Search Results

Search found 14540 results on 582 pages for 'policy management'.

Page 331/582 | < Previous Page | 327 328 329 330 331 332 333 334 335 336 337 338 | Next Page >

Fortigate - Accessing a Virtual Server address from several interfaces

- by Jeremy G

I am setting up a new application in its own DMZ on our Fortigate 300C firewalls. I have defined a load-balancing configuration for part of the application, and this works fine for traffic coming in from our internal network. However, I would also like this application to be reachable from other DMZs, for inter-application traffic, and from the SSL VPN interface. I can't seem to define the required policy, and it seems this is due to Virtual Servers being bound to the client interface on the Fortigate rather than the server interface (and so my virtual IP is not accessible from any of these other interfaces) Does anyone have an idea how I might go about this ? I guess I could create other virtual IPs for each interface, but this gets complicated to handle as clients need to change the address they use depending on how they are connecting. Thanks, Jeremy G

Read the article
Linux networking "jail" for a single process

- by halp

I need to tune up a networking app for network specific things like: make it use a DNS server different than the default one from /etc/resolv.conf make sure it does not try to connect to certain hosts/ports using tcp/udp connections I know I can get away with just modifying /etc/resolv.conf and writing some iptables rules, but going for a default DENY firewall policy for outgoing IP packets can trigger malfunctions in other services running on the server. I know I can set up a virtual machine with a whole OS and run my app there, but it seems a bit overkill. Is it possible to have a networking "jail" for a single app (think single Linux process) that could accept iptables-like rules for network traffic (think in terms of IP packets and above) allowed to and from this particular app? Maybe this is achievable through some dynamically loaded library that can deal with the networking layer, the same manner tsocks does, but more fine-grained?

Read the article
What are the best practices for service accounts?

- by LockeCJ

We're running several services in our company using a shared domain account. Unfortunately, the credentials for this account are widely distributed and being used frequently for both service and non-service purposes. This has led to a situation where it is possible that the services will be temporarily down due to this shared account being locked. Obviously, this situation needs to change. The plan is to change the services to run under a new account, but I don't think this goes far enough, as that account is subject to the same locking policy. My questions is this: Should we be setting up the service accounts differently than other domain accounts, and if we do, how do we manage those accounts. Please keep in mind that we are running a 2003 domain, and upgrading the domain controller is not a viable solution in the near term.

Read the article
How can I expire non-active sessions on my Netscreen SSG140?

- by David Mackintosh

I have a Juniper Netscreen SSG-140. While experimenting with a VoIP service, I defined a custom policy that was to be used to permit the possible ports in use to be sent back to the VoIP server from systems connecting across the internet. Because I'd had problems in the past with VoIP systems getting broken when their UDP sessions were expired out faster than their keep-alives were generated, I set the timeout on this custom service to be 'never'. After much experimentation, I happened to notice that my session count on the firewall has grown from a couple thousand to over 36000. After discussion with the VoIP "expert", I set the timeout to be 30 minutes; however, all the sessions set up during the experimentation process are still there, more than 3 days later. Is there a way I can force these old sessions to get expired and removed from the session table, or am I looking at resetting my firewall? (Both firewalls, actually -- they are in a cluster.)

Read the article
"Hide from exchange address lists" not working in Exchange 2007

- by Abdullah

Hiding a user by checking the "hide from exchange address lists" from exchange management console is not working. The user still shows up in GAL. When I ran Get-Mailbox -Identity _user_ | FL I got HiddenFromAddressListsEnabled : True So the check-box is working but the user still shows up. It's been over 3 weeks since hiding the user so it's not a time issue. This is what I have tried: Using Outlook in online mode Using OWA Regenerating GAL Un-checking then re-checking the "hide" check-box

Read the article
Unable to authenticate Windows XP clients agains Snow Leopard Server PDC after 10.6.2 upgrade

- by Roland

I have setup a Snow Leopard Server 10.6.1 as a PDC without problems to authenticate Windows XP clients. Joining a Windows XP client to the SLS PDC Domain and log in from a Windows XP client to the SLS PDC Domain are working. After the update to Snow Leopard Server 10.6.2 the authentication is broken. opendirectory_smb_pwd_check_ntlmv1 gave -14090 [eDSAuthFailed] By changing the Windows XP "Network security: LAN Manager authentication level" policy to NTVLM2 responses only the authentication agains a SMB share is possible, but trying to join SLS PDC Domain is still not possible. opendirectory_smb_pwd_check_ntlmv2 gave -14090 [eDSAuthFailed] Any ideas? Is anyone else having similar authentication difficulties?

Read the article
SQL Server 2008 Copy Database Wizard: Fail

- by Nai

I am trying to use the SQL Server 2008 Copy Database Wizard to copy a SQL Server 2008 database. I am using the SQL Management Object method. However, the copy fails with the following error: ERROR : errorCode=-1073548784 description=Executing the query "/* '==============================================..." failed with the following error: "Cannot use a CONTAINS or FREETEXT predicate on table or indexed view 'Product' because it is not full-text indexed." Any ideas on how I can proceed with this will be super helpful Kind Regards Nai

Read the article
Can Pageant be used by Windows services?

- by jlpp

Is it possible to configure Pageant (SSH key management) so that its keys are usable by a Windows service with the "Log On As" user of "Local System"? If not, is there any other tool that can do this?

Read the article
iproute2 rules and iptables NAT... what is the difference?

- by Jakobud

We have 2 different ISP connections. Our previous "IT guy" setup our firewall like so: When /etc/rc.local was executed on startup, it did a bunch of ip rule add and ip route add commands in order to route certain internal hosts to use certain ISP connections. Then at the end of /etc/rc.local, he executed our iptables firewall rules that were generated by Firewall Builder. These iptables rules have both Policy and NAT rules setup in them. What I don't understand, is why did he use iproute2 to specify rules and routes but also specify NAT rules for iptables? Why didn't he just do it all in one or the other instead of using them both? Could he have got rid of the iproute2 rules and routes and just put all those same rules into the iptables NAT settings?

Read the article
Great GUI for Apache2?

- by ajsie

I wonder if there are great GUI management tools for Apache so you dont have to manually edit files in VIM. It would be great if you could manage Apache over internet. Any suggestions of such tools?

Read the article
ASP.NET Security Exception when Switch IIS7 to Use UNC Path for Content

- by Jeremy H.

I have a Windows Server 2008 R2 box running IIS7.5 with Medium Trust configured for ASP.NET. When I have the website running from local content (e.g.: c:\inetpub\wwwroot) everything works fine. When I change IIS to use a UNC path for the content (e.g.: \\computer\wwwroot) I get the following error: Security Exception Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file. Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Data.SqlClient.SqlClientPermission, System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. I'm trying to figure out why ASP.NET/IIS would allow for the SQL call when using local content but not when using a UNC path. Any ideas what I need to do to use a UNC path from IIS7 properly?

Read the article
Nt4.0 Printer Driver not compatible with Vista?

- by PhillC

I've got a Brother Fax-8360P printer that has a standard printer port so it can be connected to my WindowsXP machine. I've found some drivers on the net that work and it is a pretty decent laser printer. However, when I try and connect up to it from my Vista machine over the network, it tells me that "The printer driver is not compatible with a policy enabled on your computer that blocks NT4.0 drivers". Main question - is it possible to alter this so that my Vista machine will allow me to print via the network. Secondary question - does anyone know of any generic driver that will work instead?

Read the article
Windows computer account appears to reset its own password, why?

- by David Yu

Has anyone seen this where a computer account appears to reset its password? The password for user 'WEST\SQLCLUSTER$' was reset by 'WEST\SQLCLUSTER$' on 'DOMAINCONTROLLER.WEST.company.corp' at '04/23/10 20:47:41' Event Type: Success Audit Event Source: Security Event Category: Account Management Event ID: 628 Date: Friday, April 23, 2010 Time: 8:47 PM User: WEST\SQLCLUSTER$ Computer: DOMAINCONTROLLER.WEST.company.corp Description: User Account password set: Target Account Name: SQLCLUSTER$ Target Domain: WEST Target Account ID: WEST\SQLCLUSTER$ Caller User Name: SQLCLUSTER$ Caller Domain: WEST Caller Logon ID: (0x0,0x7A518945)

Read the article
Problems with login scripts on Terminal Server 2008

- by discovery

We are having issues with login scripts not running on Windows 2008 Terminal Server. This is a brand new implementation and they have never worked. The test user in question doesn't have any problems running login scripts on their workstation. I have tried logging into the server directly with their account, but still no scripts run. I have setup a test account with Domain Admins rights in the same OU as theirs and the scripts don't run. I can manually run the scripts from the SYSVOL\somedomain.com\Policies folder and they run fine. The Terminal 2008 Server is in a mixed 2003/2008 domain. The user can run the gpupdate on the server without error. I have also run the Group Policy Results for this user and the terminal server and everything looks good, no errors. Any suggestions?

Read the article
Cannot login to SQL Server 2008 R2 with Windows authentication

- by Ian Boyd

When i try to connect to SQL Server (2008 R2) using Windows authentication: i cannot: Checking the Windows Application event log, i find the error: Login failed for user 'AVATOPIA\ian'. Reason: Token-based server access validation failed with an infrastructure error. Check for previous errors. [CLIENT: ] Log Name: Application Source: MSSQLSERVER Event ID: 18456 Level: Information User: AVATOPIA\ian OpCode: Task Category: Logon i can login to the computer itself using Windows authentication. i can log into SQL Server using the local Windows Administrator account. We can connect to 8 other SQL Servers on the domain using Windows Authentication. Just this one, whitch is the only one that is 2008 R2 is failing. So i assume it's a bug with *2008 R2. Note: i cannot logon locally, or remotely, using Windows authentication. i can login locally and remotely using SQL Server Authentication. Update Note: It's not limited to SQL Server Management Studio, standalone applications that connect using Windows authentication: fail: Note: It's not a client problem, as we can connect fine to other (non-SQL Server 2008 R2 machines): i'm sure there's a technote or knowledge base article describing why SQL Server 2008 R2 is broken by default, but i can't find it. Update 2 Matt figure out the change that Microsoft made so that SQL Server 2008 R2 is broken by default: Administrators are no longer administrators All that remains is to figure out how to make Administrators administrators. One of these days i'm going to start a list of changes around Microsoft's "broken by default" initiative. Steps to reproduce the problem How do i add a group to the sysadmin fixed server role? Here's the steps i try, that don't work: Click Add: Click Object Types: Ensure that you have no ability to add groups: and click OK. Under Enter the object names to select, enter Administrators: Click Check Names, and ensure that you are not allowed to add groups: and click Cancel. Click Browse..., and ensure that you have no ability to add groups: You should now still not have added any group to the sysadmin role. Additional information SQL Server Management Studio is being run as an administrator: SQL Server is set to use Windows Authentication: tried while logged into SQL with both sa and the only other sysadmin domain account (screenshot can be supplied for those who don't believe)

Read the article
Setup link aggregation and jumbo frames on VMware ESXi 4

- by Sysadminicus

I'm setting up an ESXi 4 server to connect to an NFS datastore. I'd like to bond two of the NICs together and use jumbo frames for the NFS connection on a private (non-management) network. I setup a new switch with the 2 NICs and am able to connect to the NFS share over it, but could use some guidance on getting jumbo frames and link aggregation/bonding/teaming working.

Read the article
How to fix? => Your system administrator does not allow the user of saved credentials to log on to the remote computer

- by Pure.Krome

At our office, any of our Windows 7 Clients get this error message when we try and RDP to a remote W2K8 Server outside of the office :- Your system administrator does not allow the user of saved credentials to log on to the remote computer XXX because its identity is not fully verified. Please enter new credentials A quick google search leads to some posts they all suggest I edit group policy, etc. I'm under the impression, that the common fix for this, is to follow those instructions -per Windows7 machine-. Ack :( Is there anyway I can do something via our office Active Directory .. which auto updates all Windows 7 clients in the office LAN?

Read the article
How can I find the space used by a SQL Transaction Log?

- by Sean Earp

The SQL Server sp_spaceused stored procedure is useful for finding out a database size, unallocated space, etc. However (as far as I can tell), it does not report that information for the transaction log (and looking at database properties within SQL Server Management Studio also does not provide that information for transaction logs). While I can easily find the physical space used by a transaction log by looking at the .ldf file, how can I find out how much of the log file is used and how much is unused?

Read the article
Should I move to an Azure database?

- by Mike Flynn

I am currently using a database from an installed instance on my web server in a VM on Azure. I was thinking about moving it to an actual Azure Database so I could load balance the web server. Does the Azure database work the same way as a straight install? Will it cost more or the same since I am just moving to a new server? Basically looking for advantages and disadvantages. I am familiar with SQL Server Management Studio.

Read the article
Create a Windows Image for Deployment

- by Kiranu

In my company we have 8 laptops that we use to deploy on the field. These machines get assigned to a user for a certain time and run Windows Vista. All the machines are the same model. After the machine is returned, it is company policy to completely format the machine and go back to a predetermined configuration. Right now, what we do is we use the recovery utility in the laptop (we are a small shop so we use the OEM Windows license that the laptops come with) and manually uninstall and change the configuration in order to bring it to our baseline config. I know that there are ways to create an image that gets copied to the hard drive with a specific configuration and with specific software installed (thats what OEMs do right?). I'm looking for a tool or a tutorial or something that explains as simply as possible how to create such an image. Thanks a lot

Read the article
built in "Offer Remote Assistance" not working because of permissions

- by Caleb_S

I'm trying to enable permissions for a user on a Windows7 machine to use the built in feature called "Offer Remote Assistance" or "Windows Remote Assistance". This feature works fine if the user is added to the "domain admins" security group, but for security reasons, I cannot leave him in that group. This is within a SBS2003 Domain. I have added the user and also a group that he is apart of to the Small Business Server Remote Assistance Policy, after following some documentation I was able to find, but this has not worked. Can you tell me how to enable this feature for this user and or a user group? http://content.screencast.com/users/CASEIT/folders/Forum%20Pictures/media/2a518bc9-4184-4520-8b76-cdf46555f568/2011-08-18_1330.png

Read the article
help needed for server hardware configuration

- by sansknowledge

hi, basically i am software guy got recently promoted to managerial cadre which requires giving recommendation for server to run software developed by our company , the software is a work flow management and the db is oracle 11 , approximately the size of daily transaction would be around 40 gb, and it should be connected to ~ 150 client machines , the client machine will be growing. help on terms of cpu, processor, memory , rack and stack or raid (i really yet to understand that concept) OS, will be greatly appreciated.

Read the article
USB hard drive doesn't graceful power off after eject on Windows 7

- by Sim

I have a couple of Seagate FreeAgent Go external USB hard drives and would like them to gracefully power off after ejecting in Windows 7. With Windows XP a few seconds after they are ejected they gracefully power off. When ejecting them on Windows 7 they just stay on and have to be physically disconnected before they lose power. I have checked the hard drive removal policy and it is set to quick removal. I have also looked in the Seagate forums but I couldn't find any info on this so I thought I'd ask the SuperUser community on any ideas why the difference and how to get the same behaviour in Windows 7 as in XP? Update: I am finding that this also happens with USB thumb drives as well. My current theory is that there were changes to the driver model with Vista/Win 7 that haven't been reflected in the device drivers yet. So things that worked under XP don't under Win7 as the drivers haven't been updated for the new model. Does that sound right?

Read the article
What are the pros/cons of blocking a program from running in %appdata%, %temp%, etc.?

- by poke

While researching ways to prevent CryptoLocker, I saw a forum post that advised using Group Policy Objects (GPO) and/or antivirus software to block run access in the following locations: %appdata% %localappdata% %temp% %UserProfile% Compressed archives Obviously, anything written in a forum should be taken with caution. I do see advantages to do doing this, though, primarily because malware likes to execute out of these locations. Of course, this could impact legitimate programs as well. What are the drawbacks to blocking run access to these locations? What are the advantages?

Read the article
How to create ftp server on Webmin?

- by Tom

Hello firstly, i'm new at vps hosting so i'm not that good at SSH and so on, So i have a vps running centOS 5.4 x64 LAMP ( linux,apache,mysql,php) and i'm really confused because i can't find FTP management or subdomains or even the email address on my webmin panel. Should i install additional modules ? Thanks

Read the article

< Previous Page | 327 328 329 330 331 332 333 334 335 336 337 338 | Next Page >