1 track 1 route backup 0.0.0.0 0.0.0.0 5.5.5.25 254 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 ldap attribute-map RemoteAccessMap map-name memberOf IETF-Radius-Class map-value memberOf CN=RemoteAccess,CN=Users,DC=corp,DC=company-name,DC=com companynamera dynamic-access-policy-record DfltAccessPolicy aaa-server ActiveDirectory protocol ldap aaa-server ActiveDirectory (inside) host dc2 ldap-base-dn dc=corp,dc=company-name,dc=com ldap-scope subtree ldap-login-password * ldap-login-dn cn=administrator,ou=Admins,dc=corp,dc=company-name,dc=com server-type microsoft aaa-server ADRemoteAccess protocol ldap aaa-server ADRemoteAccess (inside) host dc2 ldap-base-dn dc=corp,dc=company-name,dc=com ldap-scope subtree ldap-login-password * ldap-login-dn cn=administrator,ou=Admins,dc=corp,dc=company-name,dc=com server-type microsoft ldap-attribute-map RemoteAccessMap aaa authentication enable console LOCAL aaa authentication ssh console LOCAL http server enable http 192.168.0.0 255.255.255.0 inside no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart sla monitor 123 type echo protocol ipIcmpEcho 4.4.4.1 interface outside num-packets 3 frequency 10 sla monitor schedule 123 life forever start-time now crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 crypto dynamic-map outside_dyn_map 20 set pfs crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map crypto map outside_map interface outside crypto isakmp enable outside crypto isakmp policy 10 authentication pre-share encryption 3des hash sha group 2 lifetime 86400 ! track 1 rtr 123 reachability telnet timeout 5 ssh 192.168.0.0 255.255.255.0 inside ssh timeout 5 ssh version 2 console timeout 0 management-access inside dhcpd auto_config outside ! threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept webvpn group-policy companynamera internal group-policy companynamera attributes wins-server value 192.168.0.5 dns-server value 192.168.0.5 vpn-tunnel-protocol IPSec password-storage enable split-tunnel-policy tunnelspecified split-tunnel-network-list value companyname_splitTunnelAcl default-domain value corp.company-name.com split-dns value corp.company-name.com group-policy companyname internal group-policy companyname attributes wins-server value 192.168.0.5 dns-server value 192.168.0.5 vpn-tunnel-protocol IPSec password-storage enable split-tunnel-policy tunnelspecified split-tunnel-network-list value companyname_splitTunnelAcl default-domain value corp.company-name.com split-dns value corp.company-name.com username admin password IhpSqtN210ZsNaH. encrypted privilege 15 tunnel-group companyname type remote-access tunnel-group companyname general-attributes address-pool VPNpool authentication-server-group ActiveDirectory LOCAL default-group-policy companyname tunnel-group companyname ipsec-attributes pre-shared-key * tunnel-group companynamera type remote-access tunnel-group companynamera general-attributes address-pool VPNpool authentication-server-group ADRemoteAccess LOCAL default-group-policy companynamera tunnel-group companynamera ipsec-attributes pre-shared-key * ! class-map type inspect ftp match-all ftp-inspection-map class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect ftp ftp-inspection-map parameters class ftp-inspection-map policy-map type inspect dns migrated_dns_map_1 parameters message-length maximum 512 policy-map global_policy class inspection_default inspect dns migrated_dns_map_1 inspect ftp inspect h323 h225 inspect h323 ras inspect http inspect ils inspect netbios inspect rsh inspect rtsp inspect skinny inspect sqlnet inspect sunrpc inspect tftp inspect sip inspect xdmcp inspect icmp inspect icmp error inspect esmtp inspect pptp ! service-policy global_policy global prompt hostname context Cryptochecksum:487525494a81c8176046fec475d17efe : end gateway# Thanks so much!

    Read the article

  • Why can't I use SSL certs imported via Server Admin in a custom Apache install?

    - by morgant
    I've got a couple of Mac OS X 10.6.8 Server web servers that run a custom AMP255 (Apache 2.x, MySQL 5.x, and PHP 5.x) stack installed using MacPorts. We've got a lot of Mac OS X Server servers and generally install SSL certs via Server Admin and they "just work" in the built-in services, however, these web servers have always had SSL certs installed in a non-standard location and used only for Apache. Long story short, we're trying to standardize this part of our administration and install certs via Server Admin, but have run into the following issue: when the certs are installed via Server Admin and referenced in our Apache conf files, Apache then prompts for a password upon trying to start. It does not seem to be any password we know, certainly not the admin or keychain passwords! We've added the _www user to the certusers (mainly just to ensure they have the proper access to the private key in /etc/certificates/). So, with the custom installed certs we have the following files (basically just pasted in from the company we purchase our certs from): -rw-r--r-- 1 root admin 1395 Apr 10 11:22 *.domain.tld.ca -rw-r--r-- 1 root admin 1656 Apr 10 11:21 *.domain.tld.cert -rw-r--r-- 1 root admin 1680 Apr 10 11:22 *.domain.tld.key And the following in the VirtualHost in /opt/local/apache2/conf/extra/httpd-ssl.conf: SSLCertificateFile /path/to/certs/*.domain.tld.cert SSLCertificateKeyFile /path/to/certs/*.domain.tld.key SSLCACertificateFile /path/to/certs/*.domain.tld.ca This setup functions normally. If we use the certs installed via Server Admin, which both Server Admin & Keychain Assistant show as valid, they're installed in /etc/certificates/ as follows: -rw-r--r-- 1 root wheel 1655 Apr 9 13:44 *.domain.tld.SOMELONGHASH.cert.pem -rw-r--r-- 1 root wheel 4266 Apr 9 13:44 *.domain.tld.SOMELONGHASH.chain.pem -rw-r----- 1 root certusers 3406 Apr 9 13:44 *.domain.tld.SOMELONGHASH.concat.pem -rw-r----- 1 root certusers 1751 Apr 9 13:44 *.domain.tld.SOMELONGHASH.key.pem And if we replace the aforementioned lines in our httpd-ssl.conf with the following: SSLCertificateFile /etc/certificates/*.domain.tld.SOMELONGHASH.cert.pem SSLCertificateKeyFile /etc/certificates/*.domain.tld.SOMELONGHASH.key.pem SSLCertificateChainFile /etc/certificates/*.domain.tld.SOMELONGHASH.chain.pem This prompts for the unknown password. I have also tried httpd-ssl.conf configured as follows: SSLCertificateFile /etc/certificates/*.domain.tld.SOMELONGHASH.cert.pem SSLCertificateKeyFile /etc/certificates/*.domain.tld.SOMELONGHASH.key.pem SSLCertificateChainFile /etc/certificates/*.domain.tld.SOMELONGHASH.concat.pem And as: SSLCertificateFile /etc/certificates/*.domain.tld.SOMELONGHASH.cert.pem SSLCertificateKeyFile /etc/certificates/*.domain.tld.SOMELONGHASH.key.pem SSLCACertificateFile /etc/certificates/*.domain.tld.SOMELONGHASH.chain.pem We've verified that the certificate is configured to allow all applications access it (in Keychain Assistant). A diff of the /etc/certificates/*.domain.tld.SOMELONGHASH.key.pem & *.domain.tld.key files shows the former is encrypted and the latter is not, so we're assuming that Server Admin/Keychain Assistant is encrypting them for some reason. I know I can create an unencrypted key file as follows: sudo openssl rsa -in /etc/certificates/*.domain.tld.SOMELONGHASH.key.pem -out /etc/certificates/*.domain.tld.SOMELONGHASH.key.no_password.pem But, I can't do that without entering the password. I thought maybe I could export an unencrypted copy of the key from Keychain Admin, but I'm not seeing such an option (not to mention that the .pem options are greyed out in all export options). Any assistance would be greatly appreciated.

    Read the article

  • Huge host CPU usage in idle vmware guest. Ubuntu 10.04 host, Vista SP2 guest

    - by themesandmodules
    I'm experiencing huge host CPU usage with an idle vmware guest. Host: Ubuntu 10.04 32-bit 2.6.32-24-generic-pae. (Very new install, i.e 24 hours ago) Hardware is Dell XPS M1530 laptop, 4GB ram. Intel Core II Duo T9300 2.50Ghz The virtualization setting "VT" or something is enabled in my bios. Guest: Completely fresh install of Windows Vista, upgraded to latest SP2 and all windows updates installed. 1024 - 1512MB ram allocated. Absolutely no other software installed on it, apart from VMWare tools. Situation When the guest is doing absolutely nothing, I watch with sysinternals process watch on the guest. This shows that system idle process is between 70 and 99%, usually around 95%. No actual process doing anything. On the host, I watch with top, I get cpu usage of 20% - 80%, usually around 30%. What I have tried Single and Dual processor available to guest - no change. Turn off all peripherals to guest - no network, drives, usb etc - no change. Turn off 3d acceleration for guest - perhaps a small improvement, or no change. Upping allocated ram to guest from 1024MB to 1512MB - no change. Yelling at vmware - no change. I have experienced a similar issue in the past, which was solved by setting the guest to have 1 CPU. This time that hasn't worked.

    Read the article

  • VS2008 VB project - Changing application type automatically adds references

    - by Stijn
    Visual Basic Create a new project with the Empty Project template (Visual Basic - Windows) Go to the project properties, and change the Application type by choosing something else or reselecting Windows Forms Application. When reselecting, Visual Studio will automatically add references to System.Deployment, System.Drawing and System.Windows.Forms C# Create a new project with the Empty Project template (Visual C# - Windows) Go to the project properties, and change the Application type to any of the choices. Visual studio will not add references. Question Is there a way to change this behaviour for Visual Basic?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 293 294 295 296 297 298 299 300 301 302 303 304  | Next Page >