Search Results

Search found 2905 results on 117 pages for 'ad hoc'.

Page 38/117 | < Previous Page | 34 35 36 37 38 39 40 41 42 43 44 45  | Next Page >

• How do I get Bugzilla to authenticate with Active Directory LDAP?

  - by user65712

  After reading this guide and trying a ton of permutations based on that, is there an easy way to get Bugzilla working with an AD server? I keep getting the error: 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db0 I created an AD "bugzilla" user account with "Account Operators" permission as directed. I'm not sure if the error is saying that my login is incorrect or the system login to access LDAP is incorrect. Maybe I just missed an arcane option somewhere in the settings. You'd think all I'd need to do is specify the server name. As you might have been able to tell, I don't have a lot of LDAP experience. Also, will the Sysinternals LDAP tool help here?

  Read the article

• Going from dev to sysadmin advice [on hold]

  - by dotnetdev

  I've seen the threads on here about transitions to/from sysadmin. My story is I am a dev (technology is irrelevant), but in learning that technology it required a lot of server infrastructure. In the last few years, I thus had to setup a lot of infrastructure (AD, DNS, SQL etc) to learn said technology. I've noticed that I've enjoyed doing sysadmin and got quite good at it, and find it even engrossing (e.g. I am amazed by how decievingly complicated AD is, under the hood). I'm now thinking of moving into IT infrastructure after about 4 years in various dev (.NET) roles. Any advice? My concern is that I don't have any experience with hardware load balancers and firewalls like F5 etc, which some jobs require. How could I compensate for that? Also, I'm rubbish with my hands, would this be a factor? (i.e. maintaining physical kit)? Thanks

  Read the article

• Is it possible to hide folders/subfolders from users based on permissions?

  - by Uwe Keim

  Having a Windows Server 2008 R2 that has a share with lots of nested folders, I want to be able to only show certain folders to certain AD users/AD user groups. Is it possible to configure the permissions on single folders, so that clients that connect with Windows XP/Windows 7 to the share on the Windows 2008 R2 server only see those folders for which they have "view" permission? Other clients should not see the folders at all in Windows Explorer. I was told that this seems to be a standard feature on Novell networks.

  Read the article

• how to configure my internal dns to resolve external resources

  - by Ralph Shillington

  I have an internal DNS as part of my AD setup. I have an hosted DNS for public resources (which are typically at some data centre somewhere) Occasionally while on our internal network I need to get to a public resource --- for example www.ourcompany.com since there isn't a www record in our internal DNS I cant get the name resolved. How do I configure my DNS to forward names it doesn't recognise to the public DNS. Update: As per the comment yes I have a "split-horizon" dns (which seemed like a good idea at the time) This AD setup is less than 24 hours old, and can be redone if need be -- (although I would rather not)

  Read the article

• Active Directory: how do you pull a list of accounts that belong to a user?

  - by Jack

  I'm a software developer currently stuck to support CyberArk at a large company. I need to pull up a list of accounts that is belong to a certain user. For example, let's said I have a user account named Bob and I want to find all the accounts that belong to Bob in AD meaning on the Organization tab of a user properties, the Manager should be Bob. I've absolutely zero knowledge regarding AD except the very basic. Is there a way to do it? I only have access to "Active Directory Users and Computers" tool and I'm not even sure if I have enough privilege to run script or install powershell to do it but would like to know the script or powershell command to do so if there is one.

  Read the article

• network topology including many services

  - by mete

  I know this is yet another question on how to setup network but I hope you are not bored of such questions yet. The site is also an office, so it includes windows dc, windows ad, exchange, sql, file sharing, development app servers and other pcs. In addition to office (internal) things, there are both test and prod environments consisting of a web server-app server-sql stack. There is also ftp service open to public. I consider: dmz1 - web server - exchange edge - ftp dmz2 - app server - sql for app server internal - dc and ad - exchange hub and transport - internal file sharing - sql for internal use - app servers for internal use - pcs public - dmz1, only web, ftp and smtp public - dmz2 not possible public - internal not possible dmz1 - dmz2 is possible from web servers to app servers by using http or ajp dmz1 - internal is only possible for exchange, otherwise not possible dmz2 - internal not possible Does this sound ok ? Any other recommendations ? It will be configured using either MS ISA or Jupiter SSG. Thank you.

  Read the article

• Industry Standard DNS & Authentication?

  - by James Murphy

  I'm just curious as to what is considered industry standard when it comes to doing DNS and authentication on an environment with mainly linux machines? Do people use Windows DNS & Windows AD to do it all if they have at least one windows server (well - alot might, but should they)? Does ANYONE use hosts files or local only user accounts on each server? What would people like Facebook/Google use for their DNS and authentication on their servers? We have an environment where we have about 10-15 linux servers and 1-2 windows servers. We are currently using Windows AD and Windows DNS but it doesn't seem like it's the most secure/stable/scalable way to do it for a mainly linux environment? We use RHEL as our linux environment.

  Read the article

• Can a Windows 2003 Active Directory server act as a NTP server?

  - by Rob Nicholson

  Within our LAN, there are two Windows 2003 servers with the Active Directory role. Both these servers have the time service configured to query NTP servers on the internet for the accurate time. That works fine. I've just installed XenServer v5.6 and it's asked me for the IP address of an NTP server. Without tweaking the firewall, I cannot configure this server to reference an internet based NTP server. But can I configure it to use the IP address of the internal AD servers, i.e. do AD servers also act as NTP servers to other computers? Thanks, Rob.

  Read the article

• MSDCS zone missing

  - by hyp

  I seem to have an issue with our AD/DNS, the structure looks like: but the BPA gives me an error: Issue: The Active Directory integrated DNS zone _msdcs.<domain> was not found. Impact: DNS queries for the Active Directory integrated zone _msdcs.<domain> might fail. Resolution: Restore the Active Directory integrated DNS zone _msdcs.<domain> Now we've got 4 DC's in total: 2 running Server 2008 R2, 2 running Server 2003. The older ones will be retired sometime this year. Actually everything seems to be working ok (if something isn't then we don't know about it), we've got quite a few .NET applications authenticating against AD, no DNS issues from what I can tell and various bits on the network point to all 4 controllers. Furthermore a dcdiag /dnsall comes up with all passes. Is this something I should be worried about?

  Read the article

• Excel: Plot order total in map coordinates

  - by Phliplip

  I have a set of data that looks like this: -X--Y----Amount- AE 24 $178,00 Y 27 $162,00 AD 34 $680,00 AK 35 $178,00 Y 25 $29,00 U 23 $178,00 X 38 $193,00 AC 30 $226,00 AK 39 $152,00 AJ 34 $217,00 AC 35 $183,00 AA 22 $211,00 Z 19 $172,00 AJ 32 $187,00 AF 26 $272,00 AI 27 $220,00 AJ 34 $320,00 AB 32 $183,00 AB 35 $272,00 AC 32 $207,00 AB 28 $178,00 AC 30 $168,00 AC 28 $178,00 AB 32 $310,00 AD 30 $188,00 AB 35 $188,00 The sample above is only an excerpt of the total dataset of 16K rows Each row represents a single delivery order, where the 2 first columns are the map coordinate and the third the purchase amount. Would it be possible to plot the above data in a chart or coordinate system. Where the each plot should be a summary of all sales in the same map coordinate. Also a similar chart of order count would be nice to have.

  Read the article

• SSH and Active Directory authentication

  - by disserman

  Is it possible to set up Linux (and Solaris) SSH server to authenticate users in this way: i.e. user john is a member of the group Project1_Developers in the Active Directory. we have something on the server A (running Linux, the server has an access to the AD via i.e. LDAP) in the SSH server LDAP (or other module) authentication config like root=Project1_Developers,Company_NIX_Admins. when john connects to the server A using his username "john" and domain password, the server checks the john's group in the domain and if the group is "Project1_Developers" or "Company_NIX_Admins", makes him locally as a root with a root privileges. The idea is also to have only a "root" and a system users on the server, without adding user "john" to all servers where John can log in. Any help or the idea how to make the above or something similar to the above? Preferred using AD but any other similar solution is also possible. p.s. please don't open a discussions is it secure to login via ssh as root or not, thanks :)

  Read the article

• Installing Domain Controller on Hyper-V Host

  - by MichaelGG

  Given a resource limited setup consisting of 2 host machines (HyperV-01 and HyperV-02), is it OK to put the domain controllers in parent partition, instead of their own VM? The main reason is that if the DCs go into a child partition, starting from cold on both machines could lead to a bit of an issue, as there'd be no DCs around until well after both parents have booted. I'm guessing this might cause undesirable effects. Am I correct to be worried about joining the host systems to a domain that's only on VMs? The biggest drawback I've heard so far is that if AD gets heavily used, its resources could cut into HyperV's. I'm not concerned about that for this deployment. Any other suggestions? (Besides finding a 3rd machine and running AD on it.)

  Read the article

• How can i get SSO for alfresco on windows-7 to work?

  - by Maarten

  domain AD on windows 2008 R2, linux server alfresco 3.4c, windows-7 client. I'm trying to get automatically logged into alfresco from the windows-7 client. I've looked with wireshark to see what happens: 1. Client goes to /alfresco 2. Server sends Redirect to page 3. Client goes to Redirected page 4. Server sends a WWW-Authenticate: Negotiate header 5. Client DOES NOT respond to this how can i configure the windows-7 client (or the AD domain) so that the client will in fact engage with the SPNEGO protocol? instead of just asking for user credentials? (the user is logged in through kerberos in the domain.)

  Read the article

• VPN trace route

  - by Jake

  I am inside an Active Directory (AD) domain and trying to trace route to another AD domain at a remote site, but supposedly connected by VPN in between. the local domain can be accessed at 192.168.3.x and the remote location 192.168.2.x. When I do a tracert, I am suprised to see that the results did not show the intermediate ISP nodes. If I used the public IP of the remote location, then a normal tracert going through every intermediate node would show. 1 <1 ms <1 ms <1 ms 192.168.3.1 2 1 ms <1 ms <1 ms 192.168.3.254 3 7 ms 7 ms 7 ms 212.31.2xx.xx 4 197 ms 201 ms 196 ms 62.6.1.2xx 5 201 ms 201 ms 210 ms vacc27.norwich.vpn-acc.bt.net [62.6.192.87] 6 209 ms 209 ms 209 ms 81.146.xxx.xx 7 209 ms 209 ms 209 ms COMPANYDOMAIN [192.168.2.6] Can someone explain how does this VPN tunnelling works? Does this mean VPN is technically faster than without?

  Read the article

• bulleted lists for plain-text documents in Vim

  - by AnC

  While Vim supports automatic indenting in lists, the default setting only covers ordered lists, starting with digits: 1. Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim 2. veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. I have not been able to figure out how to extend this to unordered, bulleted lists: * Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim * veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Changing the formatlistpat RegEx did not lead to the desired results (indeed, it even broke ordered lists). Any help would be appreciated!

  Read the article

• What's the best way to do user profile/folder redirect/home directory archiving?

  - by tpederson

  My company is in dire need of a redesign around how we handle user account administration. I've been tasked with automating the process. The end goal is to have the whole works triggered by the business, and IT only looking in when there's an error reported. The interim phase is going to be semi-manual. That is a level 2 tech inputs the user's info and supervises the process. The current hurdle I'm facing is user profile archiving. Our security team requires us to archive the profile directories for any terminated user for 60 days in case the legal team requires access to their files. Our AD is as much a mess as everything else, so there are some users with home directories and some with profiles. Anyone who has a profile dir in AD also has a good deal of their profile redirected to our file servers over DFS. In order to complete the process manually you find the user in AD, disable them, find their home/profile dir, go there and take ownership, create an archive folder, move all their files over, then delete the old dir. Some users have many many gigs of nonsense and this can take quite some time. Even automated the process would not be a quick one. I'm thinking that I need to have a client side C# GUI for the quick stuff and some server side batch script or console app to offload this long running process. I have a batch script that works decently using takeown and robocopy, but I wonder if a C# console app would do a better job. So, my question at long last is, what do you think is the best way to handle this? I can't imagine this is a unique problem, how do other admins get this done? The last place I worked was easily 10x larger than the place I'm in now. If we would have been doing this manual crap there, they'd have needed a team of at least 30 full time workers to keep up. I have decent skills in C#.net and batch scripting, but am a quick study and I have used most every language once or twice. Thank you for reading this and I look forward to seeing what imaginative solutions you all can come up with.

  Read the article

• Windows 2008 Domain Controller - Backup (BDC) to Primary (PDC)

  - by Klaptrap

  I have created a new domain controller with my single domain forest. I have also made it DHCP and DNS ready - all 3 services have synchronised with the existing W2K8 domain controller. I even migrated the FSMO roles and thought everything was fine. Indeed all machines on network appear to obtain DHCP and DNS from new server and the AD is working on the new server as my internal website uses it for login authentication. I have just noticed, via BgInfo - Sys Internals - that the new server is showing as "backup" and the old as "primary" - I thought I had already achieved this. Have the FSMO roles swapped back - as I have yet to have removed the old server from AD (dcpromo). Do I need to do anything before I run dcpromo on the old server? Any thoughts appreciated....

  Read the article

• Gotomeeting MSI needs elevated privs?

  - by DrZaiusApeLord

  Typically I can deploy MSIs with no issue, but the Gotomeeting one refuses to install. SCE lists it as pending and AD just attempts to install it, gives up, and never tries again. When I tried running it by double-clicking its icon, it told me "needs to run with elevated privs." I don't see how I can get AD or SCE to run it with these higher privs. I can run it by using an elevated command prompt and running msiexec from there. The MSI is the one labeled "GoToMeeting MSI Installer (ZIP)" from here: http://support.citrixonline.com/GoToMeeting/search?search=msi Any ideas? I run an environment where the users are non-admins and would love to be able to upgrade this centrally.

  Read the article

• Is it possible to restrict fileserver access to domain users using computers that are members of the domain?

  - by Chris Madden

  It seems domain isolation can be used to accomplish, but I'd like a solution that doesn't require IPsec, or more accurately, doesn't require IPsec on the fileserver. IPsec if done in software has a large CPU overhead and our NAS boxes don't support any kind of offload. The goal is to avoid authenticated users using non-managed machines to access network resources. Network Access Protection (NAP) and the various enforcement points looked promsiing but I couldn't find a bulletproof way to use them [which doesn't require IPsec on the fileserver]. I was thinking when a domain user accesses the NAS box it will first need a Kerberos ticket from AD, so if AD could somehow verify the computer that was requesting the ticket was in the domain I'd have a solution.

  Read the article

• Default Critique branch office setup: VPNTunnel->HQ, subnets for VOIP/PC, + several Q's

  - by CHickenTaragon

  We're setting up a new branch office. * ~10 users. * Each user has a VOIP phone provided by a hosted solution. * Users need access to resources on HQ (located in another state), so setting up VPN tunnel * HQ only supports certain Cisco/Juniper devices. VOIP provider only supports SonicWall, so current plan is to have two routers w/ separate subnets for VOIP vs. PC traffic. * PC's will plug into pass-thru Ethernet jacks on the VOIP phones, but the phones vs. PC's will point to different subnets. * Cable Modem is 50Mbps / 5Mbps DOCSIS 3.0 business line w/ 5 static IP's. * Each of the 2 subnets will map to one of the 5 public IP's. * May or may not also need to support a VPN tunnel with a second branch office because of a file server they have there that some in the new office use. I'm pushing to have them move the files to a server on the HQ's network so we don't have to worry about setting up an additional tunnel. Questions: Do you foresee any issues with the below set-up? Router recommendations by HQ IT staff: Cisco Router 2811, or Juniper SSG5 or SSG20. Any recommendations about these routers? We need Wi-Fi too – looks like the above routers have models that support this, any reason not to use this? Users need to be able to work from home. If so, how is authentication handled? Right now we use AD credentials for the HQ's domain, but we currently don't plan to have an AD system in the new location since it's only 10 users. We can't tie the authentication system from the new location's router to the AD system of the HQ. All the PC's that will be in the new location are currently in the existing office that is closing down, and are already joined to the domain of the HQ. Please confirm: this + the VPN tunnel will be sufficient for them to connect to authenticated resources on the HQ's network from the new location, correct? Mainly SQL servers and file servers, and a few remote desktop sessions. I'm sure I'll have some more questions, but can't think of them right now.

  Read the article

• DNS Server (2008 r2) MMC The server DC01 could not be contacted. The error was: Access was denied

  - by Silviu-Ionut Radu

  I've just migrated the AD with the whole nine yards, FSMO, PDC, RID, Schema, etc, from an SBS 2003 to a Win 2008 R2 Std. I have managed to have no error in the dcdiag before I demoted the SBS 2003 from the AD, fsmocheck, conectivity, advertising, dns, etc. The SBS 2003 demoted successfully. After this step I have restarted both, the old SBS and the new Win 2008 r2. After restart the new DC (which is the GC) started with an Access denied to the DNS Server MMC, actually it is looking like I would try to connect to the 2008 r2 DNS server from an older server console I can NOT manage DNS server through MMC nor through dnscmd (Command failed: ERROR_ACCESS_DENIED 5 0x5) I cannot even use the Action Option from the DNS Server MMC because all the options are DISABLED but for "Launch nslookup". I've made a lot of research on the internet but no luck, yet. So I come to ask for help. Thank you very much.

  Read the article

• Preventing 'Reply-All' to Exchange Distribution Groups

  - by Larold

  This is another question in a short series regarding a challenging Exchange project my co-workers have been asked to implement. (I'm helping even though I'm primarily a Unix guy because I volunteered to learn powershell and implement as much of the project in code as I could.) Background: We have been asked to create many distribution groups, say about 500+. These groups will contain two types of members. (Apologies if I get these terms wrong.) One type will be internal AD users, and the other type will be external users that I create Mail Contact entries for. We have been asked to make it so that a "Reply All" is not possible to any messages sent to these groups. I don't believe that is 100% possible to enforce for the following reasons. My question is - is my following reasoning sound? If not, please feel free to educate me on if / how things can properly be implemeneted. Thanks! My reasoning on why it's impossible to prevent 100% of potential reply-all actions: An interal AD user could put the DL in their To: field. They then click the '+' to expand the group. The group contains two external mail contacts. The message is sent to everyone, including those external contacts. External user #1 decides to reply-all, and his mail goes to, at least, external user #2, which wouldn't even involve our Exchange mail relays. An internal AD user could place the DL in their Outlook To: field, then click the '+' button to expand the DL. They then fire off an email to everyone that was in the group. (But the individual addresses are listed in the 'To:' field.) Because we now have a message sent to multiple recipients in the To: field, the addresses have been "exposed", and anyone is free to reply-all, and the messages just get sent to everyone in the To: field. Even if we try to set a Reply-To: field for all of these DLs, external mail clients are not obligated to abide by it, or force users to abide by it. Are my two points above valid? (I admit, they are somewhat similar.) Am I correct to tell our leadership "It is not possible to prevent 100% of the cases where someone will want to Reply-All to these groups UNLESS we train the users sending emails to these groups that the Bcc: field is to be used at all times." I am dying for any insight or parts of the equation I'm not seeing clearly. Thank you!!!

  Read the article

• Active Directory Corrupted In Windows Small Business Server 2011 - Server No Longer Domain Controller

  - by ThinkerIV

  I have a rather bad problem with my Windows SBS 2011. First of all, I'll give the background to what caused the problem. I was setting up a new small business server network. I had my job about finished. The server was working great, all the workstations had joined the domain, and I had all my applications and data moved to the server. I thought I was done. But then it happened. I tried adding one more computer to the domain, and to my dismay the computer name was set to the same name as the server. Apparently when a computer joins a domain with the same name as another machine that is already on the domain, it overrides the first one. For normal workstations, this is not a big deal, you just delete the computer from AD and rejoin the original computer to the domain. However, for a server that is the domain controller it is a whole different story. Since the server got overridden in AD, it is no longer the domain controller. The DNS service is not working and all kinds of other services are failing also. So the question is, what are my options? I am embarrassed to admit it, but since this is a new server one thing I did not have setup yet was backup. So I have no backups to work from. I am worried that things are broken enough that I might need to do a reinstall. However, I already have several days worth of configuration into this server, so I would obviously prefer if there was a fix that would prevent me from needing to do a reinstall. All the server components are there and installed correctly, but they are misconfigured (I think it is basically just Active Directory). So I have the feeling that if I did the right thing I could solve the issue without a reinstall. Is there anyway to rerun the component that installs the initial configuration to "convert" the base windows server 2008 r2 install into a SBS? In other words in the program files folder there is an application called SBSsetup.exe, is there anyway to rerun this and have it reconfigure AD, etc. to work with SBS? Any insight will be greatly appreciated. Thanks.

  Read the article

• Windows server 2003 mapping home drive wrong

  - by Sandman2010

  hey all, first question... we have around 30 servers in an Active Directory environment with 600 student computers and 100 staff desktops with XP SP2/3, the win server 2003 has the staff home drives on a NAS and in the last few days after some server updates is now mapping home drives to the \servername\home instead of \severname\home\%username%, its simple to re map the network drive but is annoying. we dont use login script to map home drive but use a VB script for other network drives and if we add the home drive mapping to that it works, but shouldnt the profile option in users AD account map that correctly? which do you all recommend, AD profile mapping or VB Script mapping Home drives? thanks Steven

  Read the article

• OS X clients ignoring Windows print server permissions

  - by Ilumiari

  I'm in the process of testing a Windows Server 2008 R2 print server for a mixed OS X/Windows environment. Any security permissions (AD groups) I set for the printers on the print server are not honoured by the OS X clients. Only if I remove absolutely all permissions for a given printer will an OS X client not print to that printer. The Windows clients honour the permissions as expected. The PrintService log doesn't record any activity when an unprivileged Windows client attempts to print, and records a typical print job when an unprivileged OS X client attempts to print. Has anyone encountered this problem before and have a fix? With 600-700 clients, a number of which are dual-booting, restricting by IP address is not viable. EDIT: The jobs are definitely going through the print server, they show up in the logs with their AD credentials.

  Read the article

< Previous Page | 34 35 36 37 38 39 40 41 42 43 44 45  | Next Page >