Search Results

Search found 16797 results on 672 pages for 'directory traversal'.

Page 3/672 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • I can't delete a directory inside a junctioned directory

    - by Fredy Muñoz
    So this is the deal. A couple of days ago I moved my profile folder C:\Documents and Settings\fmunoz to a different drive D:\fmunoz. Today, I created a directory in my desktop using the point-and-click method: Right-click on an empty space in the desktop Select New Select Folder Leave the default name New Folder and press Enter I tried to delete the folder using the point-and-click method: Right-click the New Folder directory Select Delete After five seconds, I got the following message: --------------------------- Error Deleting File or Folder --------------------------- Cannot delete New Folder: Access is denied. Make sure the disk is not full or write-protected and that the file is not currently in use. --------------------------- Initially I thought that there must be some sort of indexing services locking the directory so I got a list of open files using the TuneUp Process Manager tool but the New Folder directory wasn't there. I double-clicked My Computer, navigated to the desktop directory C:\Documents and Settings\fmunoz\Destkop, tried to delete the New Folder directory using the same point-and-click method described above and got exactly the same message at the same amount of time. In the same window, I navigated to the actual location of the desktop directory D:\fmunoz\Desktop, tried to delete the New Folder directory and this time it worked. I thought that this behavior was due to some special treatment that Windows gives to the desktop or the profile directories so I tried doing the same thing with a different set of directories: Created a folder D:\dummy Created a junction C:\dummy pointing to D:\dummy Created a New Folder directory in C:\dummy Tried to delete New Folder from C:\dummy. Didn't work. Tried to delete New Folder from D:\dummy. It worked. I tried creating the folder in the actual directory rather than the junction directory: Created a New Folder directory in D:\dummy Tried to delete New Folder from C:\dummy. Didn't work. Tried to delete New Folder from D:\dummy. It worked. I also tried using the Delete button instead of using the Delete option of the context menu but it didn't work. When using the Shift+Delete sequence, it works. It also works by using the rd command in the console, but in both cases the deleted directory doesn't goes to the Recycle Bin, which is my intention when using the Delete context menu option or the Delete button.

    Read the article

  • PowerShell Script to Enumerate SharePoint 2010 or 2013 Permissions and Active Directory Group Membership

    - by Brian T. Jackett
    Originally posted on: http://geekswithblogs.net/bjackett/archive/2013/07/01/powershell-script-to-enumerate-sharepoint-2010-or-2013-permissions-and.aspx   In this post I will present a script to enumerate SharePoint 2010 or 2013 permissions across the entire farm down to the site (SPWeb) level.  As a bonus this script also recursively expands the membership of any Active Directory (AD) group including nested groups which you wouldn’t be able to find through the SharePoint UI.   History     Back in 2009 (over 4 years ago now) I published one my most read blog posts about enumerating SharePoint 2007 permissions.  I finally got around to updating that script to remove deprecated APIs, supporting the SharePoint 2010 commandlets, and fixing a few bugs.  There are 2 things that script did that I had to remove due to major architectural or procedural changes in the script. Indenting the XML output Ability to search for a specific user    I plan to add back the ability to search for a specific user but wanted to get this version published first.  As for indenting the XML that could be added but would take some effort.  If there is user demand for it (let me know in the comments or email me using the contact button at top of blog) I’ll move it up in priorities.    As a side note you may also notice that I’m not using the Active Directory commandlets.  This was a conscious decision since not all environments have them available.  Instead I’m relying on the older [ADSI] type accelerator and APIs.  It does add a significant amount of code to the script but it is necessary for compatibility.  Hopefully in a few years if I need to update again I can remove that legacy code.   Solution    Below is the script to enumerate SharePoint 2010 and 2013 permissions down to site level.  You can also download it from my SkyDrive account or my posting on the TechNet Script Center Repository. SkyDrive TechNet Script Center Repository http://gallery.technet.microsoft.com/scriptcenter/Enumerate-SharePoint-2010-35976bdb   001 002 003 004 005 006 007 008 009 010 011 012 013 014 015 016 017 018 019 020 021 022 023 024 025 026 027 028 029 030 031 032 033 034 035 036 037 038 039 040 041 042 043 044 045 046 047 048 049 050 051 052 053 054 055 056 057 058 059 060 061 062 063 064 065 066 067 068 069 070 071 072 073 074 075 076 077 078 079 080 081 082 083 084 085 086 087 088 089 090 091 092 093 094 095 096 097 098 099 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 ########################################################### #DisplaySPWebApp8.ps1 # #Author: Brian T. Jackett #Last Modified Date: 2013-07-01 # #Traverse the entire web app site by site to display # hierarchy and users with permissions to site. ########################################################### function Expand-ADGroupMembership {     Param     (         [Parameter(Mandatory=$true,                    Position=0)]         [string]         $ADGroupName,         [Parameter(Position=1)]         [string]         $RoleBinding     )     Process     {         $roleBindingText = ""         if(-not [string]::IsNullOrEmpty($RoleBinding))         {             $roleBindingText = " RoleBindings=`"$roleBindings`""         }         Write-Output "<ADGroup Name=`"$($ADGroupName)`"$roleBindingText>"         $domain = $ADGroupName.substring(0, $ADGroupName.IndexOf("\") + 1)         $groupName = $ADGroupName.Remove(0, $ADGroupName.IndexOf("\") + 1)                                     #BEGIN - CODE ADAPTED FROM SCRIPT CENTER SAMPLE CODE REPOSITORY         #http://www.microsoft.com/technet/scriptcenter/scripts/powershell/search/users/srch106.mspx         #GET AD GROUP FROM DIRECTORY SERVICES SEARCH         $strFilter = "(&(objectCategory=Group)(name="+($groupName)+"))"         $objDomain = New-Object System.DirectoryServices.DirectoryEntry         $objSearcher = New-Object System.DirectoryServices.DirectorySearcher         $objSearcher.SearchRoot = $objDomain         $objSearcher.Filter = $strFilter         # specify properties to be returned         $colProplist = ("name","member","objectclass")         foreach ($i in $colPropList)         {             $catcher = $objSearcher.PropertiesToLoad.Add($i)         }         $colResults = $objSearcher.FindAll()         #END - CODE ADAPTED FROM SCRIPT CENTER SAMPLE CODE REPOSITORY         foreach ($objResult in $colResults)         {             if($objResult.Properties["Member"] -ne $null)             {                 foreach ($member in $objResult.Properties["Member"])                 {                     $indMember = [adsi] "LDAP://$member"                     $fullMemberName = $domain + ($indMember.Name)                                         #if($indMember["objectclass"]                         # if child AD group continue down chain                         if(($indMember | Select-Object -ExpandProperty objectclass) -contains "group")                         {                             Expand-ADGroupMembership -ADGroupName $fullMemberName                         }                         elseif(($indMember | Select-Object -ExpandProperty objectclass) -contains "user")                         {                             Write-Output "<ADUser>$fullMemberName</ADUser>"                         }                 }             }         }                 Write-Output "</ADGroup>"     } } #end Expand-ADGroupMembership # main portion of script if((Get-PSSnapin -Name microsoft.sharepoint.powershell) -eq $null) {     Add-PSSnapin Microsoft.SharePoint.PowerShell } $farm = Get-SPFarm Write-Output "<Farm Guid=`"$($farm.Id)`">" $webApps = Get-SPWebApplication foreach($webApp in $webApps) {     Write-Output "<WebApplication URL=`"$($webApp.URL)`" Name=`"$($webApp.Name)`">"     foreach($site in $webApp.Sites)     {         Write-Output "<SiteCollection URL=`"$($site.URL)`">"                 foreach($web in $site.AllWebs)         {             Write-Output "<Site URL=`"$($web.URL)`">"             # if site inherits permissions from parent then stop processing             if($web.HasUniqueRoleAssignments -eq $false)             {                 Write-Output "<!-- Inherits role assignments from parent -->"             }             # else site has unique permissions             else             {                 foreach($assignment in $web.RoleAssignments)                 {                     if(-not [string]::IsNullOrEmpty($assignment.Member.Xml))                     {                         $roleBindings = ($assignment.RoleDefinitionBindings | Select-Object -ExpandProperty name) -join ","                         # check if assignment is SharePoint Group                         if($assignment.Member.XML.StartsWith('<Group') -eq "True")                         {                             Write-Output "<SPGroup Name=`"$($assignment.Member.Name)`" RoleBindings=`"$roleBindings`">"                             foreach($SPGroupMember in $assignment.Member.Users)                             {                                 # if SharePoint group member is an AD Group                                 if($SPGroupMember.IsDomainGroup)                                 {                                     Expand-ADGroupMembership -ADGroupName $SPGroupMember.Name                                 }                                 # else SharePoint group member is an AD User                                 else                                 {                                     # remove claim portion of user login                                     #Write-Output "<ADUser>$($SPGroupMember.UserLogin.Remove(0,$SPGroupMember.UserLogin.IndexOf("|") + 1))</ADUser>"                                     Write-Output "<ADUser>$($SPGroupMember.UserLogin)</ADUser>"                                 }                             }                             Write-Output "</SPGroup>"                         }                         # else an indivdually listed AD group or user                         else                         {                             if($assignment.Member.IsDomainGroup)                             {                                 Expand-ADGroupMembership -ADGroupName $assignment.Member.Name -RoleBinding $roleBindings                             }                             else                             {                                 # remove claim portion of user login                                 #Write-Output "<ADUser>$($assignment.Member.UserLogin.Remove(0,$assignment.Member.UserLogin.IndexOf("|") + 1))</ADUser>"                                                                 Write-Output "<ADUser RoleBindings=`"$roleBindings`">$($assignment.Member.UserLogin)</ADUser>"                             }                         }                     }                 }             }             Write-Output "</Site>"             $web.Dispose()         }         Write-Output "</SiteCollection>"         $site.Dispose()     }     Write-Output "</WebApplication>" } Write-Output "</Farm>"      The output from the script can be sent to an XML which you can then explore using the [XML] type accelerator.  This lets you explore the XML structure however you see fit.  See the screenshot below for an example.      If you do view the XML output through a text editor (Notepad++ for me) notice the format.  Below we see a SharePoint site that has a SharePoint group Demo Members with Edit permissions assigned.  Demo Members has an AD group corp\developers as a member.  corp\developers has a child AD group called corp\DevelopersSub with 1 AD user in that sub group.  As you can see the script recursively expands the AD hierarchy.   Conclusion    It took me 4 years to finally update this script but I‘m happy to get this published.  I was able to fix a number of errors and smooth out some rough edges.  I plan to develop this into a more full fledged tool over the next year with more features and flexibility (copy permissions, search for individual user or group, optional enumerate lists / items, etc.).  If you have any feedback, feature requests, or issues running it please let me know.  Enjoy the script!         -Frog Out

    Read the article

  • Likewise: joined Active Directory but cannot write shares.

    - by Aron Rotteveel
    I have never used a Linux system in an AD environment before and am trying to join my laptop running Ubuntu to join our Active Directory (DC is a Windows Server 2008 machine) using Likewise-open. Using the GUI wizard, I have joined the domain. I can mount network shares using CIFS Problem: I only have read access to our fileserver. What more is needed to get the AD to recognize me as a user who has the appropriate rights? Any help is appreciated.

    Read the article

  • Motion is saving images to home directory

    - by Kevin
    I was interested in setting up a home security network. I installed Motion in Ubuntu 12.04 and it worked fine. Then the next day I went to play around with it some more but the images are not being saved to /tmp/motion as the configuration file states, but to the home directory: [1] File of type 1 saved to: ./01-20121126211634-12.jpg Any idea if there is another setting that has more priority than the motion config file?

    Read the article

  • BST Level Traversal

    - by Dalton Conley
    Ok, so I'm trying to do a level order traversal of a binary search tree and its not working. The code below makes sense to me, but that is probably because I've been looking at it forever and I've convinced myself that it should work. void BST<T>::levelByLevel(ostream &out) { Queue<BinNodePointer> q; BinNodePointer subtreeRoot; if(myRoot == NULL) return; q.enqueue(myRoot); while(!q.empty()) { subtreeRoot = q.front(); out << subtreeRoot->data << " "; q.dequeue(); if(subtreeRoot->left != NULL) q.enqueue(subtreeRoot->left); if(subtreeRoot->right != NULL) q.enqueue(subtreeRoot->right); } } Maybe you guys could point out what I'm doing wrong because, although I understand the concept of a binary search tree, I'm not 100% on all the ins and outs.

    Read the article

  • Using directory traversal attack to execute commands

    - by gAMBOOKa
    Is there a way to execute commands using directory traversal attacks? For instance, I access a server's etc/passwd file like this http://server.com/..%01/..%01/..%01//etc/passwd Is there a way to run a command instead? Like... http://server.com/..%01/..%01/..%01//ls ..... and get an output? EDIT: To be clear here, I've found the vuln in our company's server. I'm looking to raise the risk level (or bonus points for me) by proving that it may give an attacker complete access to the system

    Read the article

  • Which kind of sitemap directory should I build for a search based navigation site

    - by Noam
    I have a search based navigation web-site. Each query has filters as well as sort-by. The search results point to end-pages inside the site. Each of those pages has many outlinks to other end-pages. Currently I have a XML sitemap which directs crawlers to all the end pages. I'm trying to add a silo sitemap directory to improve SEO. Assuming this is the right direction I have a couple of options: end pages sorted alphabetically. Pages by major search filters, and then divide alphabetically. Pages for every filter and cross option between them and the sort-by. Which would you recommend and why?

    Read the article

  • Encrypted Home directory not auto mounting

    - by Valorin
    I somehow managed to break auto-mounting for my encrypted home directory. Every time I login via SSH, I see this: valorin@joshua:~$ ls -la total 44 dr-x------ 3 valorin valorin 4096 2012-03-17 17:10 . drwxr-xr-x 7 root root 4096 2012-03-17 11:45 .. lrwxrwxrwx 1 valorin valorin 56 2012-03-08 20:37 Access-Your-Private-Data.desktop -> /usr/share/ecryptfs-utils/ecryptfs-mount-private.desktop -rw------- 1 valorin valorin 917 2012-03-17 19:24 .bash_history drwx------ 3 valorin valorin 4096 2012-03-16 17:58 .cache lrwxrwxrwx 1 valorin valorin 33 2012-03-08 20:37 .ecryptfs -> /home/.ecryptfs/valorin/.ecryptfs -rw-r--r-- 1 root root 21954 2012-03-08 20:35 .face lrwxrwxrwx 1 valorin valorin 32 2012-03-08 20:37 .Private -> /home/.ecryptfs/valorin/.Private lrwxrwxrwx 1 valorin valorin 52 2012-03-08 20:37 README.txt -> /usr/share/ecryptfs-utils/ecryptfs-mount-private.txt -rw------- 1 root root 703 2012-03-17 17:10 .viminfo Any ideas what I've done, and how I can fix it?

    Read the article

  • Adding Play Framework directory to my system path on Ubuntu 12.04 LTS

    - by Martha Kumi
    I just installed Ubuntu 12.04 LTS, I am very new to the Ubuntu OS and I would need help with it. I am trying to install this open source platform called Play Framework, to install it I need to add the installation directory to my system path, the documentation for Play says that I should open a terminal and type export PATH=$PATH:/to/path/play. I have tried this it did not work. I also tried sudo apt-get install play and that did not work either. I am completely lost now, I need help urgently because it is for work. Best Martha

    Read the article

  • Limit the size of a directory by deleting old files

    - by Sulliwane
    I have a IP cam which save its recordings in a specific directory named Camera1 in my Ubuntu Server 12.04. I would like to limit the size of this folder to 5 gigs, by deleting -say once a day- the oldest files. I first checked the quota program but it doesn't seem to allow the creation of new files and deleting of the old ones. So I think the best workaround would be to run a bash script ? But I have no idea how to write it... Thank you guys !

    Read the article

  • Rsync backup - detect new directory and backup only from that directory

    - by Pracovek
    New cpanel daily backup is creating separate directories for daily backup. This creates problem when I try to user rsync to do an offsite backup since I would like to rsync only latest data. E.g. On backup server I have directory "backup" and on server, from which we are pulling backups I get directories 2013-11-07, 2013-11-08 etc in backup directory. If I backup /backup directory on the server it will use allot more space so I would like to backup only latest directory in backup directory, eg 2013-11-08. Is there a way to detect latest directory in backup directory and pass that directory name to rsync for backup ?

    Read the article

  • Java Binary Tree. Priting InOrder traversal

    - by user69514
    I am having some problems printing an inOrder traversal of my binary tree. Even after inserting many items into the tree it's only printing 3 items. public class BinaryTree { private TreeNode root; private int size; public BinaryTree(){ this.size = 0; } public boolean insert(TreeNode node){ if( root == null) root = node; else{ TreeNode parent = null; TreeNode current = root; while( current != null){ if( node.getData().getValue().compareTo(current.getData().getValue()) <0){ parent = current; current = current.getLeft(); } else if( node.getData().getValue().compareTo(current.getData().getValue()) >0){ parent = current; current = current.getRight(); } else return false; if(node.getData().getValue().compareTo(parent.getData().getValue()) < 0) parent.setLeft(node); else parent.setRight(node); } } size++; return true; } /** * */ public void inOrder(){ inOrder(root); } private void inOrder(TreeNode root){ if( root.getLeft() !=null) this.inOrder(root.getLeft()); System.out.println(root.getData().getValue()); if( root.getRight() != null) this.inOrder(root.getRight()); } }

    Read the article

  • Exploiting Path Traversal Vulnerability

    - by Maputo
    I have a Java Web App running on Tomcat on which I'm supposed to exploit Path traversal vulnerability. There is a section (in the App) at which I can upload a .zip file, which gets extracted in the server's /tmp directory. The content of the .zip file is not being checked, so basically I could put anything in it. I tried putting a .jsp file in it and it extracts perfectly. My problem is that I don't know how to reach this file as a "normal" user from browser. I tried entering ../../../tmp/somepage.jsp in the address bar, but Tomcat just strips the ../ and gives me http://localhost:8080/tmp/ resource not available. Ideal would be if I could somehow rename the somepage.jsp so that it gets extracted in the web directory of the Web App. But then, the Linux filesystem disallows slashes in filenames (e.g. ../../home/webapp/somepage.jsp). Are there maybe any escape sequences that would translate to / after extracting? Any ideas would be highly appreciated. Note: This is a school project in a Security course where I'm supposed to locate vulnerabilities and correct them. Not trying to harm anyone...

    Read the article

  • Office365 DirSync Active Directory Integration

    - by dean
    I am preparing to deploy Office365 for my organization. We have an on premise Active Directory Domain Controller (Windows Server 2012 R2). We would like to leverage our Active Directory for: automatic user provisioning in Office365, and password synchronization, using the DirSync tool. Our Active Directory Domain is example.pvt. Email is currently Rackspace Exchange and email addresses follow the form [email protected]. Active Directory User Logon Name follows the form firstinitiallastname. My Questions are: What Active Directory Attribute(s) can be use in provisioning the email address in Office365? Is it possible to use the E-mail field in Active Directory to provision the email address in Office365? Will the fact that our Active Directory Domain has a different extension (.pvt vs. .com) cause a problem with our planned provisioning method?

    Read the article

  • Submitting new site to directories - will Google penalize?

    - by Programmer Joe
    I just started a new site with a forum to discuss stocks. I've already submitted my site to DMOZ. To help promote my site and to help people who are looking for stock discussion forums to find it, I'm thinking of submitting my site to a few more directories but I'm hesistant because I know Google will penalize a site if it believes the backlinks to the site are spammy and/or low quality. So, I have a few questions: 1) If I submit my site to directories with a PR between 4 and 5, will those backlinks be considered spammy/low quality? I noticed most free directories have a PR between 4 and 5, but I don't know if backlinks from those directories would be considered spammy by Google. 2) I'm thinking of submitting it to Best of the Web and JoeAnt, but these are paid. Does anybody have any experience with these two paid directories? Are these two directories considered higher quality by Google?

    Read the article

  • How do I rescue files from the encrypted home folder via live USB stick?

    - by Alexia
    I know, this has been asked and answered all over the internet already. However, I start feeling stupid, since the informations there are not helping me. Just this morning, I wanted to install the newest update to 13.10. After the download, when it came to the actual installing, the install program froze and didn't do anything for hours. At that time, I was still logged in. The computer was working and everything was accessable to me. However, I made the mistake and didn't immediately make safety copies of everything. Instead, I just rebooted. Long story short: My computer even fails to reset to a previous version via Grub. But I am able to boot from a USB stick and, after starting Nautilus, I see my home folder on the HD. I would now like to copy its contents onto an external harddisk. Problem 1: I have no rights to access the folder like that. Problem 2: It is encrypted. Problem 3: I don't know how to give myself the rights to access the folder nor do I know how to encrypt it. I assume that it might help that I still know these things: - my old login name - my old login phrase - a 32 characters long string of hexadecimal numbers that I copied to my list of passwords as "Ubuntu Encryption Code". I copied it digitally right after installing Ubuntu the first time and encrypting the home folder, so there won't be any typos. I am sure of that. The solutions that I saw so far, tell me that I need the "encryption phrase". But when I follow the instructions and use this phrase that I have in my list, I only get messages of denial. Can anyone help me through this special problem, please?

    Read the article

  • Batch file to ZIP only files in directory or sub directory

    - by PaulJavier
    I wanted to know if possible how to create a command line to do the following - if a directory exist ZIP only the contents into a ZIP file. If a directory has sub-directories ZIP only the contents into another ZIP file. Example: C:\Directory\sample.txt ZIP only sample.txt C:\Directory\Directory1\sample1.txt ZIP only sample1.txt C:\Directory\Directory1\Directory2\sample2.txt ZIP only sample2.txt So it would have created 3 zip files in C:\Directory and sub-directories. I will not know the name of the sub-directories so can I also assign some sort of variable that says if there are directories or sub-directories in C:\Directory then start above ZIP(s)? Thank you, Paul

    Read the article

  • Forcing Nautilus to use Kerberos (Active Directory) authentication

    - by user14146
    Is there a way to get Nautilus or any other file manager that runs on Ubuntu 11.04 to use Kerberos for authentication? I'm using Likewise Open to join machines to the domain, and I can't type in passwords for every user on every computer that needs to mount a network share. I've been able to get Kerberos working with the command line smbclient, but oddly Kerberos does not seem to be Nautilus-integrated. I also checked the SSH config file, and it looks like you can enable GSSAPIAuthentication, but it only works for Kerberos v2, not the current version, which I think is v5.

    Read the article

  • Ubuntu chroot “No such file or directory”

    - by Paris
    Hi there. I hace a web application where I create some folders on my server and put executables there. Then I try to wun them with chroot but I get a message that access is denied there. I tried chroot -r 777 blah blah.... and then I get a message that the folder or the file that I call (sudo chroot mydirectory myfile_inside_Mydirectory) does not exist. This happens only when I call chroot on folders created by the web server. My web application is in php and I use: shell_exec("cp -R /var/www/comp/prison/bin $dir"); shell_exec("cp -R /var/www/comp/prison/lib $dir"); shell_exec("cp /var/www/janitor.out $dir/janitor.out"); shell_exec("sudo chmod -R 777 $dir"); $process = proc_open("sudo chroot $dir janitor.out", $descriptorspec, $pipes); sudo does not need password.

    Read the article

  • React to a modified directory

    - by Ghanshyam Rathod
    In linux everything is considered as file, Now if I want to find only folders/directories not the files then how can i do that? I am getting all the modified files with the following command. find /Users/ghanshyam -type f -mmin -5 -print My goal is to generate the log file with all the modified/access folders. Here two options are available. create a module and call every time when a folder is modified (this one is bit difficult because I need to check particular event) create a cron task that will run after every 5 minutes. cron task will execute shell script and generate the log entries with the modified folders. Do you have any other option to do this task ?

    Read the article

  • Finish long directory name with tab problem

    - by user1880405
    I have simple problem that I have to long directories which I want to cd into, but I would like to know easy way. mosquito@mosquito-K56CB:~/Downloads$ ls | grep Guns Guns n' Roses - Appetite for Destruction (Japanese Edition) 1987 Guns n' Roses - Use Your Illusion I 1991 Of course I can just copy the name and put it like this: cd "Guns n' Roses - Appetite for Destruction (Japanese Edition) 1987" But why when I write cd Guns then tab, it finishes line into: cd Guns\ n\'\ Roses\ -\ then by my understanding I should just start writing App.. with tab and it should finish whole name, but it does not. And hitting tab twice does not show me anything either. What I am missing here?

    Read the article

  • Linking Linux MIT Kerberos with a Windows 2003 Active Directory

    - by Beerdude26
    Greetings, I was wondering how one might link a Linux MIT Kerberos with a Windows 2003 Active Directory to achieve the following: A user, [email protected], attempts to log in at an Apache website, which runs on the same server as the Linux MIT Kerberos. The Apache module first asks the local Linux MIT Kerberos if he knows a user by that name or realm. The MIT Kerberos finds out it isn't responsible for that realm, and forwards the request to the Windows 2003 Active Directory. The Windows 2003 Active Directory replies positively and gives this information to the Linux MIT Kerberos, which in turn tells this to the Apache module, which grants the user access to its files. Here is an image of the situation: http://img179.imageshack.us/img179/5092/linux2k3.png (I'm not allowed to embed images just yet.) The documentation I have read concerning this issue often differ from this problem: Some discuss linking up a MIT Kerberos with an Active Directory to gain access to resources on the Active Directory server; While another uses the link to authenticate Windows users to the MIT Kerberos through the Windows 2003 Active Directory. (My problem is the other way around.) So what my question boils down to, is this: Is it possible to have a Linux MIT Kerberos server pass through requests for a Active Directory realm, and then have it receive the reply and give it to the requesting service? (Although it's not a problem if the requesting service and the Windows 2003 Active Directory communicate directly.) Suggestions and constructive criticism are greatly appreciated. :)

    Read the article

  • Moving from single-site to multi-site Active Directory has broken OWA proxying

    - by messick
    Originally we had the following setup: OfficeExch01 has Mailbox Role and CAS Role OfficeExch01 is in the office. CoLoExch01 had just CAS Role. CoLoExch01 is internet facing and in a CoLo. Three AD domain controllers in the default site. Users could go to https://webmail.whatever.com/owa, get proxyed to OfficeExch01 and everything was great. Well, we recently setup a separate AD site and put a domain controller and the ColoExch01 server in the new site. I also made that remote DC be a Global Catalog. Now, users get the following error: Outlook Web Access is not available. If the problem continues, contact technical support for your organization and tell them the following: There is no Microsoft Exchange Client Access server that has the necessary configuration in the Active Directory site where the mailbox is stored. I also see event 41 errors in the logs: The Client Access server "https://webmail.xxxxxxx.com/owa" attempted to proxy Outlook Web Access traffic for mailbox "/o=XXXXX/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=xxxxxxk". This failed because no Client Access server with an Outlook Web Access virtual directory configured for Kerberos authentication could be found in the Active Directory site of the mailbox. The simplest way to configure an Outlook Web Access virtual directory for Kerberos authentication is to set it to use Integrated Windows authentication by using the Set-OwaVirtualDirectory cmdlet in the Exchange Management Shell, or by using the Exchange Management Console. If you already have a Client Access server deployed in the target Active Directory site with an Outlook Web Access virtual directory configured for Kerberos authentication, the proxying Client Access server may not be finding that target Client Access server because it does not have an internalUrl parameter configured. You can configure the internalUrl parameter for the Outlook Web Access virtual directory on the Client Access server in the target Active Directory site by using the Set-OwaVirtualDirectory cmdlet. Looking this up I see a lot talk about ExternalURL and InternalURL settings. However, everything worked great until we made the new AD site. I also made sure the internal CAS server's /owa virtual directory is set to use Integrated Authentication. Is there something I need to do to allow Exchange to see that I've made these AD changes?

    Read the article

  • Seamlessly Authenticate with a Secondary Active Directory Server (when primary is down)

    - by LonnieBest
    How do you get workstations to (seamlessly) authenticate with a secondary Active Directory server when the primary one is down? Background: I added a secondary Active Directory server to a company's network, hoping that it would do authentication in the event that the primary Active Directory server was down. Although, the Secondary Active Directory server seems to be replicating correctly, authentication doesn't occur while rebooting the primary Active Directory server. Do I have a misunderstanding regarding the role of a secondary Active Directory server, or are there additional settings I must set to get the workstations to authenticate with it when the primary is down?

    Read the article

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >