Search Results

Search found 1428 results on 58 pages for 'pam ldap'.

Page 32/58 | < Previous Page | 28 29 30 31 32 33 34 35 36 37 38 39  | Next Page >

  • New Podcast Available - Fusion DOO for Multi-Channel Retail

    - by Pam Petropoulos
    Oracle Fusion Distributed Order Orchestration can help retailers standardize their order and fulfillment processes across all channels.  Listen to the latest podcast entitled “Unify Sales and Fulfillment in Multi-Channel Retail with Fusion DOO” and discover how Fusion Distributed Order Orchestration can deliver value to retail customers and also hear real world examples of how customers are using it today.  Click here to listen to the podcast.

    Read the article

  • Missed the AutoVue 20.0 Webcast? Watch the Replay!

    - by [email protected]
    With today's busy schedules, it's oftentimes hard to get to everything we intended on a given day. Unfortunately, that sometimes means missing live webcasts of our favourite topics. Well we've got good news. For those that missed last month's webcast featuring the latest release of AutoVue 20.0, we have good news. The webast recording is now available for you to watch on demand and at your convenience, so click here to watch the replay You'll learn about all that is new and compelling in release 20.0, as well as see a demo highlighting some of the key new capabilities.

    Read the article

  • Latest Fusion DOO White Paper - Overcoming Order Management Complexity in Global Organizations

    - by Pam Petropoulos
    Check out this latest Fusion Distributed Order Orchestration white paper entitled “Overcoming Order Management Complexity in Global Organizations”.  Discover how Oracle Fusion DOO enables large, complex organizations to streamline their order management processes and take advantage of lower costs, higher margins, and improved customer service. Click here to read the whitepaper.

    Read the article

  • Webcast on Monday, July 22 - Discover the Key to Profitable Order Fulfillment

    - by Pam Petropoulos
    When it comes to order fulfillment, organizations are challenged by the increasing complexity of global supply chains and an explosion of order and delivery channels. Attend this webcast on Monday, July 22 and hear Steve Banker, Service Director for Supply Chain Management at ARC Advisory Group, discuss how distributed order management solutions can help companies transform their fulfillment operations to gain greater supply chain visibility, improve order profitability, and increase customer service levels and satisfaction.  Hear too from Oracle executives who will showcase examples of customers successfully using Oracle Distributed Order Orchestration. Date: Monday, July 22, 2013 Time:  1:00 p.m. EST Click here to Register Download a free copy of the ARC Advisory Research Brief on Oracle’s Distributed Order Orchestration solution and discover how Boeing, the world’s leading aerospace company, is leveraging the solution to automate their proposal and order management processes and achieve an expected 30% reduction in order cycle times. 

    Read the article

  • AutoVue for Agile Sessions at the Oracle Value Chain Summit 2013

    - by Pam Petropoulos
    At the upcoming Oracle Value Chain Summit, which takes place February 4 - 6, 2013 in San Francisco, CA, AutoVue Enterprise Visualization solutions will be covered in a variety of sessions within the Agile PLM solution area. Attend the following sessions during the Product Deep Dives & Demos Track, and discover the latest AutoVue for Agile capabilities, including how to streamline business processes, such as change management by creating ECRs directly from within CAD designs. Visual Decision Making to Optimize New Product Development and Introduction Date: Tuesday, February 5 Time: 12:45 pm to 1:30 pm Seeing the Forest: Next Generation Visualization Date: Wednesday, February 6 Time: 3:15 pm to 4:00 pm Next-Generation CAD Data Management: MCAD, ECAD, and Software Configuration Management Date: Wednesday, February 6 Time: 11:15 am to 12:00 pm Keep an eye on this blog for forthcoming details about each of these sessions. Don’t miss this opportunity to mingle with other AutoVue for Agile customers and meet one on one with the AutoVue product management and development team. Register now for the early bird rate of $195 and secure your spot at the Summit. Click here to register and learn more.

    Read the article

  • Register Today for the Oracle Value Chain Summit 2013

    - by Pam Petropoulos
    Date: February 4 – 6, 2013 Location: Hyatt Regency San Francisco The Oracle Value Chain Summit will bring together users, partners, and luminaries to learn how Oracle is helping companies transform supply chains into value chains to gain competitive edge. This Summit will combine the intimate atmosphere of previous supply chain  events, such as the Oracle PLM and Oracle Maintenance Summits, under one roof and will include almost 200 sessions across all supply chain management solution areas. Oracle’s AutoVue enterprise visualization solutions will be featured as part of the PLM track, where they’ll be showcased within the context of Agile PLM, as well as Oracle’s next generation visualization solutions.   Don’t miss this opportunity to learn more about visualization successes and best practices through sessions featuring customer testimonials, solution demonstrations, and networking activities. Visit the event site for further details and agenda information. An early bird registration fee of $195 is available until December 31, 2012. Click here to register today!

    Read the article

  • AutoVue 20.2.1 is Now Available!

    - by Pam Petropoulos
    Oracle’s AutoVue Enterprise Visualization 20.2.1, a minor release within the 20.2 product family, has just been made available on the Oracle Software Delivery Cloud. AutoVue release 20.2.1 includes the following new capabilities and improvements: Enhancements to the Augmented Business Visualization framework to connect documents and business data in enterprise applications and create rich, actionable visual-decision making environment. AutoVue now allows hotspots in 2D drawings and images to be defined as polygons, rather than only by text strings or boxes. Improved Documentation on Augmented Business Visualization and Hotspotting Optimize business process efficiency by integrating AutoVue and Oracle BPM to: Initiate interactive document reviews by the appropriate reviewer in a workflow Automate printing and conversion operations at the appropriate stage of a workflow Timely support for new MCAD and  ECAD formats Fidelity and performance improvements for a wide range of formats Click here to read about the latest features and their corresponding benefits. Click here to access the latest AutoVue Format Support Sheet.

    Read the article

  • Oracle OpenWorld Call for Papers is Now Open through April 9th!

    - by Pam Petropoulos
      The OpenWorld 2012 Call for Papers is Now Open!! The most important educational conference of 2012 is fast approaching and you have an opportunity to share your AutoVue success story. Customers or partners interested in presenting during Oracle OpenWorld 2012 should submit a presentation abstract. If your session is selected, Oracle will waive the conference registration fee – saving you anywhere from $1,795 to $2,595. For details about the conference, visit the Oracle OpenWorld website. Don't delay -- submit your presentation abstract today - the Call for Papers closes on Monday, April 9, 2012.   Click here to submit your OpenWorld Presentation Abstract Oracle OpenWorld 2012 takes place in San Francisco, CA from September 30 - October 4, 2012.

    Read the article

  • How to escape or remove double quotes in rsyslog template

    - by Evgeny
    I want rsyslog to write log messages in JSON format, which requires to use double-quotes (") around strings. Problem is that values sometime include double-quotes themselves, and those need to be escaped - but I can't figure out how to do that. Currently my rsyslog.conf contains this format that I use (a bit simplified): $template JsonFormat,"{\"msg\":\"%msg%\",\"app-name\":\"%app-name%\"}\n",sql But when a msg arrives that contains double quotes, the JSON is broken, example: user pid=21214 uid=0 auid=4294967295 msg='PAM setcred: user="oracle" exe="/bin/su" (hostname=?, addr=?, terminal=? result=Success)' turns into: {"msg":"user pid=21214 uid=0 auid=4294967295 msg='PAM setcred: user="oracle" exe="/bin/su" (hostname=?, addr=?, terminal=? result=Success)'","app-name":"user"} but what I need it to become is: {"msg":"user pid=21214 uid=0 auid=4294967295 msg='PAM setcred: user=\"oracle\" exe=\"/bin/su\" (hostname=?, addr=?, terminal=? result=Success)'","app-name":"user"}

    Read the article

  • need help writing puppet module for sssd.conf using Hiera

    - by mr.zog
    I need to build a module to manage /etc/sssd/sssd.conf on our Red Hat VMs. The sssd modules published on the forge don't seem to do what I want, nor do I feel like forking any of them. I want to keep all the configuration data in Hiera's common.yaml file. Below is my sssd.conf file. [sssd] config_file_version = 2 services = nss, pam domains = default [nss] filter_groups = root filter_users = root reconnection_retries = 3 entry_cache_timeout = 300 entry_cache_nowait_percentage = 75 [pam] [domain/default] auth_provider = ldap ldap_id_use_start_tls = True chpass_provider = ldap cache_credentials = True ldap_search_base = dc=ederp,dc=com id_provider = ldap ldap_uri = ldaps://lvldap1.lvs01.ederp.com/ ldaps://lvldap2.lvs01.ederp.com/ ldap_tls_cacertdir = /etc/openldap/cacerts What is the best, most economical way to build the sssd.conf file? Should I have multiple .pp files such as domain.pp, pam.pp etc. or should all the lines of configuration land in init.pp?

    Read the article

  • /etc/environment and cron

    - by clorz
    Hi, I've got two machines: Fedora and CentOS. And a cronjob 0-59 * * * * env > /home/me/env.log On CentOS I can see that /etc/environment is affecting the output while on Fedora it does not. I want Fedora to be like CentOS. What do I need to make it happen? /etc/pam.d/crond on Fedora auth sufficient pam_rootok.so auth required pam_env.so auth include system-auth account required pam_access.so account include system-auth session required pam_loginuid.so session include system-auth /etc/pam.d/crond on CentOS auth sufficient pam_env.so auth required pam_rootok.so auth include system-auth account required pam_access.so account include system-auth session required pam_loginuid.so session include system-auth /etc/security/pam_env.conf is the same on both systems and consists of commented out lines. Even if I make /etc/pam.d/cron.d files the same, problem still persists.

    Read the article

  • /etc/environment and cron

    - by clorz
    I've got two machines: Fedora and CentOS. And a cronjob 0-59 * * * * env > /home/me/env.log On CentOS I can see that /etc/environment is affecting the output while on Fedora it does not. I want Fedora to be like CentOS. What do I need to make it happen? /etc/pam.d/crond on Fedora auth sufficient pam_rootok.so auth required pam_env.so auth include system-auth account required pam_access.so account include system-auth session required pam_loginuid.so session include system-auth /etc/pam.d/crond on CentOS auth sufficient pam_env.so auth required pam_rootok.so auth include system-auth account required pam_access.so account include system-auth session required pam_loginuid.so session include system-auth /etc/security/pam_env.conf is the same on both systems and consists of commented out lines. Even if I make /etc/pam.d/cron.d files the same, problem still persists.

    Read the article

  • Securing an ADF Application using OES11g: Part 2

    - by user12587121
    To validate the integration with OES we need a sample ADF Application that is rich enough to allow us to test securing the various ADF elements.  To achieve this we can add some items including bounded task flows to the application developed in this tutorial. A sample JDeveloper 11.1.1.6 project is available here. It depends on the Fusion Order Demo (FOD) database schema which is easily created using the FOD build scripts.In the deployment we have chosen to enable only ADF Authentication as we will delegate Authorization, mostly, to OES.The welcome page of the application with all the links exposed looks as follows: The Welcome, Browse Products, Browse Stock and System Administration links go to pages while the Supplier Registration and Update Stock are bounded task flows.  The Login link goes to a basic login page and once logged in a link is presented that goes to a logout page.  Only the Browse Products and Browse Stock pages are really connected to the database--the other pages and task flows do not really perform any operations on the database. Required Security Policies We make use of a set of test users and roles as decscribed on the welcome page of the application.  In order to exercise the different authorization possibilities we would like to enforce the following sample policies: Anonymous users can see the Login, Welcome and Supplier Registration links. They can also see the Welcome page, the Login page and follow the Supplier Registration task flow.  They can see the icon adjacent to the Login link indicating whether they have logged in or not. Authenticated users can see the Browse Product page. Only staff granted the right can see the Browse Product page cost price value returned from the database and then only if the value is below a configurable limit. Suppliers and staff can see the Browse Stock links and pages.  Customers cannot. Suppliers can see the Update Stock link but only those with the update permission are allowed to follow the task flow that it launches.  We could hide the link but leave it exposed here so we can easily demonstrate the method call activity protecting the task flow. Only staff granted the right can see the System Administration link and the System Administration page it accesses. Implementing the required policies In order to secure the application we will make use of the following techniques: EL Expressions and Java backing beans: JSF has the notion of EL expressions to reference data from backing Java classes.  We use these to control the presentation of links on the navigation page which respect the security contraints.  So a user will not see links that he is not allowed to click on into. These Java backing beans can call on to OES for an authorization decision.  Important Note: naturally we would configure the WLS domain where our ADF application is running as an OES WLS SM, which would allow us to efficiently query OES over the PEP API.  However versioning conflicts between OES 11.1.1.5 and ADF 11.1.1.6 mean that this is not possible.  Nevertheless, we can make use of the OES RESTful gateway technique from this posting in order to call into OES. You can easily create and manage backing beans in Jdeveloper as follows: Custom ADF Phase Listener: ADF extends the JSF page lifecycle flow and allows one to hook into the flow to intercept page rendering.  We use this to put a check prior to rendering any protected pages, again calling on to OES via the backing bean.  Phase listeners are configured in the adf-settings.xml file.  See the MyPageListener.java class in the project.  Here, for example,  is the code we use in the listener to check for allowed access to the sysadmin page, navigating back to the welcome page if authorization is not granted:                         if (page != null && (page.equals("/system.jspx") || page.equals("/system"))){                             System.out.println("MyPageListener: Checking Authorization for /system");                             if (getValue("#{oesBackingBean.UIAccessSysAdmin}").toString().equals("false") ){                                   System.out.println("MyPageListener: Forcing navigation away from system" +                                       "to welcome");                                 NavigationHandler nh = fc.getApplication().getNavigationHandler();                                   nh.handleNavigation(fc, null, "welcome");                               } else {                                 System.out.println("MyPageListener: access allowed");                              }                         } Method call activity: our app makes use of bounded task flows to implement the sequence of pages that update the stock or allow suppliers to self register.  ADF takes care of ensuring that a bounded task flow can be entered by only one page.  So a way to protect all those pages is to make a call to OES in the first activity and then either exit the task flow or continue depending on the authorization decision.  The method call returns a String which contains the name of the transition to effect. This is where we configure the method call activity in JDeveloper: We implement each of the policies using the above techniques as follows: Policies 1 and 2: as these policies concern the coarse grained notions of controlling access to anonymous and authenticated users we can make use of the container’s security constraints which can be defined in the web.xml file.  The allPages constraint is added automatically when we configure Authentication for the ADF application.  We have added the “anonymousss” constraint to allow access to the the required pages, task flows and icons: <security-constraint>    <web-resource-collection>      <web-resource-name>anonymousss</web-resource-name>      <url-pattern>/faces/welcome</url-pattern>      <url-pattern>/afr/*</url-pattern>      <url-pattern>/adf/*</url-pattern>      <url-pattern>/key.png</url-pattern>      <url-pattern>/faces/supplier-reg-btf/*</url-pattern>      <url-pattern>/faces/supplier_register_complete</url-pattern>    </web-resource-collection>  </security-constraint> Policy 3: we can place an EL expression on the element representing the cost price on the products.jspx page: #{oesBackingBean.dataAccessCostPrice}. This EL Expression references a method in a Java backing bean that will call on to OES for an authorization decision.  In OES we model the authorization requirement by requiring the view permission on the resource /MyADFApp/data/costprice and granting it only to the staff application role.  We recover any obligations to determine the limit.  Policy 4: is implemented by putting an EL expression on the Browse Stock link #{oesBackingBean.UIAccessBrowseStock} which checks for the view permission on the /MyADFApp/ui/stock resource. The stock.jspx page is protected by checking for the same permission in a custom phase listener—if the required permission is not satisfied then we force navigation back to the welcome page. Policy 5: the Update Stock link is protected with the same EL expression as the Browse Link: #{oesBackingBean.UIAccessBrowseStock}.  However the Update Stock link launches a bounded task flow and to protect it the first activity in the flow is a method call activity which will execute an EL expression #{oesBackingBean.isUIAccessSupplierUpdateTransition}  to check for the update permission on the /MyADFApp/ui/stock resource and either transition to the next step in the flow or terminate the flow with an authorization error. Policy 6: the System Administration link is protected with an EL Expression #{oesBackingBean.UIAccessSysAdmin} that checks for view access on the /MyADF/ui/sysadmin resource.  The system page is protected in the same way at the stock page—the custom phase listener checks for the same permission that protects the link and if not satisfied we navigate back to the welcome page. Testing the Application To test the application: deploy the OES11g Admin to a WLS domain deploy the OES gateway in a another domain configured to be a WLS SM. You must ensure that the jps-config.xml file therein is configured to allow access to the identity store, otherwise the gateway will not b eable to resolve the principals for the requested users.  To do this ensure that the following elements appear in the jps-config.xml file: <serviceProvider type="IDENTITY_STORE" name="idstore.ldap.provider" class="oracle.security.jps.internal.idstore.ldap.LdapIdentityStoreProvider">             <description>LDAP-based IdentityStore Provider</description>  </serviceProvider> <serviceInstance name="idstore.ldap" provider="idstore.ldap.provider">             <property name="idstore.config.provider" value="oracle.security.jps.wls.internal.idstore.WlsLdapIdStoreConfigProvider"/>             <property name="CONNECTION_POOL_CLASS" value="oracle.security.idm.providers.stdldap.JNDIPool"/></serviceInstance> <serviceInstanceRef ref="idstore.ldap"/> download the sample application and change the URL to the gateway in the MyADFApp OESBackingBean code to point to the OES Gateway and deploy the application to an 11.1.1.6 WLS domain that has been extended with the ADF JRF files. You will need to configure the FOD database connection to point your database which contains the FOD schema. populate the OES Admin and OES Gateway WLS LDAP stores with the sample set of users and groups.  If  you have configured the WLS domains to point to the same LDAP then it would only have to be done once.  To help with this there is a directory called ldap_scripts in the sample project with ldif files for the test users and groups. start the OES Admin console and configure the required OES authorization policies for the MyADFApp application and push them to the WLS SM containing the OES Gateway. Login to the MyADFApp as each of the users described on the login page to test that the security policy is correct. You will see informative logging from the OES Gateway and the ADF application to their respective WLS consoles. Congratulations, you may now login to the OES Admin console and change policies that will control the behaviour of your ADF application--change the limit value in the obligation for the cost price for example, or define Role Mapping policies to determine staff access to the system administration page based on user profile attributes. ADF Development Notes Some notes on ADF development which are probably typical gotchas: May need this on WLS startup in order to allow us to overwrite credentials for the database, the signal here is that there is an error trying to access the data base: -Djps.app.credential.overwrite.allowed=true Best to call Bounded Task flows via a CommandLink (as opposed to a go link) as you cannot seem to start them again from a go link, even having completed the task flow correctly with a return activity. Once a bounded task flow (BTF) is initated it must complete correctly  via a return activity—attempting to click on any other link whilst in the context of a  BTF has no effect.  See here for example: When using the ADF Authentication only security approach it seems to be awkward to allow anonymous access to the welcome and registration pages.  We can achieve anonymous access using the web.xml security constraint shown above (where no auth-constraint is specified) however it is not clear what needs to be listed in there….for example the /afr/* and /adf/* are in there by trial and error as sometimes the welcome page will not render if we omit those items.  I was not able to use the default allPages constraint with for example the anonymous-role or the everyone WLS group in order to be able to allow anonymous access to pages. The ADF security best practice advises placing all pages under the public_html/WEB-INF folder as then ADF will not allow any direct access to the .jspx pages but will only allow acces via a link of the form /faces/welcome rather than /faces/welcome.jspx.  This seems like a very good practice to follow as having multiple entry points to data is a source of confusion in a web application (particulary from a security point of view). In Authentication+Authorization mode only pages with a Page definition file are protected.  In order to add an emty one right click on the page and choose Go to Page Definition.  This will create an empty page definition and now the page will require explicit permission to be seen. It is advisable to give a unique context root via the weblogic.xml for the application, as otherwise the application will clash with any other application with the same context root and it will not deploy

    Read the article

  • VS2008 - Find and Replace - Searches too many files.

    - by Pam Bullock
    I've used VS2008 a lot and have never had this problem. However, I started a new job and am using a new machine. Ever since I've gotten here the VS Find feature has been acting funny. I first noticed it when I did a replace all for "All Open Files". The project wouldn't build because the values had actually been replaced in other files within the solution that were not open and didn't even open after I pressed replace all. I have found that I can never use replace all on this machine because I never know what it is going to do. Even if I just do a find on "Current Document", once it's done with the document and I should get that message that says "No more matches found" it actually OPENS another random file from my solution where there is a match and keeps on going. It seems to never make any difference what "Look in" option I've chosen. My coworker has an install off the same disk and claims to not be experiencing this. We're in the middle of a stressful, huge project with a close deadline so I know my boss won't let me do a reinstall. Has anyone else ever had this happen? Anyone know a fix?? Thanks, Pam

    Read the article

  • Is SharePoint a good solution for me?

    - by Pam Bullock
    My company has many branches that use the same software suite that we've written for them. We're looking at SharePoint as a way to open a dialog with them about the software - reviews, change requests (not official ones, just for us to get an idea and for them to discuss amongst themselves what would be helpful). We would also like to utilize the document repository feature and possibly the blog. SharePoint is already available to us if we'd like to use it so that's why we're looking into it. I've done a lot of research and watched a lot of starter tutorials. It seems like it has what we're looking for. For those of you that know it well: Do you think it would be a good solution for us? Do you think it would be overkill? If so, Do you have an alternative suggestion? Are there other aspects of SharePoint that I haven't discovered yet that seems like it would be helpful for what we're doing? I will continue to research online but it's always great to hear the opinion of someone experienced with the product. Thanks so much! Pam

    Read the article

  • SSH login very slow on OS X Leopard

    - by acjohnson55
    My SSH sessions take a very long time to initiate. This applies for logins with and without passwords, interactive and non-interactive. I have tried setting 'GSSAPIAuthentication no' and 'IPQoS 0x00' on the client side, and 'UseDNS no' on the server side, but no dice. I'm really stumped and frustrated. The worst part is that it SFTP takes forever to establish connections too, making file transfer much longer than it would be otherwise. I thought the problem might be something with PAM, because of where the hang is in the sshd log below, so I tried commenting out each line one-by-one in the /etc/pam.d/sshd file. Some caused login to be impossible, some had no apparent effect. I can't really tell if PAM is stalling for other services, but I can say that su'ing into my account from another account with 'su -l' has no apparent delay. I tried creating a new user account, just to see if there was something wrong with my existing account, and the same problem persisted. Any ideas of what's going on? On the client side, the most verbose mode outputs (redacted where reasonable): OpenSSH_5.9p1, OpenSSL 0.9.8r 8 Feb 2011 debug1: Reading configuration data ... debug1: ... line 1: Applying options for ... debug1: Reading configuration data /etc/ssh_config debug1: /etc/ssh_config line 20: Applying options for * debug1: /etc/ssh_config line 53: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to ... [x.x.x.x] port 22. debug1: Connection established. debug1: identity file /.../.ssh/id_rsa type -1 debug1: identity file /.../.ssh/id_rsa-cert type -1 debug3: Incorrect RSA1 identifier debug3: Could not load "/.../.ssh/id_dsa" as a RSA1 public key debug1: identity file /.../.ssh/id_dsa type 2 debug1: identity file /.../.ssh/id_dsa-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.2 debug1: match: OpenSSH_5.2 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.9 debug2: fd 3 setting O_NONBLOCK debug3: load_hostkeys: loading entries for host "..." from file "/.../.ssh/known_hosts" debug3: load_hostkeys: found key type RSA in file /.../.ssh/known_hosts:9 debug3: load_hostkeys: loaded 1 keys debug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],[email protected],ssh-rsa debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: [email protected],[email protected],ssh-rsa,[email protected],[email protected],ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,[email protected],zlib debug2: kex_parse_kexinit: none,[email protected],zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,[email protected] debug2: kex_parse_kexinit: none,[email protected] debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: found hmac-md5 debug1: kex: server->client aes128-ctr hmac-md5 none debug2: mac_setup: found hmac-md5 debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug2: dh_gen_key: priv key bits set: 136/256 debug2: bits set: 523/1024 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Server host key: RSA ... debug3: load_hostkeys: loading entries for host "..." from file "/.../.ssh/known_hosts" debug3: load_hostkeys: found key type RSA in file /.../.ssh/known_hosts:9 debug3: load_hostkeys: loaded 1 keys debug3: load_hostkeys: loading entries for host "x.x.x.x" from file "/.../.ssh/known_hosts" debug3: load_hostkeys: found key type RSA in file /.../.ssh/known_hosts:9 debug3: load_hostkeys: loaded 1 keys debug1: Host '...' is known and matches the RSA host key. debug1: Found key in /.../.ssh/known_hosts:9 debug2: bits set: 492/1024 debug1: ssh_rsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /.../.ssh/id_dsa (0x7f8b7b41d6c0) debug2: key: /.../.ssh/id_rsa (0x0) debug1: Authentications that can continue: publickey,password,keyboard-interactive debug3: start over, passed a different list publickey,password,keyboard-interactive debug3: preferred publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Offering DSA public key: /.../.ssh/id_dsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: Server accepts key: pkalg ssh-dss blen 434 debug2: input_userauth_pk_ok: fp ... debug3: sign_and_send_pubkey: DSA ... debug1: Authentication succeeded (publickey). Authenticated to ... ([x.x.x.x]:22). debug1: channel 0: new [client-session] debug3: ssh_session2_open: channel_new: 0 debug2: channel 0: send open debug1: Requesting [email protected] debug1: Entering interactive session. ****** Hangs here ****** debug2: callback start debug2: client_session2_setup: id 0 debug2: fd 3 setting TCP_NODELAY debug2: channel 0: request pty-req confirm 1 debug1: Sending environment. debug3: Ignored env TERM_PROGRAM debug3: Ignored env SHELL debug3: Ignored env TERM debug3: Ignored env TMPDIR debug3: Ignored env Apple_PubSub_Socket_Render debug3: Ignored env TERM_PROGRAM_VERSION debug3: Ignored env TERM_SESSION_ID debug3: Ignored env USER debug3: Ignored env COMMAND_MODE debug3: Ignored env SSH_AUTH_SOCK debug3: Ignored env Apple_Ubiquity_Message debug3: Ignored env __CF_USER_TEXT_ENCODING debug3: Ignored env PATH debug3: Ignored env MKL_NUM_THREADS debug3: Ignored env PWD debug1: Sending env LANG = en_US.UTF-8 debug2: channel 0: request env confirm 0 debug3: Ignored env HOME debug3: Ignored env SHLVL debug3: Ignored env DYLD_LIBRARY_PATH debug3: Ignored env PYTHONPATH debug3: Ignored env LOGNAME debug3: Ignored env DISPLAY debug3: Ignored env SECURITYSESSIONID debug3: Ignored env _ debug2: channel 0: request shell confirm 1 debug2: callback done debug2: channel 0: open confirm rwindow 0 rmax 32768 debug2: channel_input_status_confirm: type 99 id 0 debug2: PTY allocation request accepted on channel 0 debug2: channel 0: rcvd adjust 2097152 debug2: channel_input_status_confirm: type 99 id 0 debug2: shell request accepted on channel 0 On the server side, the debug output looks like: Sep 16 18:46:40 ... sshd[31435]: debug1: inetd sockets after dupping: 3, 4 Sep 16 18:46:40 ... sshd[31435]: Connection from x.x.x.x port 52758 Sep 16 18:46:40 ... sshd[31435]: debug1: Current Session ID is 56AC0FB0 / Session Attributes are 00008000 Sep 16 18:46:40 ... sshd[31435]: debug1: Running in inetd mode in a non-root session... assuming inetd created the session for us. Sep 16 18:46:40 ... sshd[31435]: debug1: Client protocol version 2.0; client software version OpenSSH_5.9 Sep 16 18:46:40 ... sshd[31435]: debug1: match: OpenSSH_5.9 pat OpenSSH* Sep 16 18:46:40 ... sshd[31435]: debug1: Enabling compatibility mode for protocol 2.0 Sep 16 18:46:40 ... sshd[31435]: debug1: Local version string SSH-2.0-OpenSSH_5.2 Sep 16 18:46:40 ... sshd[31435]: debug1: Checking with Service ACLs for ssh login restrictions Sep 16 18:46:40 ... sshd[31435]: debug1: call to mbr_user_name_to_uuid with <...> suceeded to retrieve user_uuid Sep 16 18:46:40 ... sshd[31435]: debug1: Call to mbr_check_service_membership failed with status <0> Sep 16 18:46:40 ... sshd[31435]: debug1: PAM: initializing for "..." Sep 16 18:46:40 ... sshd[31435]: debug1: PAM: setting PAM_RHOST to "x.x.x.x" Sep 16 18:46:40 ... sshd[31435]: Failed none for ... from x.x.x.x port 52758 ssh2 Sep 16 18:46:40 ... sshd[31435]: debug1: temporarily_use_uid: 509/20 (e=0/0) Sep 16 18:46:40 ... sshd[31435]: debug1: trying public key file /.../.ssh/authorized_keys Sep 16 18:46:40 ... sshd[31435]: debug1: restore_uid: 0/0 Sep 16 18:46:40 ... sshd[31435]: debug1: temporarily_use_uid: 509/20 (e=0/0) Sep 16 18:46:40 ... sshd[31435]: debug1: trying public key file /.../.ssh/authorized_keys2 Sep 16 18:46:40 ... sshd[31435]: debug1: fd 5 clearing O_NONBLOCK Sep 16 18:46:40 ... sshd[31435]: debug1: matching key found: file /.../.ssh/authorized_keys2, line 1 Sep 16 18:46:40 ... sshd[31435]: Found matching DSA key: ... Sep 16 18:46:40 ... sshd[31435]: debug1: restore_uid: 0/0 Sep 16 18:46:40 ... sshd[31435]: debug1: temporarily_use_uid: 509/20 (e=0/0) Sep 16 18:46:40 ... sshd[31435]: debug1: trying public key file /.../.ssh/authorized_keys Sep 16 18:46:40 ... sshd[31435]: debug1: restore_uid: 0/0 Sep 16 18:46:40 ... sshd[31435]: debug1: temporarily_use_uid: 509/20 (e=0/0) Sep 16 18:46:40 ... sshd[31435]: debug1: trying public key file /.../.ssh/authorized_keys2 Sep 16 18:46:40 ... sshd[31435]: debug1: fd 5 clearing O_NONBLOCK Sep 16 18:46:40 ... sshd[31435]: debug1: matching key found: file /.../.ssh/authorized_keys2, line 1 Sep 16 18:46:40 ... sshd[31435]: Found matching DSA key: ... Sep 16 18:46:40 ... sshd[31435]: debug1: restore_uid: 0/0 Sep 16 18:46:40 ... sshd[31435]: debug1: ssh_dss_verify: signature correct Sep 16 18:46:40 ... sshd[31435]: debug1: do_pam_account: called Sep 16 18:46:40 ... sshd[31435]: Accepted publickey for ... from x.x.x.x port 52758 ssh2 Sep 16 18:46:40 ... sshd[31435]: debug1: monitor_child_preauth: ... has been authenticated by privileged process Sep 16 18:46:40 ... sshd[31435]: debug1: PAM: establishing credentials ***** Hangs here ***** Sep 16 18:46:54 ... sshd[31435]: User child is on pid 31654 Sep 16 18:46:54 ... sshd[31654]: debug1: PAM: establishing credentials Sep 16 18:46:54 ... sshd[31654]: debug1: permanently_set_uid: 509/20 Sep 16 18:46:54 ... sshd[31654]: debug1: Entering interactive session for SSH2. Sep 16 18:46:54 ... sshd[31654]: debug1: server_init_dispatch_20 Sep 16 18:46:54 ... sshd[31654]: debug1: server_input_channel_open: ctype session rchan 0 win 1048576 max 16384 Sep 16 18:46:54 ... sshd[31654]: debug1: input_session_request Sep 16 18:46:54 ... sshd[31654]: debug1: channel 0: new [server-session] Sep 16 18:46:54 ... sshd[31654]: debug1: session_new: session 0 Sep 16 18:46:54 ... sshd[31654]: debug1: session_open: channel 0 Sep 16 18:46:54 ... sshd[31654]: debug1: session_open: session 0: link with channel 0 Sep 16 18:46:54 ... sshd[31654]: debug1: server_input_channel_open: confirm session Sep 16 18:46:54 ... sshd[31654]: debug1: server_input_global_request: rtype [email protected] want_reply 0 Sep 16 18:46:54 ... sshd[31654]: debug1: server_input_channel_req: channel 0 request pty-req reply 1 Sep 16 18:46:54 ... sshd[31654]: debug1: session_by_channel: session 0 channel 0 Sep 16 18:46:54 ... sshd[31654]: debug1: session_input_channel_req: session 0 req pty-req Sep 16 18:46:54 ... sshd[31654]: debug1: Allocating pty. Sep 16 18:46:54 ... sshd[31435]: debug1: session_new: session 0 Sep 16 18:46:54 ... sshd[31654]: debug1: session_pty_req: session 0 alloc /dev/ttys008 Sep 16 18:46:54 ... sshd[31654]: debug1: server_input_channel_req: channel 0 request env reply 0 Sep 16 18:46:54 ... sshd[31654]: debug1: session_by_channel: session 0 channel 0 Sep 16 18:46:54 ... sshd[31654]: debug1: session_input_channel_req: session 0 req env Sep 16 18:46:54 ... sshd[31654]: debug1: server_input_channel_req: channel 0 request shell reply 1 Sep 16 18:46:54 ... sshd[31654]: debug1: session_by_channel: session 0 channel 0 Sep 16 18:46:54 ... sshd[31654]: debug1: session_input_channel_req: session 0 req shell Sep 16 18:46:54 ... sshd[31655]: debug1: Setting controlling tty using TIOCSCTTY.

    Read the article

  • Hudson fails to use unix user/group to do authentication

    - by Kane
    I'm trying to use unix user/group database as security realm of hudson. The linux server is using NIS for user management. My account could login the hudson server via ssh. And the hudson server is running by user 'hudson' that is also a member of group 'shadow', so hudson could read /etc/shadow. And I tested the configuration using 'test' button, hudson tells me it works well. But I can't use my unix account and password to login the hudson sever. And I found below java exception in the log of hudson, Jan 12, 2011 8:23:42 AM hudson.security.AuthenticationProcessingFilter2 onUnsuccessfulAuthentication INFO: Login attempt failed org.acegisecurity.BadCredentialsException: pam_authenticate failed : Authentication failure; nested exception is org.jvnet.libpam.PAMException: pam_authenticate failed : Authentication failure at hudson.security.PAMSecurityRealm$PAMAuthenticationProvider.authenticate(PAMSecurityRealm.java:100) at org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:195) at org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:45) at org.acegisecurity.ui.webapp.AuthenticationProcessingFilter.attemptAuthentication(AuthenticationProcessingFilter.java:71) at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:252) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:173) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249) at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:66) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164) at winstone.FilterConfiguration.execute(FilterConfiguration.java:195) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:368) at winstone.RequestDispatcher.forward(RequestDispatcher.java:333) at winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:244) at winstone.RequestHandlerThread.run(RequestHandlerThread.java:150) at java.lang.Thread.run(Thread.java:595) Caused by: org.jvnet.libpam.PAMException: pam_authenticate failed : Authentication failure at org.jvnet.libpam.PAM.check(PAM.java:105) at org.jvnet.libpam.PAM.authenticate(PAM.java:123) at hudson.security.PAMSecurityRealm$PAMAuthenticationProvider.authenticate(PAMSecurityRealm.java:90) ... 18 more

    Read the article

  • OpenLDAP with StartTLS broken on Debian Lenny

    - by mr.zog
    I'm trying to get OpenLDAP on Lenny to work with StartTLS. I have a Fedora 13 machine which I'm using as a client for testing. So far the Fedora client is ignoring the 'host' directive in /etc/ldap.conf when I try to connect using ldapsearch. The client wants to connect to 127.0.0.1:389 even if I specify -H ldaps://server.name on when using ldapsearch. /etc/ldap.conf on the client machine is in mode 444. But even when I try connecting locally from an ssh session, I see errors like this: ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1) Someone hit me with a cluebat, plz. Update: you must use ~/.ldaprc for settings such as 'host'. Also, I just used nmap against the ldap server and it showed 636 and 389 in an open state. Here's what prints to screen when I try to connect with, ldapsearch -ZZ –x '(objectclass=*)'+ -d -1 ldap_create ldap_extended_operation_s ldap_extended_operation ldap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host: TCP 192.168.10.41:636 ldap_new_socket: 3 ldap_prepare_socket: 3 ldap_connect_to_host: Trying 192.168.10.41:636 ldap_pvt_connect: fd: 3 tm: -1 async: 0 ldap_open_defconn: successful ldap_send_server_request ber_scanf fmt ({it) ber: ber_dump: buf=0x9bdbdb8 ptr=0x9bdbdb8 end=0x9bdbdd7 len=31 0000: 30 1d 02 01 01 77 18 80 16 31 2e 33 2e 36 2e 31 0....w...1.3.6.1 0010: 2e 34 2e 31 2e 31 34 36 36 2e 32 30 30 33 37 .4.1.1466.20037 ber_scanf fmt ({) ber: ber_dump: buf=0x9bdbdb8 ptr=0x9bdbdbd end=0x9bdbdd7 len=26 0000: 77 18 80 16 31 2e 33 2e 36 2e 31 2e 34 2e 31 2e w...1.3.6.1.4.1. 0010: 31 34 36 36 2e 32 30 30 33 37 1466.20037 ber_flush2: 31 bytes to sd 3 0000: 30 1d 02 01 01 77 18 80 16 31 2e 33 2e 36 2e 31 0....w...1.3.6.1 0010: 2e 34 2e 31 2e 31 34 36 36 2e 32 30 30 33 37 .4.1.1466.20037 ldap_write: want=31, written=31 0000: 30 1d 02 01 01 77 18 80 16 31 2e 33 2e 36 2e 31 0....w...1.3.6.1 0010: 2e 34 2e 31 2e 31 34 36 36 2e 32 30 30 33 37 .4.1.1466.20037 ldap_result ld 0x9bd3050 msgid 1 wait4msg ld 0x9bd3050 msgid 1 (infinite timeout) wait4msg continue ld 0x9bd3050 msgid 1 all 1 ** ld 0x9bd3050 Connections: * host: 192.168.10.41 port: 636 (default) refcnt: 2 status: Connected last used: Sun Jun 6 12:54:05 2010 ** ld 0x9bd3050 Outstanding Requests: * msgid 1, origid 1, status InProgress outstanding referrals 0, parent count 0 ld 0x9bd3050 request count 1 (abandoned 0) ** ld 0x9bd3050 Response Queue: Empty ld 0x9bd3050 response count 0 ldap_chkResponseList ld 0x9bd3050 msgid 1 all 1 ldap_chkResponseList returns ld 0x9bd3050 NULL ldap_int_select read1msg: ld 0x9bd3050 msgid 1 all 1 ber_get_next ldap_read: want=8, got=0 ber_get_next failed. ldap_err2string ldap_start_tls: Can't contact LDAP server (-1)

    Read the article

  • Finding the groups of a user in WLS with OPSS

    - by user12587121
    How to find the group memberships for a user from a web application running in Weblogic server ?  This is useful for building up the profile of the user for security purposes for example. WLS as a container offers an identity store service which applications can access to query and manage identities known to the container.  This article for example shows how to recover the groups of the current user, but how can we find the same information for an arbitrary user ? It is the Oracle Platform for Securtiy Services (OPSS) that looks after the identity store in WLS and so it is in the OPSS APIs that we can find the way to recover this information. This is explained in the following documents.  Starting from the FMW 11.1.1.5 book list, with the Security Overview document we can see how WLS uses OPSS: Proceeding to the more detailed Application Security document, we find this list of useful references for security in FMW. We can follow on into the User/Role API javadoc. The Application Security document explains how to ensure that the identity store is configured appropriately to allow the OPSS APIs to work.  We must verify that the jps-config.xml file where the application  is deployed has it's identity store configured--look for the following elements in that file: <serviceProvider type="IDENTITY_STORE" name="idstore.ldap.provider" class="oracle.security.jps.internal.idstore.ldap.LdapIdentityStoreProvider">             <description>LDAP-based IdentityStore Provider</description>  </serviceProvider> <serviceInstance name="idstore.ldap" provider="idstore.ldap.provider">             <property name="idstore.config.provider" value="oracle.security.jps.wls.internal.idstore.WlsLdapIdStoreConfigProvider"/>             <property name="CONNECTION_POOL_CLASS" value="oracle.security.idm.providers.stdldap.JNDIPool"/></serviceInstance> <serviceInstanceRef ref="idstore.ldap"/> The document contains a code sample for using the identity store here. Once we have the identity store reference we can recover the user's group memberships using the RoleManager interface:             RoleManager roleManager = idStore.getRoleManager();            SearchResponse grantedRoles = null;            try{                System.out.println("Retrieving granted WLS roles for user " + userPrincipal.getName());                grantedRoles = roleManager.getGrantedRoles(userPrincipal, false);                while( grantedRoles.hasNext()){                      Identity id = grantedRoles.next();                      System.out.println("  disp name=" + id.getDisplayName() +                                  " Name=" + id.getName() +                                  " Principal=" + id.getPrincipal() +                                  "Unique Name=" + id.getUniqueName());                     // Here, we must use WLSGroupImpl() to build the Principal otherwise                     // OES does not recognize it.                      retSubject.getPrincipals().add(new WLSGroupImpl(id.getPrincipal().getName()));                 }            }catch(Exception ex) {                System.out.println("Error getting roles for user " + ex.getMessage());                ex.printStackTrace();            }        }catch(Exception ex) {            System.out.println("OESGateway: Got exception instantiating idstore reference");        } This small JDeveloper project has a simple servlet that executes a request for the user weblogic's roles on executing a get on the default URL.  The full code to recover a user's goups is in the getSubjectWithRoles() method in the project.

    Read the article

  • RHEL 5.5 Yum Update Fails Dependency Error

    - by user65788
    I have 30 different RHEL 5.5 machines that will not update some 33 packages via Yum. Does anyone know why these packages will not install and how to correct this? Yum clean all does not fix the issue, however skip broken will allow other updates to install but I am really after a way to clear this up for good. They are stock boxes with RHEL subscription and not using any yum repositories other than Red Hat's own official repositories. They have not been updated for over a year! yum update Loaded plugins: rhnplugin, security rhel-i386-client-5 | 1.4 kB 00:00 rhel-i386-client-5/primary | 2.8 MB 00:09 rhel-i386-client-5 6607/6607 Skipping security plugin, no data Setting up Update Process Resolving Dependencies Skipping security plugin, no data --> Running transaction check ---> Package autofs.i386 1:5.0.1-0.rc2.143.el5_5.6 set to be updated ---> Package cpp.i386 0:4.1.2-48.el5 set to be updated --> Processing Dependency: curl = 7.15.5-2.1.el5_3.5 for package: curl-devel ---> Package curl.i386 0:7.15.5-9.el5 set to be updated --> Processing Dependency: cyrus-sasl-lib = 2.1.22-5.el5 for package: cyrus-sasl-devel ---> Package cyrus-sasl-lib.i386 0:2.1.22-5.el5_4.3 set to be updated ---> Package cyrus-sasl-md5.i386 0:2.1.22-5.el5_4.3 set to be updated ---> Package cyrus-sasl-plain.i386 0:2.1.22-5.el5_4.3 set to be updated --> Processing Dependency: db4 = 4.3.29-10.el5 for package: db4-devel ---> Package db4.i386 0:4.3.29-10.el5_5.2 set to be updated --> Processing Dependency: dbus = 1.1.2-12.el5 for package: dbus-devel ---> Package dbus.i386 0:1.1.2-14.el5 set to be updated ---> Package dbus-libs.i386 0:1.1.2-14.el5 set to be updated ---> Package dbus-x11.i386 0:1.1.2-14.el5 set to be updated ---> Package e2fsprogs.i386 0:1.39-23.el5_5.1 set to be updated --> Processing Dependency: e2fsprogs-libs = 1.39-23.el5 for package: e2fsprogs-devel ---> Package e2fsprogs-libs.i386 0:1.39-23.el5_5.1 set to be updated ---> Package esc.i386 0:1.1.0-12.el5 set to be updated --> Processing Dependency: expat = 1.95.8-8.2.1 for package: expat-devel ---> Package expat.i386 0:1.95.8-8.3.el5_5.3 set to be updated ---> Package firefox.i386 0:3.6.13-2.el5 set to be updated --> Processing Dependency: freetype = 2.2.1-21.el5_3 for package: freetype-devel ---> Package freetype.i386 0:2.2.1-28.el5_5.1 set to be updated --> Processing Dependency: gcc = 4.1.2-46.el5_4.1 for package: gcc-c++ --> Processing Dependency: gcc = 4.1.2-46.el5_4.1 for package: gcc-gfortran ---> Package gcc.i386 0:4.1.2-48.el5 set to be updated --> Processing Dependency: gd = 2.0.33-9.4.el5_1.1 for package: gd-devel ---> Package gd.i386 0:2.0.33-9.4.el5_4.2 set to be updated --> Processing Dependency: gnome-vfs2 = 2.16.2-4.el5 for package: gnome-vfs2-devel ---> Package gnome-vfs2.i386 0:2.16.2-6.el5_5.1 set to be updated ---> Package gnome-vfs2-smb.i386 0:2.16.2-6.el5_5.1 set to be updated --> Processing Dependency: gnutls = 1.4.1-3.el5_3.5 for package: gnutls-devel ---> Package gnutls.i386 0:1.4.1-3.el5_4.8 set to be updated --> Processing Dependency: gtk2 = 2.10.4-20.el5 for package: gtk2-devel ---> Package gtk2.i386 0:2.10.4-21.el5_5.6 set to be updated --> Processing Dependency: hal = 0.5.8.1-52.el5 for package: hal-devel ---> Package hal.i386 0:0.5.8.1-59.el5 set to be updated --> Processing Dependency: krb5-libs = 1.6.1-36.el5 for package: krb5-devel ---> Package krb5-libs.i386 0:1.6.1-36.el5_5.6 set to be updated ---> Package krb5-workstation.i386 0:1.6.1-36.el5_5.6 set to be updated --> Processing Dependency: libXi = 1.0.1-3.1 for package: libXi-devel ---> Package libXi.i386 0:1.0.1-4.el5_4 set to be updated --> Processing Dependency: libXrandr = 1.1.1-3.1 for package: libXrandr-devel ---> Package libXrandr.i386 0:1.1.1-3.3 set to be updated --> Processing Dependency: libXt = 1.0.2-3.1.fc6 for package: libXt-devel ---> Package libXt.i386 0:1.0.2-3.2.el5 set to be updated --> Processing Dependency: libgfortran = 4.1.2-46.el5_4.1 for package: gcc-gfortran ---> Package libgfortran.i386 0:4.1.2-48.el5 set to be updated --> Processing Dependency: libsepol = 1.15.2-2.el5 for package: libsepol-devel ---> Package libsepol.i386 0:1.15.2-3.el5 set to be updated --> Processing Dependency: libstdc++ = 4.1.2-46.el5_4.1 for package: gcc-c++ --> Processing Dependency: libstdc++ = 4.1.2-46.el5_4.1 for package: libstdc++-devel ---> Package libstdc++.i386 0:4.1.2-48.el5 set to be updated --> Processing Dependency: mesa-libGL = 6.5.1-7.7.el5 for package: mesa-libGL-devel ---> Package mesa-libGL.i386 0:6.5.1-7.8.el5 set to be updated --> Processing Dependency: mesa-libGLU = 6.5.1-7.7.el5 for package: mesa-libGLU-devel ---> Package mesa-libGLU.i386 0:6.5.1-7.8.el5 set to be updated --> Processing Dependency: newt = 0.52.2-12.el5_4.1 for package: newt-devel ---> Package newt.i386 0:0.52.2-15.el5 set to be updated --> Processing Dependency: nspr = 4.7.6-1.el5_4 for package: nspr-devel ---> Package nspr.i386 0:4.8.6-1.el5 set to be updated --> Processing Dependency: nss = 3.12.3.99.3-1.el5_3.2 for package: nss-devel ---> Package nss.i386 0:3.12.8-1.el5 set to be updated ---> Package nss-tools.i386 0:3.12.8-1.el5 set to be updated --> Processing Dependency: openldap = 2.3.43-3.el5 for package: openldap-devel ---> Package openldap.i386 0:2.3.43-12.el5_5.3 set to be updated ---> Package openldap-clients.i386 0:2.3.43-12.el5_5.3 set to be updated --> Processing Dependency: openssl = 0.9.8e-12.el5 for package: openssl-devel ---> Package openssl.i686 0:0.9.8e-12.el5_5.7 set to be updated --> Processing Dependency: pam = 0.99.6.2-6.el5 for package: pam-devel ---> Package pam.i386 0:0.99.6.2-6.el5_5.2 set to be updated --> Processing Dependency: popt = 1.10.2.3-18.el5 for package: rpm-devel --> Processing Dependency: popt = 1.10.2.3-18.el5 for package: rpm-build ---> Package popt.i386 0:1.10.2.3-20.el5_5.1 set to be updated --> Processing Dependency: python = 2.4.3-27.el5 for package: python-devel ---> Package python.i386 0:2.4.3-27.el5_5.3 set to be updated --> Processing Dependency: rpm = 4.4.2.3-18.el5 for package: rpm-devel --> Processing Dependency: rpm = 4.4.2.3-18.el5 for package: rpm-build ---> Package rpm.i386 0:4.4.2.3-20.el5_5.1 set to be updated --> Processing Dependency: rpm-libs = 4.4.2.3-18.el5 for package: rpm-devel --> Processing Dependency: rpm-libs = 4.4.2.3-18.el5 for package: rpm-build ---> Package rpm-libs.i386 0:4.4.2.3-20.el5_5.1 set to be updated ---> Package rpm-python.i386 0:4.4.2.3-20.el5_5.1 set to be updated ---> Package xulrunner.i386 0:1.9.2.13-3.el5 set to be updated ---> Package xulrunner-devel.i386 0:1.9.2.7-2.el5 set to be updated --> Processing Dependency: xulrunner = 1.9.2.7-2.el5 for package: xulrunner-devel --> Processing Dependency: nss-devel >= 3.12.6 for package: xulrunner-devel --> Processing Dependency: nspr-devel >= 4.8 for package: xulrunner-devel --> Processing Dependency: libnotify-devel for package: xulrunner-devel ---> Package yelp.i386 0:2.16.0-26.el5 set to be updated rhel-i386-client-5/filelists | 16 MB 00:45 --> Finished Dependency Resolution xulrunner-devel-1.9.2.7-2.el5.i386 from rhel-i386-client-5 has depsolving problems --> Missing Dependency: libnotify-devel is needed by package xulrunner-devel-1.9.2.7-2.el5.i386 (rhel-i386-client-5) mesa-libGLU-devel-6.5.1-7.7.el5.i386 from installed has depsolving problems --> Missing Dependency: mesa-libGLU = 6.5.1-7.7.el5 is needed by package mesa-libGLU-devel-6.5.1-7.7.el5.i386 (installed) python-devel-2.4.3-27.el5.i386 from installed has depsolving problems --> Missing Dependency: python = 2.4.3-27.el5 is needed by package python-devel-2.4.3-27.el5.i386 (installed) nss-devel-3.12.3.99.3-1.el5_3.2.i386 from installed has depsolving problems --> Missing Dependency: nss = 3.12.3.99.3-1.el5_3.2 is needed by package nss-devel-3.12.3.99.3-1.el5_3.2.i386 (installed) libstdc++-devel-4.1.2-46.el5_4.1.i386 from installed has depsolving problems --> Missing Dependency: libstdc++ = 4.1.2-46.el5_4.1 is needed by package libstdc++-devel-4.1.2-46.el5_4.1.i386 (installed) xulrunner-devel-1.9.2.7-2.el5.i386 from rhel-i386-client-5 has depsolving problems --> Missing Dependency: nspr-devel >= 4.8 is needed by package xulrunner-devel-1.9.2.7-2.el5.i386 (rhel-i386-client-5) gcc-c++-4.1.2-46.el5_4.1.i386 from installed has depsolving problems --> Missing Dependency: libstdc++ = 4.1.2-46.el5_4.1 is needed by package gcc-c++-4.1.2-46.el5_4.1.i386 (installed) rpm-devel-4.4.2.3-18.el5.i386 from installed has depsolving problems --> Missing Dependency: rpm-libs = 4.4.2.3-18.el5 is needed by package rpm-devel-4.4.2.3-18.el5.i386 (installed) xulrunner-devel-1.9.2.7-2.el5.i386 from rhel-i386-client-5 has depsolving problems --> Missing Dependency: xulrunner = 1.9.2.7-2.el5 is needed by package xulrunner-devel-1.9.2.7-2.el5.i386 (rhel-i386-client-5) nspr-devel-4.7.6-1.el5_4.i386 from installed has depsolving problems --> Missing Dependency: nspr = 4.7.6-1.el5_4 is needed by package nspr-devel-4.7.6-1.el5_4.i386 (installed) libXrandr-devel-1.1.1-3.1.i386 from installed has depsolving problems --> Missing Dependency: libXrandr = 1.1.1-3.1 is needed by package libXrandr-devel-1.1.1-3.1.i386 (installed) libsepol-devel-1.15.2-2.el5.i386 from installed has depsolving problems --> Missing Dependency: libsepol = 1.15.2-2.el5 is needed by package libsepol-devel-1.15.2-2.el5.i386 (installed) libXt-devel-1.0.2-3.1.fc6.i386 from installed has depsolving problems --> Missing Dependency: libXt = 1.0.2-3.1.fc6 is needed by package libXt-devel-1.0.2-3.1.fc6.i386 (installed) mesa-libGL-devel-6.5.1-7.7.el5.i386 from installed has depsolving problems --> Missing Dependency: mesa-libGL = 6.5.1-7.7.el5 is needed by package mesa-libGL-devel-6.5.1-7.7.el5.i386 (installed) openldap-devel-2.3.43-3.el5.i386 from installed has depsolving problems --> Missing Dependency: openldap = 2.3.43-3.el5 is needed by package openldap-devel-2.3.43-3.el5.i386 (installed) openssl-devel-0.9.8e-12.el5.i386 from installed has depsolving problems --> Missing Dependency: openssl = 0.9.8e-12.el5 is needed by package openssl-devel-0.9.8e-12.el5.i386 (installed) dbus-devel-1.1.2-12.el5.i386 from installed has depsolving problems --> Missing Dependency: dbus = 1.1.2-12.el5 is needed by package dbus-devel-1.1.2-12.el5.i386 (installed) newt-devel-0.52.2-12.el5_4.1.i386 from installed has depsolving problems --> Missing Dependency: newt = 0.52.2-12.el5_4.1 is needed by package newt-devel-0.52.2-12.el5_4.1.i386 (installed) gnome-vfs2-devel-2.16.2-4.el5.i386 from installed has depsolving problems --> Missing Dependency: gnome-vfs2 = 2.16.2-4.el5 is needed by package gnome-vfs2-devel-2.16.2-4.el5.i386 (installed) gnutls-devel-1.4.1-3.el5_3.5.i386 from installed has depsolving problems --> Missing Dependency: gnutls = 1.4.1-3.el5_3.5 is needed by package gnutls-devel-1.4.1-3.el5_3.5.i386 (installed) rpm-build-4.4.2.3-18.el5.i386 from installed has depsolving problems --> Missing Dependency: rpm-libs = 4.4.2.3-18.el5 is needed by package rpm-build-4.4.2.3-18.el5.i386 (installed) gd-devel-2.0.33-9.4.el5_1.1.i386 from installed has depsolving problems --> Missing Dependency: gd = 2.0.33-9.4.el5_1.1 is needed by package gd-devel-2.0.33-9.4.el5_1.1.i386 (installed) e2fsprogs-devel-1.39-23.el5.i386 from installed has depsolving problems --> Missing Dependency: e2fsprogs-libs = 1.39-23.el5 is needed by package e2fsprogs-devel-1.39-23.el5.i386 (installed) xulrunner-devel-1.9.2.7-2.el5.i386 from rhel-i386-client-5 has depsolving problems --> Missing Dependency: nss-devel >= 3.12.6 is needed by package xulrunner-devel-1.9.2.7-2.el5.i386 (rhel-i386-client-5) krb5-devel-1.6.1-36.el5.i386 from installed has depsolving problems --> Missing Dependency: krb5-libs = 1.6.1-36.el5 is needed by package krb5-devel-1.6.1-36.el5.i386 (installed) gcc-gfortran-4.1.2-46.el5_4.1.i386 from installed has depsolving problems --> Missing Dependency: libgfortran = 4.1.2-46.el5_4.1 is needed by package gcc-gfortran-4.1.2-46.el5_4.1.i386 (installed) curl-devel-7.15.5-2.1.el5_3.5.i386 from installed has depsolving problems --> Missing Dependency: curl = 7.15.5-2.1.el5_3.5 is needed by package curl-devel-7.15.5-2.1.el5_3.5.i386 (installed) pam-devel-0.99.6.2-6.el5.i386 from installed has depsolving problems --> Missing Dependency: pam = 0.99.6.2-6.el5 is needed by package pam-devel-0.99.6.2-6.el5.i386 (installed) rpm-build-4.4.2.3-18.el5.i386 from installed has depsolving problems --> Missing Dependency: rpm = 4.4.2.3-18.el5 is needed by package rpm-build-4.4.2.3-18.el5.i386 (installed) expat-devel-1.95.8-8.2.1.i386 from installed has depsolving problems --> Missing Dependency: expat = 1.95.8-8.2.1 is needed by package expat-devel-1.95.8-8.2.1.i386 (installed) gcc-c++-4.1.2-46.el5_4.1.i386 from installed has depsolving problems --> Missing Dependency: gcc = 4.1.2-46.el5_4.1 is needed by package gcc-c++-4.1.2-46.el5_4.1.i386 (installed) gtk2-devel-2.10.4-20.el5.i386 from installed has depsolving problems --> Missing Dependency: gtk2 = 2.10.4-20.el5 is needed by package gtk2-devel-2.10.4-20.el5.i386 (installed) gcc-gfortran-4.1.2-46.el5_4.1.i386 from installed has depsolving problems --> Missing Dependency: gcc = 4.1.2-46.el5_4.1 is needed by package gcc-gfortran-4.1.2-46.el5_4.1.i386 (installed) cyrus-sasl-devel-2.1.22-5.el5.i386 from installed has depsolving problems --> Missing Dependency: cyrus-sasl-lib = 2.1.22-5.el5 is needed by package cyrus-sasl-devel-2.1.22-5.el5.i386 (installed) rpm-devel-4.4.2.3-18.el5.i386 from installed has depsolving problems --> Missing Dependency: popt = 1.10.2.3-18.el5 is needed by package rpm-devel-4.4.2.3-18.el5.i386 (installed) db4-devel-4.3.29-10.el5.i386 from installed has depsolving problems --> Missing Dependency: db4 = 4.3.29-10.el5 is needed by package db4-devel-4.3.29-10.el5.i386 (installed) rpm-build-4.4.2.3-18.el5.i386 from installed has depsolving problems --> Missing Dependency: popt = 1.10.2.3-18.el5 is needed by package rpm-build-4.4.2.3-18.el5.i386 (installed) rpm-devel-4.4.2.3-18.el5.i386 from installed has depsolving problems --> Missing Dependency: rpm = 4.4.2.3-18.el5 is needed by package rpm-devel-4.4.2.3-18.el5.i386 (installed) libXi-devel-1.0.1-3.1.i386 from installed has depsolving problems --> Missing Dependency: libXi = 1.0.1-3.1 is needed by package libXi-devel-1.0.1-3.1.i386 (installed) hal-devel-0.5.8.1-52.el5.i386 from installed has depsolving problems --> Missing Dependency: hal = 0.5.8.1-52.el5 is needed by package hal-devel-0.5.8.1-52.el5.i386 (installed) freetype-devel-2.2.1-21.el5_3.i386 from installed has depsolving problems --> Missing Dependency: freetype = 2.2.1-21.el5_3 is needed by package freetype-devel-2.2.1-21.el5_3.i386 (installed) Error: Missing Dependency: libgfortran = 4.1.2-46.el5_4.1 is needed by package gcc-gfortran-4.1.2-46.el5_4.1.i386 (installed) Error: Missing Dependency: libsepol = 1.15.2-2.el5 is needed by package libsepol-devel-1.15.2-2.el5.i386 (installed) Error: Missing Dependency: libstdc++ = 4.1.2-46.el5_4.1 is needed by package gcc-c++-4.1.2-46.el5_4.1.i386 (installed) Error: Missing Dependency: mesa-libGL = 6.5.1-7.7.el5 is needed by package mesa-libGL-devel-6.5.1-7.7.el5.i386 (installed) Error: Missing Dependency: mesa-libGLU = 6.5.1-7.7.el5 is needed by package mesa-libGLU-devel-6.5.1-7.7.el5.i386 (installed) Error: Missing Dependency: freetype = 2.2.1-21.el5_3 is needed by package freetype-devel-2.2.1-21.el5_3.i386 (installed) Error: Missing Dependency: hal = 0.5.8.1-52.el5 is needed by package hal-devel-0.5.8.1-52.el5.i386 (installed) Error: Missing Dependency: libXt = 1.0.2-3.1.fc6 is needed by package libXt-devel-1.0.2-3.1.fc6.i386 (installed) Error: Missing Dependency: openldap = 2.3.43-3.el5 is needed by package openldap-devel-2.3.43-3.el5.i386 (installed) Error: Missing Dependency: libstdc++ = 4.1.2-46.el5_4.1 is needed by package libstdc++-devel-4.1.2-46.el5_4.1.i386 (installed) Error: Missing Dependency: nss-devel >= 3.12.6 is needed by package xulrunner-devel-1.9.2.7-2.el5.i386 (rhel-i386-client-5) Error: Missing Dependency: newt = 0.52.2-12.el5_4.1 is needed by package newt-devel-0.52.2-12.el5_4.1.i386 (installed) Error: Missing Dependency: gnutls = 1.4.1-3.el5_3.5 is needed by package gnutls-devel-1.4.1-3.el5_3.5.i386 (installed) Error: Missing Dependency: gnome-vfs2 = 2.16.2-4.el5 is needed by package gnome-vfs2-devel-2.16.2-4.el5.i386 (installed) Error: Missing Dependency: libXrandr = 1.1.1-3.1 is needed by package libXrandr-devel-1.1.1-3.1.i386 (installed) Error: Missing Dependency: python = 2.4.3-27.el5 is needed by package python-devel-2.4.3-27.el5.i386 (installed) Error: Missing Dependency: gcc = 4.1.2-46.el5_4.1 is needed by package gcc-c++-4.1.2-46.el5_4.1.i386 (installed) Error: Missing Dependency: libnotify-devel is needed by package xulrunner-devel-1.9.2.7-2.el5.i386 (rhel-i386-client-5) Error: Missing Dependency: popt = 1.10.2.3-18.el5 is needed by package rpm-devel-4.4.2.3-18.el5.i386 (installed) Error: Missing Dependency: openssl = 0.9.8e-12.el5 is needed by package openssl-devel-0.9.8e-12.el5.i386 (installed) Error: Missing Dependency: curl = 7.15.5-2.1.el5_3.5 is needed by package curl-devel-7.15.5-2.1.el5_3.5.i386 (installed) Error: Missing Dependency: xulrunner = 1.9.2.7-2.el5 is needed by package xulrunner-devel-1.9.2.7-2.el5.i386 (rhel-i386-client-5) Error: Missing Dependency: nspr = 4.7.6-1.el5_4 is needed by package nspr-devel-4.7.6-1.el5_4.i386 (installed) Error: Missing Dependency: nss = 3.12.3.99.3-1.el5_3.2 is needed by package nss-devel-3.12.3.99.3-1.el5_3.2.i386 (installed) Error: Missing Dependency: popt = 1.10.2.3-18.el5 is needed by package rpm-build-4.4.2.3-18.el5.i386 (installed) Error: Missing Dependency: libXi = 1.0.1-3.1 is needed by package libXi-devel-1.0.1-3.1.i386 (installed) Error: Missing Dependency: nspr-devel >= 4.8 is needed by package xulrunner-devel-1.9.2.7-2.el5.i386 (rhel-i386-client-5) Error: Missing Dependency: pam = 0.99.6.2-6.el5 is needed by package pam-devel-0.99.6.2-6.el5.i386 (installed) Error: Missing Dependency: rpm = 4.4.2.3-18.el5 is needed by package rpm-build-4.4.2.3-18.el5.i386 (installed) Error: Missing Dependency: cyrus-sasl-lib = 2.1.22-5.el5 is needed by package cyrus-sasl-devel-2.1.22-5.el5.i386 (installed) Error: Missing Dependency: gtk2 = 2.10.4-20.el5 is needed by package gtk2-devel-2.10.4-20.el5.i386 (installed) Error: Missing Dependency: dbus = 1.1.2-12.el5 is needed by package dbus-devel-1.1.2-12.el5.i386 (installed) Error: Missing Dependency: db4 = 4.3.29-10.el5 is needed by package db4-devel-4.3.29-10.el5.i386 (installed) Error: Missing Dependency: rpm-libs = 4.4.2.3-18.el5 is needed by package rpm-build-4.4.2.3-18.el5.i386 (installed) Error: Missing Dependency: gcc = 4.1.2-46.el5_4.1 is needed by package gcc-gfortran-4.1.2-46.el5_4.1.i386 (installed) Error: Missing Dependency: expat = 1.95.8-8.2.1 is needed by package expat-devel-1.95.8-8.2.1.i386 (installed) Error: Missing Dependency: gd = 2.0.33-9.4.el5_1.1 is needed by package gd-devel-2.0.33-9.4.el5_1.1.i386 (installed) Error: Missing Dependency: krb5-libs = 1.6.1-36.el5 is needed by package krb5-devel-1.6.1-36.el5.i386 (installed) Error: Missing Dependency: rpm = 4.4.2.3-18.el5 is needed by package rpm-devel-4.4.2.3-18.el5.i386 (installed) Error: Missing Dependency: rpm-libs = 4.4.2.3-18.el5 is needed by package rpm-devel-4.4.2.3-18.el5.i386 (installed) Error: Missing Dependency: e2fsprogs-libs = 1.39-23.el5 is needed by package e2fsprogs-devel-1.39-23.el5.i386 (installed) You could try using --skip-broken to work around the problem You could try running: package-cleanup --problems package-cleanup --dupes rpm -Va --nofiles --nodigest The repolist is yum repolist all Loaded plugins: rhnplugin, security repo id repo name status rhel-debuginfo Red Hat Enterprise Linux 5Client - i386 - Deb disabled rhel-debuginfo-beta Red Hat Enterprise Linux 5Client Beta - i386 disabled rhel-i386-client-5 Red Hat Enterprise Linux Desktop (v. 5 for 32 enabled: 6,607 repolist: 6,607

    Read the article

  • Postfix SMTP auth not working with virtual mailboxes + SASL + Courier userdb

    - by Greg K
    So I've read a variety of tutorials and how-to's and I'm struggling to make sense of how to get SMTP auth working with virtual mailboxes in Postfix. I used this Ubuntu tutorial to get set up. I'm using Courier-IMAP and POP3 for reading mail which seems to be working without issue. However, the credentials used to read a mailbox are not working for SMTP. I can see from /var/log/auth.log that PAM is being used, does this require a UNIX user account to work? As I'm using virtual mailboxes to avoid creating user accounts. li305-246 saslauthd[22856]: DEBUG: auth_pam: pam_authenticate failed: Authentication failure li305-246 saslauthd[22856]: do_auth : auth failure: [user=fred] [service=smtp] [realm=] [mech=pam] [reason=PAM auth error] /var/log/mail.log li305-246 postfix/smtpd[27091]: setting up TLS connection from mail-pb0-f43.google.com[209.85.160.43] li305-246 postfix/smtpd[27091]: Anonymous TLS connection established from mail-pb0-f43.google.com[209.85.160.43]: TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits) li305-246 postfix/smtpd[27091]: warning: SASL authentication failure: Password verification failed li305-246 postfix/smtpd[27091]: warning: mail-pb0-f43.google.com[209.85.160.43]: SASL PLAIN authentication failed: authentication failure I've created accounts in userdb as per this tutorial. Does Postfix also use authuserdb? What debug information is needed to help diagnose my issue? main.cf: # TLS parameters smtpd_tls_cert_file = /etc/ssl/certs/smtpd.crt smtpd_tls_key_file = /etc/ssl/private/smtpd.key smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache # SMTP parameters smtpd_sasl_local_domain = smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination smtp_tls_security_level = may smtpd_tls_security_level = may smtpd_tls_auth_only = no smtp_tls_note_starttls_offer = yes smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom /etc/postfix/sasl/smtpd.conf pwcheck_method: saslauthd mech_list: plain login /etc/default/saslauthd START=yes PWDIR="/var/spool/postfix/var/run/saslauthd" PARAMS="-m ${PWDIR}" PIDFILE="${PWDIR}/saslauthd.pid" DESC="SASL Authentication Daemon" NAME="saslauthd" MECHANISMS="pam" MECH_OPTIONS="" THREADS=5 OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd" /etc/courier/authdaemonrc authmodulelist="authuserdb" I've only modified one line in authdaemonrc and restarted the service as per this tutorial. I've added accounts to /etc/courier/userdb via userdb and userdbpw and run makeuserdb as per the tutorial. SOLVED Thanks to Jenny D for suggesting use of rimap to auth against localhost IMAP server (which reads userdb credentials). I updated /etc/default/saslauthd to start saslauthd correctly (this page was useful) MECHANISMS="rimap" MECH_OPTIONS="localhost" THREADS=0 OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r" After doing this I got the following error in /var/log/auth.log: li305-246 saslauthd[28093]: auth_rimap: unexpected response to auth request: * BYE [ALERT] Fatal error: Account's mailbox directory is not owned by the correct uid or gid: li305-246 saslauthd[28093]: do_auth : auth failure: [user=fred] [service=smtp] [realm=] [mech=rimap] [reason=[ALERT] Unexpected response from remote authentication server] This blog post detailed a solution by setting IMAP_MAILBOX_SANITY_CHECK=0 in /etc/courier/imapd. Then restart your courier and saslauthd daemons for config changes to take effect. sudo /etc/init.d/courier-imap restart sudo /etc/init.d/courier-authdaemon restart sudo /etc/init.d/saslauthd restart Watch /var/log/auth.log while trying to send email. Hopefully you're good!

    Read the article

  • How do I enable the confluence-users group?

    - by M. Joanis
    I've got an issue with Atlassian Confluence. Normal users can't log in, but administrators can... Details below! I manage users using an Apple Open Directory (LDAP). I created two groups: "confluence-administrators" and "confluence-users". I've added team leaders and managers to both groups, and I've added some users to "confluence-users". Everyone in "confluence-administrators" can log in easily. People in "confluence-users" can't log in at all. When I look at the user list (in Confluence), and select a user to examine the list of groups he or she belongs to, I can see that the Confluence Administrators are indeed members of the "confluence-administrators" group, but not a single user is a member of the "confluence-users" group. Not event the Confluence Administrators, which are members of both groups! So I tried to have one of the "confluence-users" log in while watching the Confluence logs. Here's the result: 2012-07-05 14:50:19,698 ERROR [http-8090-11] [core.event.listener.AutoGroupAdderListener] handleEvent Could not auto add user to group: Group <confluence-users> is read-only and cannot be updated at com.atlassian.crowd.directory.DbCachingRemoteDirectory.addUserToGroup(DbCachingRemoteDirectory.java:461) ... So it says the group group is read-only... I'm not sure why it is a problem. Well confluence-administrators too is read-only and it doesn't complain. Some things I don't think are part of the problem: I've synchronized Confluence with LDAP many, many times. I have verified many times that I didn't make a typo while setting the groups on the LDAP server. LDAP synchronization goes well. No errors in the logs (only INFO level log messages). The user exists. Errors in the logs are different when a user doesn't exist. Any help is most welcome!

    Read the article

  • How can I manage AWS VPC ssh access accounts and keys across multiple instances?

    - by deitch
    I am setting up a standard AWS VPC structure: a public subnet some private subnets, hosts on each, ELB, etc. Operational network access will be via either an ssh bastion host or an openvpn instance. Once on the network (bastion or openvpn), admins use ssh to access the individual instances. From what I can tell all of the docs seem to depend on a single user with sudo rights and a single public ssh key. But is that really best practice? Isn't it much better to have each user access each host under their own name? So I can deploy accounts and ssh public keys to each server, but that rapidly gets unmanageable. How do people recommend managing user accounts? I've looked at: IAM: It doesn't like like IAM has a method for automatically distributing accounts and ssh keys to VPC instances. IAM via LDAP: IAM doesn't have an LDAP API LDAP: set up my own LDAP servers (redundant, of course). Bit of a pain to manage, still better than managing on every host, especially as we grow. Shared ssh key: rely on the VPN/bastion to track user activities. I don't love it, but... What do people recommend? NOTE: I moved this over from accidentally posting in StackOverflow.

    Read the article

  • Upgrading Redmine, activerecord-mysql2-adapter not recognized

    - by David Kaczynski
    For upgrading Redmine from 1.0.1 to 2.1.2, I need to execute the command: rake db:migrate RAILS_ENV=production However, doing so produces the following error: rake aborted! Please install the mysql2 adapter: gem install activerecord-mysql2-adapter (mysql2 is not part of the bundle. Add it to Gemfile.) I have ran gem install activerecord-mysql2-adapter, but I still get the same error when I try to run the rake ... command. How do I get my RoR app to recognize that I have the mysql2 adapter installed already? or Is there something wrong with my activerecord-mysql2-adapter installation? Results of sudo bundle install: Using rake (10.0.0) Using i18n (0.6.1) Using multi_json (1.3.7) Using activesupport (3.2.8) Using builder (3.0.0) Using activemodel (3.2.8) Using erubis (2.7.0) Using journey (1.0.4) Using rack (1.4.1) Using rack-cache (1.2) Using rack-test (0.6.2) Using hike (1.2.1) Using tilt (1.3.3) Using sprockets (2.1.3) Using actionpack (3.2.8) Using mime-types (1.19) Using polyglot (0.3.3) Using treetop (1.4.12) Using mail (2.4.4) Using actionmailer (3.2.8) Using arel (3.0.2) Using tzinfo (0.3.35) Using activerecord (3.2.8) Using activeresource (3.2.8) Using coderay (1.0.8) Using fastercsv (1.5.5) Using rack-ssl (1.3.2) Using json (1.7.5) Using rdoc (3.12) Using thor (0.16.0) Using railties (3.2.8) Using jquery-rails (2.0.3) Using metaclass (0.0.1) Using mocha (0.12.3) Using mysql (2.8.1) Using net-ldap (0.3.1) Using pg (0.14.1) Using ruby-openid (2.1.8) Using rack-openid (1.3.1) Using bundler (1.2.1) Using rails (3.2.8) Using rmagick (2.13.1) Using shoulda (2.11.3) Using sqlite3 (1.3.6) Using yard (0.8.3) [32mYour bundle is complete! Use `bundle show [gemname]` to see where a bundled gem is installed.[0m Results of sudo find / -name "*mysql2*": /var/lib/gems/1.8/doc/mysql2-0.3.11 /var/lib/gems/1.8/doc/activerecord-3.2.9/ri/ActiveRecord/Base/mysql2_connection-c.ri /var/lib/gems/1.8/doc/activerecord-mysql2-adapter-0.0.3 /var/lib/gems/1.8/doc/activerecord-mysql2-adapter-0.0.3/ri/ActiveRecord/Base/em_mysql2_connection-c.ri /var/lib/gems/1.8/doc/activerecord-mysql2-adapter-0.0.3/ri/ActiveRecord/Base/mysql2_connection-c.ri /var/lib/gems/1.8/gems/mysql2-0.3.11 /var/lib/gems/1.8/gems/mysql2-0.3.11/spec/mysql2 /var/lib/gems/1.8/gems/mysql2-0.3.11/mysql2.gemspec /var/lib/gems/1.8/gems/mysql2-0.3.11/lib/mysql2.rb /var/lib/gems/1.8/gems/mysql2-0.3.11/lib/mysql2 /var/lib/gems/1.8/gems/mysql2-0.3.11/lib/mysql2/mysql2.so /var/lib/gems/1.8/gems/mysql2-0.3.11/ext/mysql2 /var/lib/gems/1.8/gems/mysql2-0.3.11/ext/mysql2/mysql2.so /var/lib/gems/1.8/gems/mysql2-0.3.11/ext/mysql2/mysql2_ext.c /var/lib/gems/1.8/gems/mysql2-0.3.11/ext/mysql2/mysql2_ext.h /var/lib/gems/1.8/gems/mysql2-0.3.11/ext/mysql2/mysql2_ext.o /var/lib/gems/1.8/gems/activerecord-3.2.9/lib/active_record/connection_adapters/mysql2_adapter.rb /var/lib/gems/1.8/gems/activerecord-mysql2-adapter-0.0.3 /var/lib/gems/1.8/gems/activerecord-mysql2-adapter-0.0.3/activerecord-mysql2-adapter.gemspec /var/lib/gems/1.8/gems/activerecord-mysql2-adapter-0.0.3/lib/arel/engines/sql/compilers/mysql2_compiler.rb /var/lib/gems/1.8/gems/activerecord-mysql2-adapter-0.0.3/lib/activerecord-mysql2-adapter.rb /var/lib/gems/1.8/gems/activerecord-mysql2-adapter-0.0.3/lib/activerecord-mysql2-adapter /var/lib/gems/1.8/gems/activerecord-mysql2-adapter-0.0.3/lib/active_record/connection_adapters/em_mysql2_adapter.rb /var/lib/gems/1.8/gems/activerecord-mysql2-adapter-0.0.3/lib/active_record/connection_adapters/mysql2_adapter.rb /var/lib/gems/1.8/gems/activerecord-3.2.8/lib/active_record/connection_adapters/mysql2_adapter.rb /var/lib/gems/1.8/cache/mysql2-0.3.11.gem /var/lib/gems/1.8/cache/activerecord-mysql2-adapter-0.0.3.gem /var/lib/gems/1.8/specifications/activerecord-mysql2-adapter-0.0.3.gemspec /var/lib/gems/1.8/specifications/mysql2-0.3.11.gemspec Contents of /usr/share/redmine/Gemfile: source 'http://rubygems.org' gem 'rails', '3.2.8' gem "jquery-rails", "~> 2.0.2" gem "i18n", "~> 0.6.0" gem "coderay", "~> 1.0.6" gem "fastercsv", "~> 1.5.0", :platforms => [:mri_18, :mingw_18, :jruby] gem "builder", "3.0.0" # Optional gem for LDAP authentication group :ldap do gem "net-ldap", "~> 0.3.1" end # Optional gem for OpenID authentication group :openid do gem "ruby-openid", "~> 2.1.4", :require => "openid" gem "rack-openid" end # Optional gem for exporting the gantt to a PNG file, not supported with jruby platforms :mri, :mingw do group :rmagick do # RMagick 2 supports ruby 1.9 # RMagick 1 would be fine for ruby 1.8 but Bundler does not support # different requirements for the same gem on different platforms gem "rmagick", ">= 2.0.0" end end # Database gems platforms :mri, :mingw do group :postgresql do gem "pg", ">= 0.11.0" end group :sqlite do gem "sqlite3" end end platforms :mri_18, :mingw_18 do group :mysql do gem "mysql" end end platforms :mri_19, :mingw_19 do group :mysql do gem "mysql2", "~> 0.3.11" end end platforms :jruby do gem "jruby-openssl" group :mysql do gem "activerecord-jdbcmysql-adapter" end group :postgresql do gem "activerecord-jdbcpostgresql-adapter" end group :sqlite do gem "activerecord-jdbcsqlite3-adapter" end end group :development do gem "rdoc", ">= 2.4.2" gem "yard" end group :test do gem "shoulda", "~> 2.11" # Shoulda does not work nice on Ruby 1.9.3 and seems to need test-unit explicitely. gem "test-unit", :platforms => [:mri_19] gem "mocha", "0.12.3" end local_gemfile = File.join(File.dirname(__FILE__), "Gemfile.local") if File.exists?(local_gemfile) puts "Loading Gemfile.local ..." if $DEBUG # `ruby -d` or `bundle -v` instance_eval File.read(local_gemfile) end # Load plugins' Gemfiles Dir.glob File.expand_path("../plugins/*/Gemfile", __FILE__) do |file| puts "Loading #{file} ..." if $DEBUG # `ruby -d` or `bundle -v` instance_eval File.read(file) end Contents of /usr/share/redmine/Gemfile.lock: GEM remote: http://rubygems.org/ specs: actionmailer (3.2.8) actionpack (= 3.2.8) mail (~> 2.4.4) actionpack (3.2.8) activemodel (= 3.2.8) activesupport (= 3.2.8) builder (~> 3.0.0) erubis (~> 2.7.0) journey (~> 1.0.4) rack (~> 1.4.0) rack-cache (~> 1.2) rack-test (~> 0.6.1) sprockets (~> 2.1.3) activemodel (3.2.8) activesupport (= 3.2.8) builder (~> 3.0.0) activerecord (3.2.8) activemodel (= 3.2.8) activesupport (= 3.2.8) arel (~> 3.0.2) tzinfo (~> 0.3.29) activeresource (3.2.8) activemodel (= 3.2.8) activesupport (= 3.2.8) activesupport (3.2.8) i18n (~> 0.6) multi_json (~> 1.0) arel (3.0.2) builder (3.0.0) coderay (1.0.8) erubis (2.7.0) fastercsv (1.5.5) hike (1.2.1) i18n (0.6.1) journey (1.0.4) jquery-rails (2.0.3) railties (>= 3.1.0, < 5.0) thor (~> 0.14) json (1.7.5) mail (2.4.4) i18n (>= 0.4.0) mime-types (~> 1.16) treetop (~> 1.4.8) metaclass (0.0.1) mime-types (1.19) mocha (0.12.3) metaclass (~> 0.0.1) multi_json (1.3.7) mysql (2.8.1) mysql2 (0.3.11) net-ldap (0.3.1) pg (0.14.1) polyglot (0.3.3) rack (1.4.1) rack-cache (1.2) rack (>= 0.4) rack-openid (1.3.1) rack (>= 1.1.0) ruby-openid (>= 2.1.8) rack-ssl (1.3.2) rack rack-test (0.6.2) rack (>= 1.0) rails (3.2.8) actionmailer (= 3.2.8) actionpack (= 3.2.8) activerecord (= 3.2.8) activeresource (= 3.2.8) activesupport (= 3.2.8) bundler (~> 1.0) railties (= 3.2.8) railties (3.2.8) actionpack (= 3.2.8) activesupport (= 3.2.8) rack-ssl (~> 1.3.2) rake (>= 0.8.7) rdoc (~> 3.4) thor (>= 0.14.6, < 2.0) rake (10.0.0) rdoc (3.12) json (~> 1.4) rmagick (2.13.1) ruby-openid (2.1.8) shoulda (2.11.3) sprockets (2.1.3) hike (~> 1.2) rack (~> 1.0) tilt (~> 1.1, != 1.3.0) sqlite3 (1.3.6) test-unit (2.5.2) thor (0.16.0) tilt (1.3.3) treetop (1.4.12) polyglot polyglot (>= 0.3.1) tzinfo (0.3.35) yard (0.8.3) PLATFORMS ruby DEPENDENCIES activerecord-jdbcmysql-adapter activerecord-jdbcpostgresql-adapter activerecord-jdbcsqlite3-adapter builder (= 3.0.0) coderay (~> 1.0.6) fastercsv (~> 1.5.0) i18n (~> 0.6.0) jquery-rails (~> 2.0.2) jruby-openssl mocha (= 0.12.3) mysql mysql2 (~> 0.3.11) net-ldap (~> 0.3.1) pg (>= 0.11.0) rack-openid rails (= 3.2.8) rdoc (>= 2.4.2) rmagick (>= 2.0.0) ruby-openid (~> 2.1.4) shoulda (~> 2.11) sqlite3 test-unit yard Results of gem list: actionmailer (3.2.9, 3.2.8) actionpack (3.2.9, 3.2.8) activemodel (3.2.9, 3.2.8) activerecord (3.2.9, 3.2.8) activerecord-mysql2-adapter (0.0.3) activeresource (3.2.9, 3.2.8) activesupport (3.2.9, 3.2.8) arel (3.0.2) builder (3.0.0) bundler (1.2.1) coderay (1.0.8) erubis (2.7.0) fastercsv (1.5.5) hike (1.2.1) i18n (0.6.1) journey (1.0.4) jquery-rails (2.0.3) json (1.7.5) mail (2.4.4) metaclass (0.0.1) mime-types (1.19) mocha (0.12.3) multi_json (1.3.7) mysql (2.8.1) mysql2 (0.3.11) net-ldap (0.3.1) pg (0.14.1) polyglot (0.3.3) rack (1.4.1) rack-cache (1.2) rack-openid (1.3.1) rack-ssl (1.3.2) rack-test (0.6.2) rails (3.2.9, 3.2.8) railties (3.2.9, 3.2.8) rake (10.0.0) rdoc (3.12) rmagick (2.13.1) ruby-openid (2.1.8) shoulda (2.11.3) sprockets (2.2.1, 2.1.3) sqlite3 (1.3.6) thor (0.16.0) tilt (1.3.3) treetop (1.4.12) tzinfo (0.3.35) yard (0.8.3) Results of 'bundle show`: Gems included by the bundle: * actionmailer (3.2.8) * actionpack (3.2.8) * activemodel (3.2.8) * activerecord (3.2.8) * activeresource (3.2.8) * activesupport (3.2.8) * arel (3.0.2) * builder (3.0.0) * bundler (1.2.1) * coderay (1.0.8) * erubis (2.7.0) * fastercsv (1.5.5) * hike (1.2.1) * i18n (0.6.1) * journey (1.0.4) * jquery-rails (2.0.3) * json (1.7.5) * mail (2.4.4) * metaclass (0.0.1) * mime-types (1.19) * mocha (0.12.3) * multi_json (1.3.7) * mysql (2.8.1) * net-ldap (0.3.1) * pg (0.14.1) * polyglot (0.3.3) * rack (1.4.1) * rack-cache (1.2) * rack-openid (1.3.1) * rack-ssl (1.3.2) * rack-test (0.6.2) * rails (3.2.8) * railties (3.2.8) * rake (10.0.0) * rdoc (3.12) * rmagick (2.13.1) * ruby-openid (2.1.8) * shoulda (2.11.3) * sprockets (2.1.3) * sqlite3 (1.3.6) * thor (0.16.0) * tilt (1.3.3) * treetop (1.4.12) * tzinfo (0.3.35) * yard (0.8.3)

    Read the article

  • "unrecognized options" while installing php

    - by user1692333
    I want to compile php 5.4.8 on my mac 10.8.2, but get some errors which cant solve by my self, so need your help. Firstly i get default php options with php -i | head, after it do this command ./configure --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --disable-dependency-tracking --sysconfdir=/private/etc --with-apxs2=/usr/sbin/apxs --enable-cli --with-config-file-path=/etc --with-libxml-dir=/usr --with-openssl=/usr --with-kerberos=/usr --with-zlib=/usr --enable-bcmath --with-bz2=/usr --enable-calendar --disable-cgi --with-curl=/usr --enable-dba --enable-ndbm=/usr --enable-exif --enable-fpm --enable-ftp --with-gd --with-freetype-dir=/BinaryCache/apache_mod_php/apache_mod_php-79~4/Root/usr/local --with-jpeg-dir=/BinaryCache/apache_mod_php/apache_mod_php-79~4/Root/usr/local --with-png-dir=/BinaryCache/apache_mod_php/apache_mod_php-79~4/Root/usr/local --enable-gd-native-ttf --with-icu-dir=/usr --with-iodbc=/usr --with-ldap=/usr --with-ldap-sasl=/usr --with-libedit=/usr --enable-mbstring --enable-mbregex --with-mysql=mysqlnd --with-mysqli=mysqlnd --without-pear --with-pdo-mysql=mysqlnd --with-mysql-sock=/var/mysql/mysql.sock --with-readline=/usr --enable-shmop --with-snmp=/usr --enable-soap --enable-sockets --enable-sqlite-utf8 --enable-suhosin --enable-sysvmsg --enable-sysvsem --enable-sysvshm --with-tidy --enable-wddx --with-xmlrpc --with-iconv-dir=/usr --with-xsl=/usr --enable-zend-multibyte --enable-zip --with-pcre-regex --with-pgsql=/usr --with-pdo-pgsql=/usr But get this error config.status: creating Makefile config.status: creating jconfig.h config.status: jconfig.h is unchanged config.status: executing depfiles commands config.status: executing libtool commands configure: WARNING: unrecognized options: --enable-cli, --with-config-file-path, --with-libxml-dir, --with-openssl, --with-kerberos, --with-zlib, --enable-bcmath, --with-bz2, --enable-calendar, --disable-cgi, --with-curl, --enable-dba, --enable-ndbm, --enable-exif, --enable-fpm, --enable-ftp, --with-gd, --with-freetype-dir, --with-jpeg-dir, --with-png-dir, --enable-gd-native-ttf, --with-icu-dir, --with-iodbc, --with-ldap, --with-ldap-sasl, --with-libedit, --enable-mbstring, --enable-mbregex, --with-mysql, --with-mysqli, --without-pear, --with-pdo-mysql, --with-mysql-sock, --with-readline, --enable-shmop, --with-snmp, --enable-soap, --enable-sockets, --enable-sqlite-utf8, --enable-suhosin, --enable-sysvmsg, --enable-sysvsem, --enable-sysvshm, --with-tidy, --enable-wddx, --with-xmlrpc, --with-iconv-dir, --with-xsl, --enable-zend-multibyte, --enable-zip, --with-pcre-regex, --with-pgsql, --with-pdo-pgsql Maybe someone have some suggestions on this?

    Read the article

< Previous Page | 28 29 30 31 32 33 34 35 36 37 38 39  | Next Page >