Search Results

Search found 13853 results on 555 pages for 'soa security'.

Page 457/555 | < Previous Page | 453 454 455 456 457 458 459 460 461 462 463 464 | Next Page >

Amazon Ec2: Problem In Setting up FTP Server

- by Muntasir

after setting up My vsFtp Server ON Ec2 i am facing problem , my client is Filezilla and i am getting this error Response: 230 Login successful. Command: OPTS UTF8 ON Response: 200 Always in UTF8 mode. Status: Connected Status: Retrieving directory listing... Command: PWD Response: 257 "/" Command: TYPE I Response: 200 Switching to Binary mode. Command: PASV Response: 500 OOPS: invalid pasv_address Command: PORT 10,130,8,44,240,50 Response: 500 OOPS: priv_sock_get_cmd Error: Failed to retrieve directory listing Error: Connection closed by server this is the current setting in my vsftpd.conf #nopriv_user=ftpsecure #async_abor_enable=YES # ASCII mangling is a horrible feature of the protocol. #ascii_upload_enable=YES #ascii_download_enable=YES # You may specify a file of disallowed anonymous e-mail addresses. Apparently # useful for combatting certain DoS attacks. #deny_email_enable=YES # (default follows) #banned_email_file=/etc/vsftpd/banned_emails # chroot_local_user=YES #chroot_list_enable=YES # (default follows) #chroot_list_file=/etc/vsftpd/chroot_list GNU nano 2.0.6 File: /etc/vsftpd/vsftpd.conf # #ls_recurse_enable=YES # # When "listen" directive is enabled, vsftpd runs in standalone mode and # listens on IPv4 sockets. This directive cannot be used in conjunction # with the listen_ipv6 directive. listen=YES # # This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6 # sockets, you must run two copies of vsftpd with two configuration files. # Make sure, that one of the listen options is commented !! #listen_ipv6=YES pam_service_name=vsftpd userlist_enable=YES tcp_wrappers=YES pasv_enable=YES pasv_min_port=2345 pasv_max_port=2355 listen_port=1024 pasv_address=ec2-xxxxxxx.compute-1.amazonaws.com pasv_promiscuous=YES Note: i have already open those port in security group i mean listen port, min max if someone shows me how to fix this i will be very greatful thanks

Read the article
Can't delete C:\Config.Msi\75ce84f.rbf

- by Hugh Allen

I can't delete C:\Config.Msi\75ce84f.rbf It's not causing any problems but it's a mystery I'd like to solve, preferably before the next reboot because it's scheduled for deletion then (see pendmoves). it's not readonly, system or hidden it's not in use by another process (according to Process Explorer) the NT security permissions aren't the problem either - I am the owner and have Full Control ; as a double-check, the Effective Permissions tab shows that I have permission to delete. Yet trying to delete the file gives "Access is Denied" from both Explorer and cmd. I can however rename it or move it to another folder on the same drive. I can also read it and Virustotal says it's clean which is what I would expect (it's just a Windows Installer temp file - a copy of some DLL I think). The relevant line from Process Monitor is: 6:52:14.3726983 PM 112 Explorer.EXE SetDispositionInformationFile C:\Config.Msi\75ce84f.rbf CANNOT DELETE Delete: True Write 1232 Background: I'm using XP SP2. I recently repaired my Adobe Reader installation to make it the default browser plugin again instead of Foxit. (there seems to be no UI to do it otherwise?) So the installer did its thing and then asked to reboot. As is my habit when rebooting is inconvenient I declined the offer and ran pendmoves to find out what files the installer had scheduled to move / delete. It wanted to delete two files with .rbf extension (rollback files) located in C:\Config.msi\. (this applies to both even though I've been speaking about one). So I tried to delete them manually and couldn't. Does anyone have any ideas what could be preventing deletion? (and I don't think it's malware even though I'm not running AV at the moment)

Read the article
VsFTPd - pam_mkhomedir

- by Totor

I am trying to set up a FTP server that authenticates against an LDAP server. This part is done and works. My server is VsFTPd on Ubuntu Server 11.04. But I have to create the home directories for my LDAP users. I am trying to user the pam_mkhomedir module but it is not working: when I add its line to the /etc/pam.d/vsftpd file, my users can not login anymore to the FTP server. The problem is that I have very few information on what is wrong. VsFTPd just responds 530: login incorrect and I could not find a way to get debug or error messages from pam_mkhomedir. Here are my different configuration files. The /etc/pam.d/vsftpd file: auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed auth required pam_ldap.so account required pam_ldap.so password required pam_ldap.so session optional pam_mkhomedir.so skel=/home/skel debug The /etc/vsftpd.conf file: listen=YES anonymous_enable=NO local_enable=YES write_enable=YES dirmessage_enable=YES use_localtime=YES xferlog_enable=YES connect_from_port_20=YES pam_service_name=vsftpd rsa_cert_file=/etc/ssl/private/vsftpd.pem guest_enable=YES session_support=YES log_ftp_protocol=YES tcp_wrappers=YES Permissions on /home and /home/skel: root@ftp:/home# ls -al total 16 drwxrwxrwx 4 root root 4096 2011-10-11 21:19 . drwxr-xr-x 21 root root 4096 2011-09-27 13:32 .. drwxrwxrwx 2 root root 4096 2011-10-11 19:34 skel drwxrwxrwx 5 foo foo 4096 2011-10-11 21:11 foo root@ftp:/home# ls -al skel/ total 16 drwxrwxrwx 2 root root 4096 2011-10-11 19:34 . drwxrwxrwx 4 root root 4096 2011-10-11 21:19 .. -rwxrwxrwx 1 root root 3352 2011-10-11 19:34 .bashrc -rwxrwxrwx 1 root root 675 2011-10-11 19:34 .profile Yes, I know, permissions are not properly set but security is not the issue here: I first need to get it to work. So, to recapitulate: without pam_mkhomedir my LDAP users can login, but they cannot do anything because they are in an empty chrooted jail. If I add pam_mkhomedir, they cannot login anymore. If anyone has an idea why, or know how to get more information from logs, I would be very grateful, thanks.

Read the article
Mounting a TrueCrypt volume over FTP

- by Maxim Zaslavsky

Is it possible to mount a TrueCrypt volume file over FTP? Here's how TrueCrypt works with a local file: User inputs path to volume file, enters password TrueCrypt verifies that the password is correct (probably by decrypting the very first part of the volume file?) TrueCrypt reads the directory listing from the volume file and mounts the volume. However, in this step, TrueCrypt does NOT process the whole volume file. The user browses the directory listing and opens a file. TrueCrypt reads only the part of the volume file that contains the file the user wants, and then decrypts it. Once again, TrueCrypt doesn't process the whole volume file - it only reads part of it. The user edits part of the file and saves it. TrueCrypt encrypts the change and edits the volume file. I'm pretty sure it should be possible to mount a volume over FTP, without undermining security and without having to transfer the whole volume file just to read one small part of the volume. Here's how I imagine it: User inputs FTP path to volume file, enters FTP login information, enters password to volume TrueCrypt downloads the very first part of the volume file and verifies that the password is correct TrueCrypt downloads the part of the volume file that contains the directory listing - the data is sent encrypted over FTP and is decrypted locally. The user browses the directory listing and opens a file. TrueCrypt downloads only the part of the volume file that contains the file the user wants, and then decrypts it locally. The user edits part of the file and saves it. TrueCrypt encrypts the change and edits the volume file over FTP, transferring encrypted data only. Is such a feature available?

Read the article
Override <customErrors mode="Off"/> message from .NET Framework even when in web.config detailed err

- by GrZeCh

Hello, is this possible to override .NET Framework error: Server Error in '/' Application. Runtime Error Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine. ...  <configuration> <system.web> <customErrors mode="Off"/> </system.web> </configuration> even if web.config (IIS7.5) is set to <httpErrors errorMode="Detailed"/> ? I'm asking because my default setting for IIS7 is <deployment retail="true" /> so no error is being showed and only adding additional error handling module to website will allow to see errors generated by this application and thats why I want to override this message to inform users about it. Any ideas? Thanks

Read the article
Replacing DropBox with: Amazon S3 + SSL + GPG/TrueCrypt + Mounting on OSX ??

- by Matt Rogish

So, right now we're using DropBox to share various data files around between approximately 10 Mac OS X systems. However, we already have an S3 account and everyone on the lowest DropBox plan of $10/mo seems too expensive. We'd like to avoid any kind of local storage (share a disk on a desktop or something) since we're a geographically distributed team). So, I am contemplating something that would allow us to replace DropBox with our own home-grown solution. We are all fairly technical people and/or smart enough to follow some steps, so if it's not as "user friendly" as DropBox we're all comfortable with that. There are plenty of docs out there that have bits and pieces of what I want but some of the tools don't seem to fit the requirements: Transport security via SSL to the bucket Encryption of bucket contents Bi-directional syncing Most of the scripts I can find on the internet use "duplicity" which appears to fail #1 (it doesn't look like duplicity supports SSL to S3 - the docs don't state but the protocol looks plain old http http://www.nongnu.org/duplicity/duplicity.1.html#sect6 ) Many scripts use gpg to encrypt files. This seems like it could work, however I have to make sure that each OSX client is able to use the same key to encrypt and decrypt files (key management is left to me to manage). FTP and other client-based apps don't seem to support this at all. Finally, most of the scripts use one-way replication, e.g. using Amazon S3 as a simple backup store. As we'd be using Amazon S3 as the "repository" they fail this one. Whew. So, I'd love a single tool that does this but after an exhaustive search I don't think one exists. In my mind, the magical tool would be some combination of TrueCrypt and rsync. I'd be happy just knowing which tools out there can fulfill my 3 requirements, after that I can stitch together the rest. Any thoughts? THANKS!

Read the article
Launching firefox on remote server causes local firefox to start instead

- by terdon

Right, this is strange. I am connecting from my laptop (LMDE) to a remote host (SUSE linux enterprise) using ssh -X. I want to launch a firefox instance running on the remote server so I can have access to webpages on a private network. User@RemoteMachine $ which -a firefox /usr/bin/firefox User@RemoteMachine $ /usr/bin/firefox --version Mozilla Firefox 2.0.0.2, Copyright (c) 1998 - 2007 mozilla.org User@LocalMachine $ which -a firefox /usr/bin/firefox User@LocalMachine $ /usr/bin/firefox --version Mozilla Firefox 14.0.1 Now, if firefox is not running on the local machine, everything goes as expected and executing firefox on the remote machine causes a firefox (v 2.0) window running on the remote machine to show up. However, if firefox is running on the local machine a second window of firefox 14.0.1 running on the local machine appears. I have checked top in both machines. In the 2nd case, a firefox process briefely appears on the remote machine and then disappears when the local version of firefox is launched. My questions are the following: What gives? How/why can firefox connect to its existing instance on the local machine? The remote machine appears to have access to the local machine. It, in fact, appears to have the right to execute programs on my local machine. Am I missing something or is this just weird? Is this not a security risk?

Read the article
Subversion Apache Ubuntu - Remote Access?

- by Hollowsteps

Okay, a couple days ago I built a bare bones kit into a machine. I've been running through tutorials to get it to work and right now I've gotten as far as making it available in my lan, hooray! However, I cannot access the repositories remotely. Any machine on the lan can easily access it through the hostname or, using 'outbound ip/hostname' or 'outbound ip/machine ip'. The machine can be pinged from a remote, non-lan machine and responds. I just can't get anyone into it outside of my lan. I've been trying to figure it out but I'm lost. I'm breaking a few rules and if any of these would be my problem, please indicate. I don't think I have a static IP (However I check my outbound IP whenever I do testing, is that not enough? It has stayed the same for 5+ days) I have not discussed this set-up with my service provider (Does Optimum Online block port 80? If so, can I just switch apache to listen on a different port?) I am in the DMZ of my router. This is what allowed it to be pinged remotely. For security reasons the machine that is in that zone is turned off most of the time until I can get it locked down. Any help would be appreciated, even if it's just a couple of words I could google to understand what I'm doing wrong. Tortoise SVN does not allow access remotely, but it does within the LAN as well.

Read the article
Ubuntu 12.04 LDAP SSL self-signed cert not accepted

- by MaddHacker

I'm working with Ubuntu 12.04, using OpenLDAP server. I've followed the instructions on the Ubuntu help pages and can happily connect without security. To test my connection, I'm using ldapsearch the command looks like: ldapsearch -xv -H ldap://ldap.[my host].local -b dc=[my domain],dc=local -d8 -ZZ I've also used: ldapsearch -xv -H ldaps://ldap.[my host].local -b dc=[my domain],dc=local -d8 As far as I can tell, I've setup my certificate correctly, but no matter why I try, I can't seem to get ldapsearch to accept my self-signed certificate. So far, I've tried: Updating my /etc/ldap/ldap.conf file to look like: BASE dc=[my domain],dc=local URI ldaps://ldap.[my host].local TLS_CACERT /etc/ssl/certs/cacert.crt TLS_REQCERT allow Updating my /etc/ldap.conf file to look like: base dc=[my domain],dc=local uri ldapi:///ldap.[my host].local uri ldaps:///ldap.[my host].local ldap_version 3 ssl start_tls ssl on tls_checkpeer no TLS_REQCERT allow Updating my /etc/default/slapd to include: SLAPD_SERVICES="ldap:/// ldapi:/// ldaps:///" Several hours of Googling, most of which resulted in adding the TLS_REQCERT allow The exact error I'm seeing is: ldap_initialize( ldap://ldap.[my host].local ) request done: ld 0x20038710 msgid 1 TLS certificate verification: Error, self signed certificate in certificate chain TLS: can't connect. ldap_start_tls: Connect error (-11) additional info: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed After several hours of this, I was hoping someone else has seen this issue, and/or knows how to fix it. Please do let me know if I should add more information, or if you need further data.

Read the article
Snow Leopard doesn't repair permissions, despite showing / saying its fixed them?

- by Jules

Sometime ago, I used carbon copy as I was replacing my hard drive in my Mac Mini running Snow Leopard. Afterwards, on my new drive I had some permission problems. I've tried several times running a repair permissions / repair disk from disk util. It shows that there are problems and I think it says its correceted the problems. However the problems remain, what can I do to fix them ? It doesn't seem to cause me any problems, that I can tell EDIT Repairing permissions for “Macintosh HD” Permissions differ on "System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Support/Remote Desktop Message.app/Contents/Resources/Italian.lproj/UIAgent.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Support/Remote Desktop Message.app/Contents/Resources/Italian.lproj/UIAgent.nib". Permissions differ on "System/Library/Frameworks/JavaVM.framework/Versions/1.6.0/Classes/jconsole.jar", should be -rw-r--r-- , they are lrwxr-xr-x . Repaired "System/Library/Frameworks/JavaVM.framework/Versions/1.6.0/Classes/jconsole.jar". User differs on "System/Library/Frameworks/JavaVM.framework/Versions/1.6.0/Home/lib", should be 95, user is 0. Repaired "System/Library/Frameworks/JavaVM.framework/Versions/1.6.0/Home/lib". User differs on "System/Library/Frameworks/JavaVM.framework/Versions/1.6.0/Libraries", should be 95, user is 0. Repaired "System/Library/Frameworks/JavaVM.framework/Versions/1.6.0/Libraries". Permissions differ on "System/Library/Frameworks/JavaVM.framework/Versions/A/Resources/Deploy.bundle/Contents/Home/lib/security/cacerts", should be -rw-r--r-- , they are lrwxr-xr-x . Repaired "System/Library/Frameworks/JavaVM.framework/Versions/A/Resources/Deploy.bundle/Contents/Home/lib/security/cacerts". Permissions differ on "System/Library/Frameworks/JavaVM.framework/Versions/A/Resources/Deploy.bundle/Contents/Resources/Java/deploy.jar", should be -rw-r--r-- , they are lrwxr-xr-x . Repaired "System/Library/Frameworks/JavaVM.framework/Versions/A/Resources/Deploy.bundle/Contents/Resources/Java/deploy.jar". Permissions differ on "System/Library/Frameworks/JavaVM.framework/Versions/A/Resources/Deploy.bundle/Contents/Resources/Java/libdeploy.jnilib", should be -rwxr-xr-x , they are lrwxr-xr-x . Repaired "System/Library/Frameworks/JavaVM.framework/Versions/A/Resources/Deploy.bundle/Contents/Resources/Java/libdeploy.jnilib". Permissions differ on "System/Library/CoreServices/RemoteManagement/AppleVNCServer.bundle/Contents/Support/LockScreenLeopard386.app/Contents/Resources/Italian.lproj/MainMenu.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/RemoteManagement/AppleVNCServer.bundle/Contents/Support/LockScreenLeopard386.app/Contents/Resources/Italian.lproj/MainMenu.nib". Permissions differ on "System/Library/CoreServices/Menu Extras/RemoteDesktop.menu/Contents/Resources/zh_TW.lproj/RemoteDesktopMenu.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/Menu Extras/RemoteDesktop.menu/Contents/Resources/zh_TW.lproj/RemoteDesktopMenu.nib". Permissions differ on "System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Support/Remote Desktop Message.app/Contents/Resources/zh_TW.lproj/UIAgent.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Support/Remote Desktop Message.app/Contents/Resources/zh_TW.lproj/UIAgent.nib". Permissions differ on "System/Library/CoreServices/RemoteManagement/AppleVNCServer.bundle/Contents/Support/LockScreen.app/Contents/Resources/zh_TW.lproj/MainMenu.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/RemoteManagement/AppleVNCServer.bundle/Contents/Support/LockScreen.app/Contents/Resources/zh_TW.lproj/MainMenu.nib". Permissions differ on "System/Library/CoreServices/Menu Extras/RemoteDesktop.menu/Contents/Resources/zh_CN.lproj/RemoteDesktopMenu.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/Menu Extras/RemoteDesktop.menu/Contents/Resources/zh_CN.lproj/RemoteDesktopMenu.nib". Permissions differ on "System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Support/Remote Desktop Message.app/Contents/Resources/zh_CN.lproj/UIAgent.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Support/Remote Desktop Message.app/Contents/Resources/zh_CN.lproj/UIAgent.nib". Permissions differ on "System/Library/CoreServices/RemoteManagement/AppleVNCServer.bundle/Contents/Support/LockScreen.app/Contents/Resources/zh_CN.lproj/MainMenu.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/RemoteManagement/AppleVNCServer.bundle/Contents/Support/LockScreen.app/Contents/Resources/zh_CN.lproj/MainMenu.nib". Permissions differ on "System/Library/CoreServices/Menu Extras/RemoteDesktop.menu/Contents/Resources/ko.lproj/RemoteDesktopMenu.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/Menu Extras/RemoteDesktop.menu/Contents/Resources/ko.lproj/RemoteDesktopMenu.nib". Permissions differ on "System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Support/Remote Desktop Message.app/Contents/Resources/ko.lproj/UIAgent.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Support/Remote Desktop Message.app/Contents/Resources/ko.lproj/UIAgent.nib". Permissions differ on "System/Library/CoreServices/RemoteManagement/AppleVNCServer.bundle/Contents/Support/LockScreen.app/Contents/Resources/ko.lproj/MainMenu.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/RemoteManagement/AppleVNCServer.bundle/Contents/Support/LockScreen.app/Contents/Resources/ko.lproj/MainMenu.nib". Permissions differ on "System/Library/CoreServices/Menu Extras/RemoteDesktop.menu/Contents/Resources/Dutch.lproj/RemoteDesktopMenu.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/Menu Extras/RemoteDesktop.menu/Contents/Resources/Dutch.lproj/RemoteDesktopMenu.nib". Permissions differ on "System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Support/Remote Desktop Message.app/Contents/Resources/Dutch.lproj/UIAgent.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Support/Remote Desktop Message.app/Contents/Resources/Dutch.lproj/UIAgent.nib". Permissions differ on "System/Library/CoreServices/RemoteManagement/AppleVNCServer.bundle/Contents/Support/LockScreen.app/Contents/Resources/Dutch.lproj/MainMenu.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/RemoteManagement/AppleVNCServer.bundle/Contents/Support/LockScreen.app/Contents/Resources/Dutch.lproj/MainMenu.nib". Permissions differ on "System/Library/CoreServices/Menu Extras/RemoteDesktop.menu/Contents/Resources/Italian.lproj/RemoteDesktopMenu.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/Menu Extras/RemoteDesktop.menu/Contents/Resources/Italian.lproj/RemoteDesktopMenu.nib". Permissions differ on "System/Library/CoreServices/RemoteManagement/AppleVNCServer.bundle/Contents/Support/LockScreen.app/Contents/Resources/Italian.lproj/MainMenu.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/RemoteManagement/AppleVNCServer.bundle/Contents/Support/LockScreen.app/Contents/Resources/Italian.lproj/MainMenu.nib". Permissions differ on "System/Library/CoreServices/Menu Extras/RemoteDesktop.menu/Contents/Resources/Spanish.lproj/RemoteDesktopMenu.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/Menu Extras/RemoteDesktop.menu/Contents/Resources/Spanish.lproj/RemoteDesktopMenu.nib". Permissions differ on "System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Support/Remote Desktop Message.app/Contents/Resources/Spanish.lproj/UIAgent.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Support/Remote Desktop Message.app/Contents/Resources/Spanish.lproj/UIAgent.nib". Permissions differ on "System/Library/CoreServices/RemoteManagement/AppleVNCServer.bundle/Contents/Support/LockScreen.app/Contents/Resources/Spanish.lproj/MainMenu.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/RemoteManagement/AppleVNCServer.bundle/Contents/Support/LockScreen.app/Contents/Resources/Spanish.lproj/MainMenu.nib". Permissions differ on "System/Library/CoreServices/Menu Extras/RemoteDesktop.menu/Contents/Resources/French.lproj/RemoteDesktopMenu.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/Menu Extras/RemoteDesktop.menu/Contents/Resources/French.lproj/RemoteDesktopMenu.nib". Permissions differ on "System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Support/Remote Desktop Message.app/Contents/Resources/French.lproj/UIAgent.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Support/Remote Desktop Message.app/Contents/Resources/French.lproj/UIAgent.nib". Permissions differ on "System/Library/CoreServices/RemoteManagement/AppleVNCServer.bundle/Contents/Support/LockScreen.app/Contents/Resources/French.lproj/MainMenu.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/RemoteManagement/AppleVNCServer.bundle/Contents/Support/LockScreen.app/Contents/Resources/French.lproj/MainMenu.nib". Permissions differ on "System/Library/CoreServices/Menu Extras/RemoteDesktop.menu/Contents/Resources/German.lproj/RemoteDesktopMenu.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/Menu Extras/RemoteDesktop.menu/Contents/Resources/German.lproj/RemoteDesktopMenu.nib". Permissions differ on "System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Support/Remote Desktop Message.app/Contents/Resources/German.lproj/UIAgent.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Support/Remote Desktop Message.app/Contents/Resources/German.lproj/UIAgent.nib". Permissions differ on "System/Library/CoreServices/RemoteManagement/AppleVNCServer.bundle/Contents/Support/LockScreen.app/Contents/Resources/German.lproj/MainMenu.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/RemoteManagement/AppleVNCServer.bundle/Contents/Support/LockScreen.app/Contents/Resources/German.lproj/MainMenu.nib". Permissions differ on "System/Library/CoreServices/Menu Extras/RemoteDesktop.menu/Contents/Resources/Japanese.lproj/RemoteDesktopMenu.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/Menu Extras/RemoteDesktop.menu/Contents/Resources/Japanese.lproj/RemoteDesktopMenu.nib". Permissions differ on "System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Support/Remote Desktop Message.app/Contents/Resources/Japanese.lproj/UIAgent.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Support/Remote Desktop Message.app/Contents/Resources/Japanese.lproj/UIAgent.nib". Permissions differ on "System/Library/CoreServices/RemoteManagement/AppleVNCServer.bundle/Contents/Support/LockScreen.app/Contents/Resources/Japanese.lproj/MainMenu.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/RemoteManagement/AppleVNCServer.bundle/Contents/Support/LockScreen.app/Contents/Resources/Japanese.lproj/MainMenu.nib". Permissions differ on "System/Library/Frameworks/JavaVM.framework/Versions/1.6.0/Resources/JavaPluginCocoa.bundle/Contents/Resources/Java/deploy.jar", should be -rw-r--r-- , they are lrwxr-xr-x . Repaired "System/Library/Frameworks/JavaVM.framework/Versions/1.6.0/Resources/JavaPluginCocoa.bundle/Contents/Resources/Java/deploy.jar". Permissions differ on "System/Library/Frameworks/JavaVM.framework/Versions/1.6.0/Resources/JavaPluginCocoa.bundle/Contents/Resources/Java/libdeploy.jnilib", should be -rwxr-xr-x , they are lrwxr-xr-x . Repaired "System/Library/Frameworks/JavaVM.framework/Versions/1.6.0/Resources/JavaPluginCocoa.bundle/Contents/Resources/Java/libdeploy.jnilib". Permissions differ on "System/Library/CoreServices/Menu Extras/RemoteDesktop.menu/Contents/Resources/English.lproj/RemoteDesktopMenu.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/Menu Extras/RemoteDesktop.menu/Contents/Resources/English.lproj/RemoteDesktopMenu.nib". Warning: SUID file "System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/MacOS/ARDAgent" has been modified and will not be repaired. Permissions differ on "System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Support/Remote Desktop Message.app/Contents/Resources/English.lproj/UIAgent.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Support/Remote Desktop Message.app/Contents/Resources/English.lproj/UIAgent.nib". Permissions differ on "System/Library/CoreServices/RemoteManagement/AppleVNCServer.bundle/Contents/Support/LockScreen.app/Contents/Resources/English.lproj/MainMenu.nib", should be drwxr-xr-x , they are -rwxr-xr-x . Repaired "System/Library/CoreServices/RemoteManagement/AppleVNCServer.bundle/Contents/Support/LockScreen.app/Contents/Resources/English.lproj/MainMenu.nib". Group differs on "private/var/log/kernel.log", should be 80, group is 0. Permissions differ on "private/var/log/kernel.log", should be -rw-r----- , they are -rw-r--r-- . Repaired "private/var/log/kernel.log". Group differs on "private/var/log/secure.log", should be 80, group is 0. Permissions differ on "private/var/log/secure.log", should be -rw-r----- , they are -rw-r--r-- . Repaired "private/var/log/secure.log". Group differs on "private/var/log/system.log", should be 80, group is 0. Permissions differ on "private/var/log/system.log", should be -rw-r----- , they are -rw-r--r-- . Repaired "private/var/log/system.log". Permissions repair complete

Read the article
Confusion about Kerberos, delegation and SPNs.

- by Vilx-

I already posted this question on SO, but the nature of it is between programming and server configuration, so I'll re-post it here as well. I'm trying to write a proof-of-concept application that performs Kerberos delegation. I've written all the code, and it seems to working (I'm authenticating fine), but the resulting security context doesn't have the ISC_REQ_DELEGATE flag set. So I'm thinking that maybe one of the endpoints (client or server) is forbidden to delegate. However I'm not authenticating against an SPN. Just one domain user against another domain user. As the SPN for InitializeSecurityContext() I'm passing "[email protected]" (which is the user account under which the server application is running). As I understand, domain users have delegation enabled by default. Anyway, I asked the admin to check, and the "account is sensitive and cannot be delegated" checkbox is off. I know that if my server was running as a NETWORK SERVICE and I used an SPN to connect to it, then I'd need the computer account in AD to have the "Trust computer for delegation" checkbox checked (off by default), but... this is not the case, right? Or is it? Also - when the checkbox in the computer account is set, do the changes take place immediately, or must I reboot the server PC or wait for a while?

Read the article
How do I disable MEDIUM and WEAK/LOW strength ciphers in Apache + mod_ssl?

- by superwormy

A PCI Compliance scan has suggested that we disable Apache's MEDIUM and LOW/WEAK strength ciphers for security. Can someone tell me how to disable these ciphers? Apache v2.2.14 mod_ssl v2.2.14 This is what they've told us: Synopsis : The remote service supports the use of medium strength SSL ciphers. Description : The remote host supports the use of SSL ciphers that offer medium strength encryption, which we currently regard as those with key lengths at least 56 bits and less than 112 bits. Solution: Reconfigure the affected application if possible to avoid use of medium strength ciphers. Risk Factor: Medium / CVSS Base Score : 5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N) [More] Synopsis : The remote service supports the use of weak SSL ciphers. Description : The remote host supports the use of SSL ciphers that offer either weak encryption or no encryption at all. See also : http://www.openssl.org/docs/apps/ciphers .html Solution: Reconfigure the affected application if possible to avoid use of weak ciphers. Risk Factor: Medium / CVSS Base Score : 5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N) [More]

Read the article
TS (RD) Gateway Authentication Problem "The logon attempt failed"

- by user2059

I've been using TS Gateway to permit remote access for our staff for a few months now, and all has been well. Users either connect to a traditional terminal server desktop or hit our website and start an TS RemoteApp application- in both cases the connection is routed through a TS Gateway. However I came into work this morning to find that has stopped authenticating users through TS Gateway, each time returning "The logon attempt failed" as seen in the image even though the credentials are correct. It should be noted that everything works fine if the Gateway is taken out of the equation, it's the TS Gateway component that is causing these problems. Users experience this problem whether they connect through XP SP3, Vista or 7. On the server a total of 4 entries appear in the Windows security log at exactly the same time for each failed logon attempt: two 4624 "An account was successfully logged on" messages for the user, immediately followed by two 4634 "An account was logged off"s. This suggests that the server is accepting the credentials as correct, then booting the user off. Nothing at all is recorded in the NPS and Terminal Server logs. A reboot doesn't change things. Neither does completely removing and reinstalling the NPS and Terminal Server roles. I'm baffled as to how this can happen suddenly without warning. Any suggestions would be greatly appreciated.

Read the article
Set JENKINS_HOME in Tomcat7?

- by C. Ross

I'm trying to set up Jenkins in Tomcat7 on Ubuntu. I installed Tomcat7 and deployed jenkins.war, and I now see the Jenkins home page at http://myhost:8080/jenkins, but it's attempting to create the Jenkins directory at /usr/share/tomcat7/.jenkins, which it can't for security reasons. I've already created /srv/jenkins and given the tomcat7 group permissions, and want to set JENKINS_HOME to that path. I've tried adding it to the tomcat configuration in /etc/tomcat7/server.xml: <GlobalNamingResources> <Environment name="JENKINS_HOME" value="/srv/jenkins" type="java.lang.String" override="false"/>  And I've also tried adding it to the automatically created context file in ROOT/META-INF/context.xml (there is no $CATALINA_HOME/conf as far as I can tell). <Context path="/" antiResourceLocking="false" > <Environment name="JENKINS_HOME" value="/srv/jenkins/" type="java.lang.String"/> </Context> But even after restarting tomcat7 I still get the same result (trying to use /usr/share/tomcat7/.jenkins). Where do I need to set the environment variable for JENKINS_HOME in Tomcat7?

Read the article
Ipsec config problem // openswan

- by user90696

I try to configure Ipsec on server with openswan as client. But receive error - possible, it's auth error. What I wrote wrong in config ? Thank you for answers. #1: STATE_MAIN_I2: sent MI2, expecting MR2 003 "f-net" #1: received Vendor ID payload [Cisco-Unity] 003 "f-net" #1: received Vendor ID payload [Dead Peer Detection] 003 "f-net" #1: ignoring unknown Vendor ID payload [ca917959574c7d5aed4222a9df367018] 003 "f-net" #1: received Vendor ID payload [XAUTH] 108 "f-net" #1: STATE_MAIN_I3: sent MI3, expecting MR3 003 "f-net" #1: discarding duplicate packet; already STATE_MAIN_I3 010 "f-net" #1: STATE_MAIN_I3: retransmission; will wait 20s for response 003 "f-net" #1: discarding duplicate packet; already STATE_MAIN_I3 003 "f-net" #1: discarding duplicate packet; already STATE_MAIN_I3 003 "f-net" #1: discarding duplicate packet; already STATE_MAIN_I3 010 "f-net" #1: STATE_MAIN_I3: retransmission; will wait 40s for response 031 "f-net" #1: max number of retransmissions (2) reached STATE_MAIN_I3. Possible authentication failure: no acceptable response to our first encrypted message 000 "f-net" #1: starting keying attempt 2 of at most 3, but releasing whack other side - Cisco ASA. parameters for my connection on our Linux server : VPN Gateway 8.*.*.* (Cisco ) Phase 1 Exchange Type Main Mode Identification Type IP Address Local ID 4.*.*.* (our Linux server IP) Remote ID 8.*.*.* (VPN server IP) Authentication PSK Pre Shared Key Diffie-Hellman Key Group DH 5 (1536 bit) or DH 2 (1024 bit) Encryption Algorithm AES 256 HMAC Function SHA-1 Lifetime 86.400 seconds / no volume limit Phase 2 Security Protocol ESP Connection Mode Tunnel Encryption Algorithm AES 256 HMAC Function SHA-1 Lifetime 3600 seconds / 4.608.000 kilobytes DPD / IKE Keepalive 15 seconds PFS off Remote Network 192.168.100.0/24 Local Network 1 10.0.0.0/16 ............... Local Network 5 current openswan config : # config setup klipsdebug=all plutodebug="control parsing" protostack=netkey nat_traversal=no virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12 oe=off nhelpers=0 conn f-net type=tunnel keyexchange=ike authby=secret auth=esp esp=aes256-sha1 keyingtries=3 pfs=no aggrmode=no keylife=3600s ike=aes256-sha1-modp1024 # left=4.*.*.* leftsubnet=10.0.0.0/16 leftid=4.*.*.* leftnexthop=%defaultroute right=8.*.*.* rightsubnet=192.168.100.0/24 rightid=8.*.*.* rightnexthop=%defaultroute auto=add

Read the article
Ubuntu Server running VNC

- by xwapilot

I have access to four computers: 1 Ubuntu Server desktop (Version 10.04) 1 Mac Mini (Snow Leopard) 1 Windows desktop (Windows 7) 1 Windows laptop (Windows Vista) The first three will always be on the home network. My goal is to SSH from the laptop into the server and be able, through VNC (or another remote desktop software), to control the windows and mac computers. The goal of this would be a slightly heightened network security over using VNC to directly access the mac or windows desktop. I have successfully used SSH to connect to the server, but have not been able to successfully implement the remote desktop connection. I would appreciate help doing so. Here's what I've done so far: As per instructions here: http://www.stuartellis.eu/articles/vnc-on-linux/ I installed the following: vnc4server – the main VNC server software vnc-java – enables access from Web browsers with Java support xvnc4viewer – a basic VNC viewer I then set up a password using the vncpasswd command. To attempt to connect to the mac, I followed directions I found in a thread at superuser. com and went to "System PreferencesSharing" and enabled "Screen Sharing". Subsequently, I tried entering the following commands into Ubuntu: vncviewer mac_ip_address::5904 vncviewer mac_ip_address:0 vncviewer mac_ip_address:1 They all returned the following: VNC Viewer Free Edition 4.1.1 for X - built Apr 9 2010 18:41:55 Copyright (C) 2002-2005 RealVNC Ltd. See http ://www .realvnc. com for information on VNC. vncviewer: unable to open display "" I'm sure I'm missing something important, but I'm not sure what it is. Do I need to have a GUI installed, or did that come with the vnc packages I installed?

Read the article
Antivirus Configuration for dedicated SQL and dedicated IIS Servers

- by Wayne Arthurton

Our corporate standard is McAfee Enterprise, unfortunately this is non-negotiable. On two types of servers I'm responsible for, SQL & Web, we have noticed major performance issues with the corporate standard setup. Max scan time 45sec One policy for all processes Scan ALL files on write, read and open for backup Heuristics: Find unknown programs, trojans and macros Detect unwanted programs Exclude: EVT, LDF, LOG, MDF, VMD, , windows file protection) This of course still causes major slowdowns. IIS .NET recompiles are slow especially with SharePoint, SQL backups and restores, SQL Analysis Services, Integration Services and temp data from them as well. I have looked from time to time, for some best practices on setting up McAfee of SQL & SQL Analysis Service, SQL Integration Service, Visual Studio, Sharepoint, and .NET web servers in general. How do people setup McAfee enterprise on their corporate serves keeping security intact, but affecting performance as minimally as possible? Has anyone run across white papers on these setups? Obviously some are case by case, but there must be some best practices out there somewhere.

Read the article
How to get remote firewall administration working with Windows Server Core 2008 R2?

- by Daniel15

I'm setting up a Windows Server Core 2008 R2 installation in a VMware virtual machine before setting it up on a live VPS. I've gotten remote administration via MMC working on my computer (a PC running Windows 7) for things like event logs, but I can't seem to get the firewall administration working. No matter what I do, I get the following error mesage: You do not have the correct permissions to open the Windows Firewall with Advanced Security console. You must be a member of the Administrators group or the Network Operators group to perform this task. For more information, contact you system administrator. Error code: 0x5. I've used cmdkey to add valid server credentials on my computer, and enabled remote management with the following commands: netsh advfirewall firewall set rule group="remote administration" new enable=yes netsh advfirewall firewall set rule group="windows firewall remote management" new enable=yes netsh advfirewall set currentprofile settings remotemanagement enable I am not running on a domain (just a workgroup), this is the only Windows Server 2008 computer I have. I've tried turning off the firewall completely, but remote administration is still failing How do I debug this issue? Does anyone know how to fix it? I found a few forum topics about it (eg. Remotely managing Windows Firewall on Server Core gives access denied (error 0x5) on Windows Server TechCenter) but they didn't help (I've already tried most of the fixes listed).

Read the article
Can ping IP address and nslookup hostname but cannot ping hostname

- by Puddingfox

I have a DNS server set up on one of my machines using BIND 9.7 Everything works fine with it. On my Windows 7 desktop, I have statically-assigned all network values. I have one DNS server set -- my DNS server. On my desktop, I can ping a third machine by IP fine. I can nslookup the hostname of the third machine fine. When I ping the hostname, it says it cannot find the host. / C:\Users\James>nslookup icecream Server: cake.my.domain Address: xxx.xxx.6.3 Name: icecream.my.domain Address: xxx.xxx.6.9 C:\Users\James>ping xxx.xxx.6.9 Pinging xxx.xxx.6.9 with 32 bytes of data: Reply from xxx.xxx.6.9: bytes=32 time<1ms TTL=255 Reply from xxx.xxx.6.9: bytes=32 time<1ms TTL=255 Reply from xxx.xxx.6.9: bytes=32 time<1ms TTL=255 Reply from xxx.xxx.6.9: bytes=32 time<1ms TTL=255 Ping statistics for xxx.xxx.6.9: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms C:\Users\James>ping icecream Ping request could not find host icecream. Please check the name and try again. I have also specified the search domain as my.domain xxx.xxx and my.domain substituted for security Why can I not ping by hostname? I also can not ping using the FQDN. The problem is that this problem is shared by all applications that resolve hostnames. I cannot use PuTTY to SSH to my machines by hostname; only by IP

Read the article
Can compressing Program Files save space *and* give a significant boost to SSD performance?

- by Christopher Galpin

Considering solid-state disk space is still an expensive resource, compressing large folders has appeal. Thanks to VirtualStore, could Program Files be a case where it might even improve performance? Discovery In particular I have been reading: SSD and NTFS Compression Speed Increase? Does NTFS compression slow SSD/flash performance? Will somebody benchmark whole disk compression (HD,SSD) please? (may have to scroll up) The first link is particularly dreamy, but maybe head a little too far in the clouds. The third link has this sexy semi-log graph (logarithmic scale!). Quote (with notes): Using highly compressable data (IOmeter), you get at most a 30x performance increase [for reads], and at least a 49x performance DECREASE [for writes]. Assuming I interpreted and clarified that sentence correctly, this single user's benchmark has me incredibly interested. Although write performance tanks wretchedly, read performance still soars. It gave me an idea. Idea: VirtualStore It so happens that thanks to sanity saving security features introduced in Windows Vista, write access to certain folders such as Program Files is virtualized for non-administrator processes. Which means, in normal (non-elevated) usage, a program or game's attempt to write data to its install location in Program Files (which is perhaps a poor location) is redirected to %UserProfile%\AppData\Local\VirtualStore, somewhere entirely different. Thus, to my understanding, writes to Program Files should primarily only occur when installing an application. This makes compressing it not only a huge source of space gain, but also a potential candidate for performance gain. Testing The beginning of this post has me a bit timid, it suggests benchmarking NTFS compression on a whole drive is difficult because turning it off "doesn't decompress the objects". However it seems to me the compact command is perfectly capable of doing so for both drives and individual folders. Could it be only marking them for decompression the next time the OS reads from them? I need to find the answer before I begin my own testing.

Read the article
Issue configuring Oracle database for SSL

- by Santhosha Kaldambe

Hello, I want to setup Oracle for SSL communication. I am not using SSL authentication for database user. As first requirement, generated self signed certificate using OpenSSL and added certificate to wallet. The wallet location is specified in server configuration. Created listener and it is starting however it does not provide any service. The default listener (non SSL) is working fine. When I execute LSNRCTL.EXE status SSLLISTENER it gives below output. STATUS of the LISTENER Alias SSLLISTENER Version TNSLSNR for 32-bit Windows: Version 11.1.0.6.0 - Production Start Date 14-NOV-2009 01:47:08 Uptime 16 days 22 hr. 14 min. 3 sec Trace Level off Security ON: Local OS Authentication SNMP OFF Listener Parameter File C:\app\Administrator\product\11.1.0\db_1\network\admin\listener.ora Listener Log File c:\app\administrator\diag\tnslsnr\\ssllistener\alert\log.xml Listening Endpoints Summary... (DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=)(PORT =2484))) The listener supports no services The command completed successfully Here is exact content of various files after configuration. 1) File Name: tnsnames.ora ORCL = (DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP)(HOST = )(PORT 1521)) ) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = orcl) ) ) 2) File Name: sqlnet.ora SSL_VERSION = 0 NAMES.DIRECTORY_PATH= (TNSNAMES, EZCONNECT) sqlnet.authentication_services= (NONE) tcp.validnode_checking = no tcp.invited_nodes=(PS0803.oraebs.com,PS2948,PS5098) SSL_CLIENT_AUTHENTICATION = FALSE WALLET_LOCATION = (SOURCE = (METHOD = FILE) (METHOD_DATA = (DIRECTORY = C:\app\Administrator\admin\orcl\Server_Wallet) ) ) 3) File Name: listener.ora SSL_CLIENT_AUTHENTICATION = FALSE WALLET_LOCATION = (SOURCE = (METHOD = FILE) (METHOD_DATA = (DIRECTORY = C:\app\Administrator\admin\orcl\Server_Wallet) ) ) LISTENER = (DESCRIPTION_LIST = (DESCRIPTION = (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1521)) ) (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = )(PORT 1521)) ) ) SSLLISTENER = (DESCRIPTION = (ADDRESS = (PROTOCOL = TCPS)(HOST = )(PORT = 2484)) ) Thanks Santhosh

Read the article
What is causing random hard freezes on my system? Kaspersky?

- by Christian Ivicevic

The last few weeks I experienced a new strange behavior of my computer. Sometimes Windows 7 just freezes with no real reason at all. While listening to music for example the playback hangs and you can hear a very nasty sound. Neither mouse nor keyboard input is handled and everything is just stuck. Using Ubuntu this does not happen, so I think it is just a matter of driver issues or a Windows 7 bug. Furthermore I am really suspicious about Kaspersky (Internet Security 11) and so I let it perform a complete virus scan while no other app is running. At about 50% it happened again and I needed to restart the computer by holding the power button the bad way... A really weird thing is that playing Skyrim this happened once, however music playback did not stop. Only the framerate dropped to 0 and sometimes for a few seconds I am able to move. Therefore I am really confused as furthermore no bluescreen pops up. Memtest told me that everything seems to be alright... Can anyone explain me which data you need about my hardware and software (and which tools tools to use to gather the informatik) to be able to provide any help on my problem?

Read the article
How do I provide dpkg configuration parameters to aptitude or apt-get?

- by troutwine

When installing gitolite I find that: # aptitude install gitolite The following NEW packages will be installed: gitolite 0 packages upgraded, 1 newly installed, 0 to remove and 29 not upgraded. Need to get 114 kB of archives. After unpacking 348 kB will be used. Get:1 http://security.debian.org/ squeeze/updates/main gitolite all 1.5.4-2+squeeze1 [114 kB] Fetched 114 kB in 0s (202 kB/s) Preconfiguring packages ... Selecting previously deselected package gitolite. (Reading database ... 30593 files and directories currently installed.) Unpacking gitolite (from .../gitolite_1.5.4-2+squeeze1_all.deb) ... Setting up gitolite (1.5.4-2+squeeze1) ... No adminkey given - not initializing gitolite in /var/lib/gitolite. The last line is of interest to me. If I run dpkg-reconfigure -plow gitolite I am presented with a dialog and can modify: the system user name for gitolite, the location of the gitolite repositories and provide the admin pubkey. I'd prefer to use the git system user and provide the admin pubkey on installation, say something of the sort: # aptitude install gitolite --user git --admin-pubkey 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDAc7kCAi2WkvqpAL1fK1sIw6xjpatJ+Ms2nrwLJPhdovEY3MPZF7mtH+rv1CHFDn66fLGiWevOFp...' That, of course, doesn't work. Can something similar be done? How do I determine the configuration parameters ahead of time? This would be remarkably useful, for instance, when installing gitolite automatically, via puppet or chef.

Read the article
MS SQL - Problem running SQL Server Agent Job via service account credentials

- by molecule

There are 5 steps in this job. First job is an SSIS Package store, second to fifth are file system jobs. We configured all jobs to use Windows Authentication. Under Run As, we specified a user account which was created under SecurityCredentials and SQL Server AgentProxiesSSIS Package execution. The job runs without any problems with this user account. We then proceeded to configure the job to use a service account instead. Service account was specified under SecurityCredentials and SQL Server AgentProxiesSSIS Package Execution. The job fails with this error. Executed as user: domain\serviceaccount. ....00 for 32-bit Copyright (C) Microsoft Corp 1984-2005. All rights reserved. Started: 3:37:57 PM Error: 2010-03-09 15:37:57.95 Code: 0xC0016016 Source: Description: Failed to decrypt protected XML node "DTS:Password" with error 0x8009000B "Key not valid for use in specified state.". You may not be authorized to access this information. This error occurs when there is a cryptographic error. Verify that the correct key is available. End Error Error: 2010-03-09 15:38:01.19 Code: 0xC0047062 Source: Get CONT_VIEW_LADDER in latest 45days OracleFMDatabase [1] Description: System.Data.OracleClient.OracleException: ORA-01005: null password given; logon denied at System.Data.OracleClient.OracleException.Check(OciErrorHandle errorHandle, Int32 rc) at System.Data.OracleClient.OracleInternalConnection.OpenOnLocalTransaction(String userName, String password, String serverName, Boo... The package execution fa... The step failed. Based on some research, I then go into MS Visual Studio and Open the project. I change the property of the package security from "EncryptSensitiveWithUserKey" to "DontSaveSensitive" but i still get the above error. I am new to this so any help will be very much appreciated. Thanks in advance

Read the article
Mapping printers using Group Policy Preferences; works on Windows XP, not on Windows 7 x64

- by Graeme Donaldson

I'm trying to use Group Policy Preferences to manage user connections to shared printers. The print server is Windows Server 2003 R2 Std edition. Several printers are installed, and I've added x64 editions of all the drivers to the print server as well. I've created a new GPO containing the printer preference settings. Printer mappings are targeted based on AD security group membership. I log on to a Windows XP PC with the Group Policy CSEs installed and the printer maps perfectly. I log on to a Windows 7 x64 PC and it doesn't map. If I manually connect to the shared printer, I get a prompt which asks me to confirm if I trust the server before installing the driver, and then it works perfectly. I have domain admin rights and my UAC settings have not been changed from the default, i.e. UAC is enabled and the default level is selected. Is the printer mapping failing because it's unable to prompt me to install the driver, or is there something else afoot?

Read the article

< Previous Page | 453 454 455 456 457 458 459 460 461 462 463 464 | Next Page >