Search Results

Search found 31564 results on 1263 pages for 'users group'.

Page 312/1263 | < Previous Page | 308 309 310 311 312 313 314 315 316 317 318 319  | Next Page >

• Error connecting ESX 5.0.0 to domain

  - by Saariko

  I am trying to connect an ESX 5.0.0 to our Domain Controler, in order to give a Domain group specific roles security. But I do not see any groups after the host connects to the domain. Under Configuration - Authentication Services - I connected the host to the domain: I created the role I wanted, with the selected approved features But when I want to add a permission to a set of VM's, I can not see "my domain" on the drop down, only the: "localhost" How do I see "my domain" on the Domain drop down - so I can select the domain group to give the role to? To note: I followed the instructions to connect to the domain form VMware site.

  Read the article

• Remote Desktop Services Licensing - Does server have to have a RDS role?

  - by transistor1

  I recently set up a "micro" size Windows 2008 Datacenter server on Amazon AWS. My small group needs several concurrent RDS users to be able to access the machine. Without installing the "Remote Desktop Server" role, it allows 2 concurrent connections. I read on MS' website that in order to set up multiple users, we needed to install the RDS role. I did so, but now the application we are trying to share is running much slower than it was before. Prior to the role installation, it was taking about 5 seconds to open; now it is taking a few minutes to open -- without any other users logged on except me. My assumption is that the RDS role may be too much for this micro instance to handle, and currently, changing to another size instance is not an option (it may be possible later if we were to receive enough funding). This leads me to the following questions: 1) Is it a sensible assessment to assume that it is the RDS role is slowing things down, or are there other things that I could look at to speed it up? We are talking about a machine with ~600MB of memory. 2) If I revert back to the pre-RDS role, is there any legitimate way (in terms of purchasing RDS licenses) to get more than 2 concurrent desktops? I did read this, and am not questioning that the answerer is knowlegeable; but someone else may have some other experience. I am also making it clear that we want to do this in a legitimate way. Thanks in advance for any assistance that can be provided! EDIT: if it is helpful in answering the question, the application in question is a Lotus Approach database. Also, I am asking this from a technical perspective: not a legal one. I want to know if it is possible to install valid licenses without the RDS role.

  Read the article

• NAS for Mac OS X Server

  - by SamAdmin

  I'm using Mac OS X Server and want to allow the users that connect to their network accounts to store their data on a NAS drive. I want the users to connect to the Lion server as this allows for better policies and management for me and for their afp share to be located on a NAS drive. I've looked into home directories and network logins however I don't want the users to connect into a different login environment, just an authentication against their provided account on the Lion server and for their finder to take them to their own storage area - located on the NAS drive. Currently I am using FreeNAS for both authentication and storage however there are getting to be far too many people to manage each afp share and account, plus just using FreeNAS is extremely limiting for expansion and if something goes wrong with 1 entity the entire system goes down. Using the Lion server for user accounts and policies will be much better for this expanding business. I have looked into LDAP, using the Lion server as an LDAP server to authenticate against for FreeNAS however I have had issues with this and thought a different approach could be better from the other side of the situation... Providing the account with somewhere to store data rather than the afp share authenticating against an LDAP server. I am wrong to try it this way? Is it possible to logically add storage to a Mac OS X Server which can be recognised as a local drive, so can be used for network accounts?

  Read the article

• sudo or acl or setuid/setgid?

  - by Xavier Maillard

  for a reason I do not really understand, everyone wants sudo for all and everything. At work we even have as many entries as there are way to read a logfile (head/tail/cat/more, ...). I think, sudo is defeating here. I'd rather use a mix of setgid/setuid directories and add ACL here and there but I really need to know what are the best practices before starting up. Our servers have %admin, %production, %dba, %users -i.e many groups and many users. Each service (mysql, apache, ...) has its own way to install privileges but members of the %production group must be able to consult configuration file or even log files. There is still the solution to add them into the right groups (mysql...) and set the good permission. But I do not want to usermod all users, I do not want to modify standards permissions since it could change after each upgrade. On the other hand, setting acls and/or mixing setuid/setgid on directories is something I could easily do without "defacing" the standard distribution. What do you think about this ? Taking the mysql example, that would look like this: setfacl d:g:production:rx,d:other::---,g:production:rx,other::--- /var/log/mysql /etc/mysql Do you think this is good practise or should I definetely usermod -G mysql and play with standard permissions system ? Thank you

  Read the article

• How can I automate or script daily downloads for any new anti- virus databases, and then have the program scan my drive?

  - by Macgrimm

  Howdy all Super Users" I humbly ask if any Super User can direct this long time, gray haired Apple Tech in the right direction on this issue. I believe there probably are many ways to skin this cat. But I am looking to find simply the best, most unattended way to get it done. Any help will be greatly appreciated. also (I know there are much better softwares out there for the Mac so please don't go there! The politics of this company dictate which Anti virus we have to use) anyway without any further wait: basically I am trying to automate 2 very important functions of Mc'Afee anti-virus for Mac. First I want to automate the process of retrieving new virus definition files, and second I want to automate the process of scanning for viruses. It turns out that Using Mc'Afee Anti-Virus for the Mac are both manual functions. And they left up to the user (per user account) to perform. Depending on all of about 150 MAc users to perform these 2 tasks themselves is around 65% compliance. My question then is: If I wanted to use the command line such as (open /Applications/McAfee\ Security.app) It will open up the Security Console. But how can I make command Mc'Afee go out and grab the definition files and scan the computer? I have to admit I am at a crossroad and Macaltimers has set in. I would really appreciate it if any of you "Super ~ Users" can help me out with this MacAltimers loss of how to what to do. Thanks to All up Front Macgrimm

  Read the article

• auth user and exec a node app only with apache?

  - by Blame

  I couldn't find an answer on the web and I'm trying for days now so I hope that someone with more experience with apache can help me out. Iam writing an web editor and the user should be able to edit a file that is on the server in a directory the user has access to. The problem Iam facing is that I need to authenticate against the system users (shadow/passwd). So the user should be able to login whith a system account and then the node app which does all the logic should be started with the users rights. I hope to get this working without any additional script and only with Apache. I found out two things: I can use mod_auth_pam to authenticate the user There is a mod called suEXEC which can exec the node app with a specified user The problem is that I have to hard code which user is used by suEXEC but I want to decide when the user logs in. Is there any way to authenticate a user against the shadow/passwd and then exec a prog with the users rights? I dont want to run the node app as root and the user should only be able to access his own files. Any help would be appreciated! Thanks, Kodak

  Read the article

• How do I setup a secondary incoming mail server?

  - by abrahamvegh

  I currently have a server running Debian 6, with postfix and dovecot handling email. This server hosts email for a number of domains and users, so I use MySQL as my backing store for users and forwardings and everything related. Currently, this server is the only server listed in an MX record for all of the domains it serves. I would like to create a secondary server that would be listed in the DNS with a lower priority (e.g. current primary server is priority 5, secondary would be priority 10), so that in the event that I need to reboot the primary server, or otherwise make it unavailable, the secondary server would receive email, and hold it until the primary server came back up, at which point it would deliver any held email to the primary server. I do not need the secondary server to function as a backup sending server. Users would never need to see the secondary server, they would simply not lose incoming emails if the primary server is down, and they would be unable to send or receive until the primary came back up. How would I go about doing this? I would like to use the same software if they can handle this task, because I’m already familiar with managing them.

  Read the article

• PAM with KRB5 to Active Directory - How to prevent update of AD password?

  - by Ex Umbris

  I have a working Fedora 9 system that's set up to authenticate users via PAM - krb5 - Active Directory. I'm migrating this to Fedora 14, and everything works, but it's working too well :-) On Fedora 9, if a Linux user updated their password, it did not propagate to their Active Directory account. On Fedora 14, it is changing their A/D password. The problem is I don't want A/D to be updated. Here's my password-auth-ac: auth required pam_env.so auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 500 quiet auth sufficient pam_krb5.so use_first_pass auth required pam_deny.so account required pam_unix.so account sufficient pam_localuser.so account sufficient pam_succeed_if.so uid < 500 quiet account [default=bad success=ok user_unknown=ignore] pam_krb5.so account required pam_permit.so password requisite pam_cracklib.so try_first_pass retry=3 type= password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok password sufficient pam_krb5.so use_authtok password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so -session optional pam_systemd.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so session optional pam_krb5.so I tried removing the line password sufficient pam_krb5.so use_authtok But then when attempting to change the Linux password, if they provide their A/D password for the authentication prompt, they get the error: passwd: Authentication token manipulation error What I want to achieve is: Allow authentication with either the A/D or Linux password (the Linux password is a fall-back for certain sysadmin users in case A/D is unavailable for some reason). This is working now. Allow users to change their Linux passwords without affecting their A/D passwords. Is this possible?

  Read the article

• Tools to manage bunches of servers

  - by Stan

  Platform: most of them are Windows Server 2003, some are CentOS 5 Say if there're many game servers, is there any tools for engineers to easily manage? Below are some requirements. allow RDP (remote desktop) to servers. has group/permission setting. Classify by different functionality. So for people has permission to access certain group, they don't need further enter pwd to RDP servers, the tool will automatically log on the server. log activities: history about who has log on what server. Thanks.

  Read the article

• Viability of Mac OS X 10.9 Time Machine Server in office environment

  - by user197609

  Currently we have about 20 Mac OS 10.9 MacBook Pros (almost all with SSDs) backing up to individual USB drives. I'd like to consolidate these to one drobo thunderbolt drive array attached to a Mac Mini server (running 10.9 server) using time machine server. My question is, will this scale to 20 users? Examples I have seen seem to be 5 or 6 users tops, and this isn't easy for me to test (I'd rather not ask everyone to backup to the array and then switch back to USB drives if it brings our network to its knees). My primary concern is saturating our gigabit network, as time machine backs up every hour for every machine, so there would usually be a couple people backing up at any given time. We also have some people occasionally on our 802.11ac network and not on ethernet (usually connected via 802.11n until people upgrade to newer machines), but most of the time people are connected to our thunderbolt displays which have a gigabit ethernet connection on them. Our network topology is one 32 port gigabit switch with 5 smaller gigabit switches at each desk cluster. The mac mini server is connected directly to the top level switch. Update: Failing information from someone who has done this in practice, I suppose my question is really around how switches work. If three or four people are backing up simultaneously, and then other two (different) users transfer a file between each other, will they be able to transfer the file at gigabit speeds?

  Read the article

• Restrict access to one SVN repository (overwrite default)

  - by teel

  I'm trying to set up our SVN server so that by default the group developers will have access to all repositories, but I want to override that setting on some certain repositories where I want to allow access only to single defined users (or separate groups) The current configuration is SVN + WebDAV on Apache2. All my repositories are located at /var/lib/svn/ In dav_svn.authz I currently have [/] @developers = rw @users = r Now I want to add one repository (let's call it secret_repo) that would only allow access to one user who is also a member of the developers group.¨ I tried to do [secret_repo:/] * = secret_user = rw Where secret_user is the user I'd like to give access to the repository, but it doesn't seem to work. Currently the server is using Apache's LDAP module to authenticate users from our active directory domain and I'd like to keep it that way if possible. Also I seem to be able to browse all my repos freely with any web browser, which I'd like to block. Second problem is that I have webSVN on the server, which is using Apache's LDAP authentication. Everyone who is a member of our domain can access it, so I'd like to hide this secret_repo from websvn listing. It's configured not with parentPath("/var/lib/svn");. Do I really need to remove that and add every repository separately, except the ones I want to hide?

  Read the article

• Mysql Query - That Is Returning Blatanty Incorrect Result

  - by user866190

  I am building a VPS node that is running Ubuntu 10.10LTS, Apache2, Mysql 5.1 and php5. I could not log in to my website admin through the browser, even though I am using the correct login details. So I logged in from the command line to check the results. When I run this query I get expected results: mysql> select * from users; +----+----------+-----------------------+----------+ | id | username | email | password | +----+----------+-----------------------+----------+ | 1 | myUserName | [email protected] | myPassword | +----+----------+-----------------------+----------+ And the same goes for this query: mysql> select * from users where id = 1; +----+----------+-----------------------+----------+ | id | username | email | password | +----+----------+-----------------------+----------+ | 1 | myUserName | [email protected] | myPassword | +----+----------+-----------------------+----------+ 1 row in set (0.00 sec) But when I run this query I get this 'unexpected response': mysql> select * from users where username = 'myUserName' and password = 'myPassword'; Empty set (0.00 sec) I am not sure why this is happening. Any help would be greatly appreciated. BTW.. I will be encrypting the user details but for now I just want to get it set up. Please help, Thanks

  Read the article

• Windows preventing running of Telnet client

  - by palswim

  At first, I had issues because Windows 7 doesn't install the Telnet client by default (also, SuperUser has a thread). So, after installing it (and restarting, like Windows asked, though completely unnecessary), I opened a command prompt, and went to run my new Telnet program. I enter telnet, and receive: C:\Users\[USER]>telnet 'telnet' is not recognized as an internal or external command, operable program or batch file. "That's odd," I think to myself. So, in Windows explorer, I navigate to \Windows\System32 and see telnet.exe sitting in that folder. If I double-click on the executable file, the Telnet command prompt opens for me without a problem. So, I return to my Windows Command Prompt, and enter: C:\Users\[USER]>\Windows\System32\telnet.exe '\Windows\System32\telnet.exe' is not recognized as an internal or external command, operable program or batch file. And then (grep comes from cygwin): C:\Users\ryan\Desktop>dir \Windows\System32 | grep telnet Nothing. I've disabled UAC and have no idea why my Command Prompt is lying to me. Anyone experience something similar? To recap: In Windows 7, I have installed Telnet and can see it in my System32 folder, but cannot run it via a Command Prompt.

  Read the article

• What is the correct approach i should use for an application that requires amazon S3 uploads and SimpleDB data management?

  - by Luis Oscar

  I am developing an application for iOS and that is going smoothly, the problem is that I am very new at server sided things. I am totally confused about how to correctly use Amazon Web Services for this purpose. What I want to do is very simple. I want my application to be able to query a servlet hosted in EC2 to be able to retrieve pictures and data based on some criteria from S3 and SImpleDB respectively. Also the application should be able to upload pictures into a S3 bucket and register the information in the SImpleDB. My main concerns are security and costs, So far i was using Amazon Token Vending Machine but I haven't been successful when trying to customize it, and while researching I discovered that on the long run it is very expensive. The ultimate goal is to handle a "social" picture service for my iOS application. Being able to register new users, authenticate these users. See what permissions they have to which pictures from the bucked. And all this without having to worry about Third party people from accessing the private pictures of my users. Sorry for this question but I am really clueless about how to handle this... I have tried reading many articles but all these server stuff looks very scary.

  Read the article

• How to write to Samba folder?

  - by Darren

  I created a Samba share on my CentOS machine and I can connect to the share and read the contents but I cannot write files to it or delete them. In Samba I have set readable to yes and writeable to yes, as well as made the folder I want to access apart of the wheel group of which I added the user that is accessing it from Samba. The folder in quesiton is /var/www/. I have set that folder and all folders under it to the wheel group which can read and write to it. What am I doing wrong here?

  Read the article

• Exchange 07 to 07 mailbox migration using local continuous replication

  - by tacos_tacos_tacos

  I have an existing Exchange Server ex0 and a fresh Exchange Server ex1, both 2007SP3. The servers are in different sites so users cannot access mailboxes on ex1 as from my understanding, a standalone CAS is required for this. I am thinking of doing the following: Enable local continous replication of the storage group on ex0 to a mapped drive that points to the corresponding storage group folder on ex1 At some point when the replication is done (small number of users and volume of mail), say on a late night on the weekend, disable CAS on ex0 (or otherwise redirect requests on the server-side from ex0 to ex1) AND change the public DNS name of the CAS so that it points to ex1. Will my plan work? If not, please explain what I can do to fix it.

  Read the article

• Exchange 2010: Send emails via STMP with custom From address to outside the domain

  - by marsze

  The requirement(s): (1) Connect to Exchange via STMP and (2) basic authentication and send emails with a (3) custom From address to (4) recipients outside the domain. I was able to get (1) - (3) working. I created a dedicated receive connector for this task and configured it like this: Permissions: ms-Exch-SMTP-Accept-Any-Recipient (for authenticated users) ms-Exch-SMTP-Accept-Authoritative-Domain-Sender (for authenticated users) ms-Exch-SMTP-Accept-Any-Sender (for authenticated users) Authentication: TLS Basic Authentication (without TLS) Exchange Server Authentication However, I'm still struggeling with (4): I can send with "fake" From addresses to recipients inside the domain. Also, I can send with the original From address to recipients outside the domain. Can you tell me what I'm missing, to configure Exchange to send emails with changed From addresses to recipients outside the domain? (Or is this even possible at all?) Thanks. UPDATE I have to correct myself: it seems to be working after all. There must be some issue with the mailbox I used for testing. It turned out it's working with other external mailboxes. However, I still have no idea what was different there... Anyways, you can take this as a documentation on how to configure Exchange in such a way ;)

  Read the article

• How to write to Samba folder?

  - by Darren

  Hi all, I created a Samba share on my CentOS machine and I can connect to the share and read the contents but I cannot write files to it or delete them. In Samba I have set readable to yes and writeable to yes, as well as made the folder I want to access apart of the wheel group of which I added the user that is accessing it from Samba. The folder in quesiton is /var/www/. I have set that folder and all folders under it to the wheel group which can read and write to it. What am I doing wrong here?

  Read the article

• windows 8 on macbook locks after 2 mins despite high performance settings

  - by Mark

  I am running my Macbook Prop as a Windows 8 machine using bootcamp and for some reason, when I leave the keyboard/mouse alone for 2 mins it locks the PC (i.e. goes to the lock screen). I have (of course) checked the power settings and I can assure you that it is not set to these settings. I did notice that when I added my work's Mail Account the computer asked me to accept some group policy settings, which I did, so I suspect that this is a group policy setting, but I cannot find it. Can someone help? P.S. I have searched these forums first, and this is different to the PC going to sleep once locked, this is locking while logged in after 2 mins. Thanks.

  Read the article

• How can I re-create Microsoft Cluster Service resource groups on a different cluster?

  - by PersonalNexus

  I use Microsoft Cluster Service on a cluster of Windows Server 2003 machines containing several dozen resource groups. In the process of migrating to newer hardware, I would like move resources to the new machines on resource group at a time spread out over a few days to ease the migration and minimize risk. I was wondering of there was a smarter way to do this than manually re-creating resources on the new and then deleting them on the old cluster? The cluster has already been set up properly, the only missing is the resource groups and the resources they contain (IP, network names, services...). I have looked through the options of the cluster admin GUI and cluster.exe's commandline options, but haven't found anything like an import/export feature to copy over the configuration of a resource or entire resource group. Does something like this exist?

  Read the article

• Is 40+ Logons on Exchange 2003 per user normal?

  - by cbsch

  Hello! We've had a problem at work where users sometimes randomly can't connect to exchange. I've found out that it's because they reached the limit of 32 concurrent logons. I increased the maximum allowed connections by adding the key "Maximum Allowed Sessions Per User" in HKLM\SYSTEM\CurrentControlSet\Services\MSExchangeIS\ParametersSystem. But I'm not sure if this is a real good fix. Looking at the logons some users has as many as 15 logons with the exact same logon time. I know for sure that Outlook 2007 does this, as I was watching them while a user connected with Outlook after a restart on the Exchange service. Every user also has an iPhone connected to exchange, I don't know if these cause the same thing. Is this normal? Could there be a bug in the software? (The Outlook 2007 has nothing configured, except added the user, pure vanilla installs). The users are mobile, and when Outlook generates up to 15 connection every time it connects, and I've read (no sources, sorry) that Outlook doesn't time out connections before 2 hours. I might have to set this number real high to prevent it from being a problem.

  Read the article

• How to clean up orphaned SID's in ACEs in AD?

  - by geoffc

  As a follow up to my question Do backlinks clear in AD for deleted users I have another related but different question. Since I am informed in the answers there that a deleted object's SID (Group or User, so assigning rights to group only minimizes the issue, and does not fix it) will remain within ACEs they have been assigned, leaving them orphaned. Lotus Domino, which has similar issues with back references, has an adminp process to clean up such orphaned references. Is there a similar process in AD that would allow you to clean up such orphaned SIDs floating around your domain?

  Read the article

• Comparison in Monit Permissions Testing

  - by beanland

  I'm trying to use Monit to check the permissions of a particular directory, but I only care that it's readable to all users. I don't care about any other permissions (write, execute) for the owner, group, or all. I also don't care about any special permissions. Knowing that I can't change the permissions of this directory, and with the possibility of another administrator changing these permissions without affecting my processes that rely on this directory (i.e., granting or revoking write access to the group), is it possible to check for a minimum permission in Monit? I have this which is currently working: check directory archive path /var/home/archive/ if failed perm 0755 then alert But I would like to have something like tihs: check directory archive path /var/home/archive/ if failed perm > 444 then alert This is failing for me. Is it possible to use comparison operators in Monit's permissions checking? If not, are there any workarounds?

  Read the article

• SSH - SFTP/SCP only + additional command running in background

  - by Chris

  there are many solutions described to get ur SSH-connection forced to only run SFTP by modifying the sshd_config by adding a new group match and give that new group a Forcecommand internal-sftp Well that works great but i would love to have a little more feature. My servers automatically ban IP's which try to connect often in a short time. So when you use any SFTP-Client, which opens multiple connections to work faster it can get banned instandly by the server for a long time. The servers have a script to whitelist users by administrator. I've modified this script to whitelist the user, which runs the script. All i need to do is now get the server to execute that script, when somebody logins. On SSH it's no problem, just put it in .bashrc or something like, but the Forcecommand don't runs these scripts on login. Is there any way to run such a shellscript before or at the same time as the Forcecommand get fired?

  Read the article

• Redirect URL to a Tomcat webapp

  - by phs

  I have a Tomcat server with two webapps, app1 and app2 (the app part is really the same). Each app has an independent group of users. I would like the groups to be able to access their respective app using group1.domain.com/app and group2.domain.com/app URLs, meaning that the numbers should be hidden from the URL displayed in browser. I suppose there needs to be a mechanism that would return the correct app based on the group# part of the URL. I have a vague understanding of URL rewrites. Is there a way to do this with only Tomcat? Or do I need Apache HTTP server? I would rather not use Apache if possible, but have no problem going that way if necessary.

  Read the article

< Previous Page | 308 309 310 311 312 313 314 315 316 317 318 319  | Next Page >