Search Results

Search found 1428 results on 58 pages for 'pam ldap'.

Page 41/58 | < Previous Page | 37 38 39 40 41 42 43 44 45 46 47 48  | Next Page >

  • Enterprise Wireless Authentication without Active Directory

    - by ank
    We are in the process of redoing our wireless access network and would like to know if there is any method to get Windows clients/users access to the network using 802.1x WITHOUT having an Active Directory server for authentication and WITHOUT installing additional software on each and every client. Note that we already use Radius servers, LDAP servers (all on CentOS). Users employ a variety of clients including Windows, Mac, Linux, Android, iOS.

    Read the article

  • How to I create a user that is allowed to only add/remove users to distribution lists in Active Directory?

    - by Sorin Sbarnea
    I do have a third party product (Jira) that has Active Directory integration via LDAP. I want to enable Jira administrators to edit group memberships and have them syncronized inside Active Directory. This currently works but I needed to use a Domain Administrator service account in order to do this. The question is how can I do this without giving the entire Domain Administrator permission to the service account.

    Read the article

  • How to find a user's (or mine) access rights on Windows Server 2008?

    - by Faiz
    I was given access to a Windows Server 2008 box and I need to check what all permissions I have on that box (if possible in the entire domain). I don't have access to domain controller and I don't want to write LDAP queries but just some GUI option or some command line stuff. Is there anyway? PS: I am not in to network administration, I am a BI developer. Pardon me if asked a stupid question.

    Read the article

  • Does anyone have a valid and working example of OpenLDAP meta backend?

    - by QXT
    I have been Google'ing my fingers off and simply can not find a working example of how to merge/proxy a OpenLDAP server and windows AD server. Have anyone worked with this before? Any suggestions would be appreciated. The idea is simple: openldap.mydomain.local ---- Linux LDAP Server winad.mydomain.local ---- Windows AD Server Some users are one Linux and some on WinAD. OpenLDAP should search both on login. A working example would be appreciated.

    Read the article

  • Access a remote active directory

    - by theXs
    I'm currently trying to query a remote Active Directory on a Windows Server 2008 R2. However, I'm not able to query the directory if I enter the following string in the cmd line: dsquery user -name m* -s ip:389 -u -p Furthermore, I tried to access the directory with: ldap://: but it didn't work either. I received the following error message: The server is not operational. Is there an option with which I can enable the remote access of an Active Directory?

    Read the article

  • Google chrome proxy authentication dialogue timeout

    - by Nihar Sarangi
    I am on a network that uses LDAP proxy for authentication based on a username and password. Whenever I start Google Chrome, it pops up with a proxy authentication dialogue, but the dialogue disappears automatically after variable amount of time (sometimes it stays for 5 seconds some times less than 1 second). I have found the same issue with Chromium also. Is there any configuration I can set to control this timeout, or say, auto-authenticate with my authentication details from the shell or DE (Gnome3 on Arch)?

    Read the article

  • Whitepaper list for the application framework

    - by Rick Finley
    We're reposting the list of technical whitepapers for the Oracle ETPM framework (called OUAF, Oracle Utilities Application Framework).  These are are available from My Oracle Support at the Doc Id's mentioned below. Some have been updated in the last few months to reflect new advice and new features.  This is reposted from the OUAF blog:  http://blogs.oracle.com/theshortenspot/entry/whitepaper_list_as_at_november Doc Id Document Title Contents 559880.1 ConfigLab Design Guidelines This whitepaper outlines how to design and implement a data management solution using the ConfigLab facility. This whitepaper currently only applies to the following products: Oracle Utilities Customer Care And Billing Oracle Enterprise Taxation Management Oracle Enterprise Taxation and Policy Management           560367.1 Technical Best Practices for Oracle Utilities Application Framework Based Products Whitepaper summarizing common technical best practices used by partners, implementation teams and customers. 560382.1 Performance Troubleshooting Guideline Series A set of whitepapers on tracking performance at each tier in the framework. The individual whitepapers are as follows: Concepts - General Concepts and Performance Troublehooting processes Client Troubleshooting - General troubleshooting of the browser client with common issues and resolutions. Network Troubleshooting - General troubleshooting of the network with common issues and resolutions. Web Application Server Troubleshooting - General troubleshooting of the Web Application Server with common issues and resolutions. Server Troubleshooting - General troubleshooting of the Operating system with common issues and resolutions. Database Troubleshooting - General troubleshooting of the database with common issues and resolutions. Batch Troubleshooting - General troubleshooting of the background processing component of the product with common issues and resolutions. 560401.1 Software Configuration Management Series  A set of whitepapers on how to manage customization (code and data) using the tools provided with the framework. The individual whitepapers are as follows: Concepts - General concepts and introduction. Environment Management - Principles and techniques for creating and managing environments. Version Management - Integration of Version control and version management of configuration items. Release Management - Packaging configuration items into a release. Distribution - Distribution and installation of releases across environments Change Management - Generic change management processes for product implementations. Status Accounting - Status reporting techniques using product facilities. Defect Management - Generic defect management processes for product implementations. Implementing Single Fixes - Discussion on the single fix architecture and how to use it in an implementation. Implementing Service Packs - Discussion on the service packs and how to use them in an implementation. Implementing Upgrades - Discussion on the the upgrade process and common techniques for minimizing the impact of upgrades. 773473.1 Oracle Utilities Application Framework Security Overview A whitepaper summarizing the security facilities in the framework. Now includes references to other Oracle security products supported. 774783.1 LDAP Integration for Oracle Utilities Application Framework based products Updated! A generic whitepaper summarizing how to integrate an external LDAP based security repository with the framework. 789060.1 Oracle Utilities Application Framework Integration Overview A whitepaper summarizing all the various common integration techniques used with the product (with case studies). 799912.1 Single Sign On Integration for Oracle Utilities Application Framework based products A whitepaper outlining a generic process for integrating an SSO product with the framework. 807068.1 Oracle Utilities Application Framework Architecture Guidelines This whitepaper outlines the different variations of architecture that can be considered. Each variation will include advice on configuration and other considerations. 836362.1 Batch Best Practices for Oracle Utilities Application Framework based products This whitepaper outlines the common and best practices implemented by sites all over the world. 856854.1 Technical Best Practices V1 Addendum Addendum to Technical Best Practices for Oracle Utilities Customer Care And Billing V1.x only. 942074.1 XAI Best Practices This whitepaper outlines the common integration tasks and best practices for the Web Services Integration provided by the Oracle Utilities Application Framework. 970785.1 Oracle Identity Manager Integration Overview This whitepaper outlines the principals of the prebuilt intergration between Oracle Utilities Application Framework Based Products and Oracle Identity Manager used to provision user and user group security information. For Fw4.x customers use whitepaper 1375600.1 instead. 1068958.1 Production Environment Configuration Guidelines A whitepaper outlining common production level settings for the products based upon benchmarks and customer feedback. 1177265.1 What's New In Oracle Utilities Application Framework V4? Whitepaper outlining the major changes to the framework since Oracle Utilities Application Framework V2.2. 1290700.1 Database Vault Integration Whitepaper outlining the Database Vault Integration solution provided with Oracle Utilities Application Framework V4.1.0 and above. 1299732.1 BI Publisher Guidelines for Oracle Utilities Application Framework Whitepaper outlining the interface between BI Publisher and the Oracle Utilities Application Framework 1308161.1 Oracle SOA Suite Integration with Oracle Utilities Application Framework based products This whitepaper outlines common design patterns and guidelines for using Oracle SOA Suite with Oracle Utilities Application Framework based products. 1308165.1 MPL Best Practices Oracle Utilities Application Framework This is a guidelines whitepaper for products shipping with the Multi-Purpose Listener. This whitepaper currently only applies to the following products: Oracle Utilities Customer Care And Billing Oracle Enterprise Taxation Management Oracle Enterprise Taxation and Policy Management 1308181.1 Oracle WebLogic JMS Integration with the Oracle Utilities Application Framework This whitepaper covers the native integration between Oracle WebLogic JMS with Oracle Utilities Application Framework using the new Message Driven Bean functionality and real time JMS adapters. 1334558.1 Oracle WebLogic Clustering for Oracle Utilities Application Framework New! This whitepaper covers process for implementing clustering using Oracle WebLogic for Oracle Utilities Application Framework based products. 1359369.1 IBM WebSphere Clustering for Oracle Utilities Application Framework New! This whitepaper covers process for implementing clustering using IBM WebSphere for Oracle Utilities Application Framework based products 1375600.1 Oracle Identity Management Suite Integration with the Oracle Utilities Application Framework New! This whitepaper covers the integration between Oracle Utilities Application Framework and Oracle Identity Management Suite components such as Oracle Identity Manager, Oracle Access Manager, Oracle Adaptive Access Manager, Oracle Internet Directory and Oracle Virtual Directory. 1375615.1 Advanced Security for the Oracle Utilities Application Framework New! This whitepaper covers common security requirements and how to meet those requirements using Oracle Utilities Application Framework native security facilities, security provided with the J2EE Web Application and/or facilities available in Oracle Identity Management Suite.

    Read the article

  • security stuff's

    - by raghu.yadav
    http://fmwdocs.us.oracle.com/doclibs/fmw/E10285_01/appslib7/web.1111/b31974/adding_security.htm#BGBGJEAH At design time, JDeveloper saves all policy store and identity store changes in a single file for the entire application. In the development environment, this is the jazn-data.xml file. After you configure the jazn-data.xml file using the editors, you can run the application in Integrated WebLogic Server and the contents of the policy store will be added to the domain-level store, the system-jazn-data.xml file, while the test users will be migrated to the embedded LDAP server that Integrated WebLogic Server uses for its identity store. The domain-level store allows you to test the security implementation by logging on as test users that you have created. looks like above part did went well with me, apart from following all instruction provided in doc, I need to create users from adminconsole in security-realms-Users and Groups sections to successfully login to pages.

    Read the article

  • ADSI, SQL, Exchange Server 2010

    - by WernerCD
    Maybe I'm barking up the wrong tree... We have a Domain Controller "DC1". We have Exchange Server 2010 "Postman". Say I have an Address Book: And I add a few contacts to it: How then do I get the data from that contact via ADSI? Say I want the Job Title or CustomerID field that I filled out in the Contacts list? SELECT * FROM OPENQUERY(ADSI, 'SELECT EXTENSIONATTRIBUTE15 ,DISPLAYNAME ,GIVENNAME ,NAME ,SN ,SAMACCOUNTNAME FROM ''LDAP://DC=ATLANTICGENERAL,DC=ORG'' WHERE USERACCOUNTCONTROL=512 AND SAMACCOUNTTYPE=805306368 AND OBJECTCLASS=''PERSON'' AND OBJECTCLASS=''USER'' ORDER BY SAMACCOUNTTYPE ') How can I tie the Contact Card to an Active Directory User, so that I can edit either the AD account information OR the Exchange information and have them synced up?

    Read the article

  • Product Support Webcast for Existing Customers: Security Scenarios with Oracle WebCenter Content

    - by John Klinke
    Learn how user authentication and authorization is now implemented in Oracle WebCenter Content by attending this 1-hour Advisor Webcast "Security Scenarios with WebCenter Content" on September 27, 2012 at 11:00am Eastern (16:00 UK / 17:00 CET / 8:00am Pacific / 9:00am Mountain) This 1-hour session is recommended for technical and functional users of Oracle WebCenter Content. In this session, we will explain how user authentication and authorization is implemented in WebCenter Content 11g as well as ways that single sign-on (SSO) can be used. Topics will include: - How authentication and authorization was handled in previous WebCenter Content Server versions - The WebLogic Server mechanisms now used to provide user access and content security - Dealing with external and internal users - Overview of the WebLogic Server LDAP provider configuration - How to differentiate Roles and Accounts - WebCenter Content credential mapping - Single Sign-on (SSO) - SAML and Kerberos Register now at http://bit.ly/PH7zDj

    Read the article

  • Upgrading 8.10 server to LTS

    - by user3215
    I'm in a plan to upgrade ubuntu 8.10 vbox vm servers to LTS(obviously 10.04) as 8.10 has no support. As far as I know I'll be executing the following to upgrade: apt-get install update-manager-core do-release-upgrade anybody could tell me how could I upgrade a ubuntu server from alternate iso image(Is the alternate iso image used for desktop editons the same used for servers?)? I heard it's possible to upgrade an LTS directly to another LTS and how could I do this after upgrading 8.10 to 9.04 then directly to 10.04 skipping 9.10? 8.10 servers are hosting many services/applications/databases like apache2, tomcat6, ldap, mysql, cvs... and I'm not sure that all of them work as ever after the upgrade. If there is any precautions that I've to following before upgrading, please anyone let me know(ofcourse backup and I'm not going to take backup as I will be trying this on a copy of vdi/vmdk vms) Thanks!

    Read the article

  • Oracle Communications Calendar Server: Upgrading to Version 7 Update 3

    - by joesciallo
    It's been some time since I have posted an entry. Now, with the release of Oracle Communications Calendar Server 7 Update 3, it seems high time to jump start this blog again. To begin with, check out what's new in this release: Authenticating Against an External Directory Booking Window for Calendars Changes to the davadmin Command Enable and Disable Account Autocreation LDAP Pools New Configuration Parameters New Languages New populate-davuniqueid Utility New Schema Objects Non-active Calendar Accounts Are No Longer Searched or Fetched Remote Document Store Authentication The upgrade is a bit more complicated than normal, as you must first apply some new schema elements to your Directory Server(s). To do so, you need to get the comm_dssetup 6.4 patch, patch the comm_dssetup script, and then run the patched comm_dssetup against your Directory Server(s) instances. In addition, if you are using the nsUniqueId attribute as your deployment's unique identifier, you'll want to change that to the new davUniqueId attribute. Consult the Upgrade Procedure for details, as well as DaBrain's blog, before forging ahead with this upgrade. Additional quick links: Problems Fixed in This Release Known Issues Calendar Server Unique Identifier Changes to the davadmin command Get the Calendar Server patch Get the comm_dssetup patch

    Read the article

  • SSH: Two Factor Authentication

    - by Pierre
    I currently have a Ubuntu Server 12.04 running OpenSSH along with Samba and a few other services. At the current time I have public key authentication set up, and I'm wondering if it's possible to set up two factor authentication? I've been looking at Google Authenticator which I currently use with my Gmail account. I've found a PAM module that looks like it will be compatible however it seems that you are forced to use a password and the code generated. I'm wondering if there is a way to use the Google Authenticator Application (or something similar) along with my public key to authenticate into my SSH server?

    Read the article

  • NetApp and SQL Server?

    - by Edinor
    Do you have any good or bad experiences to share running SQL Server OLTP Systems on NetApp appliances? I have been working with a small, relatively low-volume cluster with a lower-end NetApp device, and I have found the environment to be generally unstable, at least compared to my experiences with other SANs, iSCSI arrays, and DAS setups. I struggle to believe that RAID DP and WAFL are more than fairy-dust technologies. A solution has been proposed to me that I just need a bigger, better NetApp, with PAM cards and other cool technology I've not heard of, and I feel like I would be better off spending a quarter of that on good direct-attached drives and a beefy server. At the same time, I feel that an Enterprise-class SAN should be something I can count on to be consistently a more stable, better performer than the less expensive solution I might propose. Are you a SQL Server DBA in an OLTP environment and love your NetApp? If you don't like them, why not?

    Read the article

  • How can I enable anonymous access to a Samba share under ADS security mode?

    - by hemp
    I'm trying to enable anonymous access to a single service in my Samba config. Authorized user access is working perfectly, but when I attempt a no-password connection, I get this message: Anonymous login successful Domain=[...] OS=[Unix] Server=[Samba 3.3.8-0.51.el5] tree connect failed: NT_STATUS_LOGON_FAILURE The message log shows this error: ... smbd[21262]: [2010/05/24 21:26:39, 0] smbd/service.c:make_connection_snum(1004) ... smbd[21262]: Can't become connected user! The smb.conf is configured thusly: [global] security = ads obey pam restrictions = Yes winbind enum users = Yes winbind enum groups = Yes winbind use default domain = true valid users = "@domain admins", "@domain users" guest account = nobody map to guest = Bad User [evilshare] path = /evil/share guest ok = yes read only = No browseable = No Given that I have 'map to guest = Bad User' and 'guest ok' specified, I don't understand why it is trying to "become connected user". Should it not be trying to "become guest user"?

    Read the article

  • Agent admitted failure to sign using the key.

    - by Delirium tremens
    .ssh dir is chmodded 700, id_rsa.pub 600, id_rsa 400. I ran ssh-keygen -t rsa, imported key to launchpad and ran bzr branch lp:unity, but got error message: Agent admitted failure to sign using the key. Permission denied (publickey). bzr: ERROR: Connection closed: Unexpected end of message. Please check connectivity and permissions, and report a bug if problems persist. auth.log: Nov 28 20:23:13 ubuntu sudo: deltrem : TTY=pts/0 ; PWD=/home/deltrem/Documentos/repositories ; USER=root ; COMMAND=/usr/bin/bzr branch lp:unity Nov 28 20:39:01 ubuntu CRON[2959]: pam_unix(cron:session): session opened for user root by (uid=0) Nov 28 20:39:01 ubuntu CRON[2959]: pam_unix(cron:session): session closed for user root Nov 28 20:41:04 ubuntu gnome-screensaver-dialog: gkr-pam: unlocked login keyring

    Read the article

  • Setting up dante socks server

    - by skerit
    I want to tunnel all my internet traffic through my vps, so I'm trying to install a proxy server. However: I can't seem to browse the internet through Dante. I get the ERR_EMPTY_RESPONSE error. This is my config: logoutput: stderr /home/user/dantelog internal: eth1 port=1080 external: eth1 method: username pam user.privileged: proxy user.notprivileged: nobody user.libwrap: nobody client pass { from: 10.0.0.0/8 port 1-65535 to: 0.0.0.0/0 } Do I really have to run 2 proxy servers: one for http and one for socks? or is there something else I can do?

    Read the article

  • PureFTPd : ChrootEveryone not working

    - by Mistha Noobstha
    I have a fresh install of Ubuntu 12.04 with pure-ftpd version 1.0.35-1. I don't use database for the only user I have (ftpuser1 - localuser), but I want to lock him into his home directory. /ftp/ftpuser1 is the home dir of ftpuser1. /etc/pure-ftpd/conf/ChrootEveryone has the yes string and in /etc/default/pure-ftpd-common VIRTUALCHROOT is set to false, but ftpuser1 can freely walk around. My startup line for pure-ftpd looks like this : /usr/sbin/pure-ftpd -l pam -A -8 UTF-8 -O clf:/var/log/pure-ftpd/transfer.log -u 1000 -E -B So there is the "-A" in it for the ChrootEveryone.

    Read the article

  • Redhat 6 gui installation VS kickstart gives me different packages?

    - by jonaz
    If i do the graphical install and select basic server + aide and screen i get a system with 535 installed packages. If i look at the /root/anaconda-ks.cfg file in that freshly installed system i see: %packages @base @console-internet @core @debugging @directory-client @hardware-monitoring @java-platform @large-systems @network-file-system-client @performance @perl-runtime @security-tools @server-platform @server-policy @system-admin-tools pax python-dmidecode oddjob sgpio certmonger pam_krb5 krb5-workstation nscd pam_ldap nss-pam-ldapd perl-DBD-SQLite aide screen If i then install a NEW system using a kickstart only containing those packages i get 620 installed packages. So basicly my question is why does the system install almost 100 more packages when using kickstart compared to the GUI installation when the exact same packagegroups are selected?

    Read the article

  • Can connect to Samba, but access denied to homes

    - by user893730
    I can connect to the samba server using both IP address and server name, and I can see the home folder name, but can't connect to it smb.cnf [global] workgroup = WORKGROUP server string = Venus wins support = no read only = no browsable = yes create mode = 0777 directory mode = 0777 case sensitive = no dns proxy = no interfaces = 127.0.0.1/8 eth0 bind interfaces only = yes log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 security = user encrypt passwords = true passdb backend = smbpasswd obey pam restrictions = yes unix password sync = no passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . pam password change = no [homes] comment = User Directories path = /data/localdevs/%u public = no browsable = yes writable = yes the /etc/samba folder has the following files in it lmhosts smb.conf smb.conf.orig smbusers The output of "sudo pdbedit -L" is user1:500: ls -abl /data/localdevs/ drwxr-xr-x. 4 user1 user1 4096 Jul 24 17:35 user1 These are what samba logs are showing when I get the access denied to user1's home directory [2012/07/24 20:27:08.599216, 3] smbd/process.c:1489(process_smb) Transaction 24 of length 90 (0 toread) [2012/07/24 20:27:08.599350, 3] smbd/process.c:1298(switch_message) switch message SMBntcreateX (pid 2440) conn 0x7f6758780c00 [2012/07/24 20:27:08.599373, 4] smbd/uid.c:257(change_to_user) change_to_user: Skipping user change - already user [2012/07/24 20:27:08.599412, 3] smbd/vfs.c:881(check_reduced_name) check_reduced_name [.] [/data/localdevs/user1] [2012/07/24 20:27:08.599485, 3] smbd/vfs.c:1038(check_reduced_name) check_reduced_name: . reduced to /data/localdevs/user1 [2012/07/24 20:27:08.599508, 3] smbd/vfs.c:881(check_reduced_name) check_reduced_name [.] [/data/localdevs/user1] [2012/07/24 20:27:08.599552, 3] smbd/vfs.c:1038(check_reduced_name) check_reduced_name: . reduced to /data/localdevs/user1 [2012/07/24 20:27:08.599581, 3] smbd/dosmode.c:166(unix_mode) unix_mode(.) returning 0766 [2012/07/24 20:27:08.599643, 3] smbd/vfs.c:881(check_reduced_name) check_reduced_name [.] [/data/localdevs/user1] [2012/07/24 20:27:08.599668, 3] smbd/vfs.c:1038(check_reduced_name) check_reduced_name: . reduced to /data/localdevs/user1 [2012/07/24 20:27:08.599707, 4] smbd/open.c:1990(open_file_ntcreate) calling open_file with flags=0x0 flags2=0x0 mode=0766, access_mask = 0x81, open_access_mask = 0x81 [2012/07/24 20:27:08.599806, 3] smbd/open.c:467(open_file) Error opening file . (NT_STATUS_ACCESS_DENIED) (local_flags=0) (flags=0) [2012/07/24 20:27:08.599838, 3] smbd/error.c:80(error_packet_set) error packet at smbd/error.c(160) cmd=162 (SMBntcreateX) NT_STATUS_ACCESS_DENIED [2012/07/24 20:27:08.604075, 3] smbd/process.c:1489(process_smb) Transaction 25 of length 90 (0 toread) [2012/07/24 20:27:08.604193, 3] smbd/process.c:1298(switch_message) switch message SMBntcreateX (pid 2440) conn 0x7f6758780c00 [2012/07/24 20:27:08.604216, 4] smbd/uid.c:257(change_to_user) change_to_user: Skipping user change - already user [2012/07/24 20:27:08.604268, 3] smbd/vfs.c:881(check_reduced_name) check_reduced_name [.] [/data/localdevs/user1] [2012/07/24 20:27:08.604336, 3] smbd/vfs.c:1038(check_reduced_name) check_reduced_name: . reduced to /data/localdevs/user1 [2012/07/24 20:27:08.604395, 3] smbd/vfs.c:881(check_reduced_name) check_reduced_name [.] [/data/localdevs/user1] [2012/07/24 20:27:08.604419, 3] smbd/vfs.c:1038(check_reduced_name) check_reduced_name: . reduced to /data/localdevs/user1 [2012/07/24 20:27:08.604442, 3] smbd/dosmode.c:166(unix_mode) unix_mode(.) returning 0766 [2012/07/24 20:27:08.604532, 3] smbd/vfs.c:881(check_reduced_name) check_reduced_name [.] [/data/localdevs/user1] [2012/07/24 20:27:08.604554, 3] smbd/vfs.c:1038(check_reduced_name) check_reduced_name: . reduced to /data/localdevs/user1 [2012/07/24 20:27:08.604583, 4] smbd/open.c:1990(open_file_ntcreate) calling open_file with flags=0x0 flags2=0x0 mode=0766, access_mask = 0x81, open_access_mask = 0x81 [2012/07/24 20:27:08.604679, 3] smbd/open.c:467(open_file) Error opening file . (NT_STATUS_ACCESS_DENIED) (local_flags=0) (flags=0) [2012/07/24 20:27:08.604705, 3] smbd/error.c:80(error_packet_set) error packet at smbd/error.c(160) cmd=162 (SMBntcreateX) NT_STATUS_ACCESS_DENIED [2012/07/24 20:27:08.606977, 3] smbd/process.c:1489(process_smb) Transaction 26 of length 80 (0 toread) [2012/07/24 20:27:08.607096, 3] smbd/process.c:1298(switch_message) switch message SMBtrans2 (pid 2440) conn 0x7f6758780c00 [2012/07/24 20:27:08.607119, 4] smbd/uid.c:257(change_to_user) change_to_user: Skipping user change - already user [2012/07/24 20:27:08.607139, 3] smbd/trans2.c:5100(call_trans2qfilepathinfo) call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 1004 [2012/07/24 20:27:08.607162, 3] smbd/vfs.c:881(check_reduced_name) check_reduced_name [.] [/data/localdevs/user1] [2012/07/24 20:27:08.607184, 3] smbd/vfs.c:1038(check_reduced_name) check_reduced_name: . reduced to /data/localdevs/user1 [2012/07/24 20:27:08.607208, 3] smbd/trans2.c:5226(call_trans2qfilepathinfo) call_trans2qfilepathinfo . (fnum = -1) level=1004 call=5 total_data=0 [2012/07/24 20:27:08.608306, 3] smbd/process.c:1489(process_smb) Transaction 27 of length 80 (0 toread) [2012/07/24 20:27:08.608362, 3] smbd/process.c:1298(switch_message) switch message SMBtrans2 (pid 2440) conn 0x7f6758780c00 [2012/07/24 20:27:08.608383, 4] smbd/uid.c:257(change_to_user) change_to_user: Skipping user change - already user [2012/07/24 20:27:08.608403, 3] smbd/trans2.c:5100(call_trans2qfilepathinfo) call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 1005 [2012/07/24 20:27:08.608439, 3] smbd/vfs.c:881(check_reduced_name) check_reduced_name [.] [/data/localdevs/user1] [2012/07/24 20:27:08.608461, 3] smbd/vfs.c:1038(check_reduced_name) check_reduced_name: . reduced to /data/localdevs/user1 [2012/07/24 20:27:08.608484, 3] smbd/trans2.c:5226(call_trans2qfilepathinfo) call_trans2qfilepathinfo . (fnum = -1) level=1005 call=5 total_data=0

    Read the article

  • How can I enable anonymous access to a Samba share under ADS security mode?

    - by hemp
    I'm trying to enable anonymous access to a single service in my Samba config. Authorized user access is working perfectly, but when I attempt a no-password connection, I get this message: Anonymous login successful Domain=[...] OS=[Unix] Server=[Samba 3.3.8-0.51.el5] tree connect failed: NT_STATUS_LOGON_FAILURE The message log shows this error: ... smbd[21262]: [2010/05/24 21:26:39, 0] smbd/service.c:make_connection_snum(1004) ... smbd[21262]: Can't become connected user! The smb.conf is configured thusly: [global] security = ads obey pam restrictions = Yes winbind enum users = Yes winbind enum groups = Yes winbind use default domain = true valid users = "@domain admins", "@domain users" guest account = nobody map to guest = Bad User [evilshare] path = /evil/share guest ok = yes read only = No browseable = No Given that I have 'map to guest = Bad User' and 'guest ok' specified, I don't understand why it is trying to "become connected user". Should it not be trying to "become guest user"?

    Read the article

  • Deny users in a certain group access to dovecot

    - by celil
    I installed the dovecot-imapd package in Ubuntu, and my setup is as follows: $ sudo dovecot -n # 1.2.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-27-generic-pae i686 Ubuntu 10.04.1 LTS log_timestamp: %Y-%m-%d %H:%M:%S protocols: imaps login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login mail_privileged_group: mail mail_location: maildir:~/Maildir mbox_write_locks: fcntl dotlock auth default: passdb: driver: pam userdb: driver: passwd For security reasons I would like to deny all users that are in the admin group ability to do imap login via dovecot. This is done in order to prevent a brute force attacker from discovering the admin passwords, and obtaining administrator privileges on the system. How can this be achieved? Presumably, I will have to modify some settings in /etc/dovecot/dovecot.conf, but I am hesitant to change the default settings lest I create other security vulnerabilities.

    Read the article

  • How to display SSH banner at login, but only for password authentication

    - by banjer
    I have a warning message that is displayed to a user after they enter their username to log in to our Linux servers. I only want to display this message for password authentications, and not when keys are used. It should only show to a user who is logging into a host, and not when they are sshing from one host to another (our hosts all have keys set up so we can ssh from one to another without entering passwords). Currently, I have a line for Banner in the /etc/ssh/sshd_config file which points to a text file containing the warning message. Banner doesn't appear to have any further config options, so I'm wondering if there is a way to do this with pam or some other mechanism? Thanks.

    Read the article

  • How to set up virtual users in vsftpd?

    - by ares94
    I've read this tutorial: http://howto.gumph.org/content/setup-virtual-users-and-directories-in-vsftpd/ My configuration is as follow: ---vsftpd.conf--- listen=YES anonymous_enable=NO local_enable=YES virtual_use_local_privs=YES write_enable=YES connect_from_port_20=YES pam_service_name=vsftpd guest_enable=YES user_sub_token=$USER local_root=/var/www/sites/$USER chroot_local_user=YES hide_ids=YES ---/etc/pam.d/vsftpd--- auth required pam_pwdfile.so pwdfile /etc/vsftpd/passwd account required pam_permit.so I created file /etc/vsftpd/passwd and added users using htaccess. I tried to login but it didn't work: ftp 127.0.0.1 Connected to 127.0.0.1 (127.0.0.1). 220 vsFTPd 2.3.5+ (ext.1) ready... Name (127.0.0.1:root): user1 331 Please specify the password. Password: 530 Permission denied. Login failed. Everything seems fine accept the permission denied thing. How can I fix this?

    Read the article

< Previous Page | 37 38 39 40 41 42 43 44 45 46 47 48  | Next Page >