Search Results

Search found 6069 results on 243 pages for 'admin'.

Page 34/243 | < Previous Page | 30 31 32 33 34 35 36 37 38 39 40 41  | Next Page >

  • Unable to make admin interface connection to server when moving a mailbox.

    - by TheCodeMonk
    I have an existing Exchange 2003 server running on Windows Server 2003. I am in the process of replacing our current server infrastructure and virtualizing it all in Hyper-V. I have Essential Business Server 2008 installed in 3 separate VMs and running. Everything seems to be working fine so far. I am now trying to migrate my exchange mailboxes over to the new exchange server in the messaging server and every time I try I get this error: MapiExceptionNetworkError: Unable to make admin interface connection to server. (hr=0x80040115, ec=-2147221227) I have done some searching and found solutions like adding the computer to the exchange domain servers groups and install group, also making sure the user logged into the new server is in the proper groups. I also saw a solution in making sure that any unused NICs are disabled. I've tried all that to no avail.

    Read the article

  • Bad to be logged in as admin all the time?

    - by poke
    At the office where I work, three of the other members of the IT staff are logged into their computers all the time with accounts that are members of the domain administrators group. I have serious concerns about being logged in with admin rights (either local or for the domain). As such, for everyday computer use, I use an account that just has regular user privelages. I also have an different account that is part of the domain admins group. I use this account when I need to do something that requires elevated privilages on my computer, one of the servers, or on another user's computer. What is the best practice here? Should network admins be logged in with rights to the entire network all the time (or even their local computer for that matter)?

    Read the article

  • If I change Windows admin user password, then I can't login to Outlook, why?

    - by Tom
    I am seeing this strange behaviour with Windows 7 and Outlook 2010. If I change the password of User1 (Admin user), login, and start Outlook, it asks for the pasword. It keeps saying "password incorrect". I can login by using same password on the webclient. If I change User1's password back to last one, Outlook starts without any prompting and I'm able to send and receive emails. Is there any link between the user account, its password and the PST file's password?

    Read the article

  • Best Practices: How can admin deploy software to 100s of PC ?

    - by Gopal
    Hi ... The Environment: I am working for a college. We have a couple of labs (about 100 PCs) for students. At the end of the semester, the PCs will be full of viruses, corrupt system files, all sorts of illegal downloads etc. (everything you can expect from a student environment). At the end of the semester, we would like to wipe out all the systems and do a clean install (WindowsXP + a set of application suites) to get ready for the next batch of students. Question: Is there any free software that will enable an admin to deploy a clean disk image to all the PCs in one go?

    Read the article

  • IP KVM switch, or serial console box for remote admin?

    - by grahzny
    We have a small server farm (11 now, may add more in the future) of HP Proliant DL160 G6s. They all run either Linux (server only, no X11) or VMware ESX. We had intended to get models with iLO, in case BIOS-level remote admin became an issue, but that didn't happen. I had an IP KVM switch recommended to me (along with some sort of Remote Reboot hardware.) I've since realized that none of our machines need GUI administration, so perhaps a serial console switch would be a cheaper and more appropriate option. Something like this: http://www.kvm-switches-online.com/serimux-cs-32.html Do you folks have an opinions on which way is a better choice? Should we go for the ease of setup (plug and go, instead of turning on the feature in the BIOS and making sure the serial settings are correct) and the flexibility of an IP KVM switch even with the extra cost? Or is a serial console switch just fine?

    Read the article

  • Can't Access a file I downloaded since I don't have permissions yet I am admin?

    - by chobo2
    Hi I downloaded some file and everytime I try to copy it or move it somewhere I get these errors Windows cannot access the specified device, path , or file. You may not have the appropriate permissions to access the item. You need permission to perform this action You require permission from "user(where this is my pc name/myusername)" to make changes to this file. Yet I am an admin and it is my only account on this computer and it saying to me I need permissions to open it up from "chobo2" user yet that's the account I am logged in as. I don't get it. How do I disable this stupid message so I can access every file I want. I am using windows 7 ultimate 64bit. As far as I know I have full permissions set so I don't know why I am getting this.

    Read the article

  • Why does this work: Windows same local admin username and password, able to access other computer?

    - by Ankush
    I've two machines MachineA and MachineB. Both have two local accounts which have same username . Both accounts are local admin on those machines. If they have same password, I'm able to access \\MachineA\C$ from MachineB. But if I change any one password above doesn't work. And it prompts for username and password. Now if I provide MachineA\username and password, it then connects. Why isn't there a prompt for password when passwords are same? I expected passwords to be hashed with random salt, how does windows know passwords are same and authorize access? These machines are running Windows Server 2008 R2. PS. I've created following reg key to enable drive access HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\LocalAccountTokenFilterPolicy to 1

    Read the article

  • How to ssh to my dorm computer with shared public IP and no admin rights over the router?

    - by Aamir
    First of all, I am not a Linux or ssh newbie. I have searched for this problem on many forums extensively but nobody seemed to have discussed this. Please help me! I live in a student dorm (off-campus) and all students of the dorm share the same WAN IP (Internet or public IP), which is fortunately static. I am not an admin and have no control over the router that assigns private IP's to all of the students, so I can't really forward port 22 to my computer :( Is it still possible to establish an ssh connection to my dorm computer from a computer on campus?

    Read the article

  • Windows Filtering Platform not turning off until admin logon. Win2008R2sp1

    - by rjt
    Just installed Windows Server 2008R2 SP1 to see if it would fix this problem, but it didn't. Until an administrator logs onto the domain controller, there are many events that WFP blocked a connection from Server60 to Server60 or Server60 to Server70. Both server60 and server70 are the domain controllers. One the admin logs on, the WFP events stop. The firewall is off by default GPO. Yes, i know that the WFP kicks in during the boot up sequence until the firewall takes over or in my case does not take over (since Vista), but i clearly should not have to autologon to a domain controller and call autolock or something. Example event LEVEL = Information Source = Microsoft Windows Security Auditing EventID = 5152 "Filtering Platform Packet Drop" and its evil twin id = 5157 "Filtering Platform Connection" "The Windows Filtering platform has blocked a connection." Direction %%14593 SourceAddress 192.168.10.60 SourcePort 49677 DestAddress 192.168.10.60 DestPort 389 Protocol 6 FilterRTID 65667 LayerName %%14611 LayerRTID 48 RemoteUserID S-1-0-0 RemoteMachineID S-1-0-0 windows-server-2008-r2 WFP BFE WindowsFilteringPlatform BaseFilteringEngine

    Read the article

  • Change Win7 taskbar position (overriding GPO, Registry Editor, Admin. Rights)

    - by diegocavazos53
    I run the computer center of my Faculty and the problem is that users manage to change the Win7 taskbar position. I don't really know how they do this as far as I have applied many group policies that are specific to the taskbar (like locking it). I have also disallowed users from entering new registry keys or executing the command prompt (or employing scripts). They have regular user rights and many Win7 tweaking programs need administrator rights to make changes to the GUI. So in other words, the taskbar is locked, there is a policy that sets its position to the lower part of the screen, users can't see the control panel, add registry keys, use the command prompt and don't have admin. rights. How do they keep moving the taskbar position to the upper part of the screen? Any ideas would be greatly appreciated. Thank you.

    Read the article

  • mod_security: How to allow ssh/http access for admin?

    - by mattesque
    I am going to be installing mod_security on my AWS EC2 Linux instance tonight and need a little help/reassurance. The only thing I am truly worried about right now is making sure my (admin) access to the instance and webserver is maintained w/o compromising security. I use ssh (port 22) and http (80) to access this and I've read horror stories from other EC2 users claiming they were locked out of their sites once they put up a firewall. So my question boils down to: What settings should I put in the mod_security conf file to make sure I can get in on those ports? IP at home is not static. (Hence the issue) Thanks so, so, so much.

    Read the article

  • MOSS 2007 WSP Retraction 'Error"

    - by juanlarios
    This one is a quick post , but I thought I would post this information as I could not find anything that helped me on this specific scenario. Please read the entire article before taking action as there are some irreversable or very troublesome routes I caution about! Problem: I had a client trying to retract a WSP from Central Admin and would eventually go to an, 'Error' State. I could not retract it and after looking at event logs I figured it was a problem with security. I tried several accounts, checked the databases to see if there was some issue with readonly databases and nothing was working.   Solution: Delete the solution from central admin! Yes, I said it. With StsAdm , just delete the solution from Central Admin using this command: "C:\Program Files\Common Files\Microsoft Shared\web server extensions\12\BIN\STSADM.exe" -o deletesolution -name "yoursolution.wsp" What has just happened is that Central Admin does not know about the WSP anymore but the feature and any deployed files are still on the server. For whatever reason SharePoint was not able to retract the files as it normally does. Now you can do one of two things, you can add the solution again to central admin and deploy overtop of the deployed files so it overrides them, or simply clean up the files manually. I re-added the solution through stsadm, but then deployed through stsadm using the -force option in the command. This overrides the existing files on the server. If you deploy through Central admin it will tell you you need the -force option that is not offered as part of the UI in central admin. Use the following command: "C:\Program Files\Common Files\Microsoft Shared\web server extensions\12\BIN\STSADM.exe" -o deploysolution -name "YourSolution.wsp" -immediate -allowgacdeployment -force Just to make sure everything was good, I retracted to solution again, and it worked! then I deleted the solution from central admin alltogether. Then I checked the server and noticed all the files that were deployed with the WSP were cleaned up properly. I then re-added the new WSP the client was looking to install (an Updated WSP). Conclusion: I have no idea why it was not able to retract, but I have seen this several times. I don't know if has to do with security of certain accounts. Althought it's anoying at times, it is fairly easy to fix if you have good instructions. Hope it helps you out!   ***WORD OF CAUTION - if you clean up the files manually you might want to uninstall the features through STSADM commands as SharePOint might still recognize the features that were deployed as the WSP. You might not want to get into the mess of deleting files that are still part of activated or installed Features. THis is why I suggest doing what I did.

    Read the article

  • Pros and Cons of various career paths [closed]

    - by Snitse
    What are the advantages and disadvantages of various career paths within CS? By a path I mean something like: Web Development GUI Development Sys admin/DB admin/network admin Security (maybe should be grouped with sys admin) Programming back end (like a C programmer) Algorithm Development heavy programming And any other you think should be in this list. What are the various areas in which each of these professions excels, or lags?

    Read the article

  • How to give specific url using htaccess? [on hold]

    - by Dash
    I am a web developer using codeigniter.I want to give a specific url to certain pages on my website.Is it possible using htaccess?I visited following sites but couldn't find anything such there: Bluehost Tutplus and some others too. What i really wanna do is when the admin is logged in the link should be http://localhost/admin-ci/index.php/admin/index.php/dashboard and if user logs in then the link should be http://localhost/admin-ci/user/index.php/dashboard.Will htaccess be able to do this?

    Read the article

  • is it possible to have duplicated folders on /home folder new partition as an error?

    - by ranna
    i move my home directory to it's own partition but i end with what it seems to be a duplicated home folders (there are 2 accounts admin and everyones account) i have "admin and everyones" folders and then i have in hide ".ecryptfs" inside i had again "admin and everyones" folder inside there is .encryptfs and .private inside each account cant read it's content as seems encrypted. which of both folders im able to delete the ones inside .encryptfs or the other showing in unhide mode "admin and everyones"? it seems is dulpicated as have the same file size.

    Read the article

  • Trying to change a ubuntu user's password, Authentication token manipulation err

    - by beagleguy
    hey all, I'm trying to create a local user on a new ubuntu box my admin set up. I'm unable to change the password, I keep getting the error below. The user gets added to the shadow file but I can't get it to set a password. Any ideas? I've googled for over an hour :( thanks! admin@theserver:~$ sudo useradd jamz [sudo] password for admin: admin@theserver:~$ sudo passwd jamz passwd: Authentication token manipulation error passwd: password unchanged admin@theserver:~$

    Read the article

  • Uploading file > 1 MB on Django admin gives 400 Bad Request response.

    - by ayaz
    I have a small Django (1.2.x) project deployed on Apache (2.x) via mod_wsgi (2.x). In the admin, if I upload a file < 1MB, I can get it through; however, for a file, say, 1.2MB in size, I get a 400 response from the server with "Error 400" in the body only. I am wondering why this is happening. As far as I can see, there is no LimitRequestBody set in Apache configuration. I have tried uploading with several browsers including: Firefox, Chrome, and Safari. In the log file for Apache, there is apparently no entry for requests that gave the 400 error response. This is strange. I should point out that the scenario where this is happening is thus: The project in question is deployed on two identical Apache servers (completely identical setup) that are behind a load balancer. On my development setup, of course, the problem does not surface. Any help with this will be very much appreciated.

    Read the article

  • MVC SiteMap - when different nodes point to same action SiteMap.CurrentNode does not map to the correct route

    - by awrigley
    Setup: I am using ASP.NET MVC 4, with mvcSiteMapProvider to manage my menus. I have a custom menu builder that evaluates whether a node is on the current branch (ie, if the SiteMap.CurrentNode is either the CurrentNode or the CurrentNode is nested under it). The code is included below, but essentially checks the url of each node and compares it with the url of the currentnode, up through the currentnodes "family tree". The CurrentBranch is used by my custom menu builder to add a class that highlights menu items on the CurrentBranch. The Problem: My custom menu works fine, but I have found that the mvcSiteMapProvider does not seem to evaluate the url of the CurrentNode in a consistent manner: When two nodes point to the same action and are distinguished only by a parameter of the action, SiteMap.CurrentNode does not seem to use the correct route (it ignores the distinguishing parameter and defaults to the first route that that maps to the action defined in the node). Example of the Problem: In an app I have Members. A Member has a MemberStatus field that can be "Unprocessed", "Active" or "Inactive". To change the MemberStatus, I have a ProcessMemberController in an Area called Admin. The processing is done using the Process action on the ProcessMemberController. My mvcSiteMap has two nodes that BOTH map to the Process action. The only difference between them is the alternate parameter (such are my client's domain semantics), that in one case has a value of "Processed" and in the other "Unprocessed": Nodes: <mvcSiteMapNode title="Process" area="Admin" controller="ProcessMembers" action="Process" alternate="Unprocessed" /> <mvcSiteMapNode title="Change Status" area="Admin" controller="ProcessMembers" action="Process" alternate="Processed" /> Routes: The corresponding routes to these two nodes are (again, the only thing that distinguishes them is the value of the alternate parameter): context.MapRoute( "Process_New_Members", "Admin/Unprocessed/Process/{MemberId}", new { controller = "ProcessMembers", action = "Process", alternate="Unprocessed", MemberId = UrlParameter.Optional } ); context.MapRoute( "Change_Status_Old_Members", "Admin/Members/Status/Change/{MemberId}", new { controller = "ProcessMembers", action = "Process", alternate="Processed", MemberId = UrlParameter.Optional } ); What works: The Html.ActionLink helper uses the routes and produces the urls I expect: @Html.ActionLink("Process", MVC.Admin.ProcessMembers.Process(item.MemberId, "Unprocessed") // Output (alternate="Unprocessed" and item.MemberId = 12): Admin/Unprocessed/Process/12 @Html.ActionLink("Status", MVC.Admin.ProcessMembers.Process(item.MemberId, "Processed") // Output (alternate="Processed" and item.MemberId = 23): Admin/Members/Status/Change/23 In both cases the output is correct and as I expect. What doesn't work: Let's say my request involves the second option, ie, /Admin/Members/Status/Change/47, corresponding to alternate = "Processed" and a MemberId of 47. Debugging my static CurrentBranch property (see below), I find that SiteMap.CurrentNode shows: PreviousSibling: null Provider: {MvcSiteMapProvider.DefaultSiteMapProvider} ReadOnly: false ResourceKey: "" Roles: Count = 0 RootNode: {Home} Title: "Process" Url: "/Admin/Unprocessed/Process/47" Ie, for a request url of /Admin/Members/Status/Change/47, SiteMap.CurrentNode.Url evaluates to /Admin/Unprocessed/Process/47. Ie, it is ignorning the alternate parameter and using the wrong route. CurrentBranch Static Property: /// <summary> /// ReadOnly. Gets the Branch of the Site Map that holds the SiteMap.CurrentNode /// </summary> public static List<SiteMapNode> CurrentBranch { get { List<SiteMapNode> currentBranch = null; if (currentBranch == null) { SiteMapNode cn = SiteMap.CurrentNode; SiteMapNode n = cn; List<SiteMapNode> ln = new List<SiteMapNode>(); if (cn != null) { while (n != null && n.Url != SiteMap.RootNode.Url) { // I don't need to check for n.ParentNode == null // because cn != null && n != SiteMap.RootNode ln.Add(n); n = n.ParentNode; } // the while loop excludes the root node, so add it here // I could add n, that should now be equal to SiteMap.RootNode, but this is clearer ln.Add(SiteMap.RootNode); // The nodes were added in reverse order, from the CurrentNode up, so reverse them. ln.Reverse(); } currentBranch = ln; } return currentBranch; } } The Question: What am I doing wrong? The routes are interpreted by Html.ActionLlink as I expect, but are not evaluated by SiteMap.CurrentNode as I expect. In other words, in evaluating my routes, SiteMap.CurrentNode ignores the distinguishing alternate parameter.

    Read the article

  • As an admin, what tools do you use to log what you do to your boxes?

    - by Jerry
    I am more of a linux applications developer than an admin. Over time, I've built servers and maintained them, sometimes to offer services, mostly just to develop the applications I work on. Way back when I would create a file in my account to keep notes on what I did on each machine, so that I could replicate that when I migrated to other machines. Nowadays, I install something a private trac installation, install it's blog plugin, and then use that to make notes of everything I install, and most commands that I run, as well as the output. This provides me a combination wiki and blog that I find very useful as a "captain's log". I do this mostly so that when I migrate to a new clean machine, I have a much easier time in bringing it up. And yet, I am always amazed when I see others just install this, delete that, run this, setup this config, ... without seeming to use any way to actually note what they are doing. What do YOU do, and what tools are available? I am especially interested in the transition between maintaining a few machines for a few people and maintaining several to dozens of machines providing a real service. What are the best practices, and where can I find good resources? Thanks!

    Read the article

  • Limited user requires admin rights for plug and play printer?

    - by Kalamane
    I have a small fleet of laptops that aren't part of a domain running Windows XP Pro SP3 as limited users. They are used for printing different shipping documents. I have a script that runs when they start up that uses devcon and prntmngr to detect and install/configure the currently connected usb printers. This lets us deploy the laptops to any printing station with a USB printer and have the printer 'just work' for the end user employee. I've taken the original clone image and have added functionality to it. Since then I've discovered a bit of an issue with using HP LaserJet P1606dn printers. They have started asking for admin rights on setup. This is with and without the script running. Previously they would automatically install because I had installed WHQL plug and play drivers for them. I thought it might have to do with the HP Smart Install Utility but it happens when that is disabled. I don't have a good point to roll back to before this started happening because this was an issue on the image I took initially to start this upgrade. What could be causing this?

    Read the article

  • Error after installing Django (supposed PATH or PYTHONPATH "error")

    - by illuminated
    Hi all, I guess this is a PATH/PYTHONPATH error, but my attempts failed so far to make django working. System is Ubuntu 10.04, 64bit: mx:~/webapps$ cat /etc/lsb-release DISTRIB_ID=Ubuntu DISTRIB_RELEASE=10.04 DISTRIB_CODENAME=lucid DISTRIB_DESCRIPTION="Ubuntu 10.04 LTS" Python version: 2.6.5: @mx:~/webapps$ python -V Python 2.6.5 When I run django-admin.py, the following happens: mx:~/webapps$ django-admin.py Traceback (most recent call last): File "/usr/local/bin/django-admin.py", line 2, in <module> from django.core import management ImportError: No module named django.core Similar when I import django in python shell: mx:~/webapps$ python Python 2.6.5 (r265:79063, Apr 16 2010, 13:09:56) [GCC 4.4.3] on linux2 Type "help", "copyright", "credits" or "license" for more information. >>> import django Traceback (most recent call last): File "<stdin>", line 1, in <module> ImportError: No module named django >>> quit() More details: mx:~/webapps$ python -c "from distutils.sysconfig import get_python_lib; print get_python_lib()" /usr/lib/python2.6/dist-packages Within python shell: Python 2.6.5 (r265:79063, Apr 16 2010, 13:09:56) [GCC 4.4.3] on linux2 Type "help", "copyright", "credits" or "license" for more information. >>> import sys >>> print sys.path ['', '/usr/lib/python2.6/dist-packages/django', '/usr/local/lib/python2.6/dist-packages/django/bin', '/usr/local/lib/python2.6/dist-packages/django', '/home/petra/webapps', '/usr/lib/python2.6', '/usr/lib/python2.6/plat-linux2', '/usr/lib/python2.6/lib-tk', '/usr/lib/python2.6/lib-old', '/usr/lib/python2.6/lib-dynload', '/usr/lib/python2.6/dist-packages', '/usr/lib/python2.6/dist-packages/PIL', '/usr/lib/pymodules/python2.6'] django-admin.py can be found here: mx:~/webapps$ locate django-admin.py ~/install/sources/Django-1.2.1/build/lib.linux-i686-2.6/django/bin/django-admin.py ~/install/sources/Django-1.2.1/build/scripts-2.6/django-admin.py ~/install/sources/Django-1.2.1/django/bin/django-admin.py /usr/local/bin/django-admin.py /usr/local/lib/python2.6/dist-packages/django/bin/django-admin.py /usr/local/lib/python2.6/dist-packages/django/bin/django-admin.pyc and in the end this doesn't help: export PYTHONPATH="/usr/lib/python2.6/dist-packages/django:$PYTHONPATH" nor this: export PYTHONPATH="/usr/local/lib/python2.6/dist-packages/django:$PYTHONPATH" How to solve this !? Thanks all in advance! :)

    Read the article

  • Postfix unable to create lock file, permission denied

    - by John Bowlinger
    I thought I had my postfix configuration all set up on my Amazon Ubuntu server but I guess not. I'm trying to set up an admin email account for 3 virtually hosted Apache websites. Here's my postfix main.cf file: myhostname = ip-XX-XXX-XX-XXX.us-west-2.compute.internal alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = ip-XX-XXX-XX-XXX.us-west-2.compute.internal, localhost.us-west-2.compute.internal, , localhost relayhost = mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all virtual_mailbox_domains = example1.com, example2.com, example3.com virtual_mailbox_base = /var/mail/vhosts virtual_mailbox_maps = hash:/etc/postfix/vmailbox virtual_minimum_uid = 100 virtual_uid_maps = static:115 virtual_gid_maps = static:115 virtual_alias_maps = hash:/etc/postfix/virtual Here's my vmailbox file: [email protected] example1.com/admin [email protected] example2.com/admin [email protected] example3.com/admin @example1.com example1.com/catchall @example2.com example2.com/catchall @example3.com example3.com/catchall And finally my virtual file: [email protected] postmaster [email protected] postmaster [email protected] postmaster When I try to send an email to through netcat to my one of my domains, I get: unable to create lock file /var/mail/vhosts/example1.com/admin.lock: Permission denied This is despite the fact that I set example1.com group to postfix and also my virtual_uid_maps and virtual_gid_maps are both set to Postfix group id of 115.

    Read the article

  • Restrict SSH user to connection from one machine

    - by Jonathan
    During set-up of a home server (running Kubuntu 10.04), I created an admin user for performing administrative tasks that may require an unmounted home. This user has a home directory on the root partition of the box. The machine has an internet-facing SSH server, and I have restricted the set of users that can connect via SSH, but I would like to restrict it further by making admin only accessible from my laptop (or perhaps only from the local 192.168.1.0/24 range). I currently have only an AllowGroups ssh-users with myself and admin as members of the ssh-users group. What I want is something that works like you may expect this setup to work (but it doesn't): $ groups jonathan ... ssh-users $ groups admin ... ssh-restricted-users $ cat /etc/ssh/sshd_config ... AllowGroups ssh-users [email protected].* ... Is there a way to do this? I have also tried this, but it did not work (admin could still log in remotely): AllowUsers [email protected].* * AllowGroups ssh-users with admin a member of ssh-users. I would also be fine with only allowing admin to log in with a key, and disallowing password logins, but I could find no general setting for sshd; there is a setting that requires root logins to use a key, but not for general users.

    Read the article

  • Restrict SSH user to connection from one machine

    - by Jonathan
    During set-up of a home server (running Kubuntu 10.04), I created an admin user for performing administrative tasks that may require an unmounted home. This user has a home directory on the root partition of the box. The machine has an internet-facing SSH server, and I have restricted the set of users that can connect via SSH, but I would like to restrict it further by making admin only accessible from my laptop (or perhaps only from the local 192.168.1.0/24 range). I currently have only an AllowGroups ssh-users with myself and admin as members of the ssh-users group. What I want is something that works like you may expect this setup to work (but it doesn't): $ groups jonathan ... ssh-users $ groups admin ... ssh-restricted-users $ cat /etc/ssh/sshd_config ... AllowGroups ssh-users [email protected].* ... Is there a way to do this? I have also tried this, but it did not work (admin could still log in remotely): AllowUsers [email protected].* * AllowGroups ssh-users with admin a member of ssh-users. I would also be fine with only allowing admin to log in with a key, and disallowing password logins, but I could find no general setting for sshd; there is a setting that requires root logins to use a key, but not for general users.

    Read the article

  • Cold Start

    - by antony.reynolds
    Well we had snow drifts 3ft deep on Saturday so it must be spring time.  In preparation for Spring we decided to move the lawn tractor.  Of course after sitting in the garage all winter it refused to start.  I then come into the office and need to start my 11g SOA Suite installation.  I thought about this and decided my tractor might be cranky but at least I can script the startup of my SOA Suite 11g installation. So with this in mind I created 6 scripts.  I created them for Linux but they should translate to Windows without too many problems.  This is left as an exercise to the reader, note you will have to hardcode more than I did in the Linux scripts and create separate script files for the sqlplus and WLST sections. Order to start things I believe there should be order in all things, especially starting the SOA Suite.  So here is my preferred order. Start Database This is need by EM and the rest of SOA Suite so best to start it before the Admin Server and managed servers. Start Node Manager on all machines This is needed if you want the scripts to work across machines. Start Admin Server Once this is done in theory you can manually stat the managed servers using WebLogic console.  But then you have to wait for console to be available.  Scripting it all is quicker and easier way of starting. Start Managed Servers & Clusters Best to start them one per physical machine at a time to avoid undue load on the machines.  Non-clustered install will have just soa_server1 and bam_serv1 by default.  Clusters will have at least SOA and BAM clusters that can be started as a group or individually.  I have provided scripts for standalone servers, but easy to change them to work with clusters. Starting Database I have provided a very primitive script (available here) to start the database, the listener and the DB console.  The section highlighted in red needs to match your database name. #!/bin/sh echo "##############################" echo "# Setting Oracle Environment #" echo "##############################" . oraenv <<-EOF orcl EOF echo "#####################" echo "# Starting Database #" echo "#####################" sqlplus / as sysdba <<-EOF startup exit EOF echo "#####################" echo "# Starting Listener #" echo "#####################" lsnrctl start echo "######################" echo "# Starting dbConsole #" echo "######################" emctl start dbconsole read -p "Hit <enter> to continue" Starting SOA Suite My script for starting the SOA Suite (available here) breaks the task down into five sections. Setting the Environment First set up the environment variables.  The variables highlighted in red probably need changing for your environment. #!/bin/sh echo "###########################" echo "# Setting SOA Environment #" echo "###########################" export MW_HOME=~oracle/Middleware11gPS1 export WL_HOME=$MW_HOME/wlserver_10.3 export ORACLE_HOME=$MW_HOME/Oracle_SOA export DOMAIN_NAME=soa_std_domain export DOMAIN_HOME=$MW_HOME/user_projects/domains/$DOMAIN_NAME Starting the Node Manager I start node manager with a nohup to stop it exiting when the script terminates and I redirect the standard output and standard error to a file in a logs directory. cd $DOMAIN_HOME echo "#########################" echo "# Starting Node Manager #" echo "#########################" nohup $WL_HOME/server/bin/startNodeManager.sh >logs/NodeManager.out 2>&1 & Starting the Admin Server I had problems starting the Admin Server from Node Manager so I decided to start it using the command line script.  I again use nohup and redirect output. echo "#########################" echo "# Starting Admin Server #" echo "#########################" nohup ./startWebLogic.sh >logs/AdminServer.out 2>&1 & Starting the Managed Servers I then used WLST (WebLogic Scripting Tool) to start the managed servers.  First I waited for the Admin Server to come up by putting a connect command in a loop.  I could have put the WLST commands into a separate script file but I wanted to reduce the number of files I was using and so used redirected input (here syntax). $ORACLE_HOME/common/bin/wlst.sh <<-EOF import time sleep=time.sleep print "#####################################" print "# Waiting for Admin Server to Start #" print "#####################################" while True:   try:     connect(adminServerName="AdminServer")     break   except:     sleep(10) I then start the SOA server and tell WLST to wait until it is started before returning.  If starting a cluster then the start command would be modified accordingly to start the SOA cluster. print "#######################" print "# Starting SOA Server #" print "#######################" start(name="soa_server1", block="true") I then start the BAM server in the same way as the SOA server. print "#######################" print "# Starting BAM Server #" print "#######################" start(name="bam_server1", block="true") EOF Finally I let people know the servers are up and wait for input in case I am running in a separate window, in which case the result would be lost without the read command. echo "#####################" echo "# SOA Suite Started #" echo "#####################" read -p "Hit <enter> to continue" Stopping the SOA Suite My script for shutting down the SOA Suite (available here)  is basically the reverse of my startup script.  After setting the environment I connect to the Admin Server using WLST and shut down the managed servers and the admin server.  Again the script would need modifying for a cluster. Stopping the Servers If I cannot connect to the Admin Server I try to connect to the node manager, in case the Admin Server is down but the managed servers are up. #!/bin/sh echo "###########################" echo "# Setting SOA Environment #" echo "###########################" export MW_HOME=~oracle/Middleware11gPS1 export WL_HOME=$MW_HOME/wlserver_10.3 export ORACLE_HOME=$MW_HOME/Oracle_SOA export DOMAIN_NAME=soa_std_domain export DOMAIN_HOME=$MW_HOME/user_projects/domains/$DOMAIN_NAME cd $DOMAIN_HOME $MW_HOME/Oracle_SOA/common/bin/wlst.sh <<-EOF try:   print("#############################")   print("# Connecting to AdminServer #")   print("#############################")   connect(username='weblogic',password='welcome1',url='t3://localhost:7001') except:   print "#########################################"   print "#   Unable to connect to Admin Server   #"   print "# Attempting to connect to Node Manager #"   print "#########################################"   nmConnect(domainName=os.getenv("DOMAIN_NAME")) print "#######################" print "# Stopping BAM Server #" print "#######################" shutdown('bam_server1') print "#######################" print "# Stopping SOA Server #" print "#######################" shutdown('soa_server1') print "#########################" print "# Stopping Admin Server #" print "#########################" shutdown('AdminServer') disconnect() nmDisconnect() EOF Stopping the Node Manager I stopped the node manager by searching for the java node manager process using the ps command and then killing that process. echo "#########################" echo "# Stopping Node Manager #" echo "#########################" kill -9 `ps -ef | grep java | grep NodeManager |  awk '{print $2;}'` echo "#####################" echo "# SOA Suite Stopped #" echo "#####################" read -p "Hit <enter> to continue" Stopping the Database Again my script for shutting down the database is the reverse of my start script.  It is available here.  The only change needed might be to the database name. #!/bin/sh echo "##############################" echo "# Setting Oracle Environment #" echo "##############################" . oraenv <<-EOF orcl EOF echo "######################" echo "# Stopping dbConsole #" echo "######################" emctl stop dbconsole echo "#####################" echo "# Stopping Listener #" echo "#####################" lsnrctl stop echo "#####################" echo "# Stopping Database #" echo "#####################" sqlplus / as sysdba <<-EOF shutdown immediate exit EOF read -p "Hit <enter> to continue" Cleaning Up Cleaning SOA Suite I often run tests and want to clean up all the log files.  The following script (available here) does this for the WebLogic servers in a given domain on a machine.  After setting the domain I just remove all files under the servers logs directories.  It also cleans up the log files I created with my startup scripts.  These scripts could be enhanced to copy off the log files if you needed them but in my test environments I don’t need them and would prefer to reclaim the disk space. #!/bin/sh echo "###########################" echo "# Setting SOA Environment #" echo "###########################" export MW_HOME=~oracle/Middleware11gPS1 export WL_HOME=$MW_HOME/wlserver_10.3 export ORACLE_HOME=$MW_HOME/Oracle_SOA export DOMAIN_NAME=soa_std_domain export DOMAIN_HOME=$MW_HOME/user_projects/domains/$DOMAIN_NAME echo "##########################" echo "# Cleaning SOA Log Files #" echo "##########################" cd $DOMAIN_HOME rm -Rf logs/* servers/*/logs/* read -p "Hit <enter> to continue" Cleaning Database I also created a script to clean up the dump files of an Oracle database instance and also the EM log files (available here).  This relies on the machine name being correct as the EM log files are stored in a directory that is based on the hostname and the Oracle SID. #!/bin/sh echo "##############################" echo "# Setting Oracle Environment #" echo "##############################" . oraenv <<-EOF orcl EOF echo "#############################" echo "# Cleaning Oracle Log Files #" echo "#############################" rm -Rf $ORACLE_BASE/admin/$ORACLE_SID/*dump/* rm -Rf $ORACLE_HOME/`hostname`_$ORACLE_SID/sysman/log/* read -p "Hit <enter> to continue" Summary Hope you find the above scripts useful.  They certainly stop me hanging around waiting for things to happen on my test machine and make it easy to run a test, change parameters, bounce the SOA Suite and clean the logs between runs so I can see exactly what is happening. Now I need to get that mower started…

    Read the article

< Previous Page | 30 31 32 33 34 35 36 37 38 39 40 41  | Next Page >