Search Results

Search found 21334 results on 854 pages for 'active directory'.

Page 31/854 | < Previous Page | 27 28 29 30 31 32 33 34 35 36 37 38  | Next Page >

  • What does "active directory integration" mean in your .NET app?

    - by flipdoubt
    Our marketing department comes back with "active directory integration" being a key customer request, but our company does not seem to have the attention span to (1) decide on what functional changes we want to make toward this end, (2) interview a broad range of customer to identify the most requested functional changes, and (3) still have this be the "hot potato" issue next week. To help me get beyond the broad topic of "active directory integration," what does it mean in your .NET app, both ASP.NET and WinForms? Here are some sample changes I have to consider: When creating and managing users in your app, are administrators presented with a list of all AD users or just a group of AD users? When creating new security groups within your app (we call them Departments, like "Human Resources"), should this create new AD groups? Do administrators assign users to security groups within your app or outside via AD? Does it matter? Is the user signed on to your app by virtue of being signed on to Windows? If not, do you track users with your own user table and some kind of foreign key into AD? What foreign key do you use to link app users to AD users? Do you have to prove your login process protects user passwords? What foreign key do you use to link app security groups to AD security groups? If you have a WinForms component to your app (we have both ASP.NET and WinForms), do you use the Membership Provider in your WinForms app? Currently, our Membership and Role management predates the framework's version, so we do not use the Membership Provider. Am I missing any other areas of functional changes? Followup question Do apps that support "active directory integration" have the ability to authenticate users against more than one domain? Not that one user would authenticate to more than one domain but that different users of the same system would authenticate against different domains.

    Read the article

  • Examples using Active Directory/LDAP groups for permissions \ roles in Rails App.

    - by Nick Gorbikoff
    Hello. I was wondering how other people implemented this scenario. I have an internal rails app ( inventory management, label printing, shipping,etc). I'm rewriting security on the system, cause the old way got to cumbersome to maintain ( users table, passwords, roles) - I used restful_authentication and roles. It was implemented about 3 years ago. I already implemented AuthLogic with ruby-ldap-net to authenticate users ( actually that was surprisingly easy, compared to how I struggled with other frameworks/languages before). Next step is roles. I already have groups defined in Active Directory - so I don't want to run a separate roles system in my rails app, I just want to reuse Active Directory groups - since that part of the system is already maintained for other purposes ( shared drives, backups, pc access, etc) So I was wondering if others had experience implementing permissions/roles in a rails app based on groups in Active Directory or LDAP. Also the roles requirements are pretty complex. Here is an example: For instance I have users that belong to the supervisors group in AD and to inventory dept, so I was that user to be able to run "advanced" tasks in invetory - adjust qty, run reports, however other "supervisors" from other departmanets, shouldn't be able to do this, also Top Management - should be able to use those reports (regardless weather they belong to the invetory or not), but not Middle Management, unless they are in inventory group. Admins of the system (Domain Admins) should have unrestricted access to the system , except for HR & Finances part unless they are in HR ( like you don't want all system admins (except for one authorized one) to see personal info of other employees). I looked at acl9, cancan, aegis. I was wondering if there are any advantaged/cons to using one versus the other for this particular use of system access based on AD. Suggest other systems if you had good experience. Thank you!!!

    Read the article

  • IIS Not Accepting Active Directory Login Credentials

    - by Dale Jay
    I have an ASP.NET web form using Microsoft's boilerplate Active Directory login page, set up exactly as suggested. Windows Authentication is activated on the "Default Website" and "MyWebsite" levels, and Domain\This.User is given "Allow" access to the site. After entering the valid credentials for This.User on the web form, a popup window appears asking me to enter my credentials yet again. Despite entering valid credentials for This.User (after attempting Domain\This.User and This.User formats), it rejects the credentials and returns an unauthorized security headers page (error 401.2). Active Directory user This.User is valid, the IP address of the AD server has been verified and SPN's have been set up for the server. Error Code: 0x80070005 Default Web Site security config: <system.web> <identity impersonate="true" /> <authentication mode="Windows" /> <customErrors mode="Off" /> <compilation debug="true" /> </system.web> Sub web site security <authentication mode="Windows"> <forms loginUrl="~/logon.aspx" timeout="2880" /> </authentication> <authorization> <deny users="?" /> <allow users="*" /> </authorization>

    Read the article

  • Creating a new naming context in OUD

    - by Sylvain Duloutre
    A naming context (also known as a directory suffix) is a DN that identifies the top entry in a locally held directory hierarchy. A new naming context can be created using ODSM, the OUD gui admin console, as described in http://docs.oracle.com/cd/E29407_01/admin.111200/e22648/server_config.htm#CBDGCJGF It can also be created using the dsconfig command lione as described below: Creation of a new naming context consists in 3 steps: First create a Local Backend Workflow element (myNewDb in this exemple) ,  responsible for the naming context base dn, e.g o=example. dsconfig create-workflow-element \           --set base-dn:o=example \           --set enabled:true \           --type db-local-backend \           --element-name myNewDb \           --hostname <your host> \           --port <admin port> \           --bindDN cn=Directory\ Manager \           --bindPasswordFile ****** \           --no-prompt Second, create a Workflow element (workFlowForMyNewDb in this exemple) associated with the Local Backend Workflow element. WorkFlow elements are used to route LDAP requests to the appropriate database, based on the target base dn. dsconfig create-workflow \           --set base-dn:o=example \           --set enabled:true \           --set workflow-element:myNewDb \           --type generic \           --workflow-name workFlowForMyNewDb \           --hostname <your host name> \           --port <admin port>\           --bindDN cn=Directory\ Manager \           --bindPasswordFile ****** \           --no-prompt Then, the workflow element must be made visible outside of the directory, i.e added to the internal "routing table". This is done by adding the Workflow to the appropriate Network Group. A Network group  is used to classify incoming client connections and route requests to workflows. dsconfig set-network-group-prop \           --group-name network-group \           --add workflow:workFlowForMyNewDb \           --hostname <your hostname> \           --port <admin port>\           --bindDN cn=Directory\ Manager \           --bindPasswordFile ****** \           --no-prompt At that stage, it is possible to import entries to the new naming context o=example.

    Read the article

  • Pitfalls to using Gluster as a home/profile directory server?

    - by Bart Silverstrim
    I was asking recently about options for divvying up access to file servers, as we have a NAS solution that gets fairly bogged down when our users (with giant profiles, especially) all log in nearly simultaneously. I ran across Gluster and it looks like it can cluster different physical storage media into a single virtual volume and share it out like a virtual NAS from the client perspective and it support CIFS. My question is whether something like this would be feasible to use for home and profile directories in an active directory environment. I was worried about ACL's, primarily, as I didn't think CIFS was fine-grained enough to support NTFS permissions and it didn't look like Gluster exports those permission levels, just the base permissions for basic file sharing. I got the impression that using Gluster would allow for data to be redundant across multiple servers and would speed up access to the files under heavy load, while allowing us to dynamically boost storage capacity by just adding another server and telling Gluster's master node to add that server. Maybe I'm wrong with my understanding of it though. Anyone else use it or care to share how feasible this is?

    Read the article

  • how to configure dns for activedirectory located on different server

    - by meera
    when we install active directory on 2k8 by dcpromo we get an option for installing dns.when we install dns with active direcory, the dns get automatically configured. but when we install active directory without a dns and the dns server is located in another server. how we will configure dns for the active directory domain installed on different server. havean attention to it reply soon thanking you

    Read the article

  • Elegant way to take basename of directory in Python?

    - by user248237
    I have several scripts that take as input a directory name, and my program creates files in those directories. Sometimes I want to take the basename of a directory given to the program and use it to make various files in the directory. For example, # directory name given by user via command-line output_dir = "..." # obtained by OptParser, for example my_filename = output_dir + '/' + os.path.basename(output_dir) + '.my_program_output' # write stuff to my_filename The problem is that if the user gives a directory name with a trailing slash, then os.path.basename will return the empty string, which is not what I want. What is the most elegant way to deal with these slash/trailing slash issues in python? I know I can manually check for the slash at the end of output_dir and remove it if it's there, but there seems like there should be a better way. Is there? Also, is it OK to manually add '/' characters? E.g. output_dir + '/' os.path.basename() or is there a more generic way to build up paths? Thanks.

    Read the article

  • What is the best way to determine the path to the ISV directory?

    - by Luke Baulch
    MSCRM 4.0 Problem: I'm currently storing xml files in the ISV directory along with my web applications. From a plugin (or potentially a seperate app), I need to find an easy way to navigate to the ISV directory to read these xml files. This routine will be called extremely often, so processing minimization should be a strong consideration. Potential solutions: Registry: There is a registry key called 'WebSitePath' with the data 'C:\Inetpub\wwwroot\CRM'. Could potentially use this to build the path. (Will this be the same on all systems/installations?) IIS directory data: Looping through the DirectoryEntries of path '"IIS://localhost/W3SVC"' I could obtain the the web application where description is equal to "Microsoft Dynamics CRM". (Will this be the same on all systems/installations?) Webservice: Create one to read and return the data contained in these xml files The webservice would have easy access to its executing directory. Database: Store the data of these files in the database. Help: Can anyone suggest a simpler solution to obtaining and reading a file from the ISV directory? If not, which of the above solutions would be the quickest to process? Thanks for any and all contributions.

    Read the article

  • Directory.GetFiles returning entire path, I only want the filename?

    - by blerh
    This is the code I have set up to scan a directory of files: Dim fileArray() As String fileArray = Directory.GetFiles(System.AppDomain.CurrentDomain.BaseDirectory & "help\") And it successfully gets all files in the directory, but it gets their absolute paths aswell. For example, one of the entries in fileArray() is: F:\Project\Project\bin\x86\Debug\help\book_troubleshoot.html And I want it to just be: book_troubleshoot.html Is there a way to do this without parsing through all the array entries to trim off the path? Thanks.

    Read the article

  • cd Terminal at a given directory after running a Python script?

    - by Dave Everitt
    I'm working on a simple Python script that can use subprocess and/or os to execute some commands, which is working fine. However, when the script exits I'd like to cd the actual Terminal (in this case OS X) so on exit, the new files are ready to use in the directory where the have been created. All the following (subprocess.Popen, os.system, os.chdir) can do what I want from within the script (i.e. they execute stuff in the target directory) but on exit leave the Terminal at the script's own directory, not the target directory. I'd like to avoid writing a shell script to temporary file just to achieve this, if this is at all possible anyway?

    Read the article

  • How do I change my current directory from a python script?

    - by misterloogs
    I'm trying to implement my own version of the 'cd' command that presents the user with a list of hard-coded directories to choose from, and the user has to enter a number corresponding to an entry in the list. The program, named my_cd.py for now, should then effectively 'cd' the user to the chosen directory. Example of how this should work: /some/directory $ my_cd.py 1) ~ 2) /bin/ 3) /usr Enter menu selection, or q to quit: 2 /bin $ Currently, I'm trying to 'cd' using os.chdir('dir'). However, this doesn't work, probably because my_cd.py is kicked off in its own child process. I tried wrapping the call to my_cd.py in a sourced bash script named my_cd.sh: #! /bin/bash function my_cd() { /path/to/my_cd.py } /some/directory $ . my_cd.sh $ my_cd ... shows list of dirs, but doesn't 'cd' in the interactive shell Any ideas on how I can get this to work? Is it possible to change my interactive shell's current directory from a python script?

    Read the article

  • Windows 2008 DHCP service fails - "...failed to see a directory server for authorization."

    - by ewwhite
    I have a small environment running Windows 2008 R2 where the DHCP service on the domain controller fails every two weeks. The most-visible error is Event ID 1059 and the Event Viewer message is: "The DHCP service failed to see a directory server for authorization." The setup features two domain controller and the usual services and roles (file, print, Exchange). Restarting the service fails for a variety of reasons. I've had the following messages at different times: "Not enough storage is available to complete this operation". "Unable to determine the DHCP Server version for the Server 192.168.x.x" "The DHCP service has detected that it is running on a DC and has no credentials configured for use with Dynamic DNS registrations initiated by the DHCP service." A reboot of the domain controller resolves the issue for ~2 weeks. The systems are virtualized and there are no network connectivity issues. Any ideas what's happening here?

    Read the article

  • Best way to restrict FTP access to a single directory?

    - by John Debs
    I have a VPS running Ubuntu 10.04, and I'd like to give someone SFTP access to a single directory, but prevent them from seeing anything else on the system. What's the best way to pull this off? I considered removing "everyone" permissions from everything on the system, but that seems like a really blunt tool for this problem (and one that'll cause other issues) - I'm hoping there's a better option here. Edit: I appreciate the answers! (And I learned a bunch reading/researching through them). I ended up finding and using this guide from Linode as it spelled all the steps: http://library.linode.com/security/sftp-jails/

    Read the article

  • Joomla in Windows is catching my access to a Virtual Directory where I placed my MVC application

    - by Romias
    In our windows hosting we use the root (wwwroot) folder to host a JOOMLA website as public website. This is running IIS 7. Then, we created a virtual directory called "App" to host there a ASP.NET MVC4 application. When I enter www.mydomain.com it shows the joomla website correctly. When I enter www.mydomain.com/App/ it somehow access my MVC app... as I see the URL changing to www.mydomain.com/App/Account/LogOn?ReturnUrl=%2fApp%2f BUT shows a 404 Joomla error as if it were looking that URL in Joomla. BTW, the hosting has 2 ASP.NET IIS Setup options: 4.0 Classic and 4.0 integrated. Using the Integrated one... it displays a blank page... using the classic one shows the 404 Joomla page. Any idea where to look for this?

    Read the article

  • Passive and active sockets

    - by davsan
    Quoting from this socket tutorial: Sockets come in two primary flavors. An active socket is con­nect­ed to a remote active socket via an open data con­nec­tion... A passive socket is not con­nect­ed, but rather awaits an in­com­ing con­nec­tion, which will spawn a new active socket once a con­nec­tion is es­tab­lished ... Each port can have a single passive socket binded to it, await­ing in­com­ing con­nec­tions, and mul­ti­ple active sockets, each cor­re­spond­ing to an open con­nec­tion on the port. It's as if the factory worker is waiting for new mes­sages to arrive (he rep­re­sents the passive socket), and when one message arrives from a new sender, he ini­ti­ates a cor­re­spon­dence (a con­nec­tion) with them by del­e­gat­ing someone else (an active socket) to ac­tu­al­ly read the packet and respond back to the sender if nec­es­sary. This permits the factory worker to be free to receive new packets. ... Then the tutorial explains that, after a connection is established, the active socket continues receiving data until there are no remaining bytes, and then closes the connection. What I didn't understand is this: Suppose there's an incoming connection to the port, and the sender wants to send some little data every 20 minutes. If the active socket closes the connection when there are no remaining bytes, does the sender have to reconnect to the port every time it wants to send data? How do we persist a once established connection for a longer time? Can you tell me what I'm missing here? My second question is, who determines the limit of the concurrently working active sockets?

    Read the article

  • Querying Active Directory in PowerShell from a Windows host that is not a member of the domain

    - by jshin47
    How can I use PowerShell [adsisearcher] to query a domain that I am not a member of? Usually I will do something like this: $myAdsi = [adsisearcher]"" $myAdsi.SearchRoot = [adsi]"LDAP://dc=corp,dc=mycompany,dc=com" $myAdsi.Filter = "objectCategory=computer" $res = $myAdsi.FindAll() If I run this snippet on a host in my domain, I get the expected result. However, if I run this from a computer that has network access to the domain (through a L2L VPN) I get the error: Exception calling "FindAll" with "0" argument(s): "The specified domain either does not exist or could not be contacted. " At line:11 char:33 + $adComputers = $searcher.FindAll <<<< () + CategoryInfo : NotSpecified: (:) [], MethodInvocationException + FullyQualifiedErrorId : DotNetMethodException This is somewhat expected as I have not provided any sort of credentials to [adsisearcher] that would tell it how to authenticate. My question is: how do I let [adsisearcher] know that I want to authenticate against a domain in which I am not a member?

    Read the article

  • Active Directory FRS problems. 13508 error and other problems

    - by ITPIP
    I have 3 Domain Controllers. We will call them DC1, DC2 and DC3. DC3 and DC2 show Event ID 13508 in their FRS logs with no follow-up event(13509 I think) to say the error had been fixed. DC1's FRS log no matter what you do never shows any events besides FRS service stopped and started. DC1 holds the SYSVOL that needs to be replicated to the other DC's. The other DC's sysvol folders are empty. I have tried the burflag method of fixing this but I haven't had any luck. My procedure for that was to stop all FRS services on all DC's. Then set the burflag on DC1 to D4 and the other two DCs burflag to D2. Started FRS on DC1 and the only event's I see in DC1's FRS event logs are service stopped and service started messages. This fact is leading me to believe that something is wrong on FRS for DC1. I believe there should be events 13553 and 13516 in the FRS event logs after an authoritative sysvol restore. The other two DC's do not have anything in their SYSVOL, otherwise I would have made one of them the authoritative sysvol. DC1 is MS Server 2003 Enterprise Edition SP2 DC2 is MS Server 2003 Standard Edition SP1 DC3 is MS Server 2003 R2 Standard Edition SP2 I did not setup this domain originally but I am now the administrator of it, so I don't have a lot of background on why certain things may have been done in the past. My main goal is to try and fix these issues to get myself better prepared to decommision DC1 and add a DC running Server 2008 to my domain. Thanks.

    Read the article

  • How do I speed up load times on roaming profiles with Active Directory?

    - by user65712
    I've done some reading and apparently the main obstacle to fast remote profile syncing is that Samba takes a long time to transfer lots of little files like cookies. After reading Roaming Profiles: Best Practices , I plan to use Folder Redirection, but I want my users to be able to login as rapidly as possible, even if it means that their data is still coming in when they reach their desktop. Is there a way to do this with GPO or a third party add-on that can load user profile data faster/speed up the login process for users?

    Read the article

  • mac osx active directory authentication and linux samba share problems.

    - by Matt Delves
    As a precursor, the network setup is one that includes a combination of Novell Netware servers as well as Windows Servers and Linux servers. I've successfully been able to bind my mac to the Windows Domain and can login without any problems. I've been able to mount shares without needing to resupply login credentials to any windows based share. The problem I've found is that when I'm attempting to mount a share from a linux server, it is asking to resupply the login credentials. Has anyone experienced this kind of problem. The linux servers are a combination of SLES 10 and 11 and RHEL 4 and 5. Thanks, Matt

    Read the article

  • How can I set up Redmine => Active Directory authentication?

    - by Chris R
    First, I'm not an AD admin on site, but my manager has asked me to try to get my personal Redmine installation to integrate with ActiveDirectory in order to test-drive it for a larger-scale rollout. Our AD server is at host:port ims.example.com:389 and I have a user IMS/me. Right now, I also have a user me in Redmine using local authentication. I have created an ActiveDirectory LDAP authentication method in RedMine with the following parameters: Host: ims.example.com Port: 389 Base DN: cn=Users,dc=ims,dc=example,dc=com On-The-Fly User Creation: YES Login: sAMAccountName Firstname: givenName Lastname: sN Email: mail Testing this connection works just fine. I have, however, not successfully authenticated with it. I've created a backup admin user so that I can get back in to the me account if I break things, and then I've tried changing me to use the ActiveDirectory credentials. However, once I do, nothing works to log in. I have tried all of these login name options: me IMS/me IMS\me I've used my known Domain password, but no joy. So, what setting do I have wrong, or what information do I need to acquire in order to make this work?

    Read the article

  • How do I figure out what is changing the userWorkstations attribute in Active Directory?

    - by Martin
    I just took over the IT for a medium sized business with a three domain controllers (2003/2008 Standard) and whenever I create a new user, after some time the user account cannot log into most machines on the network. I have traced this back to the "Log On To..." area becoming populated with a small list of machines. Even when I set the option to all computers, this list comes back after some time. I started hunting for vbs and ps1 scripts with the word "workstations" in them on all domain controllers to see if there is some kind of script to blame, but I have thus far come up empty handed. Is there a known software suite that can cause this (Microsoft Forefront, etc)? How can I figure out what is causing this list to change?

    Read the article

  • How do I get Bugzilla to authenticate with Active Directory LDAP?

    - by user65712
    After reading this guide and trying a ton of permutations based on that, is there an easy way to get Bugzilla working with an AD server? I keep getting the error: 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db0 I created an AD "bugzilla" user account with "Account Operators" permission as directed. I'm not sure if the error is saying that my login is incorrect or the system login to access LDAP is incorrect. Maybe I just missed an arcane option somewhere in the settings. You'd think all I'd need to do is specify the server name. As you might have been able to tell, I don't have a lot of LDAP experience. Also, will the Sysinternals LDAP tool help here?

    Read the article

< Previous Page | 27 28 29 30 31 32 33 34 35 36 37 38  | Next Page >