Search Results

Search found 25885 results on 1036 pages for 'claims based identity'.

Page 46/1036 | < Previous Page | 42 43 44 45 46 47 48 49 50 51 52 53 | Next Page >

Why do I need to add my application pool identity to the IIS_IUSRS group?

- by smcolligan

I'm setting up a .NET v4.0 web application on a Windows 2008 R2/IIS 7.5 server that uses a domain account for the application pool identity. When I access the site, I get the following error: The current identity () does not have write access to 'C:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files' According to this: http://learn.iis.net/page.aspx/140/understanding-built-in-user-and-group-accounts-in-iis/ the identity of the worker process is added to the IIS_IUSRS group when the process starts. This seems to work fine for the existing .NET v2.0 applications I have running on the same server (I have not had to add their domain account application pool identities to IIS_IUSRS group). This does not seem to be the case for the first .NET v4.0 web application I'm setting up. Once I add the identity to the group, everything works fine. I suspect something is not configured correctly that is forcing me to do this. I would like to understand this before rolling out more sites/servers. Thanks in advance for your help...

Read the article
IPTables Reroute SSH based on Connection string?

- by senrabdet

We are using a cloud server (Debian Squeeze) where public ports on a public IP route traffic to internal servers. We are looking for a way to use IPTables and ssh where based on some part of the ssh connection string (or something along these lines) iptables will reroute the ssh connection to the "right" internal server. This would allow us to use one common public port, and then re-route ssh connections to individual servers. So, for example we hope to do something like the following: user issues ssh connection (public key encryption) such as ssh -X -v -p xxx [email protected] but maybe adds something into the string for iptables to use iptables uses some part of that string or some means to re-route the connection to an internal server using something like iptables -t nat -A PREROUTING ! -s xxx.xxx.xxx.0/24 -m tcp -p tcp --dport $EXTPORT -j DNAT --to-destination $HOST:$INTPORT ....where $HOST is the internal ip of a server, $EXTPORT is the common public facing port and $INTPORT is the internal server port. It appears that the "string" aspect of iptables does not do what we want. We can currently route based on the IP table syntax we're using, but rely on having a separate public port for each server and are hoping to use one common public port and then re-route to specific internal servers based on some part of the ssh connection string or some other means. Any suggestions? Thanks!

Read the article
Different Service behaviors per endpoint

- by Preben Huybrechts

The situation We are implementing different sort of security on some WCF service. ClientCertificate, UserName & Password and Anonymous. We have 2 ServiceBehaviorConfigurations, one for httpBinding and one for wsHttpBinding. (We have custom authorization policies for claim based security) As a requirement we need different endpoints for each service. 3 endpoints with httpBinding and 1 with wsHttpBinding. Example for one service: basicHttpBinding : Anonymous basicHttpBinding : UserNameAndPassword basicHttpBinding : BasicSsl wsHttpBinding : BasicSsl The Problem Part 1: We cannot specify the same service twice, once with the http service configuration and once with the wsHttp service configuration. Part 2: We cannot specify service behaviors on an endpoint. (Throws and exception, No endpoint behavior was found... Service behaviors cant be set to endpoint behaviours) The Config For part 1: <services> <service name="Namespace.MyService" behaviorConfiguration="securityBehavior"> <endpoint address="http://server:94/MyService.svc/Anonymous" contract="Namespace.IMyService" binding="basicHttpBinding" bindingConfiguration="Anonymous"> </endpoint> <endpoint address="http://server:94/MyService.svc/UserNameAndPassword" contract="Namespace.IMyService" binding="basicHttpBinding" bindingConfiguration="UserNameAndPassword"> </endpoint> <endpoint address="https://server/MyService.svc/BasicSsl" contract="Namespace.IMyService" binding="basicHttpBinding" bindingConfiguration="BasicSecured"> </endpoint> </service> <service name="Namespace.MyService" behaviorConfiguration="wsHttpCertificateBehavior"> <endpoint address="https://server/MyService.svc/ClientCert" contract="Namespace.IMyService" binding="wsHttpBinding" bindingConfiguration="ClientCert"/> </service> </services> Service Behavior configuration: <serviceBehaviors> <behavior name="securityBehavior"> <serviceAuthorization serviceAuthorizationManagerType="Namespace.AdamAuthorizationManager,Assembly"> <authorizationPolicies> <add policyType="Namespace.AdamAuthorizationManager,Assembly" /> </authorizationPolicies> </serviceAuthorization> </behavior> <behavior name="wsHttpCertificateBehavior"> <serviceMetadata httpGetEnabled="false" httpsGetEnabled="true"/> <serviceAuthorization serviceAuthorizationManagerType="Namespace.AdamAuthorizationManager,Assembly"> <authorizationPolicies> <add policyType="Namespace.AdamAuthorizationManager,Assembly" /> </authorizationPolicies> </serviceAuthorization> <serviceCredentials> <clientCertificate> <authentication certificateValidationMode="PeerOrChainTrust" revocationMode="NoCheck"/> </clientCertificate> <serviceCertificate findValue="CN=CertSubject"/> </serviceCredentials> </behavior> How can we specify a different service behaviour on the WsHttpBinding endpoint? Or how can we apply our authorization policy in a different way for wsHttpBinding then basicHttpBinding. We would use endpoint behavior but we can't specify our authorization policy on an endpoint behavior

Read the article
Using OUTPUT/INTO within instead of insert trigger invalidates 'inserted' table

- by Dan

I have a problem using a table with an instead of insert trigger. The table I created contains an identity column. I need to use an instead of insert trigger on this table. I also need to see the value of the newly inserted identity from within my trigger which requires the use of OUTPUT/INTO within the trigger. The problem is then that clients that perform INSERTs cannot see the inserted values. For example, I create a simple table: CREATE TABLE [MyTable]( [MyID] [int] IDENTITY(1,1) NOT NULL, [MyBit] [bit] NOT NULL, CONSTRAINT [PK_MyTable_MyID] PRIMARY KEY NONCLUSTERED ( [MyID] ASC )) Next I create a simple instead of trigger: create trigger [trMyTableInsert] on [MyTable] instead of insert as BEGIN DECLARE @InsertedRows table( MyID int, MyBit bit); INSERT INTO [MyTable] ([MyBit]) OUTPUT inserted.MyID, inserted.MyBit INTO @InsertedRows SELECT inserted.MyBit FROM inserted; -- LOGIC NOT SHOWN HERE THAT USES @InsertedRows END; Lastly, I attempt to perform an insert and retrieve the inserted values: DECLARE @tbl TABLE (myID INT) insert into MyTable (MyBit) OUTPUT inserted.MyID INTO @tbl VALUES (1) SELECT * from @tbl The issue is all I ever get back is zero. I can see the row was correctly inserted into the table. I also know that if I remove the OUTPUT/INTO from within the trigger this problem goes away. Any thoughts as to what I'm doing wrong? Or is how I want to do things not feasible? Thanks.

Read the article
copy entire row (without knowing field names)

- by Todd Webb

Using SQL Server 2008, I would like to duplicate one row of a table, without knowing the field names. My key issue: as the table grows and mutates over time, I would like this copy-script to keep working, without me having to write out 30+ ever-changing fields, ugh. Also at issue, of course, is IDENTITY fields cannot be copied. My code below does work, but I wonder if there's a more appropriate method than my thrown-together text string SQL statement? So thank you in advance. Here's my (yes, working) code - I welcome suggestions on improving it. Todd alter procedure spEventCopy @EventID int as begin -- VARS... declare @SQL varchar(8000) -- LIST ALL FIELDS (*EXCLUDE* IDENTITY FIELDS). -- USE [BRACKETS] FOR ANY SILLY FIELD-NAMES WITH SPACES, OR RESERVED WORDS... select @SQL = coalesce(@SQL + ', ', '') + '[' + column_name + ']' from INFORMATION_SCHEMA.COLUMNS where TABLE_NAME = 'EventsTable' and COLUMNPROPERTY(OBJECT_ID('EventsTable'), COLUMN_NAME, 'IsIdentity') = 0 -- FINISH SQL COPY STATEMENT... set @SQL = 'insert into EventsTable ' + ' select ' + @SQL + ' from EventsTable ' + ' where EventID = ' + ltrim(str(@EventID)) -- COPY ROW... exec(@SQL) -- REMEMBER NEW ID... set @EventID = @@IDENTITY -- (do other stuff here) -- DONE... -- JUST FOR KICKS, RETURN THE SQL STATEMENT SO I CAN REVIEW IT IF I WISH... select EventID = @EventID, SQL = @SQL end

Read the article
SysAdmin Career Question: Internal or Client Based

- by Malnizzle

ServerFault Community, It seems there are two positions SysAdmins find themselves in, either you are working for a non-IT services based single client (your employer) and providing in-house IT support or you work for a company who provides out sourced IT services to multiple clients. Right now I work for a company who does the latter, and I often consider how nice it would be doing the in-house side of things, to just have one network I am focused on and instead of feeling like I have a dozen bosses between clients and internal management, I would just have one set of management and people to appease. There is also the technical aspect of every client wanting something different, and having to manage numerous different technology platforms, or trying to force clients into using the technologies we prefer, neither situation is enjoyable. Is this just "the grass is greener on the other side" syndrome, or is there some legitimacy to the the stress of client based IT work compared to being an in-house IT guy? Thanks!

Read the article
Installing an EC2 (EBS based) instance on another AWS account

- by imaginative

We're moving from one AWS account to another. I have a couple of EC2 instances I would like to move over. These instances are EBS based. Googling around, I'm seeing all sorts of convoluted answers for how to appropriately launch this EBS based instance on a new account. Surely there has to be a simple way of going about this. As of right now, what I have done so far is backup the EB2 Volume as a snapshot. I then altered the permissions of the snapshot to allow the new AWS account number to be able to access it. I am not sure where to go from here. Do I have to create an image from the EBS snapshot? Upload it to S3? What's the next step(s)?

Read the article
Prebuilt ActiveMQ Server Based off ZeroMQ

- by VxJasonxV

Are there any distributions of fully built Message Brokers that are initially based off of ZeroMQ? I had thought that downloading/installing ZeroMQ would give me such, not just a handful of procedures for rolling me own. Currently we use ActiveMQ, but it is a miserable pain to configure, so I'd rather slim down the profile, unfortunately I learned that ZeroMQ was not a one step solution to achieving that goal. Alternatives are ok, but I'd prefer something less overly verbose in configuration than ActiveMQ's ludicrous amounts of Java configuration. Broker config + Java Logger Config + many other intricacies that I don't wish to deal with. (Read: Preferably not Java based in the first place.) I'm looking for reliable, basic functionality described by JMS brokers. Topics, Queues, Message Persistence, etc.

Read the article
Routing based on source address in Windows Server 2008 R2

- by rocku

Hi, I'm implementing a direct routing load balanced solution using Windows Server 2008 R2 as back-end server. I've configured a loopback interface with the external IP address. This works, I am receiving packets with the external IP address and respond to them appropriately. However our infrastructure requires that traffic which is being load-balanced should go through a different gateway then any other traffic originating from the server, ie. updates etc. So basicly I need to route packets based on source address (external IP) to another gateway. The built-in Windows 'route' command allows routing based on destination address only. I've tried setting a default gateway on the loopback interface and mangled with weak/strong host send/receive parameters on the interfaces, however this didn't work. Is there any way around this, possibly using third party tools?

Read the article
Web based library management (FOSS) application

- by pgb

I'm looking for a FOSS web-based library management application. I want to manage the few books we have at our company, and I'm looking for applications that provide a simple web interface to: Add new books. Search for books. (Not Required) Place holds on books. My ideal would be something like Delicious Library, but web based and open source. I've looked at Koha (which I could not install), Emilda, which seems to be a dead project (last emails are from 2006 and I could not install it) and VuFind which looks awesome but doesn't provide (or I could not find) an interface to add new records to the library. Any suggestions?

Read the article
Ngnix as reverse proxy for Apache name-based vhosts

- by Ben Carleton

I am running several websites on Apache currently utilizing name-based vhosts. All of the sites are on the same server. I would like to add Ngnix on a new server to sit in front of Apache as a caching reverse proxy. What is the best way to handle the multiple name-based vhosts? Should I simply have Nginx handle the names and run each Apache vhost on a separate port? Or is there a way to just have Nginx pass the hostname to Apache and have apache take care of the domain names?

Read the article
Reputable web based ssh client? [closed]

- by Doug T.

I'm connected to a coffee shop's wireless network right now, and I suspected I'd be able to use my laptop and ssh somewhere. Unlucky me they seem to be blocking everything but web traffic (my testing seems to show everything but port 80 is working, can't ping, ftp, etc). I googled "web based ssh clients" however I have reservations about entering my login credentials on any Joe Schmoe's web app. I was wondering if anyone has had any experience with any reputable web based ssh clients? If so could you please point me at one that I could trust?

Read the article
Deploy virtual PC based on snapshot using Hyper-V

- by user27786

I have a server with Hyper-V configured, it is easy to create a new virtual machine using the management tools, but it can take some time. I often see those hosts that say "We can have your server ready in 5 seconds". And I wonder how do they manage this? I would also like to deploy a full functional clean server in 5 seconds. So how is this done? Is it by first installing a clean server, then take a snapshot of that for later to deploy a new server based on that snapshot? I tried doing this, but I did not find any where to install a new virtual machine based on the snapshot. Anyone got any thoughts to share on this?

Read the article
Excel - Referring to a certain cell based off of data in another

- by Ethan Brouwer

I have a spreadsheet where there is one table with the headings: Coordinate, Lat, Long Another with headings Triangle, Coordinate 1, Coordinate 2, Coordinate 3, Area What this is for, is taking the triangles formed by the specified three coordinates' area based off of Girard's theorem, as they are all spherical triangles. I need to take the specific latitude and longitude values from the first table based on the coordinate numbers underneath the three coordinate headings in the second table. I hope this makes sense. Here are pictures detailing what the two tables look like: Table 1 Table 2 Thanks in advance. And I really do hope this makes sense.

Read the article
How can I move a load of zone records from a web based system to text based one?

- by Chris Adams

Hi there, I have a few domains with Dreamhost where I have set a load of records using their web based domain name system, and I've like to move them to another provider that lets me enter info directly as a text file for their name server, bind 9 to use. (If you're interested, I'm moving them to Gandi.net). Previously when I used a cpanel based system to do something similar, there was a tool that let me simply enter a domain name, and any available domains were automagically entered into a system, saving me typing it myself (and bringing down sites with silly typos in the process). What open source tool can I use to query a domain for all the relevant subdomains and records and list them in a format like a zone file, that I can use with other name servers?

Read the article
WEB based HPC cluster node management

- by Skuja

Hello, i am working on my school diploma thesis. The main goal is to create web based application where logged users could see free and busy nodes, turn them on and off, see what process they are running etc. Figured out that i could do something like this - write some cron daemon that would run every 30seconds or so, and it could run ping utility for each node to find out if it is on or off, then write results to some file. Then from my web app (i will write in PHP) i could read the info. Will it be a good solution? How would you suggest me to do it? And finally, is there any existing solutions (it may not be a definetly ewb based) for managment of cluster nodes?

Read the article
Is there a constraint-based scheduling/calendar application?

- by wonsungi

Is there a constraint-based scheduling/calendar application? This application would be used to coordinate multiple people's schedules. Two basic use cases: Multiple people need to schedule a time to meet together. Everyone is busy at different days/times. Each person enters blocks of days/times they cannot meet, and the application suggests the best times to meet given a desired time range. Multiple people need to use some common resources for a specific length of time (over some time span like a week), but the exact date/time does not matter. These people enter the resources and time needed, and the application suggests the best way to share these resources. This use case still accounts for people's blocks of busy time. I imagine this program would be graphical, but other interfaces would be acceptable. Also preferable if web-based/works on both PC's and Mac's, but PC-only/Mac-only solutions are acceptable.

Read the article
Scheduled task based on Microsoft patch release cycle

- by floyd

I have a simple powershell script which unapproves all patches based on computer group name in WSUS which works great. All of our servers patch on a specific Day/Week/Time starting on Week0-Wednesday which would be the Wednesday after Microsoft Patch Tuesday (2nd Tuesday of every month) all the way to Week3-Sunday. This obviously causes problems as sometimes not all patches get applied in one reboot cycle, and then will install patches the following week during their group policy scheduled patching day/time which is what I'm trying to prevent. My question is I'm trying to schedule my script to run based on this schedule and I am finding it next to impossible using Windows Task Scheduler. For instance if I wanted something to always run on the 4th Monday after Microsoft Patch Tuesday, I cant always use the task scheduler option "4th Monday of the Month" Has anyone run into a similar situation, or know of any task scheduling tools which give you more flexibility than Windows Task Scheduler?

Read the article
Find a Certain Cell based on other Cells in Excel/Calc

- by user77325

I have a spreadsheet: Beans B-kg Chips C-kg 1.4oz/12 0.47544 6.5oz/20 3.679 1.48oz/12 0.502608 7oz/12 2.3772 1.86oz/12 0.631656 8oz/20 4.528 and a second sheet: Category Name Case Kg Beans 1.4oz/12 ? Beans 1.48oz/12 ? Chips 6.5oz/20 ? I am trying to match the type of product with the correct weight. So I need a formula that will choose the correct column based on the Category and then choose the correct row based on the name and output the result next to it.

Read the article
web (server) based password manager

- by laurens

Hi all! I know there have been a few topics here about password managers but I read them all and did not really find what I'm looking for. What I'd need is a free or cheap (most password mgr software is $500 for 20+ users, exaggerated!) multi-user password manager, highly preferable web-based so that we can host it on one of our local server, of Hyper-V VM's. So: -free or cheap ( <100$) -multi-user of groups -web based -not very hard to install I tried a few, one very expensive, one I did not get to work- Web Keepass Manager This works with tomcat and probably conflicts with our IIS 7.0 or 7.5 PS: thus, nothing online (!) it has to stay local Thanks in advance!

Read the article
Puppet: Conditional file source based on naming convention

- by thinice

I'm getting the ball rolling on puppet for my environment - and I'd like to have a conditional file resource based on whether or not the module itself contains a file based on a naming convention. So visually, assume a module named 'mysql' and it's layout: mysql/ /files /etc/ my.cnf my.hostname1.cnf my.hostname2.cnf /manifests init.pp ... So I'd like the block to verify if the resource for the module exists or not, and take action accordingly, in pseudo-terms: file { '/etc/my.cnf': if -f 'puppet:///mysql/etc/my.$hostname.cnf' { source => 'puppet:///mysql/etc/my.$hostname.cnf' } else { source => 'puppet:///mysql/etc/my.cnf' } } This way one wouldn't have to manage a csv file or the .pp file with a host specific case statement - is this possible?

Read the article
squid ip based authentication

- by Ian R.

I have 10 ip's on a VPS and squid3 installed. I want to lease all of them to 10 co-workers. The authentication should be ip-based. Basically I want to allow only their home ip address (not internal - we're not on a network) to connect to my squid. I would also like to offer them a dedicated ip from my outgoing addresses. I managed to get it working using username/password based authentication but some software do not support that feature so I would like to switch to this limit if possible. Any guidance/sample acl's?

Read the article
CPU and HD degradation on sourced based Linux distribution

- by danilo2

I was wondering for a long time if source based Linux distributions, like Gentoo or Funtoo are "destroying" your system faster than binary ones (like Fedora or Debian). I'm talking about CPU and hard drive degradation. Of course, when you're updating your system, it has to compile everything from source, so it takes longer and your CPU is used at hard conditions (it is warmer and more loaded). Such systems compile hundreds of packages weekly, so does it really matter? Does such a system degrade faster than binary based ones?

Read the article
Force software based opengl rendering

- by jean

How may I force an application to use software based opengl rendering on Ubuntu?

Read the article
Network Role based routing

- by Steve Butler

Apologies my networking skills are a tad rusty. I'm looking for a way to setup a system that gives me the ability to setup Role-based access to specific network resources. For example, i have three private subnets for specific groups, users will need access to one one or more subnets. I'd like to have all client machines on the same subnet/vlan, and then use 802.1x to authorize into a router(NAC device/whatever), the router would then see what user had authenticated(huge plus if it could determine AD group), and then allow routing to one or more of the three private subnets based upon their group membership. I've looked at packetFence, and it appears to work by assigning a client to a VLAN, but i'd still need a way to route some users into different back-end networks.

Read the article

< Previous Page | 42 43 44 45 46 47 48 49 50 51 52 53 | Next Page >