Search Results

Search found 96005 results on 3841 pages for 'user group'.

Page 313/3841 | < Previous Page | 309 310 311 312 313 314 315 316 317 318 319 320  | Next Page >

• Does LDAP fit the role of a user database for an application?

  - by Spredzy

  I (my company) run a webservice that integrates pieces of few entreprisey-level software. Most of them offer different type of authentication but all offers at least LDAP. I was wondering if storing my application users directly in an LDAP directory would be a good idea. This way all the application I am using could rely on it for authentication purpose. I am aware that LDAP is not a database per se, but it is a datastore. I am also aware that there is no kind of constraints thus deleting a user on the LDAP directory won't do anything on my actual data, but this case would be taken care of with an extra process. My main question here is : is there any reason why I shouldn't use LDAP as my users database ?

  Read the article

• How to limit access to Exchange 2003 Mobile Activesync server by user?

  - by micilin

  So I was asked to set up an Exchange Activesync mobile gateway. That's done. It's a separat eExchange 2003 front-end server configured for SSL, and I've put an off-domain ISA server in front of it. Now I'm being asked to limit which users can connect to it. By default an Exchange front-end server allows any user who has a mail account to connect to the front -end server. So I'm looking at the permissions on the various IIS sites/apps on the server, but I know that it's easy to break Exchange Front-end server perms. So I've got the following in IIS: Exadmin Exchange EchWeb Microsoft-SErver-ActiveSync MobileAdmin OMA And a couple of others that I dont think are relevant. Can I change the permissions on one of these to restrict who can connect to Activesync? As a bonus: Can I do it in a way that does not affect ordinary browser based Exchange Access? Thanks in Advance!!

  Read the article

• How to failover to local account on a cisco switch/router if radius server fails?

  - by 3d1l

  I have the following configuration on a switch that I testing for RADIUS authentication: aaa new-model aaa authenticaton login default group radius local aaa authentication enable default group radius enable aaa authorization exec default group radius local enable secret 5 XXXXXXXXX ! username admin secret 5 XXXXXXXXX ! ip radius source-interface FastEthernet0/1 radius-server host XXX.XXX.XXX.XXX auth-port 1812 acct-port 1813 key XXXXXXXXX radius-server retransmit 3 ! line con 0 line vty 5 15 Radius authentication is working just fine but if the server is not available I can not log into the router with the ADMIN account. What's wrong there? Thanks!

  Read the article

• Can't create a file even if rights allow and I've relogged in

  - by stiv

  I try to create file in folder with group write access, user tomcat7 is in group. Why isn't it workin? skr@konrad~/data/asu$ sudo -u tomcat7 sh $ whoami tomcat7 $ echo > /home/skr/data/asu/g.gz.index sh: 2: cannot create /home/skr/data/asu/g.gz.index: Permission denied $ ls -la /home/skr/data/asu/ total 18708 drwxrwxr-x 2 skr skr 4096 Sep 29 08:38 . drwxrwxr-x 85 skr skr 4096 Jul 30 00:42 .. $ grep ^skr /etc/group skr:x:1002:tomcat7:mail Tried to logout, but it doesn't help. Any ideas?

  Read the article

• Should I limit end-user gigabit ports to avoid saturating uplink/trunk connections?

  - by Joel Coel

  We have a campus with 16 buildings and older 850nm 1Gbps fiber links between the buildings, that all come to a core switch for our servers that also uses 1Gbps ports. We're finally starting to replace our aging 10/100 end-user switches, and much of what we're looking at are 1 Gbps units. My question is, since the trunk/uplink lines are still 1Gbps, if I were to install 1 Gbps switches for end users, should I limit the ports to 100Mbps until I can also upgrade the trunks to avoid allowing a bad-behaving host to saturate a trunk line (since we're a college, we have plenty of mis-behaving hosts) and thereby create a DoS situation for a building, or will TCP congestion control typically take care of that for me? What if we have a lot of UDP traffic (games, video chats, even a small amount of bittorrent)?

  Read the article

• PsExec - what if the .exe you run remotely requires user interaction?

  - by Luca Matteis

  I use PsExec to deploy small .exe files to my workstations. Sometimes the .exe, for some reason, is incompatible with the system and opens a popup window with an error or some other message. Is there any way to know when the executable is 'stuck' there requiring user interaction? On my side I just have psexec running and waiting for the .exe to return (which will never return because the popup is stuck there). Since I run PsExec programmatically and I automate all the executions, when this Popup thing happens I find myself with hundreds of psexec processes stuck there and have no result back from them.. What's the best way to handle this sort of issue? Thanks.

  Read the article

• How can I whitelist a user-agent in nginx?

  - by djb

  I'm trying to figure out how to whitelist a user agent from my nginx conf. All other agents should be shown a password. In my naivity, I tried to put the following in before deny all: if ($http_user_agent ~* SpecialAgent ) { allow; } but I'm told "allow" directive is not allowed here (!). How can I make it work? A chunk of my config file: server { server_name site.com; root /var/www/site; auth_basic "Restricted"; auth_basic_user_file /usr/local/nginx/conf/htpasswd; allow 123.456.789.123; deny all; satisfy any; #other stuff... } Thanks for any help.

  Read the article

• How to set umask for a folder and it's subfolder?

  - by Cyril N.

  I'm working on the same directory with some friends and they access it via SSH. I added us in the same group and defined a sticky bit to keep the user:group values the same. But when a user create a file/folder, the Write attribute is not defined for the group, disabling other to write it/on it. How can I define the Umask to add the Write value for groups in the specific directory and it's subfolders ? I tried to find some help before, but I only saw helps for Fedora/CentOs, and I'm using Debian Squeeze. Thanks for your help

  Read the article

• Multiple EyeFinity Display groups

  - by Shinrai

  Is it possible with an EyeFinity enabled card to make multiple display groups at once? I was playing with a FirePro 2460 and while a 4x1 or 2x2 display group works quite nicely, if I make a 2x1 display group and then select one of the other displays to try to make a second 2x1 display group, it disables the first one. Is there any way to circumvent this behavior and set up two separate spans on the same card? Additionally, can you set up distinct display groups if they're on different cards? I will have the opportunity to test several of these cards in one machine very shortly, but I'm curious if anyone has any experience. EDIT: I can confirm that you can make multiple spans on multiple cards (as long as they don't cross cards, obviously) (If the answers are different for FirePro/FireMV cards and Radeon cards, that is helpful and relevant knowledge - I doubt it, though.)

  Read the article

• How do I execute a script or program on Windows Shut Down

  - by Subhen

  I want to run a exe or bat file when window shut down? I want to unmount few drives , which are mounted by my application , when user shutdown the system. For that I need to execute another exe on shutdown, which will disconnect drives mounted by my app. I got few links which shows we can create a entry in Group Policy to execute a programe while window shut down. I am not sure how I can add a entry to Group ploicy by C++ code. Again , group policy doesn't work with Win Vista. Any other better approach ?

  Read the article

• FTP Error 550 when trying to access a folder via symbolic link

  - by OrangeTux

  I'm configuring svftp on a linux machine. At the moment local users can login via ftp and they will see listened their home dir. They have write acces to it. No I want the users to write in de /var/www/ dir. Therefore I created an new group apache. Added users to the group and gave the group write access to /var/www. Via the terminal all users can write .var/www/. I created a link in the home directory to /var/www via ln -s /var/www/ /home/user/www ls gives: drwxr-xr-x 2 orangetux orangetux 4096 Jun 23 15:06 ftp lrwxrwxrwx 1 orangetux orangetux 21 Jun 23 15:00 www -> /var/www/ But when I use FTP I see the link but I cannot follow it. Error 550 which means file not found or bad access. How can I solve this, so that the users have access to /var/www via their home dir?

  Read the article

• How to limit access to Exchange 2003 Mobile Actviesync server by user?

  - by micilin

  So I was asked to set up an Exchange Activesync mobile gateway. That's done. It's a separat eExchange 2003 front-end server configured for SSL, and I've put an off-domain ISA server in front of it. Now I'm being asked to limit which users can connect to it. By default an Exchange front-end server allows any user who has a mail account to connect to the front -end server. So I'm looking at the permissions on the various IIS sites/apps on the server, but I know that it's easy to break Exchange Front-end server perms. So I've got the following in IIS: Exadmin Exchange EchWeb Microsoft-SErver-ActiveSync MobileAdmin OMA And a couple of others that I dont think are relevant. Can I change the permissions on one of these to restrict who can connect to Activesync? As a bonus: Can I do it in a way that does not affect ordinary browser based Exchange Access? Thanks in Advance!!

  Read the article

• Linux File Permissions & Access Control Query

  - by Jason

  Hi, Lets say I am user: bob & group: users. There is this file: -rw----r-- 1 root users 4 May 8 22:34 testfile First question, why can't bob read the file as it's readable by others? Is it simply that if you are denied by group, then you are auto-blacklisted for others? I always assumed that the final 3 bits too precedence over user/group permission bits, guess I was wrong... Second question, how is this implemented? I suppose it's linked to the first query, but how does this work in relation to Access Control, is it related to how ACLs work / are queried? Just trying to understand how these 9 permission bits are actually implemented/used in Linux. Thanks alot.

  Read the article

• How do I get rid of the Cisco CP one-time user message on a Cisco 2901 router?

  - by user65712

  I get this message on a new 2901 Cisco router: Cisco Configuration Professional (Cisco CP) is installed on this device and it provides the default username "cisco" for one-time use. If you have already used the username "cisco" to login to the router and your IOS image supports the "one-time" user option, then this username has already expired. You will not be able to login to the router with this username after you exit this session. It is strongly suggested that you create a new username with a privilege level of 15 using the following command. username <myuser> privilege 15 secret 0 <mypassword> Replace and with the username and password you want to use. It appears every time I login and everytime I show run. I already set up my username. How do I turn it off?

  Read the article

• When using ssh with priv/pub keys, how to connect to the destination using a user different from the origin machine?

  - by lpacheco

  I need to connect to hostB using user2 from hostA where I´m connected using user1. I've run ssh-keygen -t rsa on hostA and copied the public key generated in ~/.ssh/id_rsa.pub to the ~/.ssh/authorized_keys of user2 in hostB. Then I tried to connect from hostA to hostB using the command: $user1@hostA> ssh user2@hostB I still get a request for password: user2@hostB's password: If I try to connect using the same user on both hosts, it works correctly: $user1@hostA> ssh user1@hostB Enter passphrase for key '/home/user1/.ssh/id_rsa': What am I missing?

  Read the article

• Unix file permission for groups

  - by GOPI

  I am working on HP Unix server. I have a directory in which users from different groups need to create files. And the users of a same group should have complete access to the files created by their group and only read access for the files created by other groups. I tried to set sticky bit for the directory thereby to restrict access for other groups. But I face the following problem. Created File1 from user1 of GroupA. When I tried to execute the 'rm' command from user2 of the same group GroupA, it doesn't allow as user2 is not the owner of the file. can setgid (at directory level) or other command help me to sort this issue?

  Read the article

• Utility for notifying a user that their roaming profile is getting too large to copy before shutdown?

  - by leeand00

  My users are having an issue with their roaming profiles getting too large and then their roaming profile is lost. I believe this is because this is because they are storing too much in their roaming profiles. Is there a program that can be installed in Windows, that will: Listen for a logoff event Check the size of their Roaming Profile against a size limit I set... If the roaming profile is too big, it will notify the user that they have to decrease the size of the profile. Does a program like this exist or does it need to written?

  Read the article

• All HTTPS, or is it OK to accept HTTP and redirect (secure vs. user friendly)

  - by tharrison

  Our site currently redirects requests sent to http://example.com to https://example.com -- everything beyond this is served over SSL. For now, the redirect is done with an Apache rewrite rule. Our site is dealing with money, however, so security is pretty important. Does allowing HTTP in this way pose any greater security risk than just not opening or listening on port 80? Ideally, it's a little more user-friendly to redirect. (I am aware that SSL is only one of a large set of security considerations, so please make the generous assumption that we have done at least a "very good" job of covering various security bases.)

  Read the article

• Proftpd: How to set default root to a users home directory without jailing the user?

  - by sacamano

  Hi there. I've installed proftpd on my debian box but I'm having having some trouble with the configuration. In my proftpd.conf I've added; DefaultRoot ~ !ftp_special This works fine in that all users except members of ftp-special are unable to navigate outside of their home folder. However, I want users that are members of ftp-special to enter a special home folder when logging on to the ftp server but at the same time I want them to be able to navigate the entire server. Right now, if a user that is a member of ftp-special logs on his entry-point is the root ( / ). Thanks in advance.

  Read the article

• How can I prevent Apache from exposing a user's password?

  - by Marius Marais

  When using basic authentication (specifically via LDAP, but htpasswd also) with Apache, it makes the REMOTE_USER variable available to the PHP / Ruby / Python code underneath -- this is very useful for offloading authentication to the webserver. In our office environment we have lots of internal applications working like this over SSL, all quite secure. BUT: Apache exposes the PHP_AUTH_USER (=REMOTE_USER) and PHP_AUTH_PW variables to any application inside PHP. (PHP_AUTH_PW contains the plaintext password the user entered.) This means it's possible for the app to harvest usernames and passwords. Presumably the same information is available to Python and Ruby (all three are currently in use; PHP is being phased out). So how can I prevent Apache from doing this? One idea is to use Kerberos Negotiate authentication (which does not expose the password and has the benefit of being SSO), but that automatically falls back to Basic for some browsers (Chrome and in some cases Firefox), causing the password to be exposed again.

  Read the article

• Redirect subdomain.example.org to somethingelse.com hidden to the user?

  - by moontear

  I'm not knowledgeable at all about C-NAMES, A-RECORDS, name servers and the like, so just bear with me on this one: I want to redirect subdomain.example.org to another domain somethingelse.com. I do own both domains and both domains run on shared hosting. When creating a subdomain, all I can do out-of-the-box is do a HTTP redirect (302, yuck!) or a frame redirect. I also can set the DNS records on one host like nameserver, CNAME - but I would have know clue what I am doing. Please explain to me how routing with nameservers works and how I should (even if not possible with my current host) redirect subdomain.example.org to somethingelse.com with the user-visible URL staying at "subdomain.example.org"

  Read the article

• How to suspend and resume browser tab groups?

  - by Robin Green

  Modern browsers such as Firefox and Chrome are able to shutdown and restore the same group of tabs they had before the next time you open them, and even sometimes remember additional tab state such as scroll position within the tab. I would like ideally to be able to select a group of tabs (about some coherent theme, perhaps) and save them away into some kind of "folder" that I could later open independently, without opening any other tabs. Obviously I can use bookmarks for this, but bookmarks are kind of old-fashioned. It would be excellent if it could also record forms that I had filled in but not submitted, scroll position, tab position within the tab group, and any other "dynamic" aspects of the current tab state.

  Read the article

• WSS 3.0 fails to hide quick launch items for which the current user does not have access

  - by Nils

  I'm running a Small Business Server 2008 with Windows Sharepoint Services 3.0 (WSS 3.0). I thought WSS was supposed to hide menu items for which the current logged in user don't have access? Apparently, all users can see all links, regardless of whether they have access. This applies to both links to newly created sub-sites as well as document libraries/lists. Is this expected behaviour, or is there a misconfiguration somewhere that causes the links to stay visible even for users without access? Thanks!

  Read the article

• Redirect subdomain.example.org to somethingelse.com hidden to the user?

  - by moontear

  I'm not knowledgeable at all about C-NAMES, A-RECORDS, name servers and the like, so just bear with me on this one: I want to redirect subdomain.example.org to another domain somethingelse.com. I do own both domains and both domains run on shared hosting. When creating a subdomain, all I can do out-of-the-box is do a HTTP redirect (302, yuck!) or a frame redirect. I also can set the DNS records on one host like nameserver, CNAME - but I would have know clue what I am doing. Please explain to me how routing with nameservers works and how I should (even if not possible with my current host) redirect subdomain.example.org to somethingelse.com with the user-visible URL staying at "subdomain.example.org"

  Read the article

• How do you assign resources and keep begin, end and duration of a task intact?

  - by Random

  I have problems with assigning more than one resource to a group of tasks. The idea is simple, my tasks are in one group and are manually scheduled to particular begin and end dates. I want to assign more than one resource to keep task duration and dates (fixed duration) and increase work. For top level tasks it works fine but as long tasks are grouped, the duration of each is extended to reach group end date and work remains. For the problematic tasks, the Gantt chart looks like this: One resource attached (good) ( Task 1.1 ) ( Task 1.2 ) (Task 1.3) More than one resource attached (wrong) ( Task 1.1 )....................... ( Task 1.2 ).......... (Task 1.3) So for tasks like that, I want to have a fixed schedule and just increase work by adding resources that work in the same time, but sometimes MS Project does leveling to do resources work sequentialy.

  Read the article

< Previous Page | 309 310 311 312 313 314 315 316 317 318 319 320  | Next Page >