Search Results

Search found 13586 results on 544 pages for 'trusted domain'.

Page 381/544 | < Previous Page | 377 378 379 380 381 382 383 384 385 386 387 388 | Next Page >

Security risk of JIRA standalone installation running JRE version 1.6.0_26 vs 1.6.0_29 (latest)

- by kayaker243

Atlassian recently introduced a standalone installer that installs JIRA, along with its own JRE. Unfortunately the JRE Atlassian bundles with this installer is 1.6.0_26, whereas the current version of the JRE is 1.6.0_29. This is potentially concerning given there were vulnerabilities in _26 that were fixed in the subsequent versions. We are currently using the bundled-installer version of JIRA and one contractor has recommended we ditch this for the system-installed JRE. My question is this: what is the actual security risk of continuing to use the _26 version of the JRE included in the bundled installer? There is no public access to our install of JIRA (only about 20 employees and contractors can login to our JIRA) and it's only accessible on a subdomain of a domain at which there's no publicly-available website. If there's a not insignificant risk inherent in sticking with the older JRE, why hasn't Atlassian upgraded the default JRE?

Read the article
Trouble with cross network permissions for an image through iis7 in an asp.net virtual directory

- by EdenMachine

I have load balanced web servers My web application has a function that allows the user to upload their company logo to display in the application header obviously, when they upload the logo image file, it needs to be in a central location or otherwise, the file will not be accessible to the other server on the load balancer. in order to be able to upload the image through the application other on one of either servers and then display it on both servers I need a virtual directory in IIS on both servers that point to a third "file server" (this is the "AcctData" directory shown below with a sub folder "images") the problem is that no matter what I do, I run into a permissioning issue If I use pass-through authentication I get a 401 error. If I use a specific user that's set up on both boxes, I get a 500 error. The "Default" application under "CP" (shown in the image below) uses an AppPool that is a Domain Account that has admin permissions on all the servers. I've also tried sticking a Web.config file in the "AcctData" directory allowing anonymous access. Nothing is working though.

Read the article
Determining who is running with administrator rights?

- by Alex C.

I work at a small non-profit organization with about 55 desktop PCs running Windows XP Pro. The domain controller is running Windows Server 2003. I have a two-part question (note that I'm a bit of a newb when it comes to network administration). Part 1: Is there some simple way that I can determine which accounts are logged in with administrator rights? Part 2: Is there a way that I can remove administrator rights from users without sitting down at each individual machine? Thanks for considering my questions.

Read the article
Insulate hosted client domains from server IP address change?

- by babtek

I will be hosting web content for many client domains on a single IP address (with a web hosting company, not inhouse machine). Initially, I must give client some information to configure their registrar to point the domain to my server. I want client domains insulated from a potential IP address change, so if I change hosts/IP address they don't have to reconfigure anything with their registrar. Is this reasonably possible without running my own nameserver? If so, what would be the smartest way to make it happen? Instruct clients to make CNAME record? Use some type of DNS management service that clients would use as a nameserver?

Read the article
Web authentication using LDAP and Apache?

- by Stephen R

I am working on a project of setting up a web administered inventory database for my work (or if they don't want it then i'll enjoy learning about it) and hit the problem of allowing only authorized users to access the website (In its testing/development phase, I allow all people to navigate to the website to add entries to the database and query it). I am trying to make it so only particular users in the domain (Active Directory) are allowed to access the website after they are queried about their credentials. I read that Apache (I am using a LAMP server) has a means of asking visitors to the website to provide LDAP credentials in order to gain access to the site, but I wasn't sure if that was exactly what I was looking for. If anyone has experience in the LDAP configurations for Apache that I mentioned or any other means of securely authenticating with websites I would greatly appreciate advice or a direction to go Thank you!

Read the article
Can't assign software to non-admin account

- by labyrinth

I'm trying to deploy software on our domain using group policy, but I am only able to do so if the user is a member of a group with administrative privileges. We do not want to allow users to install programs generally, but do want to be able to assign/publish. The test program I'm using is originally a .msi file, and it installs fine for users in the administrators group. How can we assign/publish to normal users without opening up the ability to install whatever? Also, from what I've read, I believe I have correct permissions on the folder/share where the .msi files are stored. This is on Win2008R2 with Win7Pro clients.

Read the article
Proper network configuration for a KVM guest to be on the same networks at the host

- by Steve Madsen

I am running a Debian Linux server on Lenny. Within it, I am running another Lenny instance using KVM. Both servers are externally available, with public IPs, as well as a second interface with private IPs for the LAN. Everything works fine, except the VM sees all network traffic as originating from the host server. I suspect this might have something to do with the iptables-based firewall I'm running on the host. What I'd like to figure out is: how to I properly configure the host's networking such that all of these requirements are met? Both host and VMs have 2 network interfaces (public and private). Both host and VMs can be independently firewalled. Ideally, VM traffic does not have to traverse the host firewall. VMs see real remote IP addresses, not the host's. Currently, the host's network interfaces are configured as bridges. eth0 and eth1 do not have IP addresses assigned to them, but br0 and br1 do. /etc/network/interfaces on the host: # The primary network interface auto br1 iface br1 inet static address 24.123.138.34 netmask 255.255.255.248 network 24.123.138.32 broadcast 24.123.138.39 gateway 24.123.138.33 bridge_ports eth1 bridge_stp off auto br1:0 iface br1:0 inet static address 24.123.138.36 netmask 255.255.255.248 network 24.123.138.32 broadcast 24.123.138.39 # Internal network auto br0 iface br0 inet static address 192.168.1.1 netmask 255.255.255.0 network 192.168.1.0 broadcast 192.168.1.255 bridge_ports eth0 bridge_stp off This is the libvirt/qemu configuration file for the VM: <domain type='kvm'> <name>apps</name> <uuid>636b6620-0949-bc88-3197-37153b88772e</uuid> <memory>393216</memory> <currentMemory>393216</currentMemory> <vcpu>1</vcpu> <os> <type arch='i686' machine='pc'>hvm</type> <boot dev='hd'/> </os> <features> <acpi/> <apic/> <pae/> </features> <clock offset='utc'/> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>restart</on_crash> <devices> <emulator>/usr/bin/kvm</emulator> <disk type='file' device='cdrom'> <target dev='hdc' bus='ide'/> <readonly/> </disk> <disk type='file' device='disk'> <source file='/raid/kvm-images/apps.qcow2'/> <target dev='vda' bus='virtio'/> </disk> <interface type='bridge'> <mac address='54:52:00:27:5e:02'/> <source bridge='br0'/> <model type='virtio'/> </interface> <interface type='bridge'> <mac address='54:52:00:40:cc:7f'/> <source bridge='br1'/> <model type='virtio'/> </interface> <serial type='pty'> <target port='0'/> </serial> <console type='pty'> <target port='0'/> </console> <input type='mouse' bus='ps2'/> <graphics type='vnc' port='-1' autoport='yes' keymap='en-us'/> </devices> </domain> Along with the rest of my firewall rules, the firewalling script includes this command to pass packets destined for a KVM guest: # Allow bridged packets to pass (for KVM guests). iptables -A FORWARD -m physdev --physdev-is-bridged -j ACCEPT (Not applicable to this question, but a side-effect of my bridging configuration appears to be that I can't ever shut down cleanly. The kernel eventually tells me "unregister_netdevice: waiting for br1 to become free" and I have to hard reset the system. Maybe a sign I've done something dumb?)

Read the article
How to setup a new website with Amazon EC2?

- by ElHaix

For a new EC2 instance, I setup a windows server with IIS. I added the Amazon name servers to my on my domain, and configured an elastic IP pointing to the server. I know this is working as I use this for RDC. On the server, I added the website tied to the IP address, and used the quicklink security group that has port 80 open. However, whenever I try going to the URL, I pretty much get nothing, and not sure where the blockage is occurring. Any suggestions? Thanks.

Read the article
Exclude IPs from FQDN Resolution

- by Jon Rauschenberger

Is there a way to EXCLUDE IPs on an interface from FQDN resulution? Here's my use case; I have a domain joined Windows Server 2008 R2 machine that hosts multiple Web sites. We ahve DNS A records for the various sites that resolve to different IP addresses. I've added those IPs to the single NIC in the machine and the sites work just fine. The problem is that the FQDN of the machine now resolves any of the IPs on the machine. I only want the primary IP associated with the FQDN on the internal DNS servers. Is there ANY way to accomplish this? jon

Read the article
Clients didn't switch to secondary DNS server during fail over

- by The Digital Ninja

I have two internal dns servers set up and all my servers have both of them in the resolv.conf Our main dns server went down and suddenly no server could see each other. I edited a few of the servers resolv.conf manually and committed out the first (down) dns server and that machine would instantly be able to ping again. What did I do wrong, does it not auto switch to the secondary dns server when it times out? # File managed by puppet nameserver 192.168.146.100 nameserver 192.168.159.101 ;nameserver 72.14.188.5 domain example.com search example.com

Read the article
accessing a web server from the LAN and WAN

- by jessh

My router does not support loopback. In order to view a webpage on my server, I either have to type in the local ip (192.168.1.201), or be on another network. What are my options for making this easier? Here are some possible things: Route all web traffic through an external proxy (seems to be overkill) Run my own DNS server (where to start?!) Buy a new router that supports loopback. Surely there is another way that I can use my laptop on the LAN and the WAN by typing in my domain more easily than these solutions.

Read the article
Cisco WebVPN RDP Plugin and NLA

- by bab

I'm having trouble finding anything in Cisco's docs or with Google searches, so I'm hoping someone out in ServerFault land might know. We've recently enabled NLA domain-wide to protect against some of the recent RDP vulnerabilities. However, we can no longer use the Cisco WebVPN on our ASA to connect to these boxes (Connection Failure). I assume this is because the RDP2 plugin (as of Apr 27 2012) doesn't support NLA? Is there another version of the plugin that does? Thanks!

Read the article
Meetings Disappearing from Outlook 2010 Public Calendar

- by Neil

We are experiencing a frustrating issue with our Public Calendars in Outlook 2010. Meetings that have been scheduled months in advance are missing, but will then reappear. If user A logs in @ 9:30 and goes to the calendar, certain meetings will be missing. 15 Minutes later, when user B logs in, the meetings are there. It is not tied to the actual user- I have seen this issue occur with the order of logging in reversed. These are with meetings that were posted to the calender months ago, so it should not be an issue of an item being updated. We have not upgraded our Exchange environment (still running on 2003), but this is a new machine, running Windows 7 Professional, on a domain, running office 2010. Are there any quirks or settings that I am missing or not aware of?

Read the article
How to alter mail-from postfix?

- by Simon

Hi all, do anyone know how to alter the mail-from of a postfix mail server? Example, I have a postfix mail server which sends mail for the domain example.org. When a linux user, whose account is user.example.org (mapped in postfix/virtual to [email protected]), try to send an email, its mail from is [email protected]. HELO hostname: server.hostname.org Source IP: one ip here mail-from: [email protected] Problems: user.example.org instead of just user. server.hostname.org instead of just example.org. Desired mail-from: [email protected]. This is causing me problems with SPF records for example (example.org differs from server.hostname.org)... any idea of what can be the problem? Thanks in advance, Simon.

Read the article
Mysterious login attempts to windows server

- by Jim Balo

I have a Windows 2008R2 server that is reporting failed login attempts from a number of workstations on our network. Some event log details: Event ID 4625, Status: 0xc000006d, Sub Status: 0xc0000064 Security ID: NULL SID, Account Name: joedoe, Account Domain: Acme Workstation Name: WINXP1, Source Network Address: 192.168.1.23, Source Port: 1904 Logon Process: NtLmSsp, Authentication Package: NTLM, Logon Type: 3 (network) I believe this is coming from some netbios service or similar (maybe the file explorer), keeping an inventory of its network neighborhood and also trying to authenticate. Is there a way to turn this off without having to turn off file sharing all together? In other words, clients authenticating against file servers that they use is of course no problem, but I want to eliminate clients trying to authenticate to servers that they are not using and have no business with. The above example is only one of thousands of log alerts for similar failed network authentications. What can I do to clean this up / handle this? Thanks.

Read the article
Is that possible to route all mails sent to a mailbox to another server's mailbox

- by Chau Chee Yang

I have a Linux server that has local mail service. There are few user accounts on this server. User may send the mail to each other but that only restrict to LAN environment only. For example, I may # mail user1 to send mail to user1. User are not able to send mail to public. Some service like hylafax using this local mail service to send notification of fax status. I don't want to manage and maintain local mail service anymore. I have subscribed a package from ISP to host a public domain of my own. I wish to have my hylafax service to able to send the notification mails to public mail server, is that possible to do it? It is great if all mails that send to local mail server may forward to public mail server. That makes the local mail service serve mail forward only.

Read the article
VPN server to access Samba4

- by VisionIncision

On my network I have an Ubuntu 12.04 server running Samba4, my domain is fully configured and functional. Now, I would like to enable VPN access over the internet, and have another box to do so. I have been searching on the internet for guides and information etc, but have not been successful. I have however found this guide http://www.howtogeek.com/51237/setting-up-a-vpn-pptp-server-on-debian/ but was wondering if I could adapt it somehow to enable access to my DC services. EDIT: I would need to authenticate my VPN server with my DC, if that is possible of course. Any insight would be wonderful. Regards, Jack Hunt

Read the article
Mandatory Profiles on a Server 2003 TS Box

- by Chloe

I have a Windows Server 2003 box which will be acting as a terminal server. It will actually be running Citrix, but I don't believe that to be relevant here. There has been a request for every user to use a single mandatory profile. I've used mandatory profiles before, but there have been generally different profiles for different users so I've always used the "Terminal Services Profile" tab to good effect. What I'd like this time is a single setting, such as a Group Policy or similar that simply forces every non-domain admin user logging on to the box into using the mandatory profile. We'll be using Folder Redirection to take care of everything else. I'm aware of the following GPO: Computer Policy\Computer Configuration\Administrative Templates\Windows Components/Terminal Services Set path for TS Roaming Profiles But, as that's a computer policy, will it not apply to all users including administrators? If so, is it possible to exclude admins somehow?

Read the article
Microsoft DNS creating subdomain when adding address record

- by dwdet

Hello, When attempting to add a normal A record (which has so far always worked), the Microsoft dnsmgmt app in MMC is returning a successful creation message "The host record oneworld.mydomain.com was successfully created". However, after refreshing the zone, it displays a folder icon next to "oneworld" indicating a sub domain, i.e. it is not the A record dnsmgmt said it created successfully. This is really strange behavior that has never happened previously. We have tried this on two separate PCs and remote consoled into the primary DNS server and tried adding the same A record with the same results. Any help is appreciated.

Read the article
don't have "sufficient right" to my own TFS 2010

- by soultaker

after I removed an active directory domain service, I lost all my accounts...then not only the SQL server and the TFS stopped working, the TFs administration console also says that I don't have sufficient right to add members... Now I manage to get the SQL server kind of running, and I can see my project in team explorer, but the TFS still says SQL access denied, SQL server says I don't have permission to add new logins or add my admin account to sysadmin, the TFS still give me the TF246017 tfs could not connect to the database and I don't have sufficient right to add member to any of the project groups... Anybody knows how can I get all these permissions back....?

Read the article
How to setup and manage a shared hosting server on Windows Server 2008 R2 Web Edition?

- by Motivated Student

Background I am a newbie in using Windows Server 2008 R2 Web Edition (and other editions as well). I have a static IP, a very fast internet connection, a server (PRIMERGY TX100 S1 Server) and Windows Server 2008 R2 Web Edition (trial version). The objective is to setup the server to be a shared hosting server such that each of my friends has a private account to manage his/her domain. to upload his/her web content to the server using the encrypted ftp. to manage database administration. to manage Certificate. etc Questions Is there a good reference to learn "how to setup and manage a shared hosting server on Windows Server 2008 R2" ? What are the rough steps I have to do to accomplish my objective?

Read the article
Setting up multiple wireless access points on same network

- by SqlRyan

I'd like to add wireless to my network, and I need multiple access points to cover the whole area. I'd like to set them up so that there's only one "wireless network" that the clients see, and it switches them as seamlessly as possible between access points as they wander around (if that's not possible, then at least have it so that they don't need to set up the security by hand on each one the first time, if possible). I've searched online, and there are quite a few sets of mixed instructions (same vs different SSID, frequency, does the security need to match exactly, etc.). Can somebody who has some experience doing this please let me know what they did? I imagine it's pretty simple, but there seems to be no clear cut "yes, you can do this" online, even though I know you can. I have a mid-size LAN with about 20 workstations and two Domain Controllers on it. Also, I'll be doing this with consumer wireless components, if it makes a difference, not enterprise-level components (ie. Linksys rather than Cisco).

Read the article
Samba setup to request password reset on first time login

- by crazybyte

Is it possible to setup Samba to ask for password reset when the user first logs in without the need to setup a domain controller? Would this work properly with Windows clients or with clients using Linux with file managers like Krusader or Nautilus? Could somebody give me a few pointers how to implement this if is possible? I'm pretty new to Samba and I use it as a file server and I would like to have such a feature on it, but I'm not sure if it's possible. Thanks!

Read the article
Authenticating Linux users against AD without Likewise Open

- by Graeme Donaldson

Has anyone got their Linux systems authenticating against Active Directory without using Likewise Open? We are close to implementing Likewise Open, but first we need to rename roughly 70 of 110 Linux servers so that their hostnames are not longer than 15 characters. This is required because Likewise Open actually joins the Linux computer to the domain, and it fails to do so if the hostname is too long due to some legacy NetBIOS naming limitation. Is there a way to authenticate via AD, using only LDAP perhaps? What are the advantages/disadvantages over doing it like that vs just using Likewise?

Read the article
Windows 7 loses access to network drives

- by dubRun

Ok this is an odd one, but is happening often enough its getting quite annoying. I recently installed Windows 7 on my work computer (about 2 months ago) and every so often I lose access to network shares on our work network. Its one server in particular - other shares are still working fine. I have a number of folders mapped as a drive, and all of the ones on a particular file server have lost access. If I try to access the machine directly (\fileserver\d$) it doesn't work either with this message: Windows cannot access \fileserver\d$. You do not have permission to access \fileserver\d$. Contact your network administrator to request access Once I reboot the computer, access is restored like it should be. The computers are all on a domain and my user has administrator level access to the server in question.

Read the article

< Previous Page | 377 378 379 380 381 382 383 384 385 386 387 388 | Next Page >