Search Results

Search found 994 results on 40 pages for 'logon'.

Page 32/40 | < Previous Page | 28 29 30 31 32 33 34 35 36 37 38 39  | Next Page >

  • [SOLVED] Single Sign On for intranet with Apache and Linux MIT Kerberos

    - by Beerdude26
    EDIT: SOLVED! See my answer below. Greetings, I am looking for a way to do a single sign on to an intranet in the following manner: A Linux user logs on via a graphical frontend (for example, GNOME). He automatically requests a TGT for his username from the MIT Kerberos KDC. Via some way or another, the Apache server (which we'll assume is on the same server as the KDC), is informed that this user has logged in. When the user accesses the intranet, he is automatically granted access to his web applications. I don't think I've seen this kind of functionality while searching the net. I know the following possibilities exist: Using an authentication module such as mod_auth_kerb, a user is presented with a login prompt to enter his username and password, which are then authenticated against the MIT Kerberos server. (I would like this to be automatic.) IIS supports integrated Windows logon via ASP.Net when the user is part of an Active Directory. (I'm looking for the Linux / Apache equivalent.) Any suggestions, criticism and ideas are highly appreciated. This is for a school project to show a proof-of-concept, so every handy piece of information is more than welcome. :)

    Read the article

  • Vista gets stuck in an endless loop while booting

    - by Mason Wheeler
    I put my laptop to sleep last night, and when I woke up this morning... it didn't. So I tried to reboot, and everything went fine until it got to the Vista splash screen, where it's supposed to display the logon. Here, it hits an endless loop: Display the cursor with the blue spinny thing that replaced the hourglass, for 5-10 seconds Display "Please wait..." for about half a second Screen flashes to black, then quickly back to the Vista splash screen Goto step 1 The whole time, my hard LED is on almost non-stop. I can boot into Safe Mode... sometimes. Sometimes it'll load all the drivers, then sit there for about 10 minutes, spinning the hard drive non-stop, then reboot with no warning. I tried booting to Last Known Good Configuration. Didn't fix anything. When I've managed to get into Safe Mode, I tried running CHKDSK. Didn't fix anything. I tried running System Restore to each of my last two restore points. Didn't fix anything either time. I ran a virus scan. Didn't find anything. I tried calling the manufacturer (Alienware), only to discover that my warranty expired last freaking week and now I can't get it fixed without paying exorbitant sums of money. I'm about at my wits' end here. Has anyone seen this problem before? Does anyone know how to fix it? Does anyone know a solution that does not involve reinstalling the OS and losing an entire year's worth of program installations, Windows Updates and configuring and tweaking things until it's working just like I want it to?

    Read the article

  • Failure with LogonUser in MC++

    - by Alikar
    After fighting with this for a week I have not really gotten anywhere in why it constantly fails in my code, but not in other examples. My code, which while it compiles, will not log into a user that I know has the correct login information. Where it fails is the following line: wi = gcnew WindowsIdentity(token); It fails here because the token is zero, meaning that it was never set to a user token. Here is my full code: #ifndef UNCAPI_H #define UNCAPI_H #include <windows.h> #pragma once using namespace System; using namespace System::Runtime::InteropServices; using namespace System::Security::Principal; using namespace System::Security::Permissions; namespace UNCAPI { public ref class UNCAccess { public: //bool Logon(String ^_srUsername, String ^_srDomain, String ^_srPassword); [PermissionSetAttribute(SecurityAction::Demand, Name = "FullTrust")] bool Logon(String ^_srUsername, String ^_srDomain, String ^_srPassword) { bool bSuccess = false; token = IntPtr(0); bSuccess = LogonUser(_srUsername, _srDomain, _srPassword, 8, 0, &tokenHandle); if(bSuccess) { wi = gcnew WindowsIdentity(token); wic = wi->Impersonate(); } return bSuccess; } void UNCAccess::Logoff() { if (wic != nullptr ) { wic->Undo(); } CloseHandle((int*)token.ToPointer()); } private: [DllImport("advapi32.dll", SetLastError=true)]//[DllImport("advapi32.DLL", EntryPoint="LogonUserW", SetLastError=true, CharSet=CharSet::Unicode, ExactSpelling=true, CallingConvention=CallingConvention::StdCall)] bool static LogonUser(String ^lpszUsername, String ^lpszDomain, String ^lpszPassword, int dwLogonType, int dwLogonProvider, IntPtr *phToken); [DllImport("KERNEL32.DLL", EntryPoint="CloseHandle", SetLastError=true, CharSet=CharSet::Unicode, ExactSpelling=true, CallingConvention=CallingConvention::StdCall)] bool static CloseHandle(int *handle); IntPtr token; WindowsIdentity ^wi; WindowsImpersonationContext ^wic; };// End of Class UNCAccess }// End of Name Space #endif UNCAPI_H Now using this slightly modified example from Microsoft I was able to get a login and a token: #using <mscorlib.dll> #using <System.dll> using namespace System; using namespace System::Runtime::InteropServices; using namespace System::Security::Principal; using namespace System::Security::Permissions; [assembly:SecurityPermissionAttribute(SecurityAction::RequestMinimum, UnmanagedCode=true)] [assembly:PermissionSetAttribute(SecurityAction::RequestMinimum, Name = "FullTrust")]; [DllImport("advapi32.dll", SetLastError=true)] bool LogonUser(String^ lpszUsername, String^ lpszDomain, String^ lpszPassword, int dwLogonType, int dwLogonProvider, IntPtr* phToken); [DllImport("kernel32.dll", CharSet=System::Runtime::InteropServices::CharSet::Auto)] int FormatMessage(int dwFlags, IntPtr* lpSource, int dwMessageId, int dwLanguageId, String^ lpBuffer, int nSize, IntPtr *Arguments); [DllImport("kernel32.dll", CharSet=CharSet::Auto)] bool CloseHandle(IntPtr handle); [DllImport("advapi32.dll", CharSet=CharSet::Auto, SetLastError=true)] bool DuplicateToken(IntPtr ExistingTokenHandle, int SECURITY_IMPERSONATION_LEVEL, IntPtr* DuplicateTokenHandle); // GetErrorMessage formats and returns an error message // corresponding to the input errorCode. String^ GetErrorMessage(int errorCode) { int FORMAT_MESSAGE_ALLOCATE_BUFFER = 0x00000100; int FORMAT_MESSAGE_IGNORE_INSERTS = 0x00000200; int FORMAT_MESSAGE_FROM_SYSTEM = 0x00001000; //int errorCode = 0x5; //ERROR_ACCESS_DENIED //throw new System.ComponentModel.Win32Exception(errorCode); int messageSize = 255; String^ lpMsgBuf = ""; int dwFlags = FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS; IntPtr ptrlpSource = IntPtr::Zero; IntPtr prtArguments = IntPtr::Zero; int retVal = FormatMessage(dwFlags, &ptrlpSource, errorCode, 0, lpMsgBuf, messageSize, &prtArguments); if (0 == retVal) { throw gcnew Exception(String::Format( "Failed to format message for error code {0}. ", errorCode)); } return lpMsgBuf; } // Test harness. // If you incorporate this code into a DLL, be sure to demand FullTrust. [PermissionSetAttribute(SecurityAction::Demand, Name = "FullTrust")] int main() { IntPtr tokenHandle = IntPtr(0); IntPtr dupeTokenHandle = IntPtr(0); try { String^ userName; String^ domainName; // Get the user token for the specified user, domain, and password using the // unmanaged LogonUser method. // The local machine name can be used for the domain name to impersonate a user on this machine. Console::Write("Enter the name of the domain on which to log on: "); domainName = Console::ReadLine(); Console::Write("Enter the login of a user on {0} that you wish to impersonate: ", domainName); userName = Console::ReadLine(); Console::Write("Enter the password for {0}: ", userName); const int LOGON32_PROVIDER_DEFAULT = 0; //This parameter causes LogonUser to create a primary token. const int LOGON32_LOGON_INTERACTIVE = 2; const int SecurityImpersonation = 2; tokenHandle = IntPtr::Zero; dupeTokenHandle = IntPtr::Zero; // Call LogonUser to obtain a handle to an access token. bool returnValue = LogonUser(userName, domainName, Console::ReadLine(), LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, &tokenHandle); Console::WriteLine("LogonUser called."); if (false == returnValue) { int ret = Marshal::GetLastWin32Error(); Console::WriteLine("LogonUser failed with error code : {0}", ret); Console::WriteLine("\nError: [{0}] {1}\n", ret, GetErrorMessage(ret)); int errorCode = 0x5; //ERROR_ACCESS_DENIED throw gcnew System::ComponentModel::Win32Exception(errorCode); } Console::WriteLine("Did LogonUser Succeed? {0}", (returnValue?"Yes":"No")); Console::WriteLine("Value of Windows NT token: {0}", tokenHandle); // Check the identity. Console::WriteLine("Before impersonation: {0}", WindowsIdentity::GetCurrent()->Name); bool retVal = DuplicateToken(tokenHandle, SecurityImpersonation, &dupeTokenHandle); if (false == retVal) { CloseHandle(tokenHandle); Console::WriteLine("Exception thrown in trying to duplicate token."); return -1; } // The token that is passed to the following constructor must // be a primary token in order to use it for impersonation. WindowsIdentity^ newId = gcnew WindowsIdentity(dupeTokenHandle); WindowsImpersonationContext^ impersonatedUser = newId->Impersonate(); // Check the identity. Console::WriteLine("After impersonation: {0}", WindowsIdentity::GetCurrent()->Name); // Stop impersonating the user. impersonatedUser->Undo(); // Check the identity. Console::WriteLine("After Undo: {0}", WindowsIdentity::GetCurrent()->Name); // Free the tokens. if (tokenHandle != IntPtr::Zero) CloseHandle(tokenHandle); if (dupeTokenHandle != IntPtr::Zero) CloseHandle(dupeTokenHandle); } catch(Exception^ ex) { Console::WriteLine("Exception occurred. {0}", ex->Message); } Console::ReadLine(); }// end of function Why should Microsoft's code succeed, where mine fails?

    Read the article

  • Use Alladin eToken with ThunderBird and other tool

    - by Yurij73
    I'm looking for an example on how to setup the eToken PRO Java device to work with Mozilla Thunderbird and with other Linux tool such as PAM logon. I installed distributed pkiclient-5.00.28-0.i386.RPM from the official product page eToken Pro but that tool only handles importing/exporting certificates on the device. I read a glance an old HOWTO from eToken on Linux, but I couldn't install pkcs11-lib for this device as recommended for Thunderbird use this crypto device. It seems my usb token isn't listed in system, unless lsusb show it, so that is the matter modutil -list -dbdir /etc/pki/nssdb Listing of PKCS #11 Modules NSS Internal PKCS #11 Module Blockquote slots: 2 slots attached Blockquote status: loaded Blockquote slot: NSS User Private Key and Certificate Services Blockquote token: NSS Certificate DB Blockquote CoolKey PKCS #11 Module Blockquote library name: libcoolkeypk11.so Blockquote slots: 1 slot attached Blockquote status: loaded Blockquote slot: AKS ifdh [Main Interface] 00 00 token: is my token absent? on other hand i don't know which module is convenient to Java Pro, does CoolKey does all the job well? It seems Java token is too new hardware for Linux? there is excerpt from /etc/pam_pkcs11.conf #filename of the PKCS #11 module. The default value is "default" use_pkcs11_module = coolkey; screen_savers = gnome-screensaver,xscreensaver,kscreensaver pkcs11_module coolkey { module = libcoolkeypk11.so; description = "Cool Key"`

    Read the article

  • Migrating from tomcat to tc server - receiving java.sql.SQLException on startup

    - by user470184
    I'm receiving below error when I start tcServer. I do not receive this error on standalone version of tomcat. Is there extra config I need to add for tcServer ? WARNING: Unexpected exception resolving reference java.sql.SQLException: Io exception: The Network Adapter could not establish the connection at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:112) at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:146) at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:255) at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:387) at oracle.jdbc.driver.PhysicalConnection.(PhysicalConnection.java:441) at oracle.jdbc.driver.T4CConnection.(T4CConnection.java:165) at oracle.jdbc.driver.T4CDriverExtension.getConnection(T4CDriverExtension.java:35) at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:801) at org.apache.tomcat.jdbc.pool.PooledConnection.connectUsingDriver(PooledConnection.java:277) at org.apache.tomcat.jdbc.pool.PooledConnection.connect(PooledConnection.java:182) at org.apache.tomcat.jdbc.pool.ConnectionPool.createConnection(ConnectionPool.java:699) at org.apache.tomcat.jdbc.pool.ConnectionPool.borrowConnection(ConnectionPool.java:631) at org.apache.tomcat.jdbc.pool.ConnectionPool.init(ConnectionPool.java:485) at org.apache.tomcat.jdbc.pool.ConnectionPool.(ConnectionPool.java:143) at org.apache.tomcat.jdbc.pool.DataSourceProxy.pCreatePool(DataSourceProxy.java:116) at org.apache.tomcat.jdbc.pool.DataSourceProxy.createPool(DataSourceProxy.java:103) at org.apache.tomcat.jdbc.pool.DataSourceFactory.createDataSource(DataSourceFactory.java:539) at org.apache.tomcat.jdbc.pool.DataSourceFactory.getObjectInstance(DataSourceFactory.java:237) at org.apache.naming.factory.ResourceFactory.getObjectInstance(ResourceFactory.java:140) at javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:304) at org.apache.naming.NamingContext.lookup(NamingContext.java:793) at org.apache.naming.NamingContext.lookup(NamingContext.java:140) at org.apache.naming.NamingContext.lookup(NamingContext.java:781) at org.apache.naming.NamingContext.lookup(NamingContext.java:153) at org.apache.catalina.core.NamingContextListener.addResource(NamingContextListener.java:1028) at org.apache.catalina.core.NamingContextListener.createNamingContext(NamingContextListener.java:637) at org.apache.catalina.core.NamingContextListener.lifecycleEvent(NamingContextListener.java:238) at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:142) at org.apache.catalina.core.StandardServer.start(StandardServer.java:747) at org.apache.catalina.startup.Catalina.start(Catalina.java:595) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)

    Read the article

  • NTDS Replication Warning (Event ID 2089)

    - by Chris_K
    I have a simple little network with 3 AD servers in 2 sites. Site A has Win2k3 SP2 and Win2k SP4 servers, site B has a single Win2k3 SP2 server. All have been in place for at least 3 years now. Just last week I started getting Event 2089 "not backed up" warnings (example below) on both of the win2k3 servers. I understand what the message means, no need to send me links to the technet article explaining it. I'll improve my backups. What I'm more curious about is why did I just start getting this message now? Why haven't I been getting it for the past 3 years?!? Perhaps this is related: I recently decommissioned a few other sites and AD controllers (there used to be 3 more sites, each with their own controller). Don't worry, I did proper DCpromo exercises and made sure we didn't lose anything. But would shutting those down possibly be related to why I get this error now? This won't keep me awake at night but I am curious as to what changed... Event Type: Warning Event Source: NTDS Replication Event Category: Backup Event ID: 2089 Date: 3/28/2010 Time: 9:25:27 AM User: NT AUTHORITY\ANONYMOUS LOGON Computer: RedactedName Description: This directory partition has not been backed up since at least the following number of days. Directory partition: DC=MyDomain,DC=com 'Backup latency interval' (days): 30 It is recommended that you take a backup as often as possible to recover from accidental loss of data. However if you haven't taken a backup since at least the 'backup latency interval' number of days, this message will be logged every day until a backup is taken. You can take a backup of any replica that holds this partition. By default the 'Backup latency interval' is set to half the 'Tombstone Lifetime Interval'. If you want to change the default 'Backup latency interval', you could do so by adding the following registry key. 'Backup latency interval' (days) registry key: System\CurrentControlSet\Services\NTDS\Parameters\Backup Latency Threshold (days) For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

    Read the article

  • MS licensing of multiple RDP sessions for non-MS products in Windows XP Pro

    - by vgv8
    Question 1) and 2) were moved into separate thread Which Windows remote connections bypass LSA? and what r definitions of login vs. logon session? 3) Do I understand correctly that multiple remote RDP sessions are supported by Windows XP but require additional (or modified) licensing? Which one? Or it is always illegal to run multiple RDP sessions on Windows XP? even through non-MS commercial software? ---------- Update1: I already understood my error - the main questions were about definitions (important to find the common language with others) and the licensing questions were collateral - but it was already answered. I shall try to separate these questions leaving here the questions about RDp licensing and migrating other questions into separate thread ---------- Update2: Trying to "work around" licensing terms is pointless and wasteful of time I never try "working around" and I never ask anything like this, I am not specialist in licensing. My clients/employers provide me with tools and licensing support. They have corporate lawyers, planning/accounting/purchase departments for these issues. The questions that I ask is the matter of scalability and efficiency (saving my and others time) in my developing work. For ex., Just because I need autentication against Windows AD it is time-saving to use ADAM instead of deploying full-fledged AD with DC + servers + whatever else? Nobody is forcing you to use Windows XP I shall not rush into re-installing all my operating systems on all my development machines (at home, at client premises) just because a few guys have a lot of fun downvoting development-related questions in serverfault.com. If I do so, I make a joker from me in the eyes of my clolleagues et al Update: I unmarked this question as answered since it had not even adressed the question, at least mine. Should I understand that Terminal Server PRO, allowing Windows® XP and Windows® Small Business Server 2003 to host multiple remote desktop sessions, is illegal? Related: My answer to question Has windows XP support multiple remote login session (RDP) at a time?

    Read the article

  • IIS6: How to troubleshoot a 404 error in an ASP.NET application?

    - by Tomalak
    I have an ASP.NET application on a Windows Server 2003/IIS6 that refuses to run for some reason (it's the Xerox Centre, if that info helps). It has been working flawlessly before though on this server. Now, all I get if I try to open the app homepage (http://some.intranet.server/XeroxCentreWareWeb/) is a "404 - File or directory not found" error. The app is configured to run in it's own app pool, which runs as Network Service. The Network Service account has read access to the configured directory. If I stop the app pool, I get the expected "Service Unavailable" message, meaning the app and its pool are wired correctly I tried to track down any file permission issues with procmon - nothing to be seen. There isn't even an access to the web app directory happening when the page loads. Interestingly, according to procmon, the web server accesses the 401-2 custom error file (Logon failed due to server configuration) first, but then decides to send the 404 down to the client. EDIT: The app runs with Windows-integrated authentication. Regular users have access to the app directory as well (I would have noticed file system "ACCESS DENIED" messages in procmon, if there had been any.) This makes me think that there is some kind of weird permission problem that occurs even before the application files are being accessed. I just have no idea where to look. I've tried to run the app pool as Local System for a test, but to no avail. What else could I check in this case?

    Read the article

  • SQL Server 2008 Cluster Installation - First network name always fails

    - by boflynn
    I'm testing failover clustering in Windows Server 2008 to host a SQL Server 2008 installation using this installation guide. My base cluster is installed and working properly, as well as clustering the DTC service. However, when it comes time to install SQL Server, my first attempt at installation always fails with the same message and seems to "taint" the network name. For example, with my previous cluster attempt, I was installing SQL Server as VSQL. After approximately 15 attempts of installation and trying to resolve the errors, e.g. changing domain accounts for SQL, setting SPNs, etc., I typoed the network name as VQSL and the installation worked. Similarly on my current cluster, I tried installing with the SQL service named PROD-C1-DB and got the same errors as last time until I tried changing the name to anything else, e.g. PROD-C1-DB1, SQL, TEST, etc., at which point the install works. It will even install to VSQL now. While testing, my install routine was: Run setup.exe from patched media, selecting appropriate options After the install fails, I'd chose "Remove node from a SQL Server failover cluster" and remove the single, failed, node Attempt to diagnose problem, inspect event logs, etc. Delete the computer account that was created for the SQL Service from Active Directory Delete the MSSQL10.MSSQLSERVER folder from the shared data drive The error message I receive from the SQL Server installer is: The following error has occurred: The cluster resource 'SQL Server' could not be brought online. Error: The group or resource is not in the correct state to perform the requested operation. (Exception from HRESULT: 0x8007139F) Along with hundreds of the following errors in the Application event log: [sqsrvres] checkODBCConnectError: sqlstate = 28000; native error = 4818; message = [Microsoft][SQL Server Native Client 10.0][SQL Server]Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. System configuration notes: Windows Server 2008 Enterprise Edition x64 SQL Server 2008 Enterprise Edition x64 using slipstreamed SP1+CU1 media Dell PowerEdge servers Fibre attached storage

    Read the article

  • Prevent Exchange Server from advertising itself on domain

    - by Justin Shin
    I'm in the middle of setting up an Exchange 2010 Server. Currently, we use a SaaS provider for Exchange 2007 services. Some (but not all) of my users have been reporting that they are receiving Outlook/Exchange login prompts to login to the new Exchange server. This is happening without any intervention on the client's machines. The Exchange server is a member of the domain and connects to the domain site remotely through a site-to-site VPN. What can I do to prevent these login prompts from appearing? Will shutting down the new server until it is time to switch resolve these issues? A little more info: I found that on one of the client computers, all of the settings for Outlook over HTTP had been changed (automatically) from webmail.provider.com to mail.company.com (the latter being the new server). This happened when I enabled Outlook Anywhere access on Exchange 2010. I changed the client's settings back, and everything was groovy. But, when I disabled Outlook Anywhere again, the logon prompt came back.

    Read the article

  • Vista - Profile not Loaded Correctly (Cannot Access Registry)

    - by Geoff
    Every so often, I log on and get the Following Message: User profile was not loaded correctly. You have been logged on with a temporary profile. Changes you make to this profile will be lost when you log off. Please see the event log for details or contact your administrator This almost always happens when somebody else has been on the computer for a while, and then I log on. This never used to happen, but now it happens pretty often. My profile is not permanently corrupted, all I have to do is restart my computer, but this annoys me, and I would like to fix it. I was curios about the reason of this cause, so I looked into the Event Log, and found the root of the problem was the ntuser.dat file in the profile that I was logging on to was locked at logon time. This resulted in the current users registry not being loaded, resulting in failure to load the profile. What could be locking this file? is there any way to get a process list without logging on so that I can identify which process has the file locked? Any other suggestions. Hopefully I can find a solution.

    Read the article

  • Oracle 10g for Windows does not start up on system boot

    - by Mike Dimmick
    We have an Oracle 10g Enterprise Edition installation (10.2.0.1.0) on a Windows Server 2003 virtual machine. It was initially created with Virtual Server 2005 R2 SP1 but has now been migrated to Windows Server 2008 Hyper-V. The services start on system boot, but the instance does not start up. This problem was actually occurring on Virtual Server after a migration from one server to another, but I managed to fix it then with: oradim -edit -sid ORCL -startmode auto However, this now has no effect. oradim.log (in %OracleHome%\database\oradim.log) says: Thu Jun 10 14:14:48 2010 C:\oracle\product\10.2.0\db_3\bin\oradim.exe -startup -sid orcl -usrpwd * -log oradim.log -nocheck 0 Thu Jun 10 14:14:48 2010 ORA-12560: TNS:protocol adapter error sqlnet.log in the same folder has: Fatal NI connect error 12560, connecting to: (DESCRIPTION=(ADDRESS=(PROTOCOL=BEQ)(PROGRAM=oracle)(ARGV0=oracleorcl)(ARGS='(DESCRIPTION=(LOCAL=YES)(ADDRESS=(PROTOCOL=beq)))'))(CONNECT_DATA=(SID=orcl)(CID=(PROGRAM=C:\oracle\product\10.2.0\db_3\bin\oradim.exe)(HOST=ORACLE-VM)(USER=SYSTEM)))) VERSION INFORMATION: TNS for 32-bit Windows: Version 10.2.0.1.0 - Production Oracle Bequeath NT Protocol Adapter for 32-bit Windows: Version 10.2.0.1.0 - Production Time: 10-JUN-2010 14:14:48 Tracing not turned on. Tns error struct: ns main err code: 12560 TNS-12560: TNS:protocol adapter error ns secondary err code: 0 nt main err code: 530 TNS-00530: Protocol adapter error nt secondary err code: 2 nt OS err code: 0 The ORA_ORCL_AUTOSTART registry value is set to TRUE, so it should be auto-starting - and you can see that it's trying to. The problem also occurs when stopping and restarting the OracleServiceORCL service. I've enabled SQL*Net tracing which shows: [10-JUN-2010 15:09:33.919] snlpcss: entry [10-JUN-2010 15:09:34.419] snlpcss: Unable to spawn Oracle oracle (DESCRIPTION=(LOCAL=YES)(ADDRESS=(PROTOCOL=beq))) orcl, error 2. [10-JUN-2010 15:09:34.419] snlpcall: exit On a hunch that error 2 is Windows error 2 (file not found) I tried restarting the service with Process Monitor watching oradim.exe, but this appears to delay things just enough that it always works. Right now I have a horrible hack where I've created a Scheduled Task to run oradim -startup -sid ORCL when the Administrator account logs on, and set the VM to auto-logon. I'd still like to work out why it's not working.

    Read the article

  • System recognizes admin password on the Welcome screen but not when elevating

    - by Lee C.
    I set up Windows 7 with a couple of standard accounts, and an administrator account (called Odin). I can log in to Odin just fine from the Welcome screen. While logged into Odin I can do anything that requires administrator privileges without a password: just hit Yes in the User Account Control dialog. If I am logged into one of the other accounts and I do something that requires elevation (e.g. most installers, and some control panel functionality), then Windows presents me with a User Account Control dialog asking "Do you want to allow the following program to make changes to this computer? To continue, type an administrator password, and then click Yes." The account shown in this dialog is Odin, so I enter Odin's password. But Windows redisplays the dialog with the message "Logon failure: unknown user name or bad password." This always happens, and has done so for many months, probably since I first got the computer. Why does Odin's password work from the Welcome screen, but not when elevating? Please note that I am not asking how to recover Odin's password. I remember the password I originally set for Odin, and it works as it should from the Welcome screen, but is not recognized when elevating. The password has no funny characters, just letters and digits. Thanks!

    Read the article

  • Can I get a domain controller not to act as DNS for the members?

    - by rsw
    Hi, Let me try to explain my current setup. I have one linux machine acting as DHCP and DNS (dhcpd3 and bind) in my network. This works fine, all computers I hook up to the network gets an IP address and proper DNS servers set. Let's call it 10.12.0.10 However, we also have a Windows Server 2003 Domain Controller in our network to which we add our Windows computers (running XP), let's call it 10.12.0.20. I noticed that when I run 'nslookup' on one of the windows machines, it says that the primary DNS is 10.12.0.20. This have not been much of a problem since: The Windows clients are stationary The Windows server in itself point out my real DHCP/DNS, since I can reach everything specified in it However, this turns out to be a problem when we use Laptops. They connect to the domain here and gets a DNS server, but when the user travels or connect the computer from home, we hit a problem. They are connected to their internet, but their DNS is 10.12.0.20 which they can't reach since they're at home and not at the office network. I solved this by removing the register key called "NameServer" with the value 10.12.0.20, but it gets set again whenever they logon to the domain the next time (when they get back to the office). Can I somehow make the computers take whatever DNS server they are handed when connecting to the internet or a home network, instead of always trying to reach the Domain Controller?

    Read the article

  • Using psftp to upload and download files

    - by macha
    Hello I am trying to upload and download files from my desktop to my server. Now after some search I did download psftp. I used to use filezilla earlier, but I cannot install it on my desktop due to a few reasons. Since psftp (similar to putty) is just an executable for file transfer. So now after going through this link http://www.math.tamu.edu/~mpilant/math696/psftp.html. I understood that put and get are two commands I would use to download and upload files. Now when I logon to the server and say get filename, it actually is throwing back an error "local: unable to open filename". I tried that with other files too, and I end up getting the same error. The psftp.exe file is on my desktop. The process that I am using is I double click the .exe file open "servrname" cd /path/where/files/are get "filename" And I get this error "local: unable to open filename". Am I making a mistake or is it a problem with this executable?

    Read the article

  • Exchange Connector Won't Send to External Domains

    - by sisdog
    I'm a developer trying to get my .Net application to send emails out through our Exchange server. I'm not an Exchange expert so I'll qualify that up front!! We've set up a receive Connector in Exchange that has the following properties: Network: allows all IP addresses via port 25. Authentication: Transport Layer Security and Externally Secured checkboxes are checked. Permission Groups: Anonymous Users and Exchange Servers checkboxes are checked. But, when I run this Powershell statement right on our Exchange server it works when I send to a local domain address but when I try to send to a remote domain it fails. WORKS: C:\Windows\system32Send-Mailmessage -To [email protected] -From [email protected] -Subject testing -Body testing -SmtpServer OURSERVER (BTW: my value for OURSERVER=boxname.domainname.local. This is the same fully-qualified name that shows up in our Exchange Management Shell when I launch it). FAILS: C:\Windows\system32Send-Mailmessage -To [email protected] -From [email protected] -Subject testing -Body testing -SmtpServer OURSERVER Send-MailMessage : Mailbox unavailable. The server response was: 5.7.1 Unable to relay At line:1 char:17 + Send-Mailmessage <<<< -To [email protected] -From [email protected] -Subject testing -Body himom -SmtpServer FTI-EX + CategoryInfo : InvalidOperation: (System.Net.Mail.SmtpClient:SmtpClient) [Send-MailMessage], SmtpFailed RecipientException + FullyQualifiedErrorId : SmtpException,Microsoft.PowerShell.Commands.SendMailMessage EDIT: From @TheCleaner 's advice, I ran the Add-ADPermission to the relay and it didn't help; [PS] C:\Windows\system32Get-ReceiveConnector "Allowed Relay" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -E xtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient" Identity User Deny Inherited -------- ---- ---- --------- FTI-EX\Allowed Relay NT AUTHORITY\ANON... False False Thanks for the help. Mark

    Read the article

  • Terminal Server 2008 Login: Access Denied

    - by user1236435
    When I try to RDP into a Server 2008 Terminal Server, I get a message that says "Access Denied" and an OK button. I setup the licensing mode correctly (per user) and also have setup to allow all remote connections. I get the following in the security event log: Log Name: Security Source: Microsoft-Windows-Security-Auditing Date: 28/06/2012 12:01:16 Event ID: 4656 Task Category: File System Level: Information Keywords: Audit Failure User: N/A Computer: 0BraApps1.brenntagLA.hou Description: A handle to an object was requested. Subject: Security ID: BRENNTAGLA\jaadmin Account Name: jaadmin Account Domain: BRENNTAGLA Logon ID: 0xbbe3f Object: Object Server: Security Object Type: File Object Name: C:\Windows\System32\ServerManager.msc Handle ID: 0x0 Process Information: Process ID: 0x60c Process Name: C:\Windows\System32\mmc.exe Access Request Information: Transaction ID: {00000000-0000-0000-0000-000000000000} Accesses: READ_CONTROL SYNCHRONIZE WriteData (or AddFile) AppendData (or AddSubdirectory or CreatePipeInstance) WriteEA ReadAttributes WriteAttributes Access Reasons: READ_CONTROL: Granted by D:(A;;0x1200a9;;;BA) SYNCHRONIZE: Granted by D:(A;;0x1200a9;;;BA) WriteData (or AddFile): Not granted AppendData (or AddSubdirectory or CreatePipeInstance): Not granted WriteEA: Not granted ReadAttributes: Granted by ACE on parent folder D:(A;;0x1301bf;;;BA) WriteAttributes: Not granted Access Mask: 0x120196 Privileges Used for Access Check: - Restricted SID Count: 0 Event Xml: 4656 1 0 12800 0 0x8010000000000000 1535565 Security 0BraApps1.brenntagLA.hou S-1-5-21-205301047-3902605089-2438454170-21511219 jaadmin BRENNTAGLA 0xbbe3f Security File C:\Windows\System32\ServerManager.msc 0x0 {00000000-0000-0000-0000-000000000000} %%1538 %%1541 %%4417 %%4418 %%4420 %%4423 %%4424 %%1538: %%1801 D:(A;;0x1200a9;;;BA) %%1541: %%1801 D:(A;;0x1200a9;;;BA) %%4417: %%1805 %%4418: %%1805 %%4420: %%1805 %%4423: %%1811 D:(A;;0x1301bf;;;BA) %%4424: %%1805 0x120196 - 0 0x60c C:\Windows\System32\mmc.exe Any ideas?

    Read the article

  • How do I secure Sql Server 2008 R2

    - by Mark Tait
    I have both a dedicated and a VPS (from Fasthosts) virtual server - the web sites/applications I run on these, access Sql Server stored on the same web server. Until now, I have logged onto Sql Server on both the deidicated and VPS server, from Sql Server Management Studio - until I noticed in my server application logs, multiple attempts to logon to Sql Server using the 'sa' username, but failed password. So someone/bot is trying hard (repeatedly every couple of hours, for approx 20 attempts during each instance) to log on... so obviously I have to lock down access to Sql Sever remotely. What I have done is gone into Configuration Manager, and in Sql Server Network Configuration - Protocols for Sql2008 and also in Sql Native Client 10.0 Configuration - Client Protocols - I have diabled Named Pipes, TCP/IP (and VIA by default). I have left Shared Memory enabled. I also disabled in Sql Server Services, the Sql Server Browser. Now the only way I can manage the databases on these servers, is by logging on to them via Remote Desktop. Can anyone confirm if this is the correct way of stopping anyone maliciously logging on to Sql Server? (I'm not a DBA or security expert - and there are hundreds of articles advising all different ways - but I was hoping for the experts here to confirm, or otherwise, if what I've done is correct) Thank you, Mark

    Read the article

  • Running a service with a user from a different domain not working

    - by EWood
    I've been stuck on this for a while, not sure what permission I'm missing. I've got domain A and domain B, A trusts B, but B does not trust A. I'm trying to run a service in domain A with a user account from domain B and I keep getting Access is Denied. I'm using the FQDN after the username and the password is correct. The user account from domain B is a local administrator on the domain A server, the user account has the logon locally, and as a service permissions. Must. Get. This. Working. Update: I found something interesting in the logs I must have missed. This ought to get me pointed in the right direction. Event ID: 40961 - LsaSrv : The Security System could not establish a secured connection with the server ldap/{server fqdn/fqdn@fqdn} No authentication protocol was available. I've found a few fixes for 40961 but nothing has worked so far. I've verified reverse lookup zones. nslookup resolves the correct dc properly. still workin' at it. Upadte: In response to Evan; I ran " runas /env /user:ftp_user@fqdn "notepad" " then entered the users password and notepad came up. It seems to work successfully. This issue is now resolved. The problem is visible in the screenshot. Windows tries to use the UPN for the user account if you dig your user out of AD with the Browse button. This fails every time even with the right user and password. Simply using the SAM format (Domain\User) works. So simple, yet so annoying. Can't believe I missed this. Thanks to everyone who helped.

    Read the article

  • Windows 2012 RDS Temporary profile for Administrator

    - by Fabio
    I've configured a Windows 2012 RDS Farm with two virtual servers (VMWare - each one on a different ESX server). Both servers have Licensing, Web Access, Gateway, Connection Broker and Session Host roles. High Availability is set up and it works fine. Remote Apps are working and even Windows XP clients have access to the web interface. User profile path is \vmfiles1\UserProfileDisks\App\ and almost everyone has full right access to it. The problem I have is that I would like to be able to access both servers at the same time with the Administrator account (console), but each time I try, the second server that I logon to give me access with a temporary profile. I tried to enable/disable multiple sessions per user and forced Admin logoff with the GPO but nothing changed. Another thing is that the server pool is not saved, so each time I restart the RDS server or I logoff from it, I have to add a server in the server manager. Do you have any idea? Sorry if my english is not perfect.

    Read the article

  • Having trouble mapping Sharepoint document library as a Network Place

    - by Sdmfj
    I am using Office 365, Sharepoint Online 2013. Using Internet Explorer these are the steps I have taken: ticked the keep me signed in on the portal.microsoftonline.com page. It redirects me to Godaddy login page because Office 365 was purchased through them. I have added these sites to trusted sites (as well as every page in the process) and chose auto logon in Internet explorer. Once on the document library I open as explorer and copy the address as text. I go to My Computer and right click to add a network place and paste in the document library address. It successfully adds the library as a network place 30% of the time. I can do this same process 3 times in a row and it will fail the first 2 times and then succeeds. It works for a little while and then I get an error that the DNS cannot be found. I need multiple users in our organization to be able to access this document library as if it was a mapped network drive on our local network. Is there an easier way to do this? I may just sync using the One Drive app but thought that direct access to the files without worrying about users keeping their files synced.

    Read the article

  • What are some of the best answer file settings for a WDS Deployment?

    - by drpcken
    I've had my head buried in answer files for days now and have gotten quite comfortable setting them up, test, etc... I use a handful of Components to help my migrations, for my unattend.xml I like: Windows-International-Core-WinPE -- this is good for setting Locales the preboot environment (en-us for us english US speakers). Keeps me from having to set these on the initial image boot. Windows-Setup_neutral -- I like the WindowsDeploymentServices -> ImageSelection, especially if I'm only pushing a single image. This keeps me from having to select it each time. My OOBE_Unattend.xml is really useful and I barely have to touch anything during this part of the installation: Windows-Shell-Setup_neutral -- This lets me put a ProductKey in for my MAK volume license (very useful and time saving). I can also set the TimeZone for the installation. Windows UnattendedJoin_neutral -- I couldn't live without this component. It joins the machine on my domain before logging in as a domain administrator. I would hate to not have this ability. Windows-International-Core -- Again this component really speeds up the OOBE process. I configure my locals and time zone so I don't have to do it by hand when the machine enteres OOBE. Windows-Shell-Setup -- Allows you to configure an autologon when the new machine is finished. I like to logon as a domain admin automatically for customizing and troubleshooting the new machine immediately after it is imaged. Also the OOBE component under here lets me skip the EULA, Hide Wireless Setup, and set my default NetworkLocation. All of this makes the entire OOBE totally automated. What are some other good components I am missing as far as helping me get these images pushed and configured as quickly as possible?

    Read the article

  • Picking a degree path...

    - by Chris
    I'll be going to University of South Florida soon, and have to choose between two degrees, I want to head into general Server (IT) administration for a small / medium business. Setting up computers, imaging, managing file servers / logon servers /etc. * I had to change the http to hxxp in order to post. I have two degrees I'm currently choosing between: - BSAS hxxp://www.poly.usf.edu/Academics/AppliedAS/BSAS-IT/Program_of_Study.html - BSIT hxxp://www.poly.usf.edu/IT/ I like the idea of a BSAS because it'll get me out sooner, and then I can work on a few certifications to "match" the BSIT... I'm just worried companies will look at that as a "lesser" degree to a BSIT (or even a CS degree.) What are your guys' thoughts on these two degrees? The BSIT has more math, which I still have about 2 more classes to go through (I'll be heading to USF this August.) while the BSIT doesn't require those 2 extra math classes. I keep on hearing from people that when they hire you for your first job, they don't care which degree you have, as long as it's relevant and it's a 4-year degree, is this true?

    Read the article

  • UACCEEventLog 301 Filling Event Logs

    - by rjt
    After pushing out clients for the MS Application Compatibility Toolkit on our domain via GPO, UACCEEventLog 301 occurs a few times per second in the event log. Several Thousand per hour. One test i need to do is logon with Administrator to see if these events go away while Admin, but of course that is not a fix. This is only part of the event log entry, but is the most readable and clearly indicates yet another problem with Antivirus software. But still no fix. Originally, i posted this In Words and Bytes, but then edited it to make it much easier to read. LocalMachine\Users do have Read Access to this key. For a test, i added "Domain Users" but there are many more events for other parts of the registry and for Administrators. <XML> <TYPE> UacceRegistryVirtualization </TYPE> <EXENAME>smcgui.exe</EXENAME> <EXEPATH>c:\program files\symantec\symantec endpoint protection </EXEPATH> <APINAME>RegOpenKeyA</APINAME> <REGKEYNAME> HKEY_LOCAL_MACHINE\SOFTWARE \Symantec\Symantec Endpoint Protection\AV\Storages \SymHeurProcessProtection\RealTimeScan\0 </REGKEYNAME> <RESTRICTEDBYACL>FALSE</RESTRICTEDBYACL> <DESIREDACCESS>MAXIMUM_ALLOWED</DESIREDACCESS> <REGVALUENAME></REGVALUENAME> <REGVALUETYPE>0x00000000</REGVALUETYPE> <REGVALUEDATA></REGVALUEDATA> <CURRENTGROUP>Users</CURRENTGROUP> </XML>

    Read the article

  • User authentication -- username mismatch in IIS in ASP.NET application

    - by Cory Larson
    Last week, an employee's Active Directory username was changed (or a new one was created for them). For the purposes of this example, let's assume these usernames: Old: Domain\11111 New: Domain\22222 When this user now logs in using their new username, and attempts to browse to any one of a number of ASP.NET applications using only Windows Authentication (no Anonymous enabled), the system authenticates but our next layer of database-driven permissions prevents them from being authorized. We tracked it down to a mismatch of usernames between their logon account and who IIS thinks they are. Below are the outputs of several ASP.NET variables from apps running in a Windows 2008 IIS7.5 environment: Request.ServerVariables["AUTH_TYPE"]: Negotiate Request.ServerVariables["AUTH_USER"]: Domain\11111 Request.ServerVariables["LOGON_USER"]: Domain\22222 Request.ServerVariables["REMOTE_USER"]: Domain\11111 HttpContext.Current.User.Identity.Name: Domain\11111 System.Threading.Thread.CurrentPrincipal.Identity.Name: Domain\11111 From the above, I can see that only the LOGON_USER server variable has the correct value, which is the account the user used to log on to their machine. However, we use the "AUTH_USER" variable for looking up the database permissions. In a separate testing environment (completely different server: Windows 2003, IIS6), all of the above variables show "Domain\22222". So this seems to be a server-specific issue, like the credentials are somehow getting cached either on their machine or on the server (the former seems more plausible). So the question is: how do I confirm whether it's the user's machine or the server that is botching the request? How should I go about fixing this? I looked at the following two resources and will be giving the first one a try shortly: http://www.interworks.com/blogs/jvalente/2010/02/02/removing-saved-credentials-passwords-windows-xp-windows-vista-or-windows-7 http://stackoverflow.com/questions/2325005/classic-asp-request-servervariableslogon-user-returning-wrong-username/5299080#5299080 Thanks.

    Read the article

< Previous Page | 28 29 30 31 32 33 34 35 36 37 38 39  | Next Page >